Logfile of random's system information tool 1.09 (written by random/random)
Run by Marťas at 2012-07-25 08:58:38
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 8 GB (5%) free of 153 GB
Total RAM: 2972 MB (60% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:59:12, on 25.7.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16447)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Seznam.cz\bin\postak.exe
C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Windows\system32\prevhost.exe
C:\Program Files\Windows Media Player\wmprph.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_265.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_265.exe
C:\Users\Marťas\Downloads\RSIT.exe
C:\Program Files\trend micro\Marťas.exe
C:\Windows\system32\SearchFilterHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.mywebsearch.com/index.jhtml ... si=maps4pc
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: QipLI - {6B5863A0-C43F-4C0A-982B-CC0E9125783F} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Ukazatel S-Rank - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\bin\core.4.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Seznam Postak] "C:\Program Files\Seznam.cz\bin\postak.exe" -s
O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [RSRWin.exe] C:\Windows\RSRWin.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [RSRWin.exe] C:\Windows\RSRWin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [RSRWin.exe] C:\Windows\RSRWin.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [RSRWin.exe] C:\Windows\RSRWin.exe (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - (no file)
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - (no file)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: RegServ - Unknown owner - C:\Windows\srntservice.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
--
End of file - 7422 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Marťas\AppData\Roaming\Mozilla\Firefox\Profiles\s8dfs4ux.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.google.cz/firefox?client=fir ... s:official"
prefs.js - "extensions.enabledItems" - "{AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906, {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2, bkmrksync@nokia.com:1.0.0.736, smartwebprinting@hp.com:4.51, {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.51, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.15"
prefs.js - "keyword.URL" - "http://search.mywebsearch.com/mywebsear ... searchfor="
"wrc@avast.com"=C:\Program Files\Alwil Software\Avast5\WebRep\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.3.300.265 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_265.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt
C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npdeployJava1.dll
NPOFF12.DLL
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Users\Marťas\AppData\Roaming\Mozilla\Firefox\Profiles\s8dfs4ux.default\searchplugins\
my-web-search.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6B5863A0-C43F-4C0A-982B-CC0E9125783F}]
QipLI Class
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-04-02 325408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2012-07-03 1160792]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-04-02 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA837F48-5AD1-443E-AE34-FFE03CBF3099}]
Ukazatel S-Rank - C:\Program Files\Seznam.cz\bin\core.4.dll [2012-01-10 1151520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2012-07-03 1160792]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2012-07-03 4273976]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-04-05 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-04-05 175640]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-04-05 169496]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-06-25 7547424]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Seznam Postak"=C:\Program Files\Seznam.cz\bin\postak.exe [2012-01-10 491040]
"KiesPDLR"=C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2012-03-13 21416]
"RSRWin.exe"=C:\Windows\RSRWin.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnUpdater]
C:\Program Files\Ask.com\Updater\Updater.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\B2C_AGENT]
C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent]
C:\Program Files\BitTorrent\BitTorrent.exe [2010-12-30 4771184]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDFab Passkey]
C:\Program Files\DVDFab Passkey\DVDFabPasskey.exe [2011-03-17 1007608]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDFab VDrive]
C:\Program Files\DVDFab Virtual Drive\vdrive.exe [2011-07-06 252288]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon]
C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\Windows\system32\igfxtray.exe [2010-04-05 141848]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Infium]
C:\Program Files\QIP Infium\infium.exe /autorun []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM]
C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe -scheduler []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesHelper]
C:\Program Files\Samsung\Kies\KiesHelper.exe [2012-02-03 943504]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR]
C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2012-03-13 21416]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [2012-02-03 3508624]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware (reboot)]
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe /runcleanupscript []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MapsGalaxy Search Scope Monitor]
C:\PROGRA~1\MAPSGA~2\bar\1.bin\39srchmn.exe /m=2 /w /h []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MapsGalaxy_39 Browser Plugin Loader]
C:\PROGRA~1\MAPSGA~2\bar\1.bin\39brmon.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2]
C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NSU_agent]
C:\Program Files\Nokia\Nokia Software Updater\nsu3ui_agent.exe [2012-02-28 190768]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\Windows\system32\igfxpers.exe [2010-04-05 169496]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QIP Internet Guardian]
C:\Users\Marťas\AppData\Roaming\QipGuard\QipGuard.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl11]
C:\Program Files\CyberLink\PowerDVD11\PDVD11Serv.exe [2011-08-24 230696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RSRWin.exe]
C:\Windows\RSRWin.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ServeurIPAsde]
C:\Program Files\Common Files\sagem SA\DgIpSvr.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Seznam Postak]
C:\Program Files\Seznam.cz\postak.exe -s []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2012-07-03 17417392]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel]
C:\Program Files\Realtek\Audio\HDA\Skytel.exe [2009-06-25 1833504]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TDSReanimator]
C:\Program Files\Common Files\Teradyne\TDSReanimator.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UVS10 Preload]
C:\Program Files\Ulead Systems\Ulead VideoStudio SE DVD\uvPL.exe [2006-08-09 36864]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UVS11 Preload]
C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe [2007-03-03 341488]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-03-31 227328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\TriDef 3D\TriDef\TriDefMediaPlayer\TriDefMediaPlayer.exe"="C:\Program Files\TriDef 3D\TriDef\TriDefMediaPlayer\TriDefMediaPlayer.exe:*:Enabled:TriDef 3D Media Player"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux5"=wdmaud.drv
"msacm.dvacm"=C:\PROGRA~1\COMMON~1\ULEADS~1\Vio\Dvacm.acm
"msacm.MPEGacm"=C:\PROGRA~1\COMMON~1\ULEADS~1\MPEG\MPEGacm.acm
"msacm.ulmp3acm"=C:\PROGRA~1\COMMON~1\ULEADS~1\MPEG\ulmp3acm.acm
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux6"=wdmaud.drv
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=LameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3filter"=ac3filter.acm
"VIDC.FMVC"=fmcodec.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.lags"=lagarith.dll
"msacm.divxa32"=DivXa32.acm
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - "C:\Program Files\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe","%1"
======List of files/folders created in the last 1 month======
2012-07-11 23:39:44 ----A---- C:\Windows\system32\mshtmled.dll
2012-07-11 23:39:43 ----A---- C:\Windows\system32\jsproxy.dll
2012-07-11 23:39:43 ----A---- C:\Windows\system32\ieUnatt.exe
2012-07-11 23:39:43 ----A---- C:\Windows\system32\ieui.dll
2012-07-11 23:39:43 ----A---- C:\Windows\system32\iertutil.dll
2012-07-11 23:39:42 ----A---- C:\Windows\system32\wininet.dll
2012-07-11 23:39:42 ----A---- C:\Windows\system32\jscript9.dll
2012-07-11 23:39:42 ----A---- C:\Windows\system32\jscript.dll
2012-07-11 23:39:41 ----A---- C:\Windows\system32\urlmon.dll
2012-07-11 23:39:41 ----A---- C:\Windows\system32\url.dll
2012-07-11 23:39:40 ----A---- C:\Windows\system32\mshtml.dll
2012-07-11 23:39:39 ----A---- C:\Windows\system32\ieframe.dll
2012-07-11 23:36:58 ----A---- C:\Windows\system32\win32k.sys
2012-07-11 17:28:35 ----A---- C:\Windows\system32\ncrypt.dll
2012-07-11 17:28:35 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2012-07-11 17:28:35 ----A---- C:\Windows\system32\drivers\cng.sys
2012-07-11 17:28:34 ----A---- C:\Windows\system32\schannel.dll
2012-07-11 17:28:33 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2012-07-11 17:28:30 ----A---- C:\Windows\system32\msxml6.dll
2012-07-11 17:28:30 ----A---- C:\Windows\system32\msxml3r.dll
2012-07-11 17:28:30 ----A---- C:\Windows\system32\msxml3.dll
2012-07-11 17:28:17 ----A---- C:\Windows\system32\cdosys.dll
2012-07-11 17:27:28 ----A---- C:\Windows\system32\shell32.dll
2012-07-08 07:01:22 ----D---- C:\Program Files\Common Files\Skype
======List of files/folders modified in the last 1 month======
2012-07-25 08:59:04 ----D---- C:\Windows\Temp
2012-07-25 08:58:50 ----D---- C:\Windows\Prefetch
2012-07-25 08:58:41 ----D---- C:\Program Files\Trend Micro
2012-07-25 07:35:15 ----D---- C:\Windows\system32\config
2012-07-23 21:42:08 ----D---- C:\Windows\system32\NDF
2012-07-23 13:08:03 ----D---- C:\Windows\System32
2012-07-23 13:08:03 ----D---- C:\Windows\inf
2012-07-23 13:08:03 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-07-23 08:42:36 ----RD---- C:\Program Files
2012-07-22 12:38:16 ----SHD---- C:\System Volume Information
2012-07-22 11:23:49 ----D---- C:\Windows
2012-07-22 06:24:54 ----D---- C:\Users\Marťas\AppData\Roaming\BitTorrent
2012-07-22 06:14:33 ----D---- C:\Users\Marťas\AppData\Roaming\Media Player Classic
2012-07-22 06:14:31 ----D---- C:\Windows\debug
2012-07-20 22:30:54 ----D---- C:\Users\Marťas\AppData\Roaming\Skype
2012-07-20 09:48:12 ----D---- C:\Windows\system32\Tasks
2012-07-18 20:05:30 ----D---- C:\Program Files\Mozilla Maintenance Service
2012-07-18 20:00:20 ----D---- C:\Program Files\Mozilla Firefox
2012-07-18 19:48:34 ----D---- C:\Windows\system32\catroot2
2012-07-16 14:21:03 ----SHD---- C:\Windows\Installer
2012-07-16 14:21:02 ----HD---- C:\Config.Msi
2012-07-12 19:50:05 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2012-07-12 08:15:48 ----D---- C:\Windows\winsxs
2012-07-12 08:13:49 ----D---- C:\Windows\system32\migration
2012-07-12 08:13:48 ----D---- C:\Windows\system32\drivers
2012-07-12 08:13:48 ----D---- C:\Program Files\Internet Explorer
2012-07-11 23:39:58 ----D---- C:\Windows\system32\catroot
2012-07-11 23:37:12 ----A---- C:\Windows\system32\MRT.exe
2012-07-08 07:01:33 ----D---- C:\ProgramData\Skype
2012-07-08 07:01:22 ----RD---- C:\Program Files\Skype
2012-07-08 07:01:22 ----D---- C:\Program Files\Common Files
2012-07-03 18:21:28 ----A---- C:\Windows\system32\aswBoot.exe
2012-06-27 08:42:12 ----D---- C:\Users\Marťas\AppData\Roaming\vlc
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 giveio;giveio; C:\Windows\system32\giveio.sys [1996-04-03 5248]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 speedfan;speedfan; C:\Windows\system32\speedfan.sys [2006-09-24 5248]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-05-30 691696]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2012-07-03 44784]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2012-07-03 721000]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2012-07-03 353688]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-07-03 54232]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 dvdfabio;dvdfabio; \??\C:\Windows\system32\drivers\dvdfabio.sys [2011-07-06 12672]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2012-07-03 21256]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2012-07-03 57656]
R2 ntk_PowerDVD;ntk_PowerDVD; \??\C:\Program Files\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD.sys [2011-08-24 71664]
R3 dvdfab;dvdfab; C:\Windows\system32\drivers\dvdfab.sys [2011-03-16 82816]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2010-03-31 8744448]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-06-25 2375776]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys [2010-01-07 126976]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-07-30 187392]
R3 vdrive;vdrive; C:\Windows\system32\DRIVERS\vdrive.sys [2011-07-06 36736]
R3 vsbus;Virtual Serial Bus Enumerator; C:\Windows\system32\DRIVERS\vsb.sys [2008-07-24 15264]
S2 HDUSB;HDUSB.Sys HDUSB Bulk IO test driver; C:\Windows\System32\Drivers\HDUSB.sys [2004-03-23 24151]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2011-10-27 30312]
S3 AODDriver;AODDriver; \??\C:\Program Files\GIGABYTE\ET6\i386\AODDriver.sys []
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-02-11 4450816]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 393728]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 131072]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\drivers\Dot4Prt.sys [2010-11-20 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 36864]
S3 etdrv;etdrv; \??\C:\Windows\etdrv.sys [2010-12-13 17488]
S3 FTDIBUS;USB Serial Converter Driver; C:\Windows\system32\drivers\ftdibus.sys [2010-07-12 60104]
S3 FTSER2K;USB Serial Port Driver; C:\Windows\system32\drivers\ftser2k.sys [2010-07-12 73032]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys []
S3 GVTDrv;GVTDrv; \??\C:\Windows\system32\Drivers\GVTDrv.sys [2010-12-13 24944]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2011-01-11 25280]
S3 LgBttPort;LGE Bluetooth TransPort; C:\Windows\system32\DRIVERS\lgbtport.sys []
S3 lgbusenum;LG Bluetooth Bus Enumerator; C:\Windows\system32\DRIVERS\lgbtbus.sys []
S3 LGVMODEM;LGE Virtual Modem; C:\Windows\system32\DRIVERS\lgvmodem.sys []
S3 MarvinBus;Pinnacle Marvin Bus; C:\Windows\system32\DRIVERS\MarvinBus.sys [2005-09-23 171520]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2012-01-09 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2012-01-09 23168]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsu.sys [2012-01-09 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsuc.sys [2012-01-09 8576]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 RimUsb;zařízení BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb.sys []
S3 RimVSerPort;RIM Virtual Serial Port v2; C:\Windows\system32\DRIVERS\RimSerial.sys [2009-01-09 27136]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2009-07-14 8192]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-10-27 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-10-27 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-10-27 136808]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-10-27 114280]
S3 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys []
S3 StkAMini;Syntek STK1150; C:\Windows\System32\Drivers\StkAMini.sys [2006-09-27 241628]
S3 StkScan;Syntek STK1150 Filter Driver; C:\Windows\System32\Drivers\StkScan.sys [2006-08-02 4772]
S3 StkTMini;Syntek AVStream USB2.0 ATV; C:\Windows\System32\Drivers\StkTMini.sys [2007-11-15 468096]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2012-01-09 8192]
S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgusbbus.sys []
S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgusbdiag.sys []
S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgusbmodem.sys []
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2010-11-20 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2012-01-09 8192]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2011-12-19 104752]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys []
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 vserial;ELTIMA Virtual Serial Ports Driver; C:\Windows\System32\DRIVERS\vserial.sys [2008-07-24 47744]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2012-07-03 44808]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 RegServ;RegServ; C:\Windows\srntservice.exe [2011-11-11 69632]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-07-11 136176]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-03 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-12 250056]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-07-11 136176]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-18 113120]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2012-01-04 718888]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-29 1343400]
S4 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2010-02-11 733184]
S4 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
S4 CLHNServiceForPowerDVD;CLHNServiceForPowerDVD; C:\Program Files\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [2011-08-24 83240]
S4 CyberLink PowerDVD 11.0 Monitor Service;CyberLink PowerDVD 11.0 Monitor Service; C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [2011-08-26 75048]
S4 CyberLink PowerDVD 11.0 Service;CyberLink PowerDVD 11.0 Service; C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe [2011-08-26 292136]
S4 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-05-26 654848]
S4 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S4 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S4 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S4 StkASSrv;Syntek STK1150 Service; C:\Windows\System32\StkASv2K.exe [2006-05-23 24576]
S4 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2006-09-28 49152]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
prosím o preventivku
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: prosím o preventivku
Zdravim a pekny den preji 
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
- Zaskrtnete okenko Pro vsechny uzivatele
- Zaskrtnete okenko Kontrola na havet "LOP"
- Zaskrtnete okenko Kontrola na havet "Purity"
- Stari souboru zmente z 30 dnu na 7 dnu
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
CREATERESTOREPOINT netsvcs drivers32 savembr:0 /md5start atapi.sys autochk.exe cdrom.sys explorer.exe hal.dll scecli.dll svchost.exe tcpip.sys userinit.exe winlogon.exe /md5stop %systemroot%*.* /U /s %SYSTEMDRIVE%\*.exe %ALLUSERSPROFILE%\Application Data\*. %ALLUSERSPROFILE%\Application Data\*.exe /s %APPDATA%\*. %APPDATA%\*.exe /s %systemroot%\*. /mp /s %systemroot%\system32\*.dll /lockedfiles %systemroot%\Tasks\*.job %systemroot%\system32\drivers\*.sys /lockedfiles %systemroot%\System32\config\*.sav %systemroot%\system32\*.dll /lockedfiles %systemroot%\system32\drivers\*.sys /3 %systemroot%\system32\*.* /3 %SYSTEMDRIVE%\*.exe HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 %PROGRAMFILES%\Opera\opera.exe /md5 %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 %SystemDrive%\PhysicalMBR.bin /md5 *crack* /s *keygen* /s *loader* /s- Kliknete na tlacitko Prohledat
- Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.-
jjeennddaa
- Návštěvník
- Příspěvky: 71
- Registrován: 03 bře 2007 17:58
Re: prosím o preventivku
OTL logfile created on: 26.7.2012 8:17:39 - Run 1
OTL by OldTimer - Version 3.2.54.1 Folder = C:\Users\Marťas\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,90 Gb Total Physical Memory | 1,87 Gb Available Physical Memory | 64,56% Memory free
3,10 Gb Paging File | 2,09 Gb Available in Paging File | 67,41% Paging File free
Paging file location(s): c:\pagefile.sys 200 5000 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 87,94 Gb Free Space | 59,01% Space Free | Partition Type: NTFS
Drive D: | 4,22 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: MARŤAS-PC | User Name: Marťas | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2012.07.26 08:15:10 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Marťas\Desktop\OTL.exe
PRC - [2012.07.18 20:00:20 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012.07.03 18:21:30 | 004,273,976 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2012.07.03 18:21:29 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2012.01.10 16:16:10 | 000,491,040 | ---- | M] () -- C:\Program Files\Seznam.cz\bin\postak.exe
PRC - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.11.11 12:57:55 | 000,069,632 | ---- | M] () -- C:\Windows\SRNTService.exe
PRC - [2011.05.09 17:38:06 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.11.20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2007.07.24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
========== Modules (No Company Name) ==========
MOD - [2012.07.18 20:00:19 | 002,003,424 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012.01.10 16:16:10 | 000,491,040 | ---- | M] () -- C:\Program Files\Seznam.cz\bin\postak.exe
MOD - [2012.01.10 14:51:40 | 000,822,816 | ---- | M] () -- C:\Program Files\Seznam.cz\bin\email.4.dll
MOD - [2012.01.10 14:51:14 | 001,151,520 | ---- | M] () -- C:\Program Files\Seznam.cz\bin\core.4.dll
MOD - [2010.03.15 11:28:24 | 000,141,824 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2012.07.18 20:00:20 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.07.12 19:50:06 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.07.03 18:21:29 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.07.03 13:19:28 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.11.11 12:57:55 | 000,069,632 | ---- | M] () [Auto | Running] -- C:\Windows\SRNTService.exe -- (RegServ)
SRV - [2011.08.26 08:00:22 | 000,292,136 | ---- | M] (CyberLink) [Disabled | Stopped] -- C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe -- (CyberLink PowerDVD 11.0 Service)
SRV - [2011.08.26 08:00:19 | 000,075,048 | ---- | M] (CyberLink) [Disabled | Stopped] -- C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe -- (CyberLink PowerDVD 11.0 Monitor Service)
SRV - [2011.08.24 03:13:43 | 000,083,240 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe -- (CLHNServiceForPowerDVD)
SRV - [2010.06.29 11:36:02 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010.05.26 09:24:02 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [Disabled | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009.07.14 03:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.07.24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2006.05.23 23:49:14 | 000,024,576 | ---- | M] (Syntek America Inc.) [Disabled | Stopped] -- C:\Windows\System32\StkASv2K.exe -- (StkASSrv)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\VBoxNetFlt.sys -- (VBoxNetFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbmodem.sys -- (USBModem)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbdiag.sys -- (UsbDiag)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbbus.sys -- (usbbus)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\RimUsb.sys -- (RimUsb)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgvmodem.sys -- (LGVMODEM)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgbtbus.sys -- (lgbusenum)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgbtport.sys -- (LgBttPort)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\GIGABYTE\ET6\i386\AODDriver.sys -- (AODDriver)
DRV - [2012.07.03 18:21:54 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.07.03 18:21:53 | 000,721,000 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.07.03 18:21:53 | 000,353,688 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.07.03 18:21:53 | 000,057,656 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012.07.03 18:21:53 | 000,044,784 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2012.07.03 18:21:53 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011.12.19 15:12:00 | 000,104,752 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV - [2011.10.27 03:25:40 | 000,136,808 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2011.10.27 03:25:40 | 000,121,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus)
DRV - [2011.10.27 03:25:40 | 000,114,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadserd.sys -- (ssadserd)
DRV - [2011.10.27 03:25:40 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadadb.sys -- (androidusb)
DRV - [2011.10.27 03:25:40 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV - [2011.08.25 14:06:52 | 000,077,296 | ---- | M] (CyberLink Corp.) [2011/10/30 10:08:55] [Kernel | Auto | Running] -- C:\Program Files\CyberLink\PowerDVD11\Common\NavFilter\000.fcl -- ({329F96B6-DF1E-4328-BFDA-39EA953C1312})
DRV - [2011.08.24 03:13:44 | 000,071,664 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD.sys -- (ntk_PowerDVD)
DRV - [2011.07.06 19:44:42 | 000,036,736 | ---- | M] (Fengtao Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vdrive.sys -- (vdrive)
DRV - [2011.07.06 19:44:40 | 000,012,672 | ---- | M] (Fengtao Software Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\dvdfabio.sys -- (dvdfabio)
DRV - [2011.01.11 11:51:27 | 000,025,280 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2010.12.13 10:19:16 | 000,017,488 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\etdrv.sys -- (etdrv)
DRV - [2010.12.13 10:17:59 | 000,024,944 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\GVTDrv.sys -- (GVTDrv)
DRV - [2010.11.20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.11.20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010.07.12 13:49:18 | 000,060,104 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ftdibus.sys -- (FTDIBUS)
DRV - [2010.07.12 13:48:56 | 000,073,032 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ftser2k.sys -- (FTSER2K)
DRV - [2010.05.30 11:56:50 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2010.02.11 09:42:22 | 004,450,816 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2010.01.07 21:09:14 | 000,126,976 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService)
DRV - [2008.08.26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.07.24 00:29:16 | 000,047,744 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vserial.sys -- (vserial)
DRV - [2008.07.24 00:29:16 | 000,015,264 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vsb.sys -- (vsbus)
DRV - [2007.11.15 20:33:42 | 000,468,096 | ---- | M] (Syntek) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\StkTMini.sys -- (StkTMini)
DRV - [2007.11.14 20:08:52 | 000,186,592 | ---- | M] (Jungo) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\windrvr6.sys -- (WinDriver6)
DRV - [2006.09.27 05:01:36 | 000,241,628 | ---- | M] (Syntek America Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\StkAMini.sys -- (StkAMini)
DRV - [2006.09.24 15:28:46 | 000,005,248 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot | Running] -- C:\Windows\System32\speedfan.sys -- (speedfan)
DRV - [2006.08.02 08:44:04 | 000,004,772 | ---- | M] (Syntek America Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\StkScan.sys -- (StkScan)
DRV - [2005.09.23 23:18:32 | 000,171,520 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MarvinBus.sys -- (MarvinBus)
DRV - [2004.03.23 16:24:14 | 000,024,151 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\HDUSB.sys -- (HDUSB)
DRV - [1996.04.03 21:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\giveio.sys -- (giveio)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}: "URL" = http://search.qip.ru/?query={searchTerms}
IE - HKLM\..\SearchScopes\{b0441a0e-a49a-4e16-afc1-74ecced1921f}: "URL" = http://search.mywebsearch.com/mywebsear ... earchTerms}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-892274279-3574375534-938609954-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
IE - HKU\S-1-5-21-892274279-3574375534-938609954-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
IE - HKU\S-1-5-21-892274279-3574375534-938609954-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
IE - HKU\S-1-5-21-892274279-3574375534-938609954-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
IE - HKU\S-1-5-21-892274279-3574375534-938609954-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
IE - HKU\S-1-5-21-892274279-3574375534-938609954-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 23 D0 B5 D7 43 FC CA 01 [binary data]
IE - HKU\S-1-5-21-892274279-3574375534-938609954-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-892274279-3574375534-938609954-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-892274279-3574375534-938609954-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-892274279-3574375534-938609954-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_265.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2012.07.20 09:48:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.07.18 20:00:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.04.12 13:11:40 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.07.18 20:00:20 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.04.12 13:11:40 | 000,000,000 | ---D | M]
[2012.03.04 17:36:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marťas\AppData\Roaming\Mozilla\Extensions
[2012.03.04 17:36:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marťas\AppData\Roaming\Mozilla\Extensions\{ae2cff10-0d52-4066-8be9-4abcf119fa78}
[2012.06.26 16:09:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marťas\AppData\Roaming\Mozilla\Firefox\Profiles\s8dfs4ux.default\extensions
[2012.07.25 09:39:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012.07.18 20:00:20 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.04.02 11:18:49 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012.06.01 20:01:06 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2012.06.01 20:01:06 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2012.06.01 20:01:06 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2012.06.01 20:01:06 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.06.01 20:01:06 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (no name) - {6B5863A0-C43F-4C0A-982B-CC0E9125783F} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Ukazatel S-Rank) - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\bin\core.4.dll ()
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [avast] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKU\.DEFAULT..\Run: [RSRWin.exe] C:\Windows\RSRWin.exe File not found
O4 - HKU\S-1-5-18..\Run: [RSRWin.exe] C:\Windows\RSRWin.exe File not found
O4 - HKU\S-1-5-19..\Run: [RSRWin.exe] C:\Windows\RSRWin.exe File not found
O4 - HKU\S-1-5-20..\Run: [RSRWin.exe] C:\Windows\RSRWin.exe File not found
O4 - HKU\S-1-5-21-892274279-3574375534-938609954-1000..\Run: [RSRWin.exe] C:\Windows\RSRWin.exe File not found
O4 - HKU\S-1-5-21-892274279-3574375534-938609954-1000..\Run: [Seznam Postak] C:\Program Files\Seznam.cz\bin\postak.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-892274279-3574375534-938609954-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 213.46.172.37
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6EF3D616-003C-4364-A194-C6BE58F794D3}: DhcpNameServer = 213.46.172.36 213.46.172.37
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{23ec19a4-5bfb-11e1-950b-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{23ec19a4-5bfb-11e1-950b-806e6f6e6963}\Shell\AutoRun\command - "" = F:\setup.exe
O33 - MountPoints2\{4217567c-1c80-11e0-9b5a-6cf0492e15f6}\Shell - "" = AutoRun
O33 - MountPoints2\{4217567c-1c80-11e0-9b5a-6cf0492e15f6}\Shell\AutoRun\command - "" = F:\Startme.exe
O33 - MountPoints2\{7dafd159-9889-11df-90a5-6cf0492e15f6}\Shell - "" = AutoRun
O33 - MountPoints2\{7dafd159-9889-11df-90a5-6cf0492e15f6}\Shell\AutoRun\command - "" = F:\USBAutoRun.exe
O33 - MountPoints2\{872517fc-1e52-11e1-8717-6cf0492e15f6}\Shell - "" = AutoRun
O33 - MountPoints2\{872517fc-1e52-11e1-8717-6cf0492e15f6}\Shell\AutoRun\command - "" = E:\AS2012_setup.exe
O33 - MountPoints2\{ac9772ae-6898-11df-9c19-6cf0492e15f6}\Shell - "" = AutoRun
O33 - MountPoints2\{ac9772ae-6898-11df-9c19-6cf0492e15f6}\Shell\AutoRun\command - "" = F:\USBAutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
Drivers32: msacm.ac3acm - C:\Windows\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.ac3filter - C:\Windows\System32\ac3filter.acm ()
Drivers32: msacm.divxa32 - C:\Windows\System32\DivXa32.acm (Packed With Joy !)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Windows\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: VIDC.FMVC - C:\Windows\System32\fmcodec.DLL (Fox Magic Software)
Drivers32: vidc.lags - C:\Windows\System32\Lagarith.dll ( )
Drivers32: VIDC.XVID - C:\Windows\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\Windows\System32\yv12vfw.dll (www.helixcommunity.org)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2012.07.26 08:15:03 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Marťas\Desktop\OTL.exe
[2012.07.25 11:09:19 | 003,948,600 | R--- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrlStaforce.exe
[2012.07.22 11:24:49 | 000,000,000 | ---D | C] -- C:\Users\Marťas\AppData\Local\Adobe
========== Files - Modified Within 7 Days ==========
[2012.07.26 08:21:05 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.07.26 08:19:46 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.07.26 08:18:38 | 000,014,640 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.07.26 08:18:38 | 000,014,640 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.07.26 08:15:10 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Marťas\Desktop\OTL.exe
[2012.07.26 08:11:34 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.07.26 08:11:16 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.07.26 08:11:08 | 2337,660,928 | -HS- | M] () -- C:\hiberfil.sys
[2012.07.25 21:50:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.07.25 10:13:01 | 000,001,087 | ---- | M] () -- C:\Users\Marťas\Dokumenty – zástupce.lnk
[2012.07.25 09:40:35 | 000,000,012 | ---- | M] () -- C:\Windows\Ulead32.ini
[2012.07.25 08:57:30 | 000,001,056 | ---- | M] () -- C:\Users\Marťas\Desktop\SRDownloader.nast
[2012.07.23 13:08:03 | 000,631,054 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2012.07.23 13:08:03 | 000,615,810 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.07.23 13:08:03 | 000,121,708 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2012.07.23 13:08:03 | 000,106,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.07.20 09:48:11 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
========== Files Created - No Company Name ==========
[2012.07.26 08:19:46 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.07.25 10:13:01 | 000,001,087 | ---- | C] () -- C:\Users\Marťas\Dokumenty – zástupce.lnk
[2012.03.24 09:03:22 | 000,000,026 | ---- | C] () -- C:\Windows\Asde_SusX70p3.ini
[2012.03.24 09:03:22 | 000,000,026 | ---- | C] () -- C:\Windows\Asde_Renault.ini
[2012.03.24 09:03:22 | 000,000,026 | ---- | C] () -- C:\Windows\Asde_InjX83P2.ini
[2012.03.24 09:03:22 | 000,000,026 | ---- | C] () -- C:\Windows\Asde_InjX70P3.ini
[2012.03.24 09:03:22 | 000,000,026 | ---- | C] () -- C:\Windows\Asde_Dacia.ini
[2012.03.24 09:03:22 | 000,000,008 | ---- | C] () -- C:\Windows\5800Hard.ini
[2012.02.06 01:22:10 | 004,423,168 | ---- | C] () -- C:\Windows\System32\ffmpeg.dll
[2012.01.28 21:11:16 | 000,172,032 | ---- | C] () -- C:\Windows\System32\libbluray.dll
[2012.01.28 21:11:10 | 006,414,616 | ---- | C] () -- C:\Windows\System32\avcodec-lav-53.dll
[2012.01.28 21:11:10 | 001,009,392 | ---- | C] () -- C:\Windows\System32\avformat-lav-53.dll
[2012.01.28 21:11:10 | 000,360,729 | ---- | C] () -- C:\Windows\System32\swscale-lav-2.dll
[2012.01.28 21:11:10 | 000,203,818 | ---- | C] () -- C:\Windows\System32\avutil-lav-51.dll
[2012.01.28 21:11:10 | 000,138,774 | ---- | C] () -- C:\Windows\System32\avfilter-lav-2.dll
[2012.01.28 01:54:44 | 000,079,360 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2012.01.28 01:53:00 | 000,260,608 | ---- | C] () -- C:\Windows\System32\TomsMoComp_ff.dll
[2012.01.28 01:52:46 | 000,158,720 | ---- | C] () -- C:\Windows\System32\ff_unrar.dll
[2012.01.28 01:52:44 | 000,099,840 | ---- | C] () -- C:\Windows\System32\ff_wmv9.dll
[2012.01.28 01:52:42 | 001,525,248 | ---- | C] () -- C:\Windows\System32\ff_samplerate.dll
[2012.01.28 01:52:42 | 000,328,704 | ---- | C] () -- C:\Windows\System32\ff_libfaad2.dll
[2012.01.28 01:52:42 | 000,146,944 | ---- | C] () -- C:\Windows\System32\ff_libmad.dll
[2012.01.28 01:52:40 | 000,212,480 | ---- | C] () -- C:\Windows\System32\ff_libdts.dll
[2012.01.28 01:52:40 | 000,115,200 | ---- | C] () -- C:\Windows\System32\ff_liba52.dll
[2012.01.28 01:52:38 | 000,137,728 | ---- | C] () -- C:\Windows\System32\libmpeg2_ff.dll
[2012.01.11 19:24:21 | 000,007,602 | ---- | C] () -- C:\Users\Marťas\AppData\Local\Resmon.ResmonCfg
[2011.12.09 09:24:55 | 000,061,440 | ---- | C] () -- C:\Windows\System32\RCF.DLL
[2011.12.07 21:32:24 | 000,216,064 | ---- | C] ( ) -- C:\Windows\System32\Lagarith.dll
[2011.12.04 14:53:00 | 000,143,360 | ---- | C] () -- C:\Windows\System32\unzip.exe
[2011.11.29 17:38:18 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011.11.11 17:21:28 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll
[2011.11.11 17:21:27 | 000,005,120 | ---- | C] () -- C:\Windows\System32\HdmiCoin.dll
[2011.11.11 17:21:26 | 000,982,240 | ---- | C] () -- C:\Windows\System32\igkrng500.bin
[2011.11.11 17:21:26 | 000,439,308 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin
[2011.11.11 17:21:26 | 000,092,356 | ---- | C] () -- C:\Windows\System32\igfcg500m.bin
[2011.11.11 12:59:55 | 000,000,000 | ---- | C] () -- C:\Users\Marťas\AppData\Local\{86CF5A38-13BE-4FA4-BFA2-DA14DBFA2BD3}
[2011.11.11 12:57:54 | 000,069,632 | ---- | C] () -- C:\Windows\SRNTService.exe
[2011.11.11 12:52:41 | 000,000,122 | ---- | C] () -- C:\Windows\Versions.ini
[2011.11.11 12:51:55 | 000,000,044 | ---- | C] () -- C:\Windows\OdbcDdp.INI
[2011.11.11 12:51:52 | 000,000,396 | ---- | C] () -- C:\Windows\ODBC.INI
[2011.11.11 12:51:51 | 000,000,449 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2011.09.08 16:00:52 | 000,150,528 | ---- | C] () -- C:\Windows\System32\mkx.dll
[2011.09.08 16:00:48 | 000,142,336 | ---- | C] () -- C:\Windows\System32\mp4.dll
[2011.09.08 16:00:42 | 000,123,392 | ---- | C] () -- C:\Windows\System32\ogm.dll
[2011.09.08 16:00:38 | 000,249,856 | ---- | C] () -- C:\Windows\System32\dxr.dll
[2011.09.08 16:00:34 | 000,113,152 | ---- | C] () -- C:\Windows\System32\dsmux.exe
[2011.09.08 16:00:24 | 000,154,624 | ---- | C] () -- C:\Windows\System32\ts.dll
[2011.09.08 16:00:10 | 000,137,728 | ---- | C] () -- C:\Windows\System32\mkv2vfr.exe
[2011.09.08 16:00:06 | 000,358,400 | ---- | C] () -- C:\Windows\System32\gdsmux.exe
[2011.09.08 15:59:54 | 000,080,384 | ---- | C] () -- C:\Windows\System32\mkzlib.dll
[2011.09.08 15:59:52 | 000,024,576 | ---- | C] () -- C:\Windows\System32\mkunicode.dll
[2011.09.04 10:28:37 | 000,017,123 | ---- | C] () -- C:\Users\Marťas\AppData\Local\SRDownloader(2).err
[2011.09.04 10:28:36 | 000,001,040 | ---- | C] () -- C:\Users\Marťas\AppData\Local\SRDownloader(2).nast
[2011.08.30 13:27:30 | 000,000,872 | ---- | C] () -- C:\Users\Marťas\AppData\Local\SRDownloader(1).nast
[2011.07.15 11:29:31 | 000,000,000 | ---- | C] () -- C:\Users\Marťas\AppData\Local\{F65C0CB8-2F8C-4B32-811D-1309587A27D3}
[2011.07.05 18:05:34 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011.06.28 19:32:40 | 000,000,000 | ---- | C] () -- C:\Users\Marťas\AppData\Local\{8F0BE7D2-81EF-489F-AC9F-6DEF4E0286A5}
[2011.06.07 11:13:38 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2011.06.07 11:13:38 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2011.06.07 11:13:38 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2011.06.07 11:13:38 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2011.05.30 15:42:50 | 000,240,640 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011.05.23 09:46:30 | 000,645,632 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2011.03.03 13:39:56 | 000,109,568 | ---- | C] () -- C:\Windows\System32\avi.dll
[2011.03.03 13:38:10 | 000,097,792 | ---- | C] () -- C:\Windows\System32\avs.dll
[2011.03.03 13:37:50 | 000,093,184 | ---- | C] () -- C:\Windows\System32\avss.dll
[2011.02.26 12:33:10 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2011.01.22 10:33:30 | 000,008,192 | ---- | C] () -- C:\Users\Marťas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.12.13 10:33:46 | 000,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2010.10.13 19:00:37 | 000,018,387 | ---- | C] () -- C:\Users\Marťas\AppData\Local\SRDownloader.err
[2010.10.13 15:29:12 | 001,425,408 | ---- | C] () -- C:\Windows\System32\Franta Potrubář.exe
[2010.10.02 11:38:11 | 000,002,200 | ---- | C] () -- C:\Users\Marťas\AppData\Local\SRDownloader.nast
[2010.09.12 13:44:05 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010.09.12 12:45:27 | 000,000,012 | ---- | C] () -- C:\Windows\Ulead32.ini
[2010.09.01 17:58:52 | 000,002,516 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010.09.01 17:58:52 | 000,000,088 | RHS- | C] () -- C:\ProgramData\2037CFAF9D.sys
[2010.08.25 19:57:00 | 000,000,151 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config
[2010.08.25 19:52:00 | 000,208,896 | ---- | C] () -- C:\Windows\System32\iglhsip32.dll
[2010.08.25 19:52:00 | 000,143,360 | ---- | C] () -- C:\Windows\System32\iglhcp32.dll
[2010.08.20 18:40:54 | 000,000,000 | -H-- | C] () -- C:\Windows\msds.dat
[2010.08.18 21:56:38 | 000,000,151 | ---- | C] () -- C:\Windows\System32\Registration.ini
[2010.05.26 19:43:46 | 000,000,048 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
========== LOP Check ==========
[2012.03.04 17:36:45 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\Actia
[2012.07.22 06:24:54 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\BitTorrent
[2010.06.02 14:00:28 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\BlackBean
[2011.05.21 18:52:01 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\Canneverbe Limited
[2010.05.30 12:04:53 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\DAEMON Tools Lite
[2011.03.26 09:08:19 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\Foxit Software
[2012.03.27 19:30:43 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\GARMIN
[2010.05.28 16:12:34 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\GHISLER
[2010.11.25 12:25:05 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\InfraRecorder
[2010.05.26 09:59:19 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\LG Electronics
[2010.05.28 11:23:17 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\Mikrotik
[2011.01.30 17:42:27 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\Mirillis
[2012.06.07 15:00:50 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\Nokia
[2012.05.11 06:31:57 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\PC Suite
[2011.12.12 00:02:09 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\QIP
[2011.02.26 19:37:25 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\Rovio
[2011.12.23 11:44:43 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\Samsung
[2012.04.16 15:43:25 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\ScanMaster-ELM
[2012.04.08 08:46:41 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\TeamViewer
[2012.03.13 09:39:47 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\Temp
[2010.10.19 11:45:21 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\TuneUp Software
[2012.01.14 12:23:27 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\Ubisoft
[2010.05.30 09:14:35 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\Ulead Systems
[2012.06.14 19:13:04 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\Z-Software
[2010.09.09 08:40:12 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\Zoner
[2012.05.20 09:37:01 | 000,032,538 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< >
< >
< MD5 for: ATAPI.SYS >
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2009.07.14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2010.11.20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010.11.20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010.11.20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe
< MD5 for: HAL.DLL >
[2010.11.20 14:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010.11.20 14:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
[2009.07.14 03:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll
< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
< MD5 for: TCPIP.SYS >
[2011.04.25 06:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys
[2011.06.21 07:34:23 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=04E4A7D53A7ACE02E8C55B17A498F631 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_b513df73c4b4f466\tcpip.sys
[2011.09.29 18:02:44 | 001,301,872 | ---- | M] (Microsoft Corporation) MD5=22F7E7CBCA308DEE3428B097D4F8A61C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_b38e8546e0cbe4a1\tcpip.sys
[2011.04.25 06:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2009.07.14 03:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2010.11.20 14:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2011.09.29 18:17:18 | 001,303,920 | ---- | M] (Microsoft Corporation) MD5=3C1C41E317710F74CEC1E7F0D5325993 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_b5a84e10ddca7566\tcpip.sys
[2012.03.30 12:29:05 | 001,287,024 | ---- | M] (Microsoft Corporation) MD5=55E9965552741F3850CB22CBBA9671ED -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_b2f57423c7b8dea8\tcpip.sys
[2011.09.29 17:43:37 | 001,285,488 | ---- | M] (Microsoft Corporation) MD5=56C198AC82EFA622DD93E9E43575F79C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_b2f8731bc7b62d86\tcpip.sys
[2011.09.29 18:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_b4d1ffa1c4e682b5\tcpip.sys
[2011.04.25 08:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2012.03.30 12:23:11 | 001,291,632 | ---- | M] (Microsoft Corporation) MD5=7FA2E0F8B072BD04B77B421480B6CC22 -- C:\Windows\System32\drivers\tcpip.sys
[2012.03.30 12:23:11 | 001,291,632 | ---- | M] (Microsoft Corporation) MD5=7FA2E0F8B072BD04B77B421480B6CC22 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_b52e5147c4a202d7\tcpip.sys
[2011.04.25 06:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys
[2012.03.30 11:04:23 | 001,306,480 | ---- | M] (Microsoft Corporation) MD5=88FCDB9923EFECA207B3CEBD24407126 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_b583df0adde66104\tcpip.sys
[2011.06.21 07:30:45 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=93C444D118B184452132357C322124CD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_b3703df4e0e237e0\tcpip.sys
[2010.06.14 08:06:58 | 001,288,576 | ---- | M] (Microsoft Corporation) MD5=A39EA325C081AD27461F630C8E3E56E0 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_b3b219fae0b0af43\tcpip.sys
[2010.06.14 08:12:30 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=BB7F39C31C4A4417FD318E7CD184E225 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_b33b1c29c7858b92\tcpip.sys
[2011.06.21 07:39:53 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=C2DAAEB48F3A47C410B041A0D2382EE1 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_b32e82b7c78da1d1\tcpip.sys
[2011.06.21 08:54:00 | 001,303,424 | ---- | M] (Microsoft Corporation) MD5=DEC4940487050AE13C60C86F40E07E75 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_b583db3edde666b6\tcpip.sys
[2012.03.30 12:08:19 | 001,303,408 | ---- | M] (Microsoft Corporation) MD5=E47C2844A1605A44178F4281E4D58B3D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_b38bb990e0ccc871\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009.10.28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
< >
< %systemroot%*.* /U /s >
[6 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[6 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2012.03.04 17:36:45 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\Actia
[2011.03.26 09:11:32 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\Adobe
[2010.11.09 15:47:55 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\Ahead
[2010.11.08 11:47:18 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\Apple Computer
[2010.09.12 14:24:56 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\ATI
[2010.09.12 15:02:12 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\atitray
[2011.07.31 21:08:19 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\AVS4YOU
[2012.07.22 06:24:54 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\BitTorrent
[2010.06.02 14:00:28 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\BlackBean
[2011.05.21 18:52:01 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\Canneverbe Limited
[2010.09.01 17:58:53 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\Corel
[2011.10.30 11:04:51 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\CyberLink
[2010.05.30 12:04:53 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\DAEMON Tools Lite
[2011.12.04 15:04:29 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\FLEXnet
[2011.03.26 09:08:19 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\Foxit Software
[2012.03.27 19:30:43 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\GARMIN
[2010.05.28 16:12:34 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\GHISLER
[2011.01.16 15:31:46 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\Hamachi
[2010.11.26 14:27:59 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\HP
[2010.05.25 21:34:29 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\Identities
[2010.11.25 12:25:05 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\InfraRecorder
[2010.05.26 09:59:19 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\LG Electronics
[2010.05.25 21:37:16 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\Macromedia
[2011.01.21 17:36:37 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\Malwarebytes
[2009.07.14 11:20:15 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\Media Center Programs
[2012.07.22 06:14:33 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\Media Player Classic
[2012.03.28 13:35:03 | 000,000,000 | --SD | M] -- C:\Users\Marťas\AppData\Roaming\Microsoft
[2010.05.28 11:23:17 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\Mikrotik
[2011.01.30 17:42:27 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\Mirillis
[2010.05.25 21:54:05 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\Mozilla
[2012.06.07 15:00:50 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\Nokia
[2012.05.11 06:31:57 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\PC Suite
[2011.12.12 00:02:09 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\QIP
[2011.02.26 19:37:25 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\Rovio
[2011.12.23 11:44:43 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\Samsung
[2012.04.16 15:43:25 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\ScanMaster-ELM
[2012.07.26 08:41:42 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\Skype
[2011.07.16 18:08:46 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\skypePM
[2012.04.08 08:46:41 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\TeamViewer
[2012.03.13 09:39:47 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\Temp
[2010.10.19 11:45:21 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\TuneUp Software
[2012.01.14 12:23:27 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\Ubisoft
[2010.05.30 09:14:35 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\Ulead Systems
[2010.05.25 23:05:34 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\WinRAR
[2012.06.14 19:13:04 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\Z-Software
[2010.09.09 08:40:12 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\Zoner
< %APPDATA%\*.exe /s >
[2011.11.02 05:25:32 | 000,388,096 | R--- | M] (Trend Micro Inc.) -- C:\Users\Marťas\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
[2011.02.21 11:52:51 | 000,010,134 | R--- | M] () -- C:\Users\Marťas\AppData\Roaming\Microsoft\Installer\{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}\ARPPRODUCTICON.exe
[2009.06.18 08:21:32 | 001,413,256 | R--- | M] () -- C:\Users\Marťas\AppData\Roaming\Microsoft\Windows\Templates\E\USBAutoRun.exe
[2009.05.12 08:46:36 | 000,212,992 | R--- | M] () -- C:\Users\Marťas\AppData\Roaming\Microsoft\Windows\Templates\E\tools\LGSetCDROMAutoRun.exe
[2009.06.18 08:21:32 | 001,413,256 | R--- | M] () -- C:\Users\Marťas\AppData\Roaming\Microsoft\Windows\Templates\F\USBAutoRun.exe
[2009.05.12 08:46:36 | 000,212,992 | R--- | M] () -- C:\Users\Marťas\AppData\Roaming\Microsoft\Windows\Templates\F\tools\LGSetCDROMAutoRun.exe
[2012.03.13 09:36:55 | 000,106,408 | ---- | M] () -- C:\Users\Marťas\AppData\Roaming\Samsung\Kies\FirmwareUpdateTemp\AGENT\AgentInstaller.exe
[2012.03.13 09:36:55 | 000,101,288 | ---- | M] () -- C:\Users\Marťas\AppData\Roaming\Samsung\Kies\FirmwareUpdateTemp\AGENT\AgentUpdate.exe
[2012.03.13 09:36:57 | 000,021,416 | ---- | M] () -- C:\Users\Marťas\AppData\Roaming\Samsung\Kies\FirmwareUpdateTemp\AGENT\KiesPDLR.exe
[2012.02.03 10:50:30 | 000,371,088 | ---- | M] (ml) -- C:\Users\Marťas\AppData\Roaming\Samsung\Kies\UpdateTemp\Temp\Kies.Update.exe
[2012.02.03 10:50:30 | 000,371,088 | ---- | M] (ml) -- C:\Users\Marťas\AppData\Roaming\Samsung\Kies\UpdateTemp\Updater\Kies.Update.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job >
[2012.07.25 21:50:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012.07.26 08:11:34 | 000,000,936 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012.07.26 08:21:05 | 000,000,940 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010.05.30 11:56:50 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\sptd.sys
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2012.07.26 08:18:38 | 000,014,640 | ---- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.07.26 08:18:38 | 000,014,640 | ---- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.07.23 13:08:03 | 000,121,708 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2012.07.23 13:08:03 | 000,106,190 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2012.07.23 13:08:03 | 000,631,054 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2012.07.23 13:08:03 | 000,615,810 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2012.07.23 13:08:03 | 001,470,062 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Seznam Postak" = "C:\Program Files\Seznam.cz\bin\postak.exe" -s -- [2012.01.10 16:16:10 | 000,491,040 | ---- | M] ()
"RSRWin.exe" = C:\Windows\RSRWin.exe
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AdobeUpdater]
"" =
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2012.07.18 20:00:20 | 000,913,888 | ---- | M] (Mozilla Corporation) MD5=3F677172F23FC17283D9BCE4B42E3F65 -- C:\Program Files\Mozilla Firefox\firefox.exe
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2012.06.02 11:08:27 | 000,748,664 | ---- | M] (Microsoft Corporation) MD5=34B01BBD8F00B6B9C9248DC4F1E3CD01 -- C:\Program Files\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.07.26 08:19:46 | 000,000,512 | ---- | M] () MD5=2E56EF81142F4B6A6EAEE66C542DC8B2 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2007.05.04 01:07:02 | 000,003,556 | ---- | M] () -- \Program Files\Adobe\Adobe Dreamweaver CS3\configuration\Content\Reference\PHP\CrackF.html
[2005.03.08 11:30:56 | 000,092,827 | ---- | M] () -- \Program Files\Corel\CorelDRAW Graphics Suite X4\Custom Data\Bumpmap\Cracks.cpt
[2005.03.08 11:30:58 | 000,016,068 | ---- | M] () -- \Program Files\Corel\CorelDRAW Graphics Suite X4\Custom Data\Canvas\cracks2c.pcx
[2005.03.08 11:31:08 | 000,010,560 | ---- | M] () -- \Program Files\Corel\CorelDRAW Graphics Suite X4\Custom Data\Tiles\CRACKS2M.CPT
[2012.07.25 09:46:50 | 000,000,745 | ---- | M] () -- \Users\Marťas\AppData\Roaming\Microsoft\Windows\Recent\WinRAR-3.93-plná-verze-CZ-x86-a-x64-+-CRACK.lnk
< *keygen* /s >
[2007.05.04 01:07:00 | 000,013,367 | ---- | M] () -- \Program Files\Adobe\Adobe Dreamweaver CS3\configuration\Content\Reference\HTML\KEYGEN.html
[2008.04.15 00:11:40 | 000,137,728 | ---- | M] () -- \Program Files\Corel\CorelDRAW Graphics Suite X4\Programs\keygen.exe
< *loader* /s >
[2007.03.14 19:21:36 | 004,937,904 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\Photodownloader.exe
[2007.03.14 17:07:28 | 000,011,161 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2007.03.14 17:07:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2007.03.14 17:07:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\de_de\Photodownloader.ini
[2007.03.14 17:07:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\en_us\Photodownloader.ini
[2007.03.14 17:07:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\es_es\Photodownloader.ini
[2007.03.14 17:07:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2007.03.14 17:07:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2007.03.14 17:07:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\it_it\Photodownloader.ini
[2007.03.14 17:07:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2007.03.14 17:07:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2007.03.14 17:07:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2007.03.14 17:07:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\no_no\Photodownloader.ini
[2007.03.14 17:07:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2007.03.14 17:07:30 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2007.03.14 17:07:30 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2007.03.14 17:07:30 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2007.05.04 01:09:24 | 000,037,112 | ---- | M] () -- \Program Files\Adobe\Adobe Dreamweaver CS3\configuration\Shared\MM\Media\FLVLoader.swf
[2007.03.14 17:10:18 | 000,088,333 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\ar_AE\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:10:20 | 000,025,188 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\cs_CZ\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:10:26 | 000,032,022 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\da_DK\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:10:28 | 000,032,216 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\de_DE\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:10:30 | 000,027,655 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\el_GR\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:10:36 | 000,030,891 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\en_US\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:10:38 | 000,032,399 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\es_ES\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:10:42 | 000,032,333 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\fi_FI\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:10:42 | 000,032,393 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\fr_FR\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:10:46 | 000,022,871 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\he_IL\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:10:48 | 000,025,272 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\hu_HU\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:10:50 | 000,032,109 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\it_IT\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:10:50 | 000,032,441 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\ja_JP\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:10:52 | 000,032,499 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\ko_KR\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:10:54 | 000,032,074 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\nb_NO\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:10:56 | 000,032,110 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\nl_NL\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:10:58 | 000,024,996 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\pl_PL\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:11:00 | 000,031,772 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\pt_BR\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:11:02 | 000,024,463 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\ro_RO\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:11:04 | 000,025,054 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\ru_RU\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:11:06 | 000,032,171 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\sv_SE\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:11:06 | 000,024,411 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\tr_TR\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:11:08 | 000,025,525 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\uk_UA\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:11:10 | 000,032,741 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\zh_CN\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:11:10 | 000,032,833 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\zh_TW\Bridge\2.0\images\br_photo_downloader.png
[2007.03.08 16:35:32 | 000,004,239 | ---- | M] () -- \Program Files\Common Files\Adobe\Startup Scripts CS3\Adobe Version Cue\VersionCueSDKLoader.jsx
[2007.06.27 19:03:00 | 000,177,448 | ---- | M] () -- \Program Files\Common Files\Ahead\Lib\NeGuideStoreLoader.dll
[2006.10.26 13:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 13:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2006.10.26 13:45:02 | 000,061,440 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader80.dll
[2006.10.26 13:45:02 | 000,004,608 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader80.tlb
[2011.08.24 03:13:45 | 000,000,035 | ---- | M] () -- \Program Files\CyberLink\PowerDVD11\ComLoader.ini
[2011.08.25 07:13:36 | 000,124,200 | ---- | M] () -- \Program Files\CyberLink\PowerDVD11\Common\Koan\pyloader.dll
[2011.08.24 03:13:34 | 000,002,830 | ---- | M] () -- \Program Files\CyberLink\PowerDVD11\Customizations\Generic\Style\Cascade\Media\Standard\SlideBar\ProgressLoader.png
[2011.08.19 12:03:38 | 000,028,126 | ---- | M] () -- \Program Files\CyberLink\PowerDVD11\Movie\PK\subsys\PyImpLoader\PyImpLoader.kc
[2011.08.19 12:03:38 | 000,120,104 | ---- | M] () -- \Program Files\CyberLink\PowerDVD11\Movie\PK\subsys\PyImpLoader\_PyImpLoader.pyd
[2011.08.12 09:26:27 | 000,012,088 | ---- | M] () -- \Program Files\CyberLink\PowerDVD11\Movie\PowerDVD Cinema\mm\MediaCtrl\ImageLoader.kc
[2011.08.12 09:26:28 | 000,002,692 | ---- | M] () -- \Program Files\CyberLink\PowerDVD11\Movie\PowerDVD Cinema\Presentation\Common\D3D9Loader.kc
[2011.08.16 12:03:40 | 000,012,022 | ---- | M] () -- \Program Files\CyberLink\PowerDVD11\Movie\PowerDVD Cox\mm\MediaCtrl\ImageLoader.kc
[2011.08.24 03:13:48 | 000,001,731 | ---- | M] () -- \Program Files\CyberLink\PowerDVD11\System\FlvLoader.swf
[2011.08.24 03:13:48 | 000,001,949 | ---- | M] () -- \Program Files\CyberLink\PowerDVD11\System\KernelCtrl\D3D9Loader.kc
[2011.08.24 03:13:49 | 000,056,487 | ---- | M] () -- \Program Files\CyberLink\PowerDVD11\System\KernelCtrl\ImageLoader2.kc
[2011.08.24 03:13:50 | 000,004,045 | ---- | M] () -- \Program Files\CyberLink\PowerDVD11\Widget\langloader.kc
[2011.08.24 03:13:50 | 000,014,262 | ---- | M] () -- \Program Files\CyberLink\PowerDVD11\Widget\layoutloader.kc
[2009.05.31 03:21:00 | 000,071,008 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2012.02.03 10:47:14 | 000,069,120 | ---- | M] () -- \Program Files\Samsung\Kies\Common\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.dll
[2012.02.03 10:50:26 | 000,131,984 | ---- | M] () -- \Program Files\Samsung\Kies\External\FirmwareUpdate\BinaryLoaderMgr.exe
[2010.03.15 11:28:24 | 000,045,056 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2012.06.18 12:39:40 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012.06.18 12:39:40 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2012.06.18 12:39:40 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012.06.18 12:39:40 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2011.08.30 13:27:30 | 000,000,872 | ---- | M] () -- \Users\Marťas\AppData\Local\SRDownloader(1).nast
[2012.02.18 21:21:46 | 000,017,123 | ---- | M] () -- \Users\Marťas\AppData\Local\SRDownloader(2).err
[2012.02.19 20:16:52 | 000,001,040 | ---- | M] () -- \Users\Marťas\AppData\Local\SRDownloader(2).nast
[2011.08.29 21:09:11 | 000,018,387 | ---- | M] () -- \Users\Marťas\AppData\Local\SRDownloader.err
[2011.09.10 16:57:39 | 000,002,200 | ---- | M] () -- \Users\Marťas\AppData\Local\SRDownloader.nast
[2012.07.26 08:40:22 | 000,000,652 | ---- | M] () -- \Users\Marťas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NFIXE336\AdLoader[1].htm
[2012.07.26 08:40:22 | 000,010,519 | ---- | M] () -- \Users\Marťas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OBOO11FD\AdLoader-aee74f28845638b42a47bb02dc06a7c6.min[1].js
[2012.07.04 10:24:29 | 000,904,192 | ---- | M] () -- \Users\Marťas\Desktop\SRDownloader.exe
[2012.07.25 08:57:30 | 000,001,056 | ---- | M] () -- \Users\Marťas\Desktop\SRDownloader.nast
[2011.05.02 08:33:34 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2010.07.23 13:45:22 | 010,745,176 | R--- | M] () -- \Windows\Installer\$PatchCache$\UnManaged\S-1-5-21-892274279-3574375534-938609954-1000\366F0365CC82E4D45814DBB9C0D0637E\5.0.1\Loader.exe.24CE78C0_7BB7_4BB7_83E3_BB689AA09A22
[2010.07.23 13:45:22 | 000,578,904 | R--- | M] () -- \Windows\Installer\$PatchCache$\UnManaged\S-1-5-21-892274279-3574375534-938609954-1000\366F0365CC82E4D45814DBB9C0D0637E\5.0.1\loaderclient.dll.24CE78C0_7BB7_4BB7_83E3_BB689AA09A22
[2010.07.23 13:45:24 | 000,300,376 | R--- | M] () -- \Windows\Installer\$PatchCache$\UnManaged\S-1-5-21-892274279-3574375534-938609954-1000\366F0365CC82E4D45814DBB9C0D0637E\5.0.1\loaderres1025.dll.24CE78C0_7BB7_4BB7_83E3_BB689AA09A22
[2010.07.23 13:45:24 | 000,247,128 | R--- | M] () -- \Windows\Installer\$PatchCache$\UnManaged\S-1-5-21-892274279-3574375534-938609954-1000\366F0365CC82E4D45814DBB9C0D0637E\5.0.1\LoaderRes1028.dll.24CE78C0_7BB7_4BB7_83E3_BB689AA09A22
[2010.07.23 13:45:24 | 000,312,664 | R--- | M] () -- \Windows\Installer\$PatchCache$\UnManaged\S-1-5-21-892274279-3574375534-938609954-1000\366F0365CC82E4D45814DBB9C0D0637E\5.0.1\LoaderRes1029.dll.24CE78C0_7BB7_4BB7_83E3_BB689AA09A22
[2010.07.23 13:45:26 | 000,329,048 | R--- | M] () -- \Windows\Installer\$PatchCache$\UnManaged\S-1-5-21-892274279-3574375534-938609954-1000\366F0365CC82E4D45814DBB9C0D0637E\5.0.1\LoaderRes1031.dll.24CE78C0_7BB7_4BB7_83E3_BB689AA09A22
[2010.07.23 13:45:26 | 000,333,144 | R--- | M] () -- \Windows\Installer\$PatchCache$\UnManaged\S-1-5-21-892274279-3574375534-938609954-1000\366F0365CC82E4D45814DBB9C0D0637E\5.0.1\loaderres1032.dll.24CE78C0_7BB7_4BB7_83E3_BB689AA09A22
[2010.07.23 13:45:28 | 000,333,144 | R--- | M] () -- \Windows\Installer\$PatchCache$\UnManaged\S-1-5-21-892274279-3574375534-938609954-1000\366F0365CC82E4D45814DBB9C0D0637E\5.0.1\LoaderRes1034.dll.24CE78C0_7BB7_4BB7_83E3_BB689AA09A22
[2010.07.23 13:45:28 | 000,333,144 | R--- | M] () -- \Windows\Installer\$PatchCache$\UnManaged\S-1-5-21-892274279-3574375534-938609954-1000\366F0365CC82E4D45814DBB9C0D0637E\5.0.1\LoaderRes1036.dll.24CE78C0_7BB7_4BB7_83E3_BB689AA09A22
[2010.07.23 13:45:28 | 000,288,088 | R--- | M] () -- \Windows\Installer\$PatchCache$\UnManaged\S-1-5-21-892274279-3574375534-938609954-1000\366F0365CC82E4D45814DBB9C0D0637E\5.0.1\loaderres1037.dll.24CE78C0_7BB7_4BB7_83E3_BB689AA09A22
[2010.07.23 13:45:30 | 000,316,760 | R--- | M] () -- \Windows\Installer\$PatchCache$\UnManaged\S-1-5-21-892274279-3574375534-938609954-1000\366F0365CC82E4D45814DBB9C0D0637E\5.0.1\LoaderRes1038.dll.24CE78C0_7BB7_4BB7_83E3_BB689AA09A22
[2010.07.23 13:45:30 | 000,329,048 | R--- | M] () -- \Windows\Installer\$PatchCache$\UnManaged\S-1-5-21-892274279-3574375534-938609954-1000\366F0365CC82E4D45814DBB9C0D0637E\5.0.1\LoaderRes1040.dll.24CE78C0_7BB7_4BB7_83E3_BB689AA09A22
[2010.07.23 13:45:32 | 000,267,608 | R--- | M] () -- \Windows\Installer\$PatchCache$\UnManaged\S-1-5-21-892274279-3574375534-938609954-1000\366F0365CC82E4D45814DBB9C0D0637E\5.0.1\LoaderRes1041.dll.24CE78C0_7BB7_4BB7_83E3_BB689AA09A22
[2010.07.23 13:45:32 | 000,263,512 | R--- | M] () -- \Windows\Installer\$PatchCache$\UnManaged\S-1-5-21-892274279-3574375534-938609954-1000\366F0365CC82E4D45814DBB9C0D0637E\5.0.1\LoaderRes1042.dll.24CE78C0_7BB7_4BB7_83E3_BB689AA09A22
[2010.07.23 13:45:32 | 000,320,856 | R--- | M] () -- \Windows\Installer\$PatchCache$\UnManaged\S-1-5-21-892274279-3574375534-938609954-1000\366F0365CC82E4D45814DBB9C0D0637E\5.0.1\loaderres1043.dll.24CE78C0_7BB7_4BB7_83E3_BB689AA09A22
[2010.07.23 13:45:34 | 000,320,856 | R--- | M] () -- \Windows\Installer\$PatchCache$\UnManaged\S-1-5-21-892274279-3574375534-938609954-1000\366F0365CC82E4D45814DBB9C0D0637E\5.0.1\LoaderRes1045.dll.24CE78C0_7BB7_4BB7_83E3_BB689AA09A22
[2010.07.23 13:45:34 | 000,320,856 | R--- | M] () -- \Windows\Installer\$PatchCache$\UnManaged\S-1-5-21-892274279-3574375534-938609954-1000\366F0365CC82E4D45814DBB9C0D0637E\5.0.1\LoaderRes1046.dll.24CE78C0_7BB7_4BB7_83E3_BB689AA09A22
[2010.07.23 13:45:34 | 000,316,760 | R--- | M] () -- \Windows\Installer\$PatchCache$\UnManaged\S-1-5-21-892274279-3574375534-938609954-1000\366F0365CC82E4D45814DBB9C0D0637E\5.0.1\LoaderRes1049.dll.24CE78C0_7BB7_4BB7_83E3_BB689AA09A22
[2010.07.23 13:45:36 | 000,308,568 | R--- | M] () -- \Windows\Installer\$PatchCache$\UnManaged\S-1-5-21-892274279-3574375534-938609954-1000\366F0365CC82E4D45814DBB9C0D0637E\5.0.1\LoaderRes1055.dll.24CE78C0_7BB7_4BB7_83E3_BB689AA09A22
[2010.07.23 13:45:36 | 000,316,760 | R--- | M] () -- \Windows\Installer\$PatchCache$\UnManaged\S-1-5-21-892274279-3574375534-938609954-1000\366F0365CC82E4D45814DBB9C0D0637E\5.0.1\loaderres1057.dll.24CE78C0_7BB7_4BB7_83E3_BB689AA09A22
[2010.07.23 13:45:38 | 000,243,032 | R--- | M] () -- \Windows\Installer\$PatchCache$\UnManaged\S-1-5-21-892274279-3574375534-938609954-1000\366F0365CC82E4D45814DBB9C0D0637E\5.0.1\LoaderRes2052.dll.24CE78C0_7BB7_4BB7_83E3_BB689AA09A22
[2010.07.23 13:45:38 | 000,329,048 | R--- | M] () -- \Windows\Installer\$PatchCache$\UnManaged\S-1-5-21-892274279-3574375534-938609954-1000\366F0365CC82E4D45814DBB9C0D0637E\5.0.1\loaderres2070.dll.24CE78C0_7BB7_4BB7_83E3_BB689AA09A22
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[1996.10.15 09:53:16 | 000,078,848 | ---- | M] () -- \Windows\System32\INLOADER.DLL
[2009.07.14 06:54:01 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2009.07.14 10:43:57 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
OTL by OldTimer - Version 3.2.54.1 Folder = C:\Users\Marťas\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,90 Gb Total Physical Memory | 1,87 Gb Available Physical Memory | 64,56% Memory free
3,10 Gb Paging File | 2,09 Gb Available in Paging File | 67,41% Paging File free
Paging file location(s): c:\pagefile.sys 200 5000 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 87,94 Gb Free Space | 59,01% Space Free | Partition Type: NTFS
Drive D: | 4,22 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: MARŤAS-PC | User Name: Marťas | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2012.07.26 08:15:10 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Marťas\Desktop\OTL.exe
PRC - [2012.07.18 20:00:20 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012.07.03 18:21:30 | 004,273,976 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2012.07.03 18:21:29 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2012.01.10 16:16:10 | 000,491,040 | ---- | M] () -- C:\Program Files\Seznam.cz\bin\postak.exe
PRC - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.11.11 12:57:55 | 000,069,632 | ---- | M] () -- C:\Windows\SRNTService.exe
PRC - [2011.05.09 17:38:06 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.11.20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2007.07.24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
========== Modules (No Company Name) ==========
MOD - [2012.07.18 20:00:19 | 002,003,424 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012.01.10 16:16:10 | 000,491,040 | ---- | M] () -- C:\Program Files\Seznam.cz\bin\postak.exe
MOD - [2012.01.10 14:51:40 | 000,822,816 | ---- | M] () -- C:\Program Files\Seznam.cz\bin\email.4.dll
MOD - [2012.01.10 14:51:14 | 001,151,520 | ---- | M] () -- C:\Program Files\Seznam.cz\bin\core.4.dll
MOD - [2010.03.15 11:28:24 | 000,141,824 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2012.07.18 20:00:20 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.07.12 19:50:06 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.07.03 18:21:29 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.07.03 13:19:28 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.11.11 12:57:55 | 000,069,632 | ---- | M] () [Auto | Running] -- C:\Windows\SRNTService.exe -- (RegServ)
SRV - [2011.08.26 08:00:22 | 000,292,136 | ---- | M] (CyberLink) [Disabled | Stopped] -- C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe -- (CyberLink PowerDVD 11.0 Service)
SRV - [2011.08.26 08:00:19 | 000,075,048 | ---- | M] (CyberLink) [Disabled | Stopped] -- C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe -- (CyberLink PowerDVD 11.0 Monitor Service)
SRV - [2011.08.24 03:13:43 | 000,083,240 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe -- (CLHNServiceForPowerDVD)
SRV - [2010.06.29 11:36:02 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010.05.26 09:24:02 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [Disabled | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009.07.14 03:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.07.24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2006.05.23 23:49:14 | 000,024,576 | ---- | M] (Syntek America Inc.) [Disabled | Stopped] -- C:\Windows\System32\StkASv2K.exe -- (StkASSrv)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\VBoxNetFlt.sys -- (VBoxNetFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbmodem.sys -- (USBModem)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbdiag.sys -- (UsbDiag)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbbus.sys -- (usbbus)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\RimUsb.sys -- (RimUsb)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgvmodem.sys -- (LGVMODEM)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgbtbus.sys -- (lgbusenum)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgbtport.sys -- (LgBttPort)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\GIGABYTE\ET6\i386\AODDriver.sys -- (AODDriver)
DRV - [2012.07.03 18:21:54 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.07.03 18:21:53 | 000,721,000 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.07.03 18:21:53 | 000,353,688 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.07.03 18:21:53 | 000,057,656 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012.07.03 18:21:53 | 000,044,784 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2012.07.03 18:21:53 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011.12.19 15:12:00 | 000,104,752 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV - [2011.10.27 03:25:40 | 000,136,808 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2011.10.27 03:25:40 | 000,121,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus)
DRV - [2011.10.27 03:25:40 | 000,114,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadserd.sys -- (ssadserd)
DRV - [2011.10.27 03:25:40 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadadb.sys -- (androidusb)
DRV - [2011.10.27 03:25:40 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV - [2011.08.25 14:06:52 | 000,077,296 | ---- | M] (CyberLink Corp.) [2011/10/30 10:08:55] [Kernel | Auto | Running] -- C:\Program Files\CyberLink\PowerDVD11\Common\NavFilter\000.fcl -- ({329F96B6-DF1E-4328-BFDA-39EA953C1312})
DRV - [2011.08.24 03:13:44 | 000,071,664 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD.sys -- (ntk_PowerDVD)
DRV - [2011.07.06 19:44:42 | 000,036,736 | ---- | M] (Fengtao Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vdrive.sys -- (vdrive)
DRV - [2011.07.06 19:44:40 | 000,012,672 | ---- | M] (Fengtao Software Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\dvdfabio.sys -- (dvdfabio)
DRV - [2011.01.11 11:51:27 | 000,025,280 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2010.12.13 10:19:16 | 000,017,488 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\etdrv.sys -- (etdrv)
DRV - [2010.12.13 10:17:59 | 000,024,944 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\GVTDrv.sys -- (GVTDrv)
DRV - [2010.11.20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.11.20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010.07.12 13:49:18 | 000,060,104 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ftdibus.sys -- (FTDIBUS)
DRV - [2010.07.12 13:48:56 | 000,073,032 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ftser2k.sys -- (FTSER2K)
DRV - [2010.05.30 11:56:50 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2010.02.11 09:42:22 | 004,450,816 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2010.01.07 21:09:14 | 000,126,976 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService)
DRV - [2008.08.26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.07.24 00:29:16 | 000,047,744 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vserial.sys -- (vserial)
DRV - [2008.07.24 00:29:16 | 000,015,264 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vsb.sys -- (vsbus)
DRV - [2007.11.15 20:33:42 | 000,468,096 | ---- | M] (Syntek) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\StkTMini.sys -- (StkTMini)
DRV - [2007.11.14 20:08:52 | 000,186,592 | ---- | M] (Jungo) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\windrvr6.sys -- (WinDriver6)
DRV - [2006.09.27 05:01:36 | 000,241,628 | ---- | M] (Syntek America Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\StkAMini.sys -- (StkAMini)
DRV - [2006.09.24 15:28:46 | 000,005,248 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot | Running] -- C:\Windows\System32\speedfan.sys -- (speedfan)
DRV - [2006.08.02 08:44:04 | 000,004,772 | ---- | M] (Syntek America Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\StkScan.sys -- (StkScan)
DRV - [2005.09.23 23:18:32 | 000,171,520 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MarvinBus.sys -- (MarvinBus)
DRV - [2004.03.23 16:24:14 | 000,024,151 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\HDUSB.sys -- (HDUSB)
DRV - [1996.04.03 21:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\giveio.sys -- (giveio)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}: "URL" = http://search.qip.ru/?query={searchTerms}
IE - HKLM\..\SearchScopes\{b0441a0e-a49a-4e16-afc1-74ecced1921f}: "URL" = http://search.mywebsearch.com/mywebsear ... earchTerms}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-892274279-3574375534-938609954-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
IE - HKU\S-1-5-21-892274279-3574375534-938609954-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
IE - HKU\S-1-5-21-892274279-3574375534-938609954-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
IE - HKU\S-1-5-21-892274279-3574375534-938609954-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
IE - HKU\S-1-5-21-892274279-3574375534-938609954-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
IE - HKU\S-1-5-21-892274279-3574375534-938609954-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 23 D0 B5 D7 43 FC CA 01 [binary data]
IE - HKU\S-1-5-21-892274279-3574375534-938609954-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-892274279-3574375534-938609954-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-892274279-3574375534-938609954-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-892274279-3574375534-938609954-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_265.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2012.07.20 09:48:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.07.18 20:00:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.04.12 13:11:40 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.07.18 20:00:20 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.04.12 13:11:40 | 000,000,000 | ---D | M]
[2012.03.04 17:36:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marťas\AppData\Roaming\Mozilla\Extensions
[2012.03.04 17:36:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marťas\AppData\Roaming\Mozilla\Extensions\{ae2cff10-0d52-4066-8be9-4abcf119fa78}
[2012.06.26 16:09:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marťas\AppData\Roaming\Mozilla\Firefox\Profiles\s8dfs4ux.default\extensions
[2012.07.25 09:39:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012.07.18 20:00:20 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.04.02 11:18:49 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012.06.01 20:01:06 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2012.06.01 20:01:06 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2012.06.01 20:01:06 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2012.06.01 20:01:06 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.06.01 20:01:06 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (no name) - {6B5863A0-C43F-4C0A-982B-CC0E9125783F} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Ukazatel S-Rank) - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\bin\core.4.dll ()
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [avast] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKU\.DEFAULT..\Run: [RSRWin.exe] C:\Windows\RSRWin.exe File not found
O4 - HKU\S-1-5-18..\Run: [RSRWin.exe] C:\Windows\RSRWin.exe File not found
O4 - HKU\S-1-5-19..\Run: [RSRWin.exe] C:\Windows\RSRWin.exe File not found
O4 - HKU\S-1-5-20..\Run: [RSRWin.exe] C:\Windows\RSRWin.exe File not found
O4 - HKU\S-1-5-21-892274279-3574375534-938609954-1000..\Run: [RSRWin.exe] C:\Windows\RSRWin.exe File not found
O4 - HKU\S-1-5-21-892274279-3574375534-938609954-1000..\Run: [Seznam Postak] C:\Program Files\Seznam.cz\bin\postak.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-892274279-3574375534-938609954-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 213.46.172.37
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6EF3D616-003C-4364-A194-C6BE58F794D3}: DhcpNameServer = 213.46.172.36 213.46.172.37
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{23ec19a4-5bfb-11e1-950b-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{23ec19a4-5bfb-11e1-950b-806e6f6e6963}\Shell\AutoRun\command - "" = F:\setup.exe
O33 - MountPoints2\{4217567c-1c80-11e0-9b5a-6cf0492e15f6}\Shell - "" = AutoRun
O33 - MountPoints2\{4217567c-1c80-11e0-9b5a-6cf0492e15f6}\Shell\AutoRun\command - "" = F:\Startme.exe
O33 - MountPoints2\{7dafd159-9889-11df-90a5-6cf0492e15f6}\Shell - "" = AutoRun
O33 - MountPoints2\{7dafd159-9889-11df-90a5-6cf0492e15f6}\Shell\AutoRun\command - "" = F:\USBAutoRun.exe
O33 - MountPoints2\{872517fc-1e52-11e1-8717-6cf0492e15f6}\Shell - "" = AutoRun
O33 - MountPoints2\{872517fc-1e52-11e1-8717-6cf0492e15f6}\Shell\AutoRun\command - "" = E:\AS2012_setup.exe
O33 - MountPoints2\{ac9772ae-6898-11df-9c19-6cf0492e15f6}\Shell - "" = AutoRun
O33 - MountPoints2\{ac9772ae-6898-11df-9c19-6cf0492e15f6}\Shell\AutoRun\command - "" = F:\USBAutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
Drivers32: msacm.ac3acm - C:\Windows\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.ac3filter - C:\Windows\System32\ac3filter.acm ()
Drivers32: msacm.divxa32 - C:\Windows\System32\DivXa32.acm (Packed With Joy !)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Windows\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: VIDC.FMVC - C:\Windows\System32\fmcodec.DLL (Fox Magic Software)
Drivers32: vidc.lags - C:\Windows\System32\Lagarith.dll ( )
Drivers32: VIDC.XVID - C:\Windows\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\Windows\System32\yv12vfw.dll (www.helixcommunity.org)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2012.07.26 08:15:03 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Marťas\Desktop\OTL.exe
[2012.07.25 11:09:19 | 003,948,600 | R--- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrlStaforce.exe
[2012.07.22 11:24:49 | 000,000,000 | ---D | C] -- C:\Users\Marťas\AppData\Local\Adobe
========== Files - Modified Within 7 Days ==========
[2012.07.26 08:21:05 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.07.26 08:19:46 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.07.26 08:18:38 | 000,014,640 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.07.26 08:18:38 | 000,014,640 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.07.26 08:15:10 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Marťas\Desktop\OTL.exe
[2012.07.26 08:11:34 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.07.26 08:11:16 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.07.26 08:11:08 | 2337,660,928 | -HS- | M] () -- C:\hiberfil.sys
[2012.07.25 21:50:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.07.25 10:13:01 | 000,001,087 | ---- | M] () -- C:\Users\Marťas\Dokumenty – zástupce.lnk
[2012.07.25 09:40:35 | 000,000,012 | ---- | M] () -- C:\Windows\Ulead32.ini
[2012.07.25 08:57:30 | 000,001,056 | ---- | M] () -- C:\Users\Marťas\Desktop\SRDownloader.nast
[2012.07.23 13:08:03 | 000,631,054 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2012.07.23 13:08:03 | 000,615,810 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.07.23 13:08:03 | 000,121,708 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2012.07.23 13:08:03 | 000,106,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.07.20 09:48:11 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
========== Files Created - No Company Name ==========
[2012.07.26 08:19:46 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.07.25 10:13:01 | 000,001,087 | ---- | C] () -- C:\Users\Marťas\Dokumenty – zástupce.lnk
[2012.03.24 09:03:22 | 000,000,026 | ---- | C] () -- C:\Windows\Asde_SusX70p3.ini
[2012.03.24 09:03:22 | 000,000,026 | ---- | C] () -- C:\Windows\Asde_Renault.ini
[2012.03.24 09:03:22 | 000,000,026 | ---- | C] () -- C:\Windows\Asde_InjX83P2.ini
[2012.03.24 09:03:22 | 000,000,026 | ---- | C] () -- C:\Windows\Asde_InjX70P3.ini
[2012.03.24 09:03:22 | 000,000,026 | ---- | C] () -- C:\Windows\Asde_Dacia.ini
[2012.03.24 09:03:22 | 000,000,008 | ---- | C] () -- C:\Windows\5800Hard.ini
[2012.02.06 01:22:10 | 004,423,168 | ---- | C] () -- C:\Windows\System32\ffmpeg.dll
[2012.01.28 21:11:16 | 000,172,032 | ---- | C] () -- C:\Windows\System32\libbluray.dll
[2012.01.28 21:11:10 | 006,414,616 | ---- | C] () -- C:\Windows\System32\avcodec-lav-53.dll
[2012.01.28 21:11:10 | 001,009,392 | ---- | C] () -- C:\Windows\System32\avformat-lav-53.dll
[2012.01.28 21:11:10 | 000,360,729 | ---- | C] () -- C:\Windows\System32\swscale-lav-2.dll
[2012.01.28 21:11:10 | 000,203,818 | ---- | C] () -- C:\Windows\System32\avutil-lav-51.dll
[2012.01.28 21:11:10 | 000,138,774 | ---- | C] () -- C:\Windows\System32\avfilter-lav-2.dll
[2012.01.28 01:54:44 | 000,079,360 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2012.01.28 01:53:00 | 000,260,608 | ---- | C] () -- C:\Windows\System32\TomsMoComp_ff.dll
[2012.01.28 01:52:46 | 000,158,720 | ---- | C] () -- C:\Windows\System32\ff_unrar.dll
[2012.01.28 01:52:44 | 000,099,840 | ---- | C] () -- C:\Windows\System32\ff_wmv9.dll
[2012.01.28 01:52:42 | 001,525,248 | ---- | C] () -- C:\Windows\System32\ff_samplerate.dll
[2012.01.28 01:52:42 | 000,328,704 | ---- | C] () -- C:\Windows\System32\ff_libfaad2.dll
[2012.01.28 01:52:42 | 000,146,944 | ---- | C] () -- C:\Windows\System32\ff_libmad.dll
[2012.01.28 01:52:40 | 000,212,480 | ---- | C] () -- C:\Windows\System32\ff_libdts.dll
[2012.01.28 01:52:40 | 000,115,200 | ---- | C] () -- C:\Windows\System32\ff_liba52.dll
[2012.01.28 01:52:38 | 000,137,728 | ---- | C] () -- C:\Windows\System32\libmpeg2_ff.dll
[2012.01.11 19:24:21 | 000,007,602 | ---- | C] () -- C:\Users\Marťas\AppData\Local\Resmon.ResmonCfg
[2011.12.09 09:24:55 | 000,061,440 | ---- | C] () -- C:\Windows\System32\RCF.DLL
[2011.12.07 21:32:24 | 000,216,064 | ---- | C] ( ) -- C:\Windows\System32\Lagarith.dll
[2011.12.04 14:53:00 | 000,143,360 | ---- | C] () -- C:\Windows\System32\unzip.exe
[2011.11.29 17:38:18 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011.11.11 17:21:28 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll
[2011.11.11 17:21:27 | 000,005,120 | ---- | C] () -- C:\Windows\System32\HdmiCoin.dll
[2011.11.11 17:21:26 | 000,982,240 | ---- | C] () -- C:\Windows\System32\igkrng500.bin
[2011.11.11 17:21:26 | 000,439,308 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin
[2011.11.11 17:21:26 | 000,092,356 | ---- | C] () -- C:\Windows\System32\igfcg500m.bin
[2011.11.11 12:59:55 | 000,000,000 | ---- | C] () -- C:\Users\Marťas\AppData\Local\{86CF5A38-13BE-4FA4-BFA2-DA14DBFA2BD3}
[2011.11.11 12:57:54 | 000,069,632 | ---- | C] () -- C:\Windows\SRNTService.exe
[2011.11.11 12:52:41 | 000,000,122 | ---- | C] () -- C:\Windows\Versions.ini
[2011.11.11 12:51:55 | 000,000,044 | ---- | C] () -- C:\Windows\OdbcDdp.INI
[2011.11.11 12:51:52 | 000,000,396 | ---- | C] () -- C:\Windows\ODBC.INI
[2011.11.11 12:51:51 | 000,000,449 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2011.09.08 16:00:52 | 000,150,528 | ---- | C] () -- C:\Windows\System32\mkx.dll
[2011.09.08 16:00:48 | 000,142,336 | ---- | C] () -- C:\Windows\System32\mp4.dll
[2011.09.08 16:00:42 | 000,123,392 | ---- | C] () -- C:\Windows\System32\ogm.dll
[2011.09.08 16:00:38 | 000,249,856 | ---- | C] () -- C:\Windows\System32\dxr.dll
[2011.09.08 16:00:34 | 000,113,152 | ---- | C] () -- C:\Windows\System32\dsmux.exe
[2011.09.08 16:00:24 | 000,154,624 | ---- | C] () -- C:\Windows\System32\ts.dll
[2011.09.08 16:00:10 | 000,137,728 | ---- | C] () -- C:\Windows\System32\mkv2vfr.exe
[2011.09.08 16:00:06 | 000,358,400 | ---- | C] () -- C:\Windows\System32\gdsmux.exe
[2011.09.08 15:59:54 | 000,080,384 | ---- | C] () -- C:\Windows\System32\mkzlib.dll
[2011.09.08 15:59:52 | 000,024,576 | ---- | C] () -- C:\Windows\System32\mkunicode.dll
[2011.09.04 10:28:37 | 000,017,123 | ---- | C] () -- C:\Users\Marťas\AppData\Local\SRDownloader(2).err
[2011.09.04 10:28:36 | 000,001,040 | ---- | C] () -- C:\Users\Marťas\AppData\Local\SRDownloader(2).nast
[2011.08.30 13:27:30 | 000,000,872 | ---- | C] () -- C:\Users\Marťas\AppData\Local\SRDownloader(1).nast
[2011.07.15 11:29:31 | 000,000,000 | ---- | C] () -- C:\Users\Marťas\AppData\Local\{F65C0CB8-2F8C-4B32-811D-1309587A27D3}
[2011.07.05 18:05:34 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011.06.28 19:32:40 | 000,000,000 | ---- | C] () -- C:\Users\Marťas\AppData\Local\{8F0BE7D2-81EF-489F-AC9F-6DEF4E0286A5}
[2011.06.07 11:13:38 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2011.06.07 11:13:38 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2011.06.07 11:13:38 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2011.06.07 11:13:38 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2011.05.30 15:42:50 | 000,240,640 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011.05.23 09:46:30 | 000,645,632 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2011.03.03 13:39:56 | 000,109,568 | ---- | C] () -- C:\Windows\System32\avi.dll
[2011.03.03 13:38:10 | 000,097,792 | ---- | C] () -- C:\Windows\System32\avs.dll
[2011.03.03 13:37:50 | 000,093,184 | ---- | C] () -- C:\Windows\System32\avss.dll
[2011.02.26 12:33:10 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2011.01.22 10:33:30 | 000,008,192 | ---- | C] () -- C:\Users\Marťas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.12.13 10:33:46 | 000,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2010.10.13 19:00:37 | 000,018,387 | ---- | C] () -- C:\Users\Marťas\AppData\Local\SRDownloader.err
[2010.10.13 15:29:12 | 001,425,408 | ---- | C] () -- C:\Windows\System32\Franta Potrubář.exe
[2010.10.02 11:38:11 | 000,002,200 | ---- | C] () -- C:\Users\Marťas\AppData\Local\SRDownloader.nast
[2010.09.12 13:44:05 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010.09.12 12:45:27 | 000,000,012 | ---- | C] () -- C:\Windows\Ulead32.ini
[2010.09.01 17:58:52 | 000,002,516 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010.09.01 17:58:52 | 000,000,088 | RHS- | C] () -- C:\ProgramData\2037CFAF9D.sys
[2010.08.25 19:57:00 | 000,000,151 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config
[2010.08.25 19:52:00 | 000,208,896 | ---- | C] () -- C:\Windows\System32\iglhsip32.dll
[2010.08.25 19:52:00 | 000,143,360 | ---- | C] () -- C:\Windows\System32\iglhcp32.dll
[2010.08.20 18:40:54 | 000,000,000 | -H-- | C] () -- C:\Windows\msds.dat
[2010.08.18 21:56:38 | 000,000,151 | ---- | C] () -- C:\Windows\System32\Registration.ini
[2010.05.26 19:43:46 | 000,000,048 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
========== LOP Check ==========
[2012.03.04 17:36:45 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\Actia
[2012.07.22 06:24:54 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\BitTorrent
[2010.06.02 14:00:28 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\BlackBean
[2011.05.21 18:52:01 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\Canneverbe Limited
[2010.05.30 12:04:53 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\DAEMON Tools Lite
[2011.03.26 09:08:19 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\Foxit Software
[2012.03.27 19:30:43 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\GARMIN
[2010.05.28 16:12:34 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\GHISLER
[2010.11.25 12:25:05 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\InfraRecorder
[2010.05.26 09:59:19 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\LG Electronics
[2010.05.28 11:23:17 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\Mikrotik
[2011.01.30 17:42:27 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\Mirillis
[2012.06.07 15:00:50 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\Nokia
[2012.05.11 06:31:57 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\PC Suite
[2011.12.12 00:02:09 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\QIP
[2011.02.26 19:37:25 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\Rovio
[2011.12.23 11:44:43 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\Samsung
[2012.04.16 15:43:25 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\ScanMaster-ELM
[2012.04.08 08:46:41 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\TeamViewer
[2012.03.13 09:39:47 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\Temp
[2010.10.19 11:45:21 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\TuneUp Software
[2012.01.14 12:23:27 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\Ubisoft
[2010.05.30 09:14:35 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\Ulead Systems
[2012.06.14 19:13:04 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\Z-Software
[2010.09.09 08:40:12 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\Zoner
[2012.05.20 09:37:01 | 000,032,538 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< >
< >
< MD5 for: ATAPI.SYS >
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2009.07.14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2010.11.20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010.11.20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010.11.20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe
< MD5 for: HAL.DLL >
[2010.11.20 14:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010.11.20 14:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
[2009.07.14 03:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll
< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
< MD5 for: TCPIP.SYS >
[2011.04.25 06:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys
[2011.06.21 07:34:23 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=04E4A7D53A7ACE02E8C55B17A498F631 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_b513df73c4b4f466\tcpip.sys
[2011.09.29 18:02:44 | 001,301,872 | ---- | M] (Microsoft Corporation) MD5=22F7E7CBCA308DEE3428B097D4F8A61C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_b38e8546e0cbe4a1\tcpip.sys
[2011.04.25 06:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2009.07.14 03:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2010.11.20 14:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2011.09.29 18:17:18 | 001,303,920 | ---- | M] (Microsoft Corporation) MD5=3C1C41E317710F74CEC1E7F0D5325993 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_b5a84e10ddca7566\tcpip.sys
[2012.03.30 12:29:05 | 001,287,024 | ---- | M] (Microsoft Corporation) MD5=55E9965552741F3850CB22CBBA9671ED -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_b2f57423c7b8dea8\tcpip.sys
[2011.09.29 17:43:37 | 001,285,488 | ---- | M] (Microsoft Corporation) MD5=56C198AC82EFA622DD93E9E43575F79C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_b2f8731bc7b62d86\tcpip.sys
[2011.09.29 18:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_b4d1ffa1c4e682b5\tcpip.sys
[2011.04.25 08:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2012.03.30 12:23:11 | 001,291,632 | ---- | M] (Microsoft Corporation) MD5=7FA2E0F8B072BD04B77B421480B6CC22 -- C:\Windows\System32\drivers\tcpip.sys
[2012.03.30 12:23:11 | 001,291,632 | ---- | M] (Microsoft Corporation) MD5=7FA2E0F8B072BD04B77B421480B6CC22 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_b52e5147c4a202d7\tcpip.sys
[2011.04.25 06:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys
[2012.03.30 11:04:23 | 001,306,480 | ---- | M] (Microsoft Corporation) MD5=88FCDB9923EFECA207B3CEBD24407126 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_b583df0adde66104\tcpip.sys
[2011.06.21 07:30:45 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=93C444D118B184452132357C322124CD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_b3703df4e0e237e0\tcpip.sys
[2010.06.14 08:06:58 | 001,288,576 | ---- | M] (Microsoft Corporation) MD5=A39EA325C081AD27461F630C8E3E56E0 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_b3b219fae0b0af43\tcpip.sys
[2010.06.14 08:12:30 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=BB7F39C31C4A4417FD318E7CD184E225 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_b33b1c29c7858b92\tcpip.sys
[2011.06.21 07:39:53 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=C2DAAEB48F3A47C410B041A0D2382EE1 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_b32e82b7c78da1d1\tcpip.sys
[2011.06.21 08:54:00 | 001,303,424 | ---- | M] (Microsoft Corporation) MD5=DEC4940487050AE13C60C86F40E07E75 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_b583db3edde666b6\tcpip.sys
[2012.03.30 12:08:19 | 001,303,408 | ---- | M] (Microsoft Corporation) MD5=E47C2844A1605A44178F4281E4D58B3D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_b38bb990e0ccc871\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009.10.28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
< >
< %systemroot%*.* /U /s >
[6 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[6 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2012.03.04 17:36:45 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\Actia
[2011.03.26 09:11:32 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\Adobe
[2010.11.09 15:47:55 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\Ahead
[2010.11.08 11:47:18 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\Apple Computer
[2010.09.12 14:24:56 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\ATI
[2010.09.12 15:02:12 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\atitray
[2011.07.31 21:08:19 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\AVS4YOU
[2012.07.22 06:24:54 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\BitTorrent
[2010.06.02 14:00:28 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\BlackBean
[2011.05.21 18:52:01 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\Canneverbe Limited
[2010.09.01 17:58:53 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\Corel
[2011.10.30 11:04:51 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\CyberLink
[2010.05.30 12:04:53 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\DAEMON Tools Lite
[2011.12.04 15:04:29 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\FLEXnet
[2011.03.26 09:08:19 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\Foxit Software
[2012.03.27 19:30:43 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\GARMIN
[2010.05.28 16:12:34 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\GHISLER
[2011.01.16 15:31:46 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\Hamachi
[2010.11.26 14:27:59 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\HP
[2010.05.25 21:34:29 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\Identities
[2010.11.25 12:25:05 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\InfraRecorder
[2010.05.26 09:59:19 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\LG Electronics
[2010.05.25 21:37:16 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\Macromedia
[2011.01.21 17:36:37 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\Malwarebytes
[2009.07.14 11:20:15 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\Media Center Programs
[2012.07.22 06:14:33 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\Media Player Classic
[2012.03.28 13:35:03 | 000,000,000 | --SD | M] -- C:\Users\Marťas\AppData\Roaming\Microsoft
[2010.05.28 11:23:17 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\Mikrotik
[2011.01.30 17:42:27 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\Mirillis
[2010.05.25 21:54:05 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\Mozilla
[2012.06.07 15:00:50 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\Nokia
[2012.05.11 06:31:57 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\PC Suite
[2011.12.12 00:02:09 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\QIP
[2011.02.26 19:37:25 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\Rovio
[2011.12.23 11:44:43 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\Samsung
[2012.04.16 15:43:25 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\ScanMaster-ELM
[2012.07.26 08:41:42 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\Skype
[2011.07.16 18:08:46 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\skypePM
[2012.04.08 08:46:41 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\TeamViewer
[2012.03.13 09:39:47 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\Temp
[2010.10.19 11:45:21 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\TuneUp Software
[2012.01.14 12:23:27 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\Ubisoft
[2010.05.30 09:14:35 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\Ulead Systems
[2010.05.25 23:05:34 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\WinRAR
[2012.06.14 19:13:04 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\Z-Software
[2010.09.09 08:40:12 | 000,000,000 | ---D | M] -- C:\Users\Marťas\AppData\Roaming\Zoner
< %APPDATA%\*.exe /s >
[2011.11.02 05:25:32 | 000,388,096 | R--- | M] (Trend Micro Inc.) -- C:\Users\Marťas\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
[2011.02.21 11:52:51 | 000,010,134 | R--- | M] () -- C:\Users\Marťas\AppData\Roaming\Microsoft\Installer\{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}\ARPPRODUCTICON.exe
[2009.06.18 08:21:32 | 001,413,256 | R--- | M] () -- C:\Users\Marťas\AppData\Roaming\Microsoft\Windows\Templates\E\USBAutoRun.exe
[2009.05.12 08:46:36 | 000,212,992 | R--- | M] () -- C:\Users\Marťas\AppData\Roaming\Microsoft\Windows\Templates\E\tools\LGSetCDROMAutoRun.exe
[2009.06.18 08:21:32 | 001,413,256 | R--- | M] () -- C:\Users\Marťas\AppData\Roaming\Microsoft\Windows\Templates\F\USBAutoRun.exe
[2009.05.12 08:46:36 | 000,212,992 | R--- | M] () -- C:\Users\Marťas\AppData\Roaming\Microsoft\Windows\Templates\F\tools\LGSetCDROMAutoRun.exe
[2012.03.13 09:36:55 | 000,106,408 | ---- | M] () -- C:\Users\Marťas\AppData\Roaming\Samsung\Kies\FirmwareUpdateTemp\AGENT\AgentInstaller.exe
[2012.03.13 09:36:55 | 000,101,288 | ---- | M] () -- C:\Users\Marťas\AppData\Roaming\Samsung\Kies\FirmwareUpdateTemp\AGENT\AgentUpdate.exe
[2012.03.13 09:36:57 | 000,021,416 | ---- | M] () -- C:\Users\Marťas\AppData\Roaming\Samsung\Kies\FirmwareUpdateTemp\AGENT\KiesPDLR.exe
[2012.02.03 10:50:30 | 000,371,088 | ---- | M] (ml) -- C:\Users\Marťas\AppData\Roaming\Samsung\Kies\UpdateTemp\Temp\Kies.Update.exe
[2012.02.03 10:50:30 | 000,371,088 | ---- | M] (ml) -- C:\Users\Marťas\AppData\Roaming\Samsung\Kies\UpdateTemp\Updater\Kies.Update.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job >
[2012.07.25 21:50:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012.07.26 08:11:34 | 000,000,936 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012.07.26 08:21:05 | 000,000,940 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010.05.30 11:56:50 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\sptd.sys
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2012.07.26 08:18:38 | 000,014,640 | ---- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.07.26 08:18:38 | 000,014,640 | ---- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.07.23 13:08:03 | 000,121,708 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2012.07.23 13:08:03 | 000,106,190 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2012.07.23 13:08:03 | 000,631,054 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2012.07.23 13:08:03 | 000,615,810 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2012.07.23 13:08:03 | 001,470,062 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Seznam Postak" = "C:\Program Files\Seznam.cz\bin\postak.exe" -s -- [2012.01.10 16:16:10 | 000,491,040 | ---- | M] ()
"RSRWin.exe" = C:\Windows\RSRWin.exe
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AdobeUpdater]
"" =
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2012.07.18 20:00:20 | 000,913,888 | ---- | M] (Mozilla Corporation) MD5=3F677172F23FC17283D9BCE4B42E3F65 -- C:\Program Files\Mozilla Firefox\firefox.exe
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2012.06.02 11:08:27 | 000,748,664 | ---- | M] (Microsoft Corporation) MD5=34B01BBD8F00B6B9C9248DC4F1E3CD01 -- C:\Program Files\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.07.26 08:19:46 | 000,000,512 | ---- | M] () MD5=2E56EF81142F4B6A6EAEE66C542DC8B2 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2007.05.04 01:07:02 | 000,003,556 | ---- | M] () -- \Program Files\Adobe\Adobe Dreamweaver CS3\configuration\Content\Reference\PHP\CrackF.html
[2005.03.08 11:30:56 | 000,092,827 | ---- | M] () -- \Program Files\Corel\CorelDRAW Graphics Suite X4\Custom Data\Bumpmap\Cracks.cpt
[2005.03.08 11:30:58 | 000,016,068 | ---- | M] () -- \Program Files\Corel\CorelDRAW Graphics Suite X4\Custom Data\Canvas\cracks2c.pcx
[2005.03.08 11:31:08 | 000,010,560 | ---- | M] () -- \Program Files\Corel\CorelDRAW Graphics Suite X4\Custom Data\Tiles\CRACKS2M.CPT
[2012.07.25 09:46:50 | 000,000,745 | ---- | M] () -- \Users\Marťas\AppData\Roaming\Microsoft\Windows\Recent\WinRAR-3.93-plná-verze-CZ-x86-a-x64-+-CRACK.lnk
< *keygen* /s >
[2007.05.04 01:07:00 | 000,013,367 | ---- | M] () -- \Program Files\Adobe\Adobe Dreamweaver CS3\configuration\Content\Reference\HTML\KEYGEN.html
[2008.04.15 00:11:40 | 000,137,728 | ---- | M] () -- \Program Files\Corel\CorelDRAW Graphics Suite X4\Programs\keygen.exe
< *loader* /s >
[2007.03.14 19:21:36 | 004,937,904 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\Photodownloader.exe
[2007.03.14 17:07:28 | 000,011,161 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2007.03.14 17:07:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2007.03.14 17:07:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\de_de\Photodownloader.ini
[2007.03.14 17:07:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\en_us\Photodownloader.ini
[2007.03.14 17:07:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\es_es\Photodownloader.ini
[2007.03.14 17:07:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2007.03.14 17:07:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2007.03.14 17:07:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\it_it\Photodownloader.ini
[2007.03.14 17:07:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2007.03.14 17:07:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2007.03.14 17:07:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2007.03.14 17:07:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\no_no\Photodownloader.ini
[2007.03.14 17:07:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2007.03.14 17:07:30 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2007.03.14 17:07:30 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2007.03.14 17:07:30 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2007.05.04 01:09:24 | 000,037,112 | ---- | M] () -- \Program Files\Adobe\Adobe Dreamweaver CS3\configuration\Shared\MM\Media\FLVLoader.swf
[2007.03.14 17:10:18 | 000,088,333 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\ar_AE\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:10:20 | 000,025,188 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\cs_CZ\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:10:26 | 000,032,022 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\da_DK\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:10:28 | 000,032,216 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\de_DE\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:10:30 | 000,027,655 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\el_GR\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:10:36 | 000,030,891 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\en_US\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:10:38 | 000,032,399 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\es_ES\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:10:42 | 000,032,333 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\fi_FI\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:10:42 | 000,032,393 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\fr_FR\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:10:46 | 000,022,871 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\he_IL\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:10:48 | 000,025,272 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\hu_HU\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:10:50 | 000,032,109 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\it_IT\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:10:50 | 000,032,441 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\ja_JP\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:10:52 | 000,032,499 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\ko_KR\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:10:54 | 000,032,074 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\nb_NO\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:10:56 | 000,032,110 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\nl_NL\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:10:58 | 000,024,996 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\pl_PL\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:11:00 | 000,031,772 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\pt_BR\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:11:02 | 000,024,463 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\ro_RO\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:11:04 | 000,025,054 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\ru_RU\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:11:06 | 000,032,171 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\sv_SE\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:11:06 | 000,024,411 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\tr_TR\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:11:08 | 000,025,525 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\uk_UA\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:11:10 | 000,032,741 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\zh_CN\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:11:10 | 000,032,833 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\zh_TW\Bridge\2.0\images\br_photo_downloader.png
[2007.03.08 16:35:32 | 000,004,239 | ---- | M] () -- \Program Files\Common Files\Adobe\Startup Scripts CS3\Adobe Version Cue\VersionCueSDKLoader.jsx
[2007.06.27 19:03:00 | 000,177,448 | ---- | M] () -- \Program Files\Common Files\Ahead\Lib\NeGuideStoreLoader.dll
[2006.10.26 13:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 13:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2006.10.26 13:45:02 | 000,061,440 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader80.dll
[2006.10.26 13:45:02 | 000,004,608 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader80.tlb
[2011.08.24 03:13:45 | 000,000,035 | ---- | M] () -- \Program Files\CyberLink\PowerDVD11\ComLoader.ini
[2011.08.25 07:13:36 | 000,124,200 | ---- | M] () -- \Program Files\CyberLink\PowerDVD11\Common\Koan\pyloader.dll
[2011.08.24 03:13:34 | 000,002,830 | ---- | M] () -- \Program Files\CyberLink\PowerDVD11\Customizations\Generic\Style\Cascade\Media\Standard\SlideBar\ProgressLoader.png
[2011.08.19 12:03:38 | 000,028,126 | ---- | M] () -- \Program Files\CyberLink\PowerDVD11\Movie\PK\subsys\PyImpLoader\PyImpLoader.kc
[2011.08.19 12:03:38 | 000,120,104 | ---- | M] () -- \Program Files\CyberLink\PowerDVD11\Movie\PK\subsys\PyImpLoader\_PyImpLoader.pyd
[2011.08.12 09:26:27 | 000,012,088 | ---- | M] () -- \Program Files\CyberLink\PowerDVD11\Movie\PowerDVD Cinema\mm\MediaCtrl\ImageLoader.kc
[2011.08.12 09:26:28 | 000,002,692 | ---- | M] () -- \Program Files\CyberLink\PowerDVD11\Movie\PowerDVD Cinema\Presentation\Common\D3D9Loader.kc
[2011.08.16 12:03:40 | 000,012,022 | ---- | M] () -- \Program Files\CyberLink\PowerDVD11\Movie\PowerDVD Cox\mm\MediaCtrl\ImageLoader.kc
[2011.08.24 03:13:48 | 000,001,731 | ---- | M] () -- \Program Files\CyberLink\PowerDVD11\System\FlvLoader.swf
[2011.08.24 03:13:48 | 000,001,949 | ---- | M] () -- \Program Files\CyberLink\PowerDVD11\System\KernelCtrl\D3D9Loader.kc
[2011.08.24 03:13:49 | 000,056,487 | ---- | M] () -- \Program Files\CyberLink\PowerDVD11\System\KernelCtrl\ImageLoader2.kc
[2011.08.24 03:13:50 | 000,004,045 | ---- | M] () -- \Program Files\CyberLink\PowerDVD11\Widget\langloader.kc
[2011.08.24 03:13:50 | 000,014,262 | ---- | M] () -- \Program Files\CyberLink\PowerDVD11\Widget\layoutloader.kc
[2009.05.31 03:21:00 | 000,071,008 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2012.02.03 10:47:14 | 000,069,120 | ---- | M] () -- \Program Files\Samsung\Kies\Common\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.dll
[2012.02.03 10:50:26 | 000,131,984 | ---- | M] () -- \Program Files\Samsung\Kies\External\FirmwareUpdate\BinaryLoaderMgr.exe
[2010.03.15 11:28:24 | 000,045,056 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2012.06.18 12:39:40 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012.06.18 12:39:40 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2012.06.18 12:39:40 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012.06.18 12:39:40 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2011.08.30 13:27:30 | 000,000,872 | ---- | M] () -- \Users\Marťas\AppData\Local\SRDownloader(1).nast
[2012.02.18 21:21:46 | 000,017,123 | ---- | M] () -- \Users\Marťas\AppData\Local\SRDownloader(2).err
[2012.02.19 20:16:52 | 000,001,040 | ---- | M] () -- \Users\Marťas\AppData\Local\SRDownloader(2).nast
[2011.08.29 21:09:11 | 000,018,387 | ---- | M] () -- \Users\Marťas\AppData\Local\SRDownloader.err
[2011.09.10 16:57:39 | 000,002,200 | ---- | M] () -- \Users\Marťas\AppData\Local\SRDownloader.nast
[2012.07.26 08:40:22 | 000,000,652 | ---- | M] () -- \Users\Marťas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NFIXE336\AdLoader[1].htm
[2012.07.26 08:40:22 | 000,010,519 | ---- | M] () -- \Users\Marťas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OBOO11FD\AdLoader-aee74f28845638b42a47bb02dc06a7c6.min[1].js
[2012.07.04 10:24:29 | 000,904,192 | ---- | M] () -- \Users\Marťas\Desktop\SRDownloader.exe
[2012.07.25 08:57:30 | 000,001,056 | ---- | M] () -- \Users\Marťas\Desktop\SRDownloader.nast
[2011.05.02 08:33:34 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2010.07.23 13:45:22 | 010,745,176 | R--- | M] () -- \Windows\Installer\$PatchCache$\UnManaged\S-1-5-21-892274279-3574375534-938609954-1000\366F0365CC82E4D45814DBB9C0D0637E\5.0.1\Loader.exe.24CE78C0_7BB7_4BB7_83E3_BB689AA09A22
[2010.07.23 13:45:22 | 000,578,904 | R--- | M] () -- \Windows\Installer\$PatchCache$\UnManaged\S-1-5-21-892274279-3574375534-938609954-1000\366F0365CC82E4D45814DBB9C0D0637E\5.0.1\loaderclient.dll.24CE78C0_7BB7_4BB7_83E3_BB689AA09A22
[2010.07.23 13:45:24 | 000,300,376 | R--- | M] () -- \Windows\Installer\$PatchCache$\UnManaged\S-1-5-21-892274279-3574375534-938609954-1000\366F0365CC82E4D45814DBB9C0D0637E\5.0.1\loaderres1025.dll.24CE78C0_7BB7_4BB7_83E3_BB689AA09A22
[2010.07.23 13:45:24 | 000,247,128 | R--- | M] () -- \Windows\Installer\$PatchCache$\UnManaged\S-1-5-21-892274279-3574375534-938609954-1000\366F0365CC82E4D45814DBB9C0D0637E\5.0.1\LoaderRes1028.dll.24CE78C0_7BB7_4BB7_83E3_BB689AA09A22
[2010.07.23 13:45:24 | 000,312,664 | R--- | M] () -- \Windows\Installer\$PatchCache$\UnManaged\S-1-5-21-892274279-3574375534-938609954-1000\366F0365CC82E4D45814DBB9C0D0637E\5.0.1\LoaderRes1029.dll.24CE78C0_7BB7_4BB7_83E3_BB689AA09A22
[2010.07.23 13:45:26 | 000,329,048 | R--- | M] () -- \Windows\Installer\$PatchCache$\UnManaged\S-1-5-21-892274279-3574375534-938609954-1000\366F0365CC82E4D45814DBB9C0D0637E\5.0.1\LoaderRes1031.dll.24CE78C0_7BB7_4BB7_83E3_BB689AA09A22
[2010.07.23 13:45:26 | 000,333,144 | R--- | M] () -- \Windows\Installer\$PatchCache$\UnManaged\S-1-5-21-892274279-3574375534-938609954-1000\366F0365CC82E4D45814DBB9C0D0637E\5.0.1\loaderres1032.dll.24CE78C0_7BB7_4BB7_83E3_BB689AA09A22
[2010.07.23 13:45:28 | 000,333,144 | R--- | M] () -- \Windows\Installer\$PatchCache$\UnManaged\S-1-5-21-892274279-3574375534-938609954-1000\366F0365CC82E4D45814DBB9C0D0637E\5.0.1\LoaderRes1034.dll.24CE78C0_7BB7_4BB7_83E3_BB689AA09A22
[2010.07.23 13:45:28 | 000,333,144 | R--- | M] () -- \Windows\Installer\$PatchCache$\UnManaged\S-1-5-21-892274279-3574375534-938609954-1000\366F0365CC82E4D45814DBB9C0D0637E\5.0.1\LoaderRes1036.dll.24CE78C0_7BB7_4BB7_83E3_BB689AA09A22
[2010.07.23 13:45:28 | 000,288,088 | R--- | M] () -- \Windows\Installer\$PatchCache$\UnManaged\S-1-5-21-892274279-3574375534-938609954-1000\366F0365CC82E4D45814DBB9C0D0637E\5.0.1\loaderres1037.dll.24CE78C0_7BB7_4BB7_83E3_BB689AA09A22
[2010.07.23 13:45:30 | 000,316,760 | R--- | M] () -- \Windows\Installer\$PatchCache$\UnManaged\S-1-5-21-892274279-3574375534-938609954-1000\366F0365CC82E4D45814DBB9C0D0637E\5.0.1\LoaderRes1038.dll.24CE78C0_7BB7_4BB7_83E3_BB689AA09A22
[2010.07.23 13:45:30 | 000,329,048 | R--- | M] () -- \Windows\Installer\$PatchCache$\UnManaged\S-1-5-21-892274279-3574375534-938609954-1000\366F0365CC82E4D45814DBB9C0D0637E\5.0.1\LoaderRes1040.dll.24CE78C0_7BB7_4BB7_83E3_BB689AA09A22
[2010.07.23 13:45:32 | 000,267,608 | R--- | M] () -- \Windows\Installer\$PatchCache$\UnManaged\S-1-5-21-892274279-3574375534-938609954-1000\366F0365CC82E4D45814DBB9C0D0637E\5.0.1\LoaderRes1041.dll.24CE78C0_7BB7_4BB7_83E3_BB689AA09A22
[2010.07.23 13:45:32 | 000,263,512 | R--- | M] () -- \Windows\Installer\$PatchCache$\UnManaged\S-1-5-21-892274279-3574375534-938609954-1000\366F0365CC82E4D45814DBB9C0D0637E\5.0.1\LoaderRes1042.dll.24CE78C0_7BB7_4BB7_83E3_BB689AA09A22
[2010.07.23 13:45:32 | 000,320,856 | R--- | M] () -- \Windows\Installer\$PatchCache$\UnManaged\S-1-5-21-892274279-3574375534-938609954-1000\366F0365CC82E4D45814DBB9C0D0637E\5.0.1\loaderres1043.dll.24CE78C0_7BB7_4BB7_83E3_BB689AA09A22
[2010.07.23 13:45:34 | 000,320,856 | R--- | M] () -- \Windows\Installer\$PatchCache$\UnManaged\S-1-5-21-892274279-3574375534-938609954-1000\366F0365CC82E4D45814DBB9C0D0637E\5.0.1\LoaderRes1045.dll.24CE78C0_7BB7_4BB7_83E3_BB689AA09A22
[2010.07.23 13:45:34 | 000,320,856 | R--- | M] () -- \Windows\Installer\$PatchCache$\UnManaged\S-1-5-21-892274279-3574375534-938609954-1000\366F0365CC82E4D45814DBB9C0D0637E\5.0.1\LoaderRes1046.dll.24CE78C0_7BB7_4BB7_83E3_BB689AA09A22
[2010.07.23 13:45:34 | 000,316,760 | R--- | M] () -- \Windows\Installer\$PatchCache$\UnManaged\S-1-5-21-892274279-3574375534-938609954-1000\366F0365CC82E4D45814DBB9C0D0637E\5.0.1\LoaderRes1049.dll.24CE78C0_7BB7_4BB7_83E3_BB689AA09A22
[2010.07.23 13:45:36 | 000,308,568 | R--- | M] () -- \Windows\Installer\$PatchCache$\UnManaged\S-1-5-21-892274279-3574375534-938609954-1000\366F0365CC82E4D45814DBB9C0D0637E\5.0.1\LoaderRes1055.dll.24CE78C0_7BB7_4BB7_83E3_BB689AA09A22
[2010.07.23 13:45:36 | 000,316,760 | R--- | M] () -- \Windows\Installer\$PatchCache$\UnManaged\S-1-5-21-892274279-3574375534-938609954-1000\366F0365CC82E4D45814DBB9C0D0637E\5.0.1\loaderres1057.dll.24CE78C0_7BB7_4BB7_83E3_BB689AA09A22
[2010.07.23 13:45:38 | 000,243,032 | R--- | M] () -- \Windows\Installer\$PatchCache$\UnManaged\S-1-5-21-892274279-3574375534-938609954-1000\366F0365CC82E4D45814DBB9C0D0637E\5.0.1\LoaderRes2052.dll.24CE78C0_7BB7_4BB7_83E3_BB689AA09A22
[2010.07.23 13:45:38 | 000,329,048 | R--- | M] () -- \Windows\Installer\$PatchCache$\UnManaged\S-1-5-21-892274279-3574375534-938609954-1000\366F0365CC82E4D45814DBB9C0D0637E\5.0.1\loaderres2070.dll.24CE78C0_7BB7_4BB7_83E3_BB689AA09A22
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[1996.10.15 09:53:16 | 000,078,848 | ---- | M] () -- \Windows\System32\INLOADER.DLL
[2009.07.14 06:54:01 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2009.07.14 10:43:57 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
-
jjeennddaa
- Návštěvník
- Příspěvky: 71
- Registrován: 03 bře 2007 17:58
Re: prosím o preventivku
[2009.07.14 10:43:57 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winload.exe.mui_3bc5b827
[2009.07.14 10:43:57 | 000,030,272 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winresume.exe.mui_ff8b5358
[2011.07.05 18:34:16 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2011.07.05 18:34:16 | 000,508,904 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winload.exe_75835076
[2011.07.05 18:34:16 | 000,442,720 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winresume.exe_85cd1215
[2009.07.14 04:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 04:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2009.07.14 10:42:11 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.07.14 03:47:46 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009.08.19 09:38:48 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed.manifest
[2009.08.19 09:21:21 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20509_none_5be12f8ee6d3987e.manifest
[2010.11.20 05:02:40 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2009.07.14 03:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:22:35 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_0ad4ff55dce9d030\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 07:45:50 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_0ac72e8bdcf4a01c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:19:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:50:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_0b1fbd2cf6364a4e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:13:36 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:47:28 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_0caf8c25da193eb6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 09:15:40 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 08:56:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_0d3159e2f33c4676\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
< End of report >
OTL Extras logfile created on: 26.7.2012 8:17:39 - Run 1
OTL by OldTimer - Version 3.2.54.1 Folder = C:\Users\Marťas\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,90 Gb Total Physical Memory | 1,87 Gb Available Physical Memory | 64,56% Memory free
3,10 Gb Paging File | 2,09 Gb Available in Paging File | 67,41% Paging File free
Paging file location(s): c:\pagefile.sys 200 5000 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 87,94 Gb Free Space | 59,01% Space Free | Partition Type: NTFS
Drive D: | 4,22 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: MARŤAS-PC | User Name: Marťas | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-892274279-3574375534-938609954-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Play_with_TriDef_Media_Player] -- "C:\Program Files\TriDef 3D\TriDef\TriDefMediaPlayer\TriDefMediaPlayer.exe" "%1" (DDD Group Plc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 1
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\TriDef 3D\TriDef\TriDefMediaPlayer\TriDefMediaPlayer.exe" = C:\Program Files\TriDef 3D\TriDef\TriDefMediaPlayer\TriDefMediaPlayer.exe:*:Enabled:TriDef 3D Media Player -- (DDD Group Plc.)
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0307ED37-4F64-4556-A95C-77634BA2C0B1}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{03D86E06-C6CC-4FF8-83C0-7B574D120E4F}" = lport=137 | protocol=17 | dir=in | app=system |
"{10675075-897B-49F8-B391-41822FA203D8}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{1919D819-6640-407C-AD34-7A354AB66C44}" = rport=137 | protocol=17 | dir=out | app=system |
"{1B54887B-C5CF-43D6-B20B-617ACD0D30C0}" = rport=139 | protocol=6 | dir=out | app=system |
"{21A1FDD1-A009-42B6-9015-D0425165645A}" = lport=445 | protocol=6 | dir=in | app=system |
"{278636F9-2173-4F8D-9F37-5DCD1BA954E1}" = rport=138 | protocol=17 | dir=out | app=system |
"{47EE6DD1-185B-4BDD-AC59-D7A19619AB05}" = lport=138 | protocol=17 | dir=in | app=system |
"{50E1B70E-0E68-45A0-8436-263B71E46699}" = lport=139 | protocol=6 | dir=in | app=system |
"{7DA0828B-CB3B-4788-B857-2601C5BD7B52}" = rport=445 | protocol=6 | dir=out | app=system |
"{8478F9CC-C7D4-41CF-97BB-581482394C9B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A589557B-5E5F-4E61-B9CE-4242567EDAF9}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{D6388475-61F6-422E-A594-0D88D33E161E}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00D6008E-0D04-4704-85FC-B3A92556DBD1}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqnrs08.exe |
"{01E42086-C20C-43F3-ABE3-C2CF9126846F}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{044396D9-63E5-41AF-9952-B7D2D61BA5F9}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\ptchapply.exe |
"{06E79590-6543-4E04-A7F7-5648C95780EA}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\systemdiagnostic.exe |
"{06FE4264-A803-406C-95A4-A8254D3DFCA7}" = protocol=6 | dir=in | app=c:\program files\pinnacle\studio 12\programs\studio.exe |
"{08AB8CCE-75BB-48B9-AC5F-943963B64EFF}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\syspage.exe |
"{0B3BC44C-5CEC-4E77-ADE2-14C75FCD6D09}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\testman.exe |
"{0E812F3C-B85A-4BF6-A8E5-00F1A7C36A06}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\rtdb.exe |
"{11135E63-3E43-4EC3-AB8A-235B2302C8AC}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\engineeringfeedback.exe |
"{1143FFD4-1414-4F4F-8001-B896E7DAADBA}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\networkactivation.exe |
"{13C449D2-C69A-48C3-A9B0-981A0A8F839C}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqcopy2.exe |
"{13F72A2E-8E44-40A0-B25E-DEF1BD2664CC}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\tdsnetconfig.exe |
"{144C1C97-2E08-40E7-B968-71E286B47D4D}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\probetickhandler.exe |
"{15A02B87-40AB-4ECC-BCC7-B474C7E60778}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\probes\c402.exe |
"{19870F7F-FB1C-4A9B-8DE9-6A2D5E868DAF}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\probes\c402.exe |
"{19E9DA39-4CD0-496A-BAC4-157508E4A1F1}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\probetickhandler.exe |
"{1AD458B7-E7DB-4848-98D5-AE2422C0DEF0}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\engineeringfeedback.exe |
"{1D12A147-FD60-444B-A9D9-3FE65CA6EDB3}" = dir=in | app=c:\program files\cyberlink\powerdvd11\pdvd11serv.exe |
"{1E363EFF-F28D-4C66-B07F-44DA08CFCF5D}" = protocol=17 | dir=in | app=c:\program files\pinnacle\studio 12\programs\umi.exe |
"{1E78E2D2-CBBD-4A5E-9D47-96662D385BDD}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{1FA4F15D-D83D-4579-9FEA-C2EDEE91952D}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\networkactivation.exe |
"{21E44611-7B90-4C51-97C8-8AD3E90F78F8}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\rtdb.exe |
"{225F6229-40F8-4794-BFCB-3BE6ECD8592C}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\ptchapply.exe |
"{2555807D-D890-48DE-BD39-3AFEDB906646}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\rtdb.exe |
"{26942961-06C2-48B1-ACB4-EF4A2574AC29}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{290A4AC5-7A94-418B-9D68-9BF5F5A08E8B}" = dir=in | app=c:\program files\cyberlink\powerdvd11\movie\moviemodule.exe |
"{297FFD27-6A25-4581-A984-AB480E33BA26}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\vcl_pc.exe |
"{29BDEF04-D90F-4BF7-A049-CE8DAF105501}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\probes\c403.exe |
"{2CE81183-DF4C-4C70-955B-3A7F9803A64F}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\codeserved.exe |
"{2EC2DC4D-EAE9-4D2A-AB81-0D6CB45FA6FD}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\probes\c403.exe |
"{2ED48007-66F9-4BE2-8CF8-A54EE3E959B0}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\testman.exe |
"{305AC034-8D3A-4815-9A90-48D9137CAD1A}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\codeserved.exe |
"{30E02DD0-0E69-4735-B3DD-5516D0FA56A3}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe |
"{3188E066-E4C2-4323-8314-8B461A2F0A60}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{346AE40A-9B67-40F0-B785-6D879A46ABDE}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\probetickhandler.exe |
"{375128DF-7C9B-43A4-A547-F33CEFAC8985}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\probes\c412.exe |
"{37C840D7-94E0-4DB9-B6D7-A54FEC3B68A3}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\probes\c413.exe |
"{39980352-637E-42F2-8217-B853BAA949C2}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\vmm.exe |
"{3BE30F71-58B1-48A3-99C5-7E17D8459D3C}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\probes\c402.exe |
"{3CD45833-F10A-4C88-872E-B741F4C40F5F}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{3EDBD2F0-9891-43F3-AF3A-B1C574868BAB}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\codeserved.exe |
"{3F030A11-190B-4E3A-BDD7-44E6597D50F9}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\probes\c413.exe |
"{4078AE27-AA7E-402A-AAB6-B87BA9AEC67A}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\testman.exe |
"{43B2969E-0D97-4E4F-80C8-DB60D17DF412}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\tdsnetconfig.exe |
"{43CBBCEC-D25E-4B84-A5C5-516394B76DF9}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\vcl_pc.exe |
"{46365FE9-BD8D-4D1F-888E-BB21CA16D55E}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\tabman.exe |
"{46E1ADFD-DE51-4E38-A863-7053ECC5726B}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\probes\c412.exe |
"{46E921C9-8D0D-415C-9199-5CAA7A8F7EE2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{47099C62-7DFD-477A-9A81-AE0B5450CE93}" = protocol=17 | dir=in | app=c:\windows\system32\muzapp.exe |
"{4721A381-6587-49F0-9884-532D0935F9BF}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\probetickhandler.exe |
"{479ADE80-362E-4CC7-996E-D0FBC45CB967}" = protocol=17 | dir=in | app=c:\program files\ubisoft\related designs\anno 2070\autopatcher.exe |
"{4B7C7671-CD4E-4681-BA9E-7FCF2F76DD96}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\vmm.exe |
"{4C8131F3-4B0F-4AA2-99BA-D6301C8D5886}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\systemdiagnostic.exe |
"{4DDC4652-5181-4051-90EB-23A0110487A4}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\probes\c407.exe |
"{4F3CB78C-EE72-4710-ACBF-0E9E62A42DC0}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe |
"{5636741F-9856-4C91-B084-CF93D279F054}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe |
"{56FCFCCD-D2C5-4CEC-A30B-52F17B347940}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\codeserved.exe |
"{57ECF615-D67E-460D-A8D8-DA32C4973E12}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\xmlregistryd.exe |
"{59A10444-D371-44C7-BBB7-3389D35B1E1A}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\codeserved.exe |
"{5A1716C1-8061-4539-8CEB-B8F9F13793F6}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\ptchapply.exe |
"{5CACC7A3-A3AC-4A9E-8DF0-1B1731EFB3C4}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\tabman.exe |
"{5D031946-13F0-4DC1-96F5-967BDDD93763}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\probes\c402.exe |
"{5E26C5F4-BBE3-49EF-A8A4-19C499ADE43A}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\probes\c412.exe |
"{5E7EC231-56D1-44CF-9001-7A8B46D58101}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\tabman.exe |
"{6278AF6E-5CD5-4B58-9AC3-6D13745B5A92}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{63A9C9AB-FBE8-4718-A7BB-F1F6A49F1B6A}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{64B81F33-C1FC-4031-BFBD-0CEE515FDAE5}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\lvpcheck.exe |
"{64C18431-7167-462C-8EC0-FEFB0268660D}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\tdsnetconfig.exe |
"{652A9610-7882-4913-9E88-C7C15EDF44F1}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\syspage.exe |
"{652C6A0B-329A-4092-97BB-D5E891BEE467}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\tabman.exe |
"{66F787A4-DD9F-43C1-9A3D-C9A52AAE639A}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\systemdiagnostic.exe |
"{67B6A133-CF2D-45B0-BFDC-90BCDD18E49A}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\probes\c412.exe |
"{695B6C03-3B68-4A6F-8AB4-C9F61656CDD1}" = protocol=6 | dir=in | app=c:\program files\ubisoft\related designs\anno 2070\anno5.exe |
"{6A5A1673-F4BA-4C2C-A504-236B5A8E7EBC}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\testman.exe |
"{6C2FA92B-1AE9-4626-84E2-FD38D04FA2B0}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\syspage.exe |
"{6C9F2897-FAF9-44F5-AFFC-3CA5B53EC75E}" = protocol=6 | dir=in | app=c:\program files\pinnacle\studio 12\programs\rm.exe |
"{6D9545AC-3306-426D-8625-E821FC2512DF}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\xmlregistryd.exe |
"{6DF560C8-AD94-4513-9C50-519F439D3BB5}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\probes\c413.exe |
"{71AB0539-3CB8-41A9-923C-C48D71C19F0D}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\probetickhandler.exe |
"{736E80F8-FE05-474D-AFD2-29DD1DED746F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{75028F24-AC2B-4F2A-9633-5D2A83EBA61F}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\probes\c407.exe |
"{75D06E3C-95CE-4C97-9FCB-ED90429BA68A}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\vmm.exe |
"{76DE3194-FC11-4C9C-B0A0-F5F770CAB130}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\probes\c413.exe |
"{774E66B0-D73E-4AAA-B7A9-2EF8F53D2887}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\probes\c403.exe |
"{77B928B5-5195-4A82-BA77-D22E9D0DE319}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\probes\c413.exe |
"{7AEA4C1F-B206-4BCB-940E-6E2FD5F169DF}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\xmlregistryd.exe |
"{7C621FD2-292D-4AE6-B2C8-2EA025BD61C3}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe |
"{7D979024-5CAB-4B47-B094-14F7543EDDF0}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\probes\c412.exe |
"{811C26F0-9F72-4650-8C87-6D97E0A3E325}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpsapp.exe |
"{819F42BA-90E7-47C0-B711-B8FDD347DE2E}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\probes\c412.exe |
"{888FF717-566C-4AFB-9399-B155684AF9C8}" = protocol=17 | dir=in | app=c:\program files\pinnacle\studio 12\programs\rm.exe |
"{889DDD90-D028-49D6-A57C-4BF818DC028A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{8F254A88-8C7C-41CE-94A6-904FDBE7A53A}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\testman.exe |
"{919D1F0B-114E-4F4D-AF17-0209A53AED81}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe |
"{92C272CE-3705-4EEC-A34E-602F296970FB}" = protocol=17 | dir=in | app=c:\program files\ubisoft\related designs\anno 2070\initengine.exe |
"{9355661D-9949-438D-9AA4-36A5AFA10265}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\tabman.exe |
"{94AE26A3-E0BC-4695-B294-485E992AAC4C}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\vmm.exe |
"{95909CB7-6F14-4836-B905-2F4A502E3B52}" = protocol=6 | dir=in | app=c:\program files\ubisoft\related designs\anno 2070\autopatcher.exe |
"{9590DD21-4369-43EA-BA57-C9C8D52698EF}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\syspage.exe |
"{9860FF95-A279-4B76-8F68-1DD1C70FD7D3}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\probes\c407.exe |
"{98752FEF-C47B-4CCD-921A-AE86E2F60078}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\probes\c402.exe |
"{98759FD1-B320-4A67-B4BC-B47C77516A0F}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\engineeringfeedback.exe |
"{9ABBDD33-5788-43CE-859E-2310B8045C46}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\testman.exe |
"{9B2B13EE-8125-47AF-961A-EF6B3888501D}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\networkactivation.exe |
"{9BCA5880-F3A7-4876-84EF-44F71684908B}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\systemdiagnostic.exe |
"{9D7F5179-E476-4469-9D87-D7B856D975DA}" = protocol=6 | dir=in | app=c:\program files\pinnacle\studio 12\programs\umi.exe |
"{9E0139C6-C7B8-41BC-828C-F8F494098394}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe |
"{9E648E65-E120-40A5-9B06-2D8E68CD03A9}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\ptchapply.exe |
"{A01ECF2C-6EB5-49BB-810C-778259C84683}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\syspage.exe |
"{A149A32E-FDB9-4AD7-ACF4-F0D9E9EC0E5F}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe |
"{A40224CA-455E-40BD-A0A6-5FABF2C017DC}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\tdsnetconfig.exe |
"{A75712C7-2FE0-48B1-BF1D-916F80486E8A}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\tabman.exe |
"{A75AE586-3101-4C5A-BCC3-88D573DEEB30}" = dir=in | app=c:\program files\cyberlink\powerdvd11\movie\powerdvd cinema\powerdvdcinema11.exe |
"{A7F3FDC0-F85F-4609-B705-07CEDF90F0C0}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpse.exe |
"{ABF4BA11-E7C5-47A8-B226-BC18C8E4EC2F}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe |
"{AC3789E2-B64C-4C7B-A9E7-22353B71A5B0}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe |
"{AF893DCC-DFD2-4105-AF7B-3AE61A1D9E16}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\starburst.exe |
"{B03D9A30-B001-4D81-9621-BB5D2464E0A2}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\starburst.exe |
"{B059A1D0-841B-45FD-BC92-2D8788F80ABC}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\xmlregistryd.exe |
"{B23495A3-20F1-4947-AAC0-1A9EE082808E}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\starburst.exe |
"{B4B23870-8A2D-42B0-A192-B8DB03EA8CC6}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\probes\c403.exe |
"{B5F4D56F-5586-4B3C-8A2F-1C4CA60431A5}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\syspage.exe |
"{B6CB767B-0B53-4C06-9310-476F53C43AC0}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\xmlregistryd.exe |
"{B7474119-FCB1-4108-BD98-FFF0FEF713CA}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\probes\c413.exe |
"{B8A8190B-244F-4581-A1DC-7D75719B201D}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\lvpcheck.exe |
"{B96948B7-CDD9-4263-BBB7-40994DEA9DE2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BB83836B-B1EE-4973-99B8-BB29EAF36D55}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe |
"{BB89B64E-A7CE-437F-BEEA-9A62F75AC077}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\ptchapply.exe |
"{BD725EC0-B099-4416-A123-05C49AE73BD4}" = dir=in | app=c:\program files\cyberlink\powerdvd11\common\mediaserver\clmsserverforpdvd11.exe |
"{BF0836B0-5E2B-4E17-B8C2-51BCFD4814BA}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{C08ED4D7-E618-496E-8D58-024307979CF8}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\probes\c403.exe |
"{C1D34B8D-73EE-4062-B841-DDB59154DF91}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\tdsnetconfig.exe |
"{C33DE3E0-CCE1-4329-8963-44DEC190AE76}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\probes\c407.exe |
"{C465D39C-8274-46BF-A0A4-49B65999E19E}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe |
"{C544418F-6B3E-43DA-9853-18E94494E489}" = protocol=17 | dir=in | app=c:\program files\pinnacle\studio 12\programs\studio.exe |
"{C5A0ADCD-DE16-4260-A25A-56FBE6D5F808}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\rtdb.exe |
"{C6CE6461-67E9-4955-B745-D83549923F59}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\codeserved.exe |
"{CB03B5B8-6C81-4077-A830-5485DCFDCCA0}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\vmm.exe |
"{CB7052E5-63FC-44B0-97D7-16924EB4AD1E}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\ptchapply.exe |
"{CBC842D1-D463-4EFB-8418-5289BE76D900}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\networkactivation.exe |
"{CDE1B8AD-83AC-43E1-A862-37D312466B6E}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\networkactivation.exe |
"{D00D8DA5-A1EB-4EE7-98D3-A2E81FA06E26}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\tdsnetconfig.exe |
"{D02C3541-1347-4585-9365-A25B52B992A2}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\probes\c402.exe |
"{D0E9679C-8CEC-421D-B630-7E452EDAF832}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\lvpcheck.exe |
"{D1DA5A6C-850E-4D1D-B9B5-67E324998475}" = protocol=17 | dir=in | app=c:\program files\ubisoft\related designs\anno 2070\anno5.exe |
"{D65E6638-CE54-4A35-A9E5-F5BF4EC6A16B}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\starburst.exe |
"{D7D81AC0-0E77-4FED-8ACC-B6424A76DE3F}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\starburst.exe |
"{D9DDC9BA-A451-4F92-B16F-13F336B14E00}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\probes\c403.exe |
"{DBFA37E5-AB54-42E9-9C04-6D6C707232B9}" = protocol=6 | dir=in | app=c:\program files\ubisoft\related designs\anno 2070\initengine.exe |
"{DDE1042F-E2E3-490B-AD53-2B3143ED7FBA}" = protocol=6 | dir=in | app=c:\windows\system32\muzapp.exe |
"{DE4DC1E3-3BAB-47B5-A90E-45E33E79CE4C}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\systemdiagnostic.exe |
"{DE5E40D3-6A0A-476E-9072-D569D9DDCCE1}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\lvpcheck.exe |
"{DF32189A-5A69-41BF-9478-2FF81478DA22}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\engineeringfeedback.exe |
"{E30D34A4-E318-451B-9763-19D674B1E9BF}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\rtdb.exe |
"{E3EAD317-82FD-41F5-A2DD-3105A745B281}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\engineeringfeedback.exe |
"{E4304B34-9919-4242-A615-9DEFF1C68C9F}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\starburst.exe |
"{E5BC3FF5-B21D-404E-B983-99551F6F424D}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\probes\c407.exe |
"{E609DCF5-C9B8-4F52-A60C-452BDFCC5801}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\lvpcheck.exe |
"{E62AB2D1-7A15-4C66-ADFA-DEBA61D034FB}" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"{E65828D4-BC3E-409D-9253-5FEB579C3DBB}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\vcl_pc.exe |
"{E6CDFDF9-0FDD-466A-B1C8-FDB0E71783E5}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\probes\c407.exe |
"{E84B5AFD-1921-4E63-B8FC-D8740F264504}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\vcl_pc.exe |
"{E987D4B4-69D0-476F-BF37-841FEF3D4F9F}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\lvpcheck.exe |
"{EB0FB0A2-3238-4516-B99F-C533D806FE95}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\vcl_pc.exe |
"{EB2C5D25-E833-4AC4-B74F-293A27604BC1}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\xmlregistryd.exe |
"{F07DE054-6EA8-42A9-8311-3541B1356141}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{F1CB8274-8A6C-4880-9A89-B4C05C212037}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqsudi.exe |
"{F404B47A-A93F-4F31-BBB0-0470FF310C6E}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\vmm.exe |
"{F5733C78-083B-4701-9BAF-F47B5F6C2B8D}" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"{FA874A27-E0A5-4A24-9335-8FC3CDF41240}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\vcl_pc.exe |
"{FB146B47-BDFD-41FF-B230-05F3E4915EEA}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\probetickhandler.exe |
"{FBE0209E-5168-46C5-84ED-5367CD0F4C4F}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\systemdiagnostic.exe |
"{FCEDC74C-F1E6-4A61-AE40-7A83BA8BCC2C}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\networkactivation.exe |
"{FCFD3B51-4C3F-4D34-A3B9-2F60C2D53864}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\rtdb.exe |
"{FDA6EFF5-347F-45E8-B5A2-84A75C14935F}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{FE59C9D3-4FE2-40AB-B1CD-F064C07CB6AB}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\engineeringfeedback.exe |
"{FEB65B46-D8BC-47EA-8C34-9A9558DFB646}" = dir=in | app=c:\program files\cyberlink\powerdvd11\powerdvd11.exe |
"TCP Query User{12EAB352-5EF8-4D76-957C-31EEB5FD08F3}C:\program files\common files\sagem sa\dgipsvr.exe" = protocol=6 | dir=in | app=c:\program files\common files\sagem sa\dgipsvr.exe |
"TCP Query User{214CF1CF-2061-4837-8B2F-4583A1BA035B}C:\app\ddc\opt\apache\bin\httpd_ddc.exe" = protocol=6 | dir=in | app=c:\app\ddc\opt\apache\bin\httpd_ddc.exe |
"TCP Query User{30CD23F7-BD3D-4D12-953C-308A6BF11454}C:\app\ediag\importedj9\jre\bin\j9w.exe" = protocol=6 | dir=in | app=c:\app\ediag\importedj9\jre\bin\j9w.exe |
"TCP Query User{39818C47-F78B-4219-B537-16C24891C129}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"TCP Query User{44DA5E1D-EF7C-4266-AA9B-FB918104DA2E}C:\program files\odeon\jaf\jcop.exe" = protocol=6 | dir=in | app=c:\program files\odeon\jaf\jcop.exe |
"TCP Query User{483D52FF-E5F9-4003-AE6E-CEDF4A3438F1}C:\awroot\bin\common\rsvr\awrsrv.exe" = protocol=6 | dir=in | app=c:\awroot\bin\common\rsvr\awrsrv.exe |
"TCP Query User{6D709FE4-92FB-487C-9DEE-0BDAC4F74359}C:\program files\dsnet corp\atube catcher 2.0\yct.exe" = protocol=6 | dir=in | app=c:\program files\dsnet corp\atube catcher 2.0\yct.exe |
"TCP Query User{6DD1765F-1B6C-4680-8009-0036460550B0}C:\awroot\bin\mmi\diagnostic.exe" = protocol=6 | dir=in | app=c:\awroot\bin\mmi\diagnostic.exe |
"TCP Query User{79AD23A4-902A-4BFE-A72E-8717F05F4D8B}C:\program files\totalcmd\totalcmd.exe" = protocol=6 | dir=in | app=c:\program files\totalcmd\totalcmd.exe |
"TCP Query User{7EF29CA2-9609-45CD-BEAA-2739B3149FB2}C:\awroot\bin\fi\awfinterpreter_vc80.exe" = protocol=6 | dir=in | app=c:\awroot\bin\fi\awfinterpreter_vc80.exe |
"TCP Query User{7FEAC101-A9DC-43C1-BA0C-9F5A358696F5}C:\program files\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\gtaiv.exe |
"TCP Query User{8F17E90F-5751-403A-ACC1-9AD7779821BA}C:\program files\gigabyte\@bios\gwflash.exe" = protocol=6 | dir=in | app=c:\program files\gigabyte\@bios\gwflash.exe |
"TCP Query User{9782E354-CF26-4A12-84EE-08FB16DAAB61}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{97E67568-9758-48E0-85B3-54D15B72C244}C:\program files\common files\nokia\fuse\fuseservice.exe" = protocol=6 | dir=in | app=c:\program files\common files\nokia\fuse\fuseservice.exe |
"TCP Query User{9FE8977B-5C4E-425D-9D59-D1A4CDF130A4}C:\program files\totalcmd\totalcmd.exe" = protocol=6 | dir=in | app=c:\program files\totalcmd\totalcmd.exe |
"TCP Query User{A7512891-A319-41C0-9A8C-5B77AA4D7343}C:\program files\common files\nokia\fuse\fuse.exe" = protocol=6 | dir=in | app=c:\program files\common files\nokia\fuse\fuse.exe |
"TCP Query User{A86CA93E-085B-4D3F-BDAF-069CA9383DBC}C:\users\marťas\downloads\stronghold.3-3dm\stronghold.3-3dm\stronghold3\bin\win32_release\stronghold3.exe" = protocol=6 | dir=in | app=c:\users\marťas\downloads\stronghold.3-3dm\stronghold.3-3dm\stronghold3\bin\win32_release\stronghold3.exe |
"TCP Query User{B3D635BE-1B5F-4B94-85C3-7C911B2A0FC5}C:\program files\icq7.2\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"TCP Query User{BF069E7B-E6F1-4A9F-AC89-A23F4866F1E8}C:\awroot\bin\common\mcc\mccomm.exe" = protocol=6 | dir=in | app=c:\awroot\bin\common\mcc\mccomm.exe |
"TCP Query User{C1D040B0-E0A7-4552-9523-11A2BCD5ED53}C:\program files\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe |
"TCP Query User{C6EE0D74-DB8F-487C-8FF3-8150C213DDE2}C:\awroot\bin\common\rcmd\awrcmd.exe" = protocol=6 | dir=in | app=c:\awroot\bin\common\rcmd\awrcmd.exe |
"TCP Query User{C6F97BA5-8253-4B1E-96FC-5185907113DD}C:\awroot\bin\common\rasrv\awacsserver.exe" = protocol=6 | dir=in | app=c:\awroot\bin\common\rasrv\awacsserver.exe |
"TCP Query User{CD823CEF-C155-4803-9BDF-D78BC6206F2A}C:\program files\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=c:\program files\counter-strike source\hl2.exe |
"TCP Query User{D0434064-E5A5-48EF-9BEB-731322E3E005}C:\program files\qip 2012\qip.exe" = protocol=6 | dir=in | app=c:\program files\qip 2012\qip.exe |
"TCP Query User{D2D85A17-C7B2-4073-B8BB-49195B6CAE18}C:\program files\nokia\phoenix\phoenix.exe" = protocol=6 | dir=in | app=c:\program files\nokia\phoenix\phoenix.exe |
"TCP Query User{DFA23F48-BBDB-4FCD-8A60-E50677FE10EC}C:\users\marťas\appdata\local\temp\rarsfx0\pack\keygen\keygen.exe" = protocol=6 | dir=in | app=c:\users\marťas\appdata\local\temp\rarsfx0\pack\keygen\keygen.exe |
"UDP Query User{13720F5C-8B8F-4AE1-91D1-11402EF67A1C}C:\users\marťas\appdata\local\temp\rarsfx0\pack\keygen\keygen.exe" = protocol=17 | dir=in | app=c:\users\marťas\appdata\local\temp\rarsfx0\pack\keygen\keygen.exe |
"UDP Query User{2A26CB5D-928B-429A-8C17-B6A8F5C05E9D}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{316E5CD2-0A74-4C6B-A982-A42A7C77EAC6}C:\program files\qip 2012\qip.exe" = protocol=17 | dir=in | app=c:\program files\qip 2012\qip.exe |
"UDP Query User{31CBCE2C-F026-495C-9F55-08FC22E9114E}C:\program files\odeon\jaf\jcop.exe" = protocol=17 | dir=in | app=c:\program files\odeon\jaf\jcop.exe |
"UDP Query User{31F12847-069E-4465-B702-E7C2D133C591}C:\program files\gigabyte\@bios\gwflash.exe" = protocol=17 | dir=in | app=c:\program files\gigabyte\@bios\gwflash.exe |
"UDP Query User{3C35A2C5-2546-40BB-8448-56C447BD80C7}C:\program files\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe |
"UDP Query User{3C897DA3-3B42-4393-88F9-01CAF5D14F6D}C:\program files\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=c:\program files\counter-strike source\hl2.exe |
"UDP Query User{5A369F97-2D32-4C88-B58B-F739561A75D8}C:\awroot\bin\common\rasrv\awacsserver.exe" = protocol=17 | dir=in | app=c:\awroot\bin\common\rasrv\awacsserver.exe |
"UDP Query User{5A641279-2ECE-4B47-B3DA-7ACEB9F33E5B}C:\awroot\bin\fi\awfinterpreter_vc80.exe" = protocol=17 | dir=in | app=c:\awroot\bin\fi\awfinterpreter_vc80.exe |
"UDP Query User{5CB92890-C419-49FC-B8E7-1AB6975D78D2}C:\program files\common files\nokia\fuse\fuseservice.exe" = protocol=17 | dir=in | app=c:\program files\common files\nokia\fuse\fuseservice.exe |
"UDP Query User{75DE8DED-665D-4861-9836-F6B20BDCD0B7}C:\app\ediag\importedj9\jre\bin\j9w.exe" = protocol=17 | dir=in | app=c:\app\ediag\importedj9\jre\bin\j9w.exe |
"UDP Query User{7F60F256-D378-4A52-B5C4-A94D5FC2C3E1}C:\program files\icq7.2\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"UDP Query User{89D55421-505E-41BC-9BD6-5089745B8754}C:\users\marťas\downloads\stronghold.3-3dm\stronghold.3-3dm\stronghold3\bin\win32_release\stronghold3.exe" = protocol=17 | dir=in | app=c:\users\marťas\downloads\stronghold.3-3dm\stronghold.3-3dm\stronghold3\bin\win32_release\stronghold3.exe |
"UDP Query User{96788B56-1465-453C-8529-7893A7CAD1CD}C:\program files\common files\nokia\fuse\fuse.exe" = protocol=17 | dir=in | app=c:\program files\common files\nokia\fuse\fuse.exe |
"UDP Query User{9B9825C2-0CFB-4FA8-8D60-8DE425069A8E}C:\program files\dsnet corp\atube catcher 2.0\yct.exe" = protocol=17 | dir=in | app=c:\program files\dsnet corp\atube catcher 2.0\yct.exe |
"UDP Query User{9CEAE2A3-2074-4367-A5A9-8C540DD7F171}C:\program files\totalcmd\totalcmd.exe" = protocol=17 | dir=in | app=c:\program files\totalcmd\totalcmd.exe |
"UDP Query User{9F0355B6-93DD-459E-84AD-DEEC15170755}C:\awroot\bin\common\rsvr\awrsrv.exe" = protocol=17 | dir=in | app=c:\awroot\bin\common\rsvr\awrsrv.exe |
"UDP Query User{A6FA8246-9024-4D9D-BF3E-5C71E204A4DB}C:\app\ddc\opt\apache\bin\httpd_ddc.exe" = protocol=17 | dir=in | app=c:\app\ddc\opt\apache\bin\httpd_ddc.exe |
"UDP Query User{A9EE5C18-D605-45FD-9DB9-AF3AC2C14D8D}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"UDP Query User{B17B987F-4730-4737-A24D-9432D5E20425}C:\awroot\bin\mmi\diagnostic.exe" = protocol=17 | dir=in | app=c:\awroot\bin\mmi\diagnostic.exe |
"UDP Query User{B4EE686B-4EC5-47D0-9ED6-C98FA4B7136C}C:\program files\nokia\phoenix\phoenix.exe" = protocol=17 | dir=in | app=c:\program files\nokia\phoenix\phoenix.exe |
"UDP Query User{B824B876-9E15-4CED-9E51-7AD029961FB7}C:\program files\common files\sagem sa\dgipsvr.exe" = protocol=17 | dir=in | app=c:\program files\common files\sagem sa\dgipsvr.exe |
"UDP Query User{BBD0A0BF-AE6D-4FCE-AEB4-159797639707}C:\program files\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\gtaiv.exe |
"UDP Query User{C2A6C034-E497-4284-9401-67332D55C502}C:\awroot\bin\common\rcmd\awrcmd.exe" = protocol=17 | dir=in | app=c:\awroot\bin\common\rcmd\awrcmd.exe |
"UDP Query User{D25AE6D2-949D-4196-88E6-1F3ED52764A5}C:\program files\totalcmd\totalcmd.exe" = protocol=17 | dir=in | app=c:\program files\totalcmd\totalcmd.exe |
"UDP Query User{EB405A2A-CCA8-49DB-AF9C-8A7C81A4927B}C:\awroot\bin\common\mcc\mccomm.exe" = protocol=17 | dir=in | app=c:\awroot\bin\common\mcc\mccomm.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{7F05E704-30A6-421A-97A7-8EEB1C7FF010}" = CorelDRAW(R) Graphics Suite X4
"_{CE2DA11A-917F-4CF5-AB55-755EC115DD10}" = CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{44A27085-0616-4181-A0C3-81C7ECA17F73}" = CorelDRAW Graphics Suite X4
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4F62B1AE-E778-49E2-9C57-C1C65A122098}" = Zoner Callisto 5
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D12B99F-EAAA-49D8-8E2F-74FA7459CCB2}" = Adobe Asset Services CS3
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{7F05E704-30A6-421A-97A7-8EEB1C7FF010}" = CorelDRAW Graphics SUite X4 - ICA
"{7F05E704-30A6-421A-97A7-8EEB1C7FF012}" = CorelDRAW Graphics Suite X4 - Capture
"{7F05E704-30A6-421A-97A7-8EEB1C7FF013}" = CorelDRAW Graphics Suite X4 - Draw
"{7F05E704-30A6-421A-97A7-8EEB1C7FF014}" = CorelDRAW Graphics Suite X4 - PP
"{7F05E704-30A6-421A-97A7-8EEB1C7FF016}" = CorelDRAW Graphics Suite X4 - Content
"{7F05E704-30A6-421A-97A7-8EEB1C7FF017}" = CorelDRAW Graphics Suite X4 - Filters
"{7F05E704-30A6-421A-97A7-8EEB1C7FF019}" = CorelDRAW Graphics Suite X4 - FontNav
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{847CAE64-4CD2-4B2D-AF00-978FF5431029}" = Nero 7 Ultra Edition
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)soft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)soft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)soft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)soft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)soft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)soft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3FBBD965-83C1-4197-B0E4-44162113C004}" =
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)soft Office Groove MUI (Czech) 2007
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9D0798D0-AF6C-4E62-94B1-AEBF1A43E00A}" = CorelDRAW Graphics Suite X4 - IPM
"{9F53AAB3-B989-4731-8635-C8F4F1050A8C}" = Adobe Setup
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Czech
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{b1adf008-e898-4fe2-8a1f-690d9a06acaf}" = DolbyFiles
"{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}" = @BIOS Ver.2.06
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B48E264C-C8CD-4617-B0BE-46E977BAD694}" = ANNO 2070
"{B61D21B6-469D-4423-B161-62DB20B8A70E}" = Visual Basic for Applications (R) Core - English
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
"{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3
"{BF439B41-0252-48DE-8B8B-0430CB26A181}" = CorelDRAW Graphics Suite X4 - VBA
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{CE2DA11A-917F-4CF5-AB55-755EC115DD10}" = CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{DB81779E-7CC5-4630-BCFC-754004956444}" = Visual Basic for Applications (R) Core
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
"{ED95B55C-4759-4242-85DE-EAD1DA7AB090}" = Adobe Dreamweaver CS3
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F232C87C-6E92-4775-8210-DFE90B7777D9}" = CyberLink PowerDVD 11
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FFFE7261-2318-4227-B827-E9E05E16DFE5}" = CorelDRAW Graphics Suite X4 - Lang CZ
"AC3Filter_is1" = AC3Filter 1.63b
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe_f5bcf5cb0764c8ca8bbd659a1bf2b83" = Adobe Dreamweaver CS3
"aTube Catcher" = aTube Catcher
"avast" = avast! Free Antivirus
"BitTorrent" = BitTorrent
"BlueVoda_Website_Builder_1.0" = BlueVoda Website Builder 10.12
"CCleaner" = CCleaner
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"Data Access Objects (DAO) 3.5" = Data Access Objects (DAO) 3.5
"DVDFab Virtual Drive_is1" = DVDFab Virtual Drive verze 1.3.2.0
"ENTERPRISE" = Microsoft Office Enterprise 2007
"experience-lge-mon-lite-bundle" = TriDef 3D Games (LG 3D Monitor/TV) 1.5.6
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{F232C87C-6E92-4775-8210-DFE90B7777D9}" = CyberLink PowerDVD 11
"KLiteCodecPack_is1" = K-Lite Codec Pack 6.9.0 (Full)
"Media Player - Codec Pack" = Media Player Codec Pack 4.1.5
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 14.0.1 (x86 cs)" = Mozilla Firefox 14.0.1 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MV2Player" = MV2Player (remove only)
"SpeedFan" = SpeedFan (remove only)
"ST6UNST #1" = Auta-Galáš
"szn-software-postak" = Seznam Pošťák 2 (Všichni uživatelé tohoto počítače.)
"Totalcmd" = Total Commander (Remove or Repair)
"TVWiz" = Intel(R) TV Wizard
"WinRAR archiver" = WinRAR
"ZonerPhotoStudio10_CZ_is1" = Zoner Photo Studio 10
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-892274279-3574375534-938609954-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"QIP 2012" = QIP 2012 4.0.7102
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 18.9.2011 18:00:07 | Computer Name = Marťas-PC | Source = System Restore | ID = 8211
Description =
Error - 18.9.2011 18:30:04 | Computer Name = Marťas-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files\Common Files\Research
In Motion\AppLoader\MailServerMAPIProxy64.exe se nezdařilo. Závislé sestavení Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 18.9.2011 18:34:06 | Computer Name = Marťas-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files\Nokia\Nokia PC Suite
7\TIS_Windows7PIM.dll se nezdařilo. Závislé sestavení Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 19.9.2011 20:42:11 | Computer Name = Marťas-PC | Source = VSS | ID = 8194
Description =
Error - 20.9.2011 13:12:44 | Computer Name = Marťas-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files\Common Files\Research
In Motion\AppLoader\MailServerMAPIProxy64.exe se nezdařilo. Závislé sestavení Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 20.9.2011 13:17:02 | Computer Name = Marťas-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files\Nokia\Nokia PC Suite
7\TIS_Windows7PIM.dll se nezdařilo. Závislé sestavení Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 21.9.2011 2:27:56 | Computer Name = Marťas-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files\Common Files\Research
In Motion\AppLoader\MailServerMAPIProxy64.exe se nezdařilo. Závislé sestavení Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 21.9.2011 2:32:18 | Computer Name = Marťas-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files\Nokia\Nokia PC Suite
7\TIS_Windows7PIM.dll se nezdařilo. Závislé sestavení Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 22.9.2011 3:13:28 | Computer Name = Marťas-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files\Common Files\Research
In Motion\AppLoader\MailServerMAPIProxy64.exe se nezdařilo. Závislé sestavení Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 22.9.2011 3:17:59 | Computer Name = Marťas-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files\Nokia\Nokia PC Suite
7\TIS_Windows7PIM.dll se nezdařilo. Závislé sestavení Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 24.9.2011 3:08:27 | Computer Name = Marťas-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files\Common Files\Research
In Motion\AppLoader\MailServerMAPIProxy64.exe se nezdařilo. Závislé sestavení Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
[ OSession Events ]
Error - 18.6.2010 2:57:57 | Computer Name = Marťas-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 35973
seconds with 3240 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 25.7.2012 4:37:10 | Computer Name = Marťas-PC | Source = Service Control Manager | ID = 7000
Description = Služba HDUSB.Sys HDUSB Bulk IO test driver neuspěla při spuštění v
důsledku následující chyby: %%1058
Error - 25.7.2012 4:42:17 | Computer Name = Marťas-PC | Source = Service Control Manager | ID = 7000
Description = Služba HDUSB.Sys HDUSB Bulk IO test driver neuspěla při spuštění v
důsledku následující chyby: %%1058
Error - 25.7.2012 4:58:42 | Computer Name = Marťas-PC | Source = Service Control Manager | ID = 7000
Description = Služba HDUSB.Sys HDUSB Bulk IO test driver neuspěla při spuštění v
důsledku následující chyby: %%1058
Error - 25.7.2012 5:10:56 | Computer Name = Marťas-PC | Source = Service Control Manager | ID = 7000
Description = Služba HDUSB.Sys HDUSB Bulk IO test driver neuspěla při spuštění v
důsledku následující chyby: %%1058
Error - 25.7.2012 5:15:52 | Computer Name = Marťas-PC | Source = Service Control Manager | ID = 7000
Description = Služba HDUSB.Sys HDUSB Bulk IO test driver neuspěla při spuštění v
důsledku následující chyby: %%1058
Error - 25.7.2012 5:18:39 | Computer Name = Marťas-PC | Source = Service Control Manager | ID = 7000
Description = Služba HDUSB.Sys HDUSB Bulk IO test driver neuspěla při spuštění v
důsledku následující chyby: %%1058
Error - 25.7.2012 10:09:38 | Computer Name = Marťas-PC | Source = Service Control Manager | ID = 7000
Description = Služba HDUSB.Sys HDUSB Bulk IO test driver neuspěla při spuštění v
důsledku následující chyby: %%1058
Error - 25.7.2012 14:17:14 | Computer Name = Marťas-PC | Source = Service Control Manager | ID = 7000
Description = Služba HDUSB.Sys HDUSB Bulk IO test driver neuspěla při spuštění v
důsledku následující chyby: %%1058
Error - 25.7.2012 16:10:14 | Computer Name = Marťas-PC | Source = volsnap | ID = 393252
Description = Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného
uživatelem se nepodařilo zvětšit úložiště stínové kopie.
Error - 26.7.2012 2:11:16 | Computer Name = Marťas-PC | Source = Service Control Manager | ID = 7000
Description = Služba HDUSB.Sys HDUSB Bulk IO test driver neuspěla při spuštění v
důsledku následující chyby: %%1058
< End of report >
[2009.07.14 10:43:57 | 000,030,272 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winresume.exe.mui_ff8b5358
[2011.07.05 18:34:16 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2011.07.05 18:34:16 | 000,508,904 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winload.exe_75835076
[2011.07.05 18:34:16 | 000,442,720 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winresume.exe_85cd1215
[2009.07.14 04:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 04:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2009.07.14 10:42:11 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.07.14 03:47:46 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009.08.19 09:38:48 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed.manifest
[2009.08.19 09:21:21 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20509_none_5be12f8ee6d3987e.manifest
[2010.11.20 05:02:40 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2009.07.14 03:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:22:35 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_0ad4ff55dce9d030\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 07:45:50 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_0ac72e8bdcf4a01c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:19:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:50:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_0b1fbd2cf6364a4e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:13:36 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:47:28 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_0caf8c25da193eb6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 09:15:40 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 08:56:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_0d3159e2f33c4676\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
< End of report >
OTL Extras logfile created on: 26.7.2012 8:17:39 - Run 1
OTL by OldTimer - Version 3.2.54.1 Folder = C:\Users\Marťas\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,90 Gb Total Physical Memory | 1,87 Gb Available Physical Memory | 64,56% Memory free
3,10 Gb Paging File | 2,09 Gb Available in Paging File | 67,41% Paging File free
Paging file location(s): c:\pagefile.sys 200 5000 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 87,94 Gb Free Space | 59,01% Space Free | Partition Type: NTFS
Drive D: | 4,22 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: MARŤAS-PC | User Name: Marťas | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-892274279-3574375534-938609954-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Play_with_TriDef_Media_Player] -- "C:\Program Files\TriDef 3D\TriDef\TriDefMediaPlayer\TriDefMediaPlayer.exe" "%1" (DDD Group Plc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 1
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\TriDef 3D\TriDef\TriDefMediaPlayer\TriDefMediaPlayer.exe" = C:\Program Files\TriDef 3D\TriDef\TriDefMediaPlayer\TriDefMediaPlayer.exe:*:Enabled:TriDef 3D Media Player -- (DDD Group Plc.)
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0307ED37-4F64-4556-A95C-77634BA2C0B1}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{03D86E06-C6CC-4FF8-83C0-7B574D120E4F}" = lport=137 | protocol=17 | dir=in | app=system |
"{10675075-897B-49F8-B391-41822FA203D8}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{1919D819-6640-407C-AD34-7A354AB66C44}" = rport=137 | protocol=17 | dir=out | app=system |
"{1B54887B-C5CF-43D6-B20B-617ACD0D30C0}" = rport=139 | protocol=6 | dir=out | app=system |
"{21A1FDD1-A009-42B6-9015-D0425165645A}" = lport=445 | protocol=6 | dir=in | app=system |
"{278636F9-2173-4F8D-9F37-5DCD1BA954E1}" = rport=138 | protocol=17 | dir=out | app=system |
"{47EE6DD1-185B-4BDD-AC59-D7A19619AB05}" = lport=138 | protocol=17 | dir=in | app=system |
"{50E1B70E-0E68-45A0-8436-263B71E46699}" = lport=139 | protocol=6 | dir=in | app=system |
"{7DA0828B-CB3B-4788-B857-2601C5BD7B52}" = rport=445 | protocol=6 | dir=out | app=system |
"{8478F9CC-C7D4-41CF-97BB-581482394C9B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A589557B-5E5F-4E61-B9CE-4242567EDAF9}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{D6388475-61F6-422E-A594-0D88D33E161E}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00D6008E-0D04-4704-85FC-B3A92556DBD1}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqnrs08.exe |
"{01E42086-C20C-43F3-ABE3-C2CF9126846F}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{044396D9-63E5-41AF-9952-B7D2D61BA5F9}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\ptchapply.exe |
"{06E79590-6543-4E04-A7F7-5648C95780EA}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\systemdiagnostic.exe |
"{06FE4264-A803-406C-95A4-A8254D3DFCA7}" = protocol=6 | dir=in | app=c:\program files\pinnacle\studio 12\programs\studio.exe |
"{08AB8CCE-75BB-48B9-AC5F-943963B64EFF}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\syspage.exe |
"{0B3BC44C-5CEC-4E77-ADE2-14C75FCD6D09}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\testman.exe |
"{0E812F3C-B85A-4BF6-A8E5-00F1A7C36A06}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\rtdb.exe |
"{11135E63-3E43-4EC3-AB8A-235B2302C8AC}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\engineeringfeedback.exe |
"{1143FFD4-1414-4F4F-8001-B896E7DAADBA}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\networkactivation.exe |
"{13C449D2-C69A-48C3-A9B0-981A0A8F839C}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqcopy2.exe |
"{13F72A2E-8E44-40A0-B25E-DEF1BD2664CC}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\tdsnetconfig.exe |
"{144C1C97-2E08-40E7-B968-71E286B47D4D}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\probetickhandler.exe |
"{15A02B87-40AB-4ECC-BCC7-B474C7E60778}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\probes\c402.exe |
"{19870F7F-FB1C-4A9B-8DE9-6A2D5E868DAF}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\probes\c402.exe |
"{19E9DA39-4CD0-496A-BAC4-157508E4A1F1}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\probetickhandler.exe |
"{1AD458B7-E7DB-4848-98D5-AE2422C0DEF0}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\engineeringfeedback.exe |
"{1D12A147-FD60-444B-A9D9-3FE65CA6EDB3}" = dir=in | app=c:\program files\cyberlink\powerdvd11\pdvd11serv.exe |
"{1E363EFF-F28D-4C66-B07F-44DA08CFCF5D}" = protocol=17 | dir=in | app=c:\program files\pinnacle\studio 12\programs\umi.exe |
"{1E78E2D2-CBBD-4A5E-9D47-96662D385BDD}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{1FA4F15D-D83D-4579-9FEA-C2EDEE91952D}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\networkactivation.exe |
"{21E44611-7B90-4C51-97C8-8AD3E90F78F8}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\rtdb.exe |
"{225F6229-40F8-4794-BFCB-3BE6ECD8592C}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\ptchapply.exe |
"{2555807D-D890-48DE-BD39-3AFEDB906646}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\rtdb.exe |
"{26942961-06C2-48B1-ACB4-EF4A2574AC29}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{290A4AC5-7A94-418B-9D68-9BF5F5A08E8B}" = dir=in | app=c:\program files\cyberlink\powerdvd11\movie\moviemodule.exe |
"{297FFD27-6A25-4581-A984-AB480E33BA26}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\vcl_pc.exe |
"{29BDEF04-D90F-4BF7-A049-CE8DAF105501}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\probes\c403.exe |
"{2CE81183-DF4C-4C70-955B-3A7F9803A64F}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\codeserved.exe |
"{2EC2DC4D-EAE9-4D2A-AB81-0D6CB45FA6FD}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\probes\c403.exe |
"{2ED48007-66F9-4BE2-8CF8-A54EE3E959B0}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\testman.exe |
"{305AC034-8D3A-4815-9A90-48D9137CAD1A}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\codeserved.exe |
"{30E02DD0-0E69-4735-B3DD-5516D0FA56A3}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe |
"{3188E066-E4C2-4323-8314-8B461A2F0A60}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{346AE40A-9B67-40F0-B785-6D879A46ABDE}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\probetickhandler.exe |
"{375128DF-7C9B-43A4-A547-F33CEFAC8985}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\probes\c412.exe |
"{37C840D7-94E0-4DB9-B6D7-A54FEC3B68A3}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\probes\c413.exe |
"{39980352-637E-42F2-8217-B853BAA949C2}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\vmm.exe |
"{3BE30F71-58B1-48A3-99C5-7E17D8459D3C}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\probes\c402.exe |
"{3CD45833-F10A-4C88-872E-B741F4C40F5F}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{3EDBD2F0-9891-43F3-AF3A-B1C574868BAB}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\codeserved.exe |
"{3F030A11-190B-4E3A-BDD7-44E6597D50F9}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\probes\c413.exe |
"{4078AE27-AA7E-402A-AAB6-B87BA9AEC67A}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\testman.exe |
"{43B2969E-0D97-4E4F-80C8-DB60D17DF412}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\tdsnetconfig.exe |
"{43CBBCEC-D25E-4B84-A5C5-516394B76DF9}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\vcl_pc.exe |
"{46365FE9-BD8D-4D1F-888E-BB21CA16D55E}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\tabman.exe |
"{46E1ADFD-DE51-4E38-A863-7053ECC5726B}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\probes\c412.exe |
"{46E921C9-8D0D-415C-9199-5CAA7A8F7EE2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{47099C62-7DFD-477A-9A81-AE0B5450CE93}" = protocol=17 | dir=in | app=c:\windows\system32\muzapp.exe |
"{4721A381-6587-49F0-9884-532D0935F9BF}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\probetickhandler.exe |
"{479ADE80-362E-4CC7-996E-D0FBC45CB967}" = protocol=17 | dir=in | app=c:\program files\ubisoft\related designs\anno 2070\autopatcher.exe |
"{4B7C7671-CD4E-4681-BA9E-7FCF2F76DD96}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\vmm.exe |
"{4C8131F3-4B0F-4AA2-99BA-D6301C8D5886}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\systemdiagnostic.exe |
"{4DDC4652-5181-4051-90EB-23A0110487A4}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\probes\c407.exe |
"{4F3CB78C-EE72-4710-ACBF-0E9E62A42DC0}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe |
"{5636741F-9856-4C91-B084-CF93D279F054}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe |
"{56FCFCCD-D2C5-4CEC-A30B-52F17B347940}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\codeserved.exe |
"{57ECF615-D67E-460D-A8D8-DA32C4973E12}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\xmlregistryd.exe |
"{59A10444-D371-44C7-BBB7-3389D35B1E1A}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\codeserved.exe |
"{5A1716C1-8061-4539-8CEB-B8F9F13793F6}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\ptchapply.exe |
"{5CACC7A3-A3AC-4A9E-8DF0-1B1731EFB3C4}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\tabman.exe |
"{5D031946-13F0-4DC1-96F5-967BDDD93763}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\probes\c402.exe |
"{5E26C5F4-BBE3-49EF-A8A4-19C499ADE43A}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\probes\c412.exe |
"{5E7EC231-56D1-44CF-9001-7A8B46D58101}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\tabman.exe |
"{6278AF6E-5CD5-4B58-9AC3-6D13745B5A92}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{63A9C9AB-FBE8-4718-A7BB-F1F6A49F1B6A}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{64B81F33-C1FC-4031-BFBD-0CEE515FDAE5}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\lvpcheck.exe |
"{64C18431-7167-462C-8EC0-FEFB0268660D}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\tdsnetconfig.exe |
"{652A9610-7882-4913-9E88-C7C15EDF44F1}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\syspage.exe |
"{652C6A0B-329A-4092-97BB-D5E891BEE467}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\tabman.exe |
"{66F787A4-DD9F-43C1-9A3D-C9A52AAE639A}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\systemdiagnostic.exe |
"{67B6A133-CF2D-45B0-BFDC-90BCDD18E49A}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\probes\c412.exe |
"{695B6C03-3B68-4A6F-8AB4-C9F61656CDD1}" = protocol=6 | dir=in | app=c:\program files\ubisoft\related designs\anno 2070\anno5.exe |
"{6A5A1673-F4BA-4C2C-A504-236B5A8E7EBC}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\testman.exe |
"{6C2FA92B-1AE9-4626-84E2-FD38D04FA2B0}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\syspage.exe |
"{6C9F2897-FAF9-44F5-AFFC-3CA5B53EC75E}" = protocol=6 | dir=in | app=c:\program files\pinnacle\studio 12\programs\rm.exe |
"{6D9545AC-3306-426D-8625-E821FC2512DF}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\xmlregistryd.exe |
"{6DF560C8-AD94-4513-9C50-519F439D3BB5}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\probes\c413.exe |
"{71AB0539-3CB8-41A9-923C-C48D71C19F0D}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\probetickhandler.exe |
"{736E80F8-FE05-474D-AFD2-29DD1DED746F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{75028F24-AC2B-4F2A-9633-5D2A83EBA61F}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\probes\c407.exe |
"{75D06E3C-95CE-4C97-9FCB-ED90429BA68A}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\vmm.exe |
"{76DE3194-FC11-4C9C-B0A0-F5F770CAB130}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\probes\c413.exe |
"{774E66B0-D73E-4AAA-B7A9-2EF8F53D2887}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\probes\c403.exe |
"{77B928B5-5195-4A82-BA77-D22E9D0DE319}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\probes\c413.exe |
"{7AEA4C1F-B206-4BCB-940E-6E2FD5F169DF}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\xmlregistryd.exe |
"{7C621FD2-292D-4AE6-B2C8-2EA025BD61C3}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe |
"{7D979024-5CAB-4B47-B094-14F7543EDDF0}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\probes\c412.exe |
"{811C26F0-9F72-4650-8C87-6D97E0A3E325}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpsapp.exe |
"{819F42BA-90E7-47C0-B711-B8FDD347DE2E}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\probes\c412.exe |
"{888FF717-566C-4AFB-9399-B155684AF9C8}" = protocol=17 | dir=in | app=c:\program files\pinnacle\studio 12\programs\rm.exe |
"{889DDD90-D028-49D6-A57C-4BF818DC028A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{8F254A88-8C7C-41CE-94A6-904FDBE7A53A}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\testman.exe |
"{919D1F0B-114E-4F4D-AF17-0209A53AED81}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe |
"{92C272CE-3705-4EEC-A34E-602F296970FB}" = protocol=17 | dir=in | app=c:\program files\ubisoft\related designs\anno 2070\initengine.exe |
"{9355661D-9949-438D-9AA4-36A5AFA10265}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\tabman.exe |
"{94AE26A3-E0BC-4695-B294-485E992AAC4C}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\vmm.exe |
"{95909CB7-6F14-4836-B905-2F4A502E3B52}" = protocol=6 | dir=in | app=c:\program files\ubisoft\related designs\anno 2070\autopatcher.exe |
"{9590DD21-4369-43EA-BA57-C9C8D52698EF}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\syspage.exe |
"{9860FF95-A279-4B76-8F68-1DD1C70FD7D3}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\probes\c407.exe |
"{98752FEF-C47B-4CCD-921A-AE86E2F60078}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\probes\c402.exe |
"{98759FD1-B320-4A67-B4BC-B47C77516A0F}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\engineeringfeedback.exe |
"{9ABBDD33-5788-43CE-859E-2310B8045C46}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\testman.exe |
"{9B2B13EE-8125-47AF-961A-EF6B3888501D}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\networkactivation.exe |
"{9BCA5880-F3A7-4876-84EF-44F71684908B}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\systemdiagnostic.exe |
"{9D7F5179-E476-4469-9D87-D7B856D975DA}" = protocol=6 | dir=in | app=c:\program files\pinnacle\studio 12\programs\umi.exe |
"{9E0139C6-C7B8-41BC-828C-F8F494098394}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe |
"{9E648E65-E120-40A5-9B06-2D8E68CD03A9}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\ptchapply.exe |
"{A01ECF2C-6EB5-49BB-810C-778259C84683}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\syspage.exe |
"{A149A32E-FDB9-4AD7-ACF4-F0D9E9EC0E5F}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe |
"{A40224CA-455E-40BD-A0A6-5FABF2C017DC}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\tdsnetconfig.exe |
"{A75712C7-2FE0-48B1-BF1D-916F80486E8A}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\tabman.exe |
"{A75AE586-3101-4C5A-BCC3-88D573DEEB30}" = dir=in | app=c:\program files\cyberlink\powerdvd11\movie\powerdvd cinema\powerdvdcinema11.exe |
"{A7F3FDC0-F85F-4609-B705-07CEDF90F0C0}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpse.exe |
"{ABF4BA11-E7C5-47A8-B226-BC18C8E4EC2F}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe |
"{AC3789E2-B64C-4C7B-A9E7-22353B71A5B0}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe |
"{AF893DCC-DFD2-4105-AF7B-3AE61A1D9E16}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\starburst.exe |
"{B03D9A30-B001-4D81-9621-BB5D2464E0A2}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\starburst.exe |
"{B059A1D0-841B-45FD-BC92-2D8788F80ABC}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\xmlregistryd.exe |
"{B23495A3-20F1-4947-AAC0-1A9EE082808E}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\starburst.exe |
"{B4B23870-8A2D-42B0-A192-B8DB03EA8CC6}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\probes\c403.exe |
"{B5F4D56F-5586-4B3C-8A2F-1C4CA60431A5}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\syspage.exe |
"{B6CB767B-0B53-4C06-9310-476F53C43AC0}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\xmlregistryd.exe |
"{B7474119-FCB1-4108-BD98-FFF0FEF713CA}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\probes\c413.exe |
"{B8A8190B-244F-4581-A1DC-7D75719B201D}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\lvpcheck.exe |
"{B96948B7-CDD9-4263-BBB7-40994DEA9DE2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BB83836B-B1EE-4973-99B8-BB29EAF36D55}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe |
"{BB89B64E-A7CE-437F-BEEA-9A62F75AC077}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\ptchapply.exe |
"{BD725EC0-B099-4416-A123-05C49AE73BD4}" = dir=in | app=c:\program files\cyberlink\powerdvd11\common\mediaserver\clmsserverforpdvd11.exe |
"{BF0836B0-5E2B-4E17-B8C2-51BCFD4814BA}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{C08ED4D7-E618-496E-8D58-024307979CF8}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\probes\c403.exe |
"{C1D34B8D-73EE-4062-B841-DDB59154DF91}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\tdsnetconfig.exe |
"{C33DE3E0-CCE1-4329-8963-44DEC190AE76}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\probes\c407.exe |
"{C465D39C-8274-46BF-A0A4-49B65999E19E}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe |
"{C544418F-6B3E-43DA-9853-18E94494E489}" = protocol=17 | dir=in | app=c:\program files\pinnacle\studio 12\programs\studio.exe |
"{C5A0ADCD-DE16-4260-A25A-56FBE6D5F808}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\rtdb.exe |
"{C6CE6461-67E9-4955-B745-D83549923F59}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\codeserved.exe |
"{CB03B5B8-6C81-4077-A830-5485DCFDCCA0}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\vmm.exe |
"{CB7052E5-63FC-44B0-97D7-16924EB4AD1E}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\ptchapply.exe |
"{CBC842D1-D463-4EFB-8418-5289BE76D900}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\networkactivation.exe |
"{CDE1B8AD-83AC-43E1-A862-37D312466B6E}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\networkactivation.exe |
"{D00D8DA5-A1EB-4EE7-98D3-A2E81FA06E26}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\tdsnetconfig.exe |
"{D02C3541-1347-4585-9365-A25B52B992A2}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\probes\c402.exe |
"{D0E9679C-8CEC-421D-B630-7E452EDAF832}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\lvpcheck.exe |
"{D1DA5A6C-850E-4D1D-B9B5-67E324998475}" = protocol=17 | dir=in | app=c:\program files\ubisoft\related designs\anno 2070\anno5.exe |
"{D65E6638-CE54-4A35-A9E5-F5BF4EC6A16B}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\starburst.exe |
"{D7D81AC0-0E77-4FED-8ACC-B6424A76DE3F}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\starburst.exe |
"{D9DDC9BA-A451-4F92-B16F-13F336B14E00}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\probes\c403.exe |
"{DBFA37E5-AB54-42E9-9C04-6D6C707232B9}" = protocol=6 | dir=in | app=c:\program files\ubisoft\related designs\anno 2070\initengine.exe |
"{DDE1042F-E2E3-490B-AD53-2B3143ED7FBA}" = protocol=6 | dir=in | app=c:\windows\system32\muzapp.exe |
"{DE4DC1E3-3BAB-47B5-A90E-45E33E79CE4C}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\systemdiagnostic.exe |
"{DE5E40D3-6A0A-476E-9072-D569D9DDCCE1}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\lvpcheck.exe |
"{DF32189A-5A69-41BF-9478-2FF81478DA22}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\engineeringfeedback.exe |
"{E30D34A4-E318-451B-9763-19D674B1E9BF}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\rtdb.exe |
"{E3EAD317-82FD-41F5-A2DD-3105A745B281}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\engineeringfeedback.exe |
"{E4304B34-9919-4242-A615-9DEFF1C68C9F}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\starburst.exe |
"{E5BC3FF5-B21D-404E-B983-99551F6F424D}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\probes\c407.exe |
"{E609DCF5-C9B8-4F52-A60C-452BDFCC5801}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\lvpcheck.exe |
"{E62AB2D1-7A15-4C66-ADFA-DEBA61D034FB}" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"{E65828D4-BC3E-409D-9253-5FEB579C3DBB}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\vcl_pc.exe |
"{E6CDFDF9-0FDD-466A-B1C8-FDB0E71783E5}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\probes\c407.exe |
"{E84B5AFD-1921-4E63-B8FC-D8740F264504}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\vcl_pc.exe |
"{E987D4B4-69D0-476F-BF37-841FEF3D4F9F}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\lvpcheck.exe |
"{EB0FB0A2-3238-4516-B99F-C533D806FE95}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\vcl_pc.exe |
"{EB2C5D25-E833-4AC4-B74F-293A27604BC1}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\xmlregistryd.exe |
"{F07DE054-6EA8-42A9-8311-3541B1356141}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{F1CB8274-8A6C-4880-9A89-B4C05C212037}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqsudi.exe |
"{F404B47A-A93F-4F31-BBB0-0470FF310C6E}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\vmm.exe |
"{F5733C78-083B-4701-9BAF-F47B5F6C2B8D}" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"{FA874A27-E0A5-4A24-9335-8FC3CDF41240}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\vcl_pc.exe |
"{FB146B47-BDFD-41FF-B230-05F3E4915EEA}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\probetickhandler.exe |
"{FBE0209E-5168-46C5-84ED-5367CD0F4C4F}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\systemdiagnostic.exe |
"{FCEDC74C-F1E6-4A61-AE40-7A83BA8BCC2C}" = protocol=17 | dir=in | app=c:\program files\ford motor company\ids\runtime\networkactivation.exe |
"{FCFD3B51-4C3F-4D34-A3B9-2F60C2D53864}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\rtdb.exe |
"{FDA6EFF5-347F-45E8-B5A2-84A75C14935F}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{FE59C9D3-4FE2-40AB-B1CD-F064C07CB6AB}" = protocol=6 | dir=in | app=c:\program files\ford motor company\ids\runtime\engineeringfeedback.exe |
"{FEB65B46-D8BC-47EA-8C34-9A9558DFB646}" = dir=in | app=c:\program files\cyberlink\powerdvd11\powerdvd11.exe |
"TCP Query User{12EAB352-5EF8-4D76-957C-31EEB5FD08F3}C:\program files\common files\sagem sa\dgipsvr.exe" = protocol=6 | dir=in | app=c:\program files\common files\sagem sa\dgipsvr.exe |
"TCP Query User{214CF1CF-2061-4837-8B2F-4583A1BA035B}C:\app\ddc\opt\apache\bin\httpd_ddc.exe" = protocol=6 | dir=in | app=c:\app\ddc\opt\apache\bin\httpd_ddc.exe |
"TCP Query User{30CD23F7-BD3D-4D12-953C-308A6BF11454}C:\app\ediag\importedj9\jre\bin\j9w.exe" = protocol=6 | dir=in | app=c:\app\ediag\importedj9\jre\bin\j9w.exe |
"TCP Query User{39818C47-F78B-4219-B537-16C24891C129}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"TCP Query User{44DA5E1D-EF7C-4266-AA9B-FB918104DA2E}C:\program files\odeon\jaf\jcop.exe" = protocol=6 | dir=in | app=c:\program files\odeon\jaf\jcop.exe |
"TCP Query User{483D52FF-E5F9-4003-AE6E-CEDF4A3438F1}C:\awroot\bin\common\rsvr\awrsrv.exe" = protocol=6 | dir=in | app=c:\awroot\bin\common\rsvr\awrsrv.exe |
"TCP Query User{6D709FE4-92FB-487C-9DEE-0BDAC4F74359}C:\program files\dsnet corp\atube catcher 2.0\yct.exe" = protocol=6 | dir=in | app=c:\program files\dsnet corp\atube catcher 2.0\yct.exe |
"TCP Query User{6DD1765F-1B6C-4680-8009-0036460550B0}C:\awroot\bin\mmi\diagnostic.exe" = protocol=6 | dir=in | app=c:\awroot\bin\mmi\diagnostic.exe |
"TCP Query User{79AD23A4-902A-4BFE-A72E-8717F05F4D8B}C:\program files\totalcmd\totalcmd.exe" = protocol=6 | dir=in | app=c:\program files\totalcmd\totalcmd.exe |
"TCP Query User{7EF29CA2-9609-45CD-BEAA-2739B3149FB2}C:\awroot\bin\fi\awfinterpreter_vc80.exe" = protocol=6 | dir=in | app=c:\awroot\bin\fi\awfinterpreter_vc80.exe |
"TCP Query User{7FEAC101-A9DC-43C1-BA0C-9F5A358696F5}C:\program files\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\gtaiv.exe |
"TCP Query User{8F17E90F-5751-403A-ACC1-9AD7779821BA}C:\program files\gigabyte\@bios\gwflash.exe" = protocol=6 | dir=in | app=c:\program files\gigabyte\@bios\gwflash.exe |
"TCP Query User{9782E354-CF26-4A12-84EE-08FB16DAAB61}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{97E67568-9758-48E0-85B3-54D15B72C244}C:\program files\common files\nokia\fuse\fuseservice.exe" = protocol=6 | dir=in | app=c:\program files\common files\nokia\fuse\fuseservice.exe |
"TCP Query User{9FE8977B-5C4E-425D-9D59-D1A4CDF130A4}C:\program files\totalcmd\totalcmd.exe" = protocol=6 | dir=in | app=c:\program files\totalcmd\totalcmd.exe |
"TCP Query User{A7512891-A319-41C0-9A8C-5B77AA4D7343}C:\program files\common files\nokia\fuse\fuse.exe" = protocol=6 | dir=in | app=c:\program files\common files\nokia\fuse\fuse.exe |
"TCP Query User{A86CA93E-085B-4D3F-BDAF-069CA9383DBC}C:\users\marťas\downloads\stronghold.3-3dm\stronghold.3-3dm\stronghold3\bin\win32_release\stronghold3.exe" = protocol=6 | dir=in | app=c:\users\marťas\downloads\stronghold.3-3dm\stronghold.3-3dm\stronghold3\bin\win32_release\stronghold3.exe |
"TCP Query User{B3D635BE-1B5F-4B94-85C3-7C911B2A0FC5}C:\program files\icq7.2\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"TCP Query User{BF069E7B-E6F1-4A9F-AC89-A23F4866F1E8}C:\awroot\bin\common\mcc\mccomm.exe" = protocol=6 | dir=in | app=c:\awroot\bin\common\mcc\mccomm.exe |
"TCP Query User{C1D040B0-E0A7-4552-9523-11A2BCD5ED53}C:\program files\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe |
"TCP Query User{C6EE0D74-DB8F-487C-8FF3-8150C213DDE2}C:\awroot\bin\common\rcmd\awrcmd.exe" = protocol=6 | dir=in | app=c:\awroot\bin\common\rcmd\awrcmd.exe |
"TCP Query User{C6F97BA5-8253-4B1E-96FC-5185907113DD}C:\awroot\bin\common\rasrv\awacsserver.exe" = protocol=6 | dir=in | app=c:\awroot\bin\common\rasrv\awacsserver.exe |
"TCP Query User{CD823CEF-C155-4803-9BDF-D78BC6206F2A}C:\program files\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=c:\program files\counter-strike source\hl2.exe |
"TCP Query User{D0434064-E5A5-48EF-9BEB-731322E3E005}C:\program files\qip 2012\qip.exe" = protocol=6 | dir=in | app=c:\program files\qip 2012\qip.exe |
"TCP Query User{D2D85A17-C7B2-4073-B8BB-49195B6CAE18}C:\program files\nokia\phoenix\phoenix.exe" = protocol=6 | dir=in | app=c:\program files\nokia\phoenix\phoenix.exe |
"TCP Query User{DFA23F48-BBDB-4FCD-8A60-E50677FE10EC}C:\users\marťas\appdata\local\temp\rarsfx0\pack\keygen\keygen.exe" = protocol=6 | dir=in | app=c:\users\marťas\appdata\local\temp\rarsfx0\pack\keygen\keygen.exe |
"UDP Query User{13720F5C-8B8F-4AE1-91D1-11402EF67A1C}C:\users\marťas\appdata\local\temp\rarsfx0\pack\keygen\keygen.exe" = protocol=17 | dir=in | app=c:\users\marťas\appdata\local\temp\rarsfx0\pack\keygen\keygen.exe |
"UDP Query User{2A26CB5D-928B-429A-8C17-B6A8F5C05E9D}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{316E5CD2-0A74-4C6B-A982-A42A7C77EAC6}C:\program files\qip 2012\qip.exe" = protocol=17 | dir=in | app=c:\program files\qip 2012\qip.exe |
"UDP Query User{31CBCE2C-F026-495C-9F55-08FC22E9114E}C:\program files\odeon\jaf\jcop.exe" = protocol=17 | dir=in | app=c:\program files\odeon\jaf\jcop.exe |
"UDP Query User{31F12847-069E-4465-B702-E7C2D133C591}C:\program files\gigabyte\@bios\gwflash.exe" = protocol=17 | dir=in | app=c:\program files\gigabyte\@bios\gwflash.exe |
"UDP Query User{3C35A2C5-2546-40BB-8448-56C447BD80C7}C:\program files\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe |
"UDP Query User{3C897DA3-3B42-4393-88F9-01CAF5D14F6D}C:\program files\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=c:\program files\counter-strike source\hl2.exe |
"UDP Query User{5A369F97-2D32-4C88-B58B-F739561A75D8}C:\awroot\bin\common\rasrv\awacsserver.exe" = protocol=17 | dir=in | app=c:\awroot\bin\common\rasrv\awacsserver.exe |
"UDP Query User{5A641279-2ECE-4B47-B3DA-7ACEB9F33E5B}C:\awroot\bin\fi\awfinterpreter_vc80.exe" = protocol=17 | dir=in | app=c:\awroot\bin\fi\awfinterpreter_vc80.exe |
"UDP Query User{5CB92890-C419-49FC-B8E7-1AB6975D78D2}C:\program files\common files\nokia\fuse\fuseservice.exe" = protocol=17 | dir=in | app=c:\program files\common files\nokia\fuse\fuseservice.exe |
"UDP Query User{75DE8DED-665D-4861-9836-F6B20BDCD0B7}C:\app\ediag\importedj9\jre\bin\j9w.exe" = protocol=17 | dir=in | app=c:\app\ediag\importedj9\jre\bin\j9w.exe |
"UDP Query User{7F60F256-D378-4A52-B5C4-A94D5FC2C3E1}C:\program files\icq7.2\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"UDP Query User{89D55421-505E-41BC-9BD6-5089745B8754}C:\users\marťas\downloads\stronghold.3-3dm\stronghold.3-3dm\stronghold3\bin\win32_release\stronghold3.exe" = protocol=17 | dir=in | app=c:\users\marťas\downloads\stronghold.3-3dm\stronghold.3-3dm\stronghold3\bin\win32_release\stronghold3.exe |
"UDP Query User{96788B56-1465-453C-8529-7893A7CAD1CD}C:\program files\common files\nokia\fuse\fuse.exe" = protocol=17 | dir=in | app=c:\program files\common files\nokia\fuse\fuse.exe |
"UDP Query User{9B9825C2-0CFB-4FA8-8D60-8DE425069A8E}C:\program files\dsnet corp\atube catcher 2.0\yct.exe" = protocol=17 | dir=in | app=c:\program files\dsnet corp\atube catcher 2.0\yct.exe |
"UDP Query User{9CEAE2A3-2074-4367-A5A9-8C540DD7F171}C:\program files\totalcmd\totalcmd.exe" = protocol=17 | dir=in | app=c:\program files\totalcmd\totalcmd.exe |
"UDP Query User{9F0355B6-93DD-459E-84AD-DEEC15170755}C:\awroot\bin\common\rsvr\awrsrv.exe" = protocol=17 | dir=in | app=c:\awroot\bin\common\rsvr\awrsrv.exe |
"UDP Query User{A6FA8246-9024-4D9D-BF3E-5C71E204A4DB}C:\app\ddc\opt\apache\bin\httpd_ddc.exe" = protocol=17 | dir=in | app=c:\app\ddc\opt\apache\bin\httpd_ddc.exe |
"UDP Query User{A9EE5C18-D605-45FD-9DB9-AF3AC2C14D8D}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"UDP Query User{B17B987F-4730-4737-A24D-9432D5E20425}C:\awroot\bin\mmi\diagnostic.exe" = protocol=17 | dir=in | app=c:\awroot\bin\mmi\diagnostic.exe |
"UDP Query User{B4EE686B-4EC5-47D0-9ED6-C98FA4B7136C}C:\program files\nokia\phoenix\phoenix.exe" = protocol=17 | dir=in | app=c:\program files\nokia\phoenix\phoenix.exe |
"UDP Query User{B824B876-9E15-4CED-9E51-7AD029961FB7}C:\program files\common files\sagem sa\dgipsvr.exe" = protocol=17 | dir=in | app=c:\program files\common files\sagem sa\dgipsvr.exe |
"UDP Query User{BBD0A0BF-AE6D-4FCE-AEB4-159797639707}C:\program files\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\gtaiv.exe |
"UDP Query User{C2A6C034-E497-4284-9401-67332D55C502}C:\awroot\bin\common\rcmd\awrcmd.exe" = protocol=17 | dir=in | app=c:\awroot\bin\common\rcmd\awrcmd.exe |
"UDP Query User{D25AE6D2-949D-4196-88E6-1F3ED52764A5}C:\program files\totalcmd\totalcmd.exe" = protocol=17 | dir=in | app=c:\program files\totalcmd\totalcmd.exe |
"UDP Query User{EB405A2A-CCA8-49DB-AF9C-8A7C81A4927B}C:\awroot\bin\common\mcc\mccomm.exe" = protocol=17 | dir=in | app=c:\awroot\bin\common\mcc\mccomm.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{7F05E704-30A6-421A-97A7-8EEB1C7FF010}" = CorelDRAW(R) Graphics Suite X4
"_{CE2DA11A-917F-4CF5-AB55-755EC115DD10}" = CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{44A27085-0616-4181-A0C3-81C7ECA17F73}" = CorelDRAW Graphics Suite X4
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4F62B1AE-E778-49E2-9C57-C1C65A122098}" = Zoner Callisto 5
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D12B99F-EAAA-49D8-8E2F-74FA7459CCB2}" = Adobe Asset Services CS3
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{7F05E704-30A6-421A-97A7-8EEB1C7FF010}" = CorelDRAW Graphics SUite X4 - ICA
"{7F05E704-30A6-421A-97A7-8EEB1C7FF012}" = CorelDRAW Graphics Suite X4 - Capture
"{7F05E704-30A6-421A-97A7-8EEB1C7FF013}" = CorelDRAW Graphics Suite X4 - Draw
"{7F05E704-30A6-421A-97A7-8EEB1C7FF014}" = CorelDRAW Graphics Suite X4 - PP
"{7F05E704-30A6-421A-97A7-8EEB1C7FF016}" = CorelDRAW Graphics Suite X4 - Content
"{7F05E704-30A6-421A-97A7-8EEB1C7FF017}" = CorelDRAW Graphics Suite X4 - Filters
"{7F05E704-30A6-421A-97A7-8EEB1C7FF019}" = CorelDRAW Graphics Suite X4 - FontNav
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{847CAE64-4CD2-4B2D-AF00-978FF5431029}" = Nero 7 Ultra Edition
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)soft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)soft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)soft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)soft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)soft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)soft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3FBBD965-83C1-4197-B0E4-44162113C004}" =
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)soft Office Groove MUI (Czech) 2007
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9D0798D0-AF6C-4E62-94B1-AEBF1A43E00A}" = CorelDRAW Graphics Suite X4 - IPM
"{9F53AAB3-B989-4731-8635-C8F4F1050A8C}" = Adobe Setup
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Czech
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{b1adf008-e898-4fe2-8a1f-690d9a06acaf}" = DolbyFiles
"{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}" = @BIOS Ver.2.06
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B48E264C-C8CD-4617-B0BE-46E977BAD694}" = ANNO 2070
"{B61D21B6-469D-4423-B161-62DB20B8A70E}" = Visual Basic for Applications (R) Core - English
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
"{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3
"{BF439B41-0252-48DE-8B8B-0430CB26A181}" = CorelDRAW Graphics Suite X4 - VBA
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{CE2DA11A-917F-4CF5-AB55-755EC115DD10}" = CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{DB81779E-7CC5-4630-BCFC-754004956444}" = Visual Basic for Applications (R) Core
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
"{ED95B55C-4759-4242-85DE-EAD1DA7AB090}" = Adobe Dreamweaver CS3
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F232C87C-6E92-4775-8210-DFE90B7777D9}" = CyberLink PowerDVD 11
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FFFE7261-2318-4227-B827-E9E05E16DFE5}" = CorelDRAW Graphics Suite X4 - Lang CZ
"AC3Filter_is1" = AC3Filter 1.63b
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe_f5bcf5cb0764c8ca8bbd659a1bf2b83" = Adobe Dreamweaver CS3
"aTube Catcher" = aTube Catcher
"avast" = avast! Free Antivirus
"BitTorrent" = BitTorrent
"BlueVoda_Website_Builder_1.0" = BlueVoda Website Builder 10.12
"CCleaner" = CCleaner
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"Data Access Objects (DAO) 3.5" = Data Access Objects (DAO) 3.5
"DVDFab Virtual Drive_is1" = DVDFab Virtual Drive verze 1.3.2.0
"ENTERPRISE" = Microsoft Office Enterprise 2007
"experience-lge-mon-lite-bundle" = TriDef 3D Games (LG 3D Monitor/TV) 1.5.6
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{F232C87C-6E92-4775-8210-DFE90B7777D9}" = CyberLink PowerDVD 11
"KLiteCodecPack_is1" = K-Lite Codec Pack 6.9.0 (Full)
"Media Player - Codec Pack" = Media Player Codec Pack 4.1.5
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 14.0.1 (x86 cs)" = Mozilla Firefox 14.0.1 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MV2Player" = MV2Player (remove only)
"SpeedFan" = SpeedFan (remove only)
"ST6UNST #1" = Auta-Galáš
"szn-software-postak" = Seznam Pošťák 2 (Všichni uživatelé tohoto počítače.)
"Totalcmd" = Total Commander (Remove or Repair)
"TVWiz" = Intel(R) TV Wizard
"WinRAR archiver" = WinRAR
"ZonerPhotoStudio10_CZ_is1" = Zoner Photo Studio 10
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-892274279-3574375534-938609954-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"QIP 2012" = QIP 2012 4.0.7102
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 18.9.2011 18:00:07 | Computer Name = Marťas-PC | Source = System Restore | ID = 8211
Description =
Error - 18.9.2011 18:30:04 | Computer Name = Marťas-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files\Common Files\Research
In Motion\AppLoader\MailServerMAPIProxy64.exe se nezdařilo. Závislé sestavení Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 18.9.2011 18:34:06 | Computer Name = Marťas-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files\Nokia\Nokia PC Suite
7\TIS_Windows7PIM.dll se nezdařilo. Závislé sestavení Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 19.9.2011 20:42:11 | Computer Name = Marťas-PC | Source = VSS | ID = 8194
Description =
Error - 20.9.2011 13:12:44 | Computer Name = Marťas-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files\Common Files\Research
In Motion\AppLoader\MailServerMAPIProxy64.exe se nezdařilo. Závislé sestavení Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 20.9.2011 13:17:02 | Computer Name = Marťas-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files\Nokia\Nokia PC Suite
7\TIS_Windows7PIM.dll se nezdařilo. Závislé sestavení Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 21.9.2011 2:27:56 | Computer Name = Marťas-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files\Common Files\Research
In Motion\AppLoader\MailServerMAPIProxy64.exe se nezdařilo. Závislé sestavení Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 21.9.2011 2:32:18 | Computer Name = Marťas-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files\Nokia\Nokia PC Suite
7\TIS_Windows7PIM.dll se nezdařilo. Závislé sestavení Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 22.9.2011 3:13:28 | Computer Name = Marťas-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files\Common Files\Research
In Motion\AppLoader\MailServerMAPIProxy64.exe se nezdařilo. Závislé sestavení Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 22.9.2011 3:17:59 | Computer Name = Marťas-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files\Nokia\Nokia PC Suite
7\TIS_Windows7PIM.dll se nezdařilo. Závislé sestavení Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 24.9.2011 3:08:27 | Computer Name = Marťas-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files\Common Files\Research
In Motion\AppLoader\MailServerMAPIProxy64.exe se nezdařilo. Závislé sestavení Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
[ OSession Events ]
Error - 18.6.2010 2:57:57 | Computer Name = Marťas-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 35973
seconds with 3240 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 25.7.2012 4:37:10 | Computer Name = Marťas-PC | Source = Service Control Manager | ID = 7000
Description = Služba HDUSB.Sys HDUSB Bulk IO test driver neuspěla při spuštění v
důsledku následující chyby: %%1058
Error - 25.7.2012 4:42:17 | Computer Name = Marťas-PC | Source = Service Control Manager | ID = 7000
Description = Služba HDUSB.Sys HDUSB Bulk IO test driver neuspěla při spuštění v
důsledku následující chyby: %%1058
Error - 25.7.2012 4:58:42 | Computer Name = Marťas-PC | Source = Service Control Manager | ID = 7000
Description = Služba HDUSB.Sys HDUSB Bulk IO test driver neuspěla při spuštění v
důsledku následující chyby: %%1058
Error - 25.7.2012 5:10:56 | Computer Name = Marťas-PC | Source = Service Control Manager | ID = 7000
Description = Služba HDUSB.Sys HDUSB Bulk IO test driver neuspěla při spuštění v
důsledku následující chyby: %%1058
Error - 25.7.2012 5:15:52 | Computer Name = Marťas-PC | Source = Service Control Manager | ID = 7000
Description = Služba HDUSB.Sys HDUSB Bulk IO test driver neuspěla při spuštění v
důsledku následující chyby: %%1058
Error - 25.7.2012 5:18:39 | Computer Name = Marťas-PC | Source = Service Control Manager | ID = 7000
Description = Služba HDUSB.Sys HDUSB Bulk IO test driver neuspěla při spuštění v
důsledku následující chyby: %%1058
Error - 25.7.2012 10:09:38 | Computer Name = Marťas-PC | Source = Service Control Manager | ID = 7000
Description = Služba HDUSB.Sys HDUSB Bulk IO test driver neuspěla při spuštění v
důsledku následující chyby: %%1058
Error - 25.7.2012 14:17:14 | Computer Name = Marťas-PC | Source = Service Control Manager | ID = 7000
Description = Služba HDUSB.Sys HDUSB Bulk IO test driver neuspěla při spuštění v
důsledku následující chyby: %%1058
Error - 25.7.2012 16:10:14 | Computer Name = Marťas-PC | Source = volsnap | ID = 393252
Description = Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného
uživatelem se nepodařilo zvětšit úložiště stínové kopie.
Error - 26.7.2012 2:11:16 | Computer Name = Marťas-PC | Source = Service Control Manager | ID = 7000
Description = Služba HDUSB.Sys HDUSB Bulk IO test driver neuspěla při spuštění v
důsledku následující chyby: %%1058
< End of report >
Re: prosím o preventivku
Nasledujici soubory otestujte na VirusTotalu https://www.virustotal.com/cs/
- C:\PhysicalMBR.bin
- Kliknete na Choose file
- Soubor nehledejte, jen vlozte cestu souboru, ktery chci otestovat
- Kliknete na Scan It
- Pokud na Vas vyskoci obrazovka jako je nize, tak kliknete na ReAnalyse
- Vysledek analyzy sem vlozte (jako odkaz)
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
jjeennddaa
- Návštěvník
- Příspěvky: 71
- Registrován: 03 bře 2007 17:58
Re: prosím o preventivku
obrazovka na mě nevyskočila. tady je odkaz https://www.virustotal.com/file/d30b2a1 ... 343288114/
-
jjeennddaa
- Návštěvník
- Příspěvky: 71
- Registrován: 03 bře 2007 17:58
Re: prosím o preventivku
vypadá to asi čistě ne? a ještě co mě hodně štve je program rsrwin.exe furt je v nabídce po spuštětní. i když jse ho odstranil z registrů a uplně odevšad kde jsem ho našel po restartuje je zase zpátky.
Re: prosím o preventivku
Stahnete SytemLook http://jpshortstuff.247fixes.com/SystemLook.exe a ulozte jej na plochu
- Do okna vlozte skript nize
Kód: Vybrat vše
:filefind rsrwin.exe- Kliknete na Look
- Tlacitko Look se zmeni na Scanning a zsedne
- Pockejte pokud se tlacitko Scanning opet nezmeni na Look - tak poznate ze SystemLook dokoncil svou praci
- Vyskoci na Vas log s nazvem SystemLook (pripadne bude ulozen na plose), jeho obsah mi sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
jjeennddaa
- Návštěvník
- Příspěvky: 71
- Registrován: 03 bře 2007 17:58
Re: prosím o preventivku
SystemLook 30.07.11 by jpshortstuff
Log created at 22:50 on 26/07/2012 by Marťas
Administrator - Elevation successful
========== filefind ==========
Searching for "rsrwin.exe"
No files found.
-= EOF =-
Log created at 22:50 on 26/07/2012 by Marťas
Administrator - Elevation successful
========== filefind ==========
Searching for "rsrwin.exe"
No files found.
-= EOF =-
Re: prosím o preventivku
Spustte znovu OTL
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
:otl DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\VBoxNetFlt.sys -- (VBoxNetFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbmodem.sys -- (USBModem) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbdiag.sys -- (UsbDiag) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbbus.sys -- (usbbus) DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\RimUsb.sys -- (RimUsb) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgvmodem.sys -- (LGVMODEM) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgbtbus.sys -- (lgbusenum) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgbtport.sys -- (LgBttPort) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\GIGABYTE\ET6\i386\AODDriver.sys -- (AODDriver) IE - HKLM\..\SearchScopes,DefaultScope = {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}: "URL" = http://search.qip.ru/?query={searchTerms} IE - HKLM\..\SearchScopes\{b0441a0e-a49a-4e16-afc1-74ecced1921f}: "URL" = http://search.mywebsearch.com/mywebsear ... searchfor={searchTerms} IE - HKU\S-1-5-21-892274279-3574375534-938609954-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru IE - HKU\S-1-5-21-892274279-3574375534-938609954-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru IE - HKU\S-1-5-21-892274279-3574375534-938609954-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie IE - HKU\S-1-5-21-892274279-3574375534-938609954-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru IE - HKU\S-1-5-21-892274279-3574375534-938609954-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com/ IE - HKU\S-1-5-21-892274279-3574375534-938609954-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 23 D0 B5 D7 43 FC CA 01 [binary data] IE - HKU\S-1-5-21-892274279-3574375534-938609954-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-892274279-3574375534-938609954-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC O2 - BHO: (no name) - {6B5863A0-C43F-4C0A-982B-CC0E9125783F} - No CLSID value found. O4 - HKU\.DEFAULT..\Run: [RSRWin.exe] C:\Windows\RSRWin.exe File not found O4 - HKU\S-1-5-18..\Run: [RSRWin.exe] C:\Windows\RSRWin.exe File not found O4 - HKU\S-1-5-19..\Run: [RSRWin.exe] C:\Windows\RSRWin.exe File not found O4 - HKU\S-1-5-20..\Run: [RSRWin.exe] C:\Windows\RSRWin.exe File not found O4 - HKU\S-1-5-21-892274279-3574375534-938609954-1000..\Run: [RSRWin.exe] C:\Windows\RSRWin.exe File not found O13 - gopher Prefix: missing O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O33 - MountPoints2\{23ec19a4-5bfb-11e1-950b-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{4217567c-1c80-11e0-9b5a-6cf0492e15f6}\Shell - "" = AutoRun O33 - MountPoints2\{7dafd159-9889-11df-90a5-6cf0492e15f6}\Shell - "" = AutoRun O33 - MountPoints2\{872517fc-1e52-11e1-8717-6cf0492e15f6}\Shell - "" = AutoRun O33 - MountPoints2\{ac9772ae-6898-11df-9c19-6cf0492e15f6}\Shell - "" = AutoRun [6 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ] [6 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ] [2012.07.25 21:50:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job [2012.07.26 08:11:34 | 000,000,936 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [2012.07.26 08:21:05 | 000,000,940 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job :services gupdate gupdatem :reg [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"=- [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnUpdater] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\B2C_AGENT] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDFab Passkey] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDFab VDrive] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Infium] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesHelper] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware (reboot)] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MapsGalaxy Search Scope Monitor] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MapsGalaxy_39 Browser Plugin Loader] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NSU_agent] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QIP Internet Guardian] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl11] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RSRWin.exe] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ServeurIPAsde] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Seznam Postak] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk] :files C:\Program Files\Ask.com %windir%\system32\*.tmp.dll /s %windir%\system32\SET*.tmp /s %windir%\*.tmp :commands [RESETHOSTS] [EMPTYTEMP] [EMPTYFLASH] [EMPTYJAVA]- Nasledne kliknete na Opravit
- PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
jjeennddaa
- Návštěvník
- Příspěvky: 71
- Registrován: 03 bře 2007 17:58
Re: prosím o preventivku
All processes killed
========== OTL ==========
Service VBoxNetFlt stopped successfully!
Service VBoxNetFlt deleted successfully!
File system32\DRIVERS\VBoxNetFlt.sys not found.
Service USBModem stopped successfully!
Service USBModem deleted successfully!
File system32\DRIVERS\lgusbmodem.sys not found.
Service UsbDiag stopped successfully!
Service UsbDiag deleted successfully!
File system32\DRIVERS\lgusbdiag.sys not found.
Service usbbus stopped successfully!
Service usbbus deleted successfully!
File system32\DRIVERS\lgusbbus.sys not found.
Service RimUsb stopped successfully!
Service RimUsb deleted successfully!
File System32\Drivers\RimUsb.sys not found.
Service LGVMODEM stopped successfully!
Service LGVMODEM deleted successfully!
File system32\DRIVERS\lgvmodem.sys not found.
Service lgbusenum stopped successfully!
Service lgbusenum deleted successfully!
File system32\DRIVERS\lgbtbus.sys not found.
Service LgBttPort stopped successfully!
Service LgBttPort deleted successfully!
File system32\DRIVERS\lgbtport.sys not found.
Service gdrv stopped successfully!
Service gdrv deleted successfully!
File C:\Windows\gdrv.sys not found.
Service AODDriver stopped successfully!
Service AODDriver deleted successfully!
File C:\Program Files\GIGABYTE\ET6\i386\AODDriver.sys not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{b0441a0e-a49a-4e16-afc1-74ecced1921f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b0441a0e-a49a-4e16-afc1-74ecced1921f}\ not found.
HKU\S-1-5-21-892274279-3574375534-938609954-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKU\S-1-5-21-892274279-3574375534-938609954-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL| /E : value set successfully!
HKU\S-1-5-21-892274279-3574375534-938609954-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar| /E : value set successfully!
HKU\S-1-5-21-892274279-3574375534-938609954-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKU\S-1-5-21-892274279-3574375534-938609954-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\S-1-5-21-892274279-3574375534-938609954-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP| /E : value set successfully!
HKEY_USERS\S-1-5-21-892274279-3574375534-938609954-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-892274279-3574375534-938609954-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6B5863A0-C43F-4C0A-982B-CC0E9125783F}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6B5863A0-C43F-4C0A-982B-CC0E9125783F}\ deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\RSRWin.exe deleted successfully.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\RSRWin.exe not found.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run\\RSRWin.exe deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run\\RSRWin.exe deleted successfully.
Registry value HKEY_USERS\S-1-5-21-892274279-3574375534-938609954-1000\Software\Microsoft\Windows\CurrentVersion\Run\\RSRWin.exe deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{23ec19a4-5bfb-11e1-950b-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{23ec19a4-5bfb-11e1-950b-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4217567c-1c80-11e0-9b5a-6cf0492e15f6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4217567c-1c80-11e0-9b5a-6cf0492e15f6}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7dafd159-9889-11df-90a5-6cf0492e15f6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7dafd159-9889-11df-90a5-6cf0492e15f6}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{872517fc-1e52-11e1-8717-6cf0492e15f6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872517fc-1e52-11e1-8717-6cf0492e15f6}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ac9772ae-6898-11df-9c19-6cf0492e15f6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ac9772ae-6898-11df-9c19-6cf0492e15f6}\ not found.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2B15.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3A8F.tmp\Narrator.exe deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3A8F.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5E64.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8545.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP905C.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPCF8E.tmp folder deleted successfully.
C:\Windows\Installer\MSI25FA.tmp deleted successfully.
C:\Windows\Installer\MSI6144.tmp deleted successfully.
C:\Windows\Installer\MSI6229.tmp deleted successfully.
C:\Windows\Installer\MSI926.tmp deleted successfully.
C:\Windows\Installer\MSIC6DB.tmp deleted successfully.
C:\Windows\Installer\MSIF670.tmp deleted successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
========== SERVICES/DRIVERS ==========
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnUpdater\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\B2C_AGENT\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDFab Passkey\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDFab VDrive\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Infium\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesHelper\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware (reboot)\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MapsGalaxy Search Scope Monitor\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MapsGalaxy_39 Browser Plugin Loader\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NSU_agent\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QIP Internet Guardian\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl11\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RSRWin.exe\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ServeurIPAsde\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Seznam Postak\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk\ deleted successfully.
========== FILES ==========
File\Folder C:\Program Files\Ask.com not found.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Marťas
->Temp folder emptied: 34802375 bytes
->Temporary Internet Files folder emptied: 11523706 bytes
->Java cache emptied: 5096412 bytes
->FireFox cache emptied: 757749586 bytes
->Flash cache emptied: 6822 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 18721 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 772,00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Marťas
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0,00 mb
[EMPTYJAVA]
User: All Users
User: Default
User: Default User
User: Marťas
->Java cache emptied: 0 bytes
User: Public
Total Java Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.54.1 log created on 07272012_081030
Files\Folders moved on Reboot...
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
PendingFileRenameOperations files...
[2012.07.27 08:13:57 | 000,000,000 | ---- | M] () C:\Windows\temp\_avast_\Webshlock.txt : Unable to obtain MD5
Registry entries deleted on Reboot...
========== OTL ==========
Service VBoxNetFlt stopped successfully!
Service VBoxNetFlt deleted successfully!
File system32\DRIVERS\VBoxNetFlt.sys not found.
Service USBModem stopped successfully!
Service USBModem deleted successfully!
File system32\DRIVERS\lgusbmodem.sys not found.
Service UsbDiag stopped successfully!
Service UsbDiag deleted successfully!
File system32\DRIVERS\lgusbdiag.sys not found.
Service usbbus stopped successfully!
Service usbbus deleted successfully!
File system32\DRIVERS\lgusbbus.sys not found.
Service RimUsb stopped successfully!
Service RimUsb deleted successfully!
File System32\Drivers\RimUsb.sys not found.
Service LGVMODEM stopped successfully!
Service LGVMODEM deleted successfully!
File system32\DRIVERS\lgvmodem.sys not found.
Service lgbusenum stopped successfully!
Service lgbusenum deleted successfully!
File system32\DRIVERS\lgbtbus.sys not found.
Service LgBttPort stopped successfully!
Service LgBttPort deleted successfully!
File system32\DRIVERS\lgbtport.sys not found.
Service gdrv stopped successfully!
Service gdrv deleted successfully!
File C:\Windows\gdrv.sys not found.
Service AODDriver stopped successfully!
Service AODDriver deleted successfully!
File C:\Program Files\GIGABYTE\ET6\i386\AODDriver.sys not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{b0441a0e-a49a-4e16-afc1-74ecced1921f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b0441a0e-a49a-4e16-afc1-74ecced1921f}\ not found.
HKU\S-1-5-21-892274279-3574375534-938609954-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKU\S-1-5-21-892274279-3574375534-938609954-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL| /E : value set successfully!
HKU\S-1-5-21-892274279-3574375534-938609954-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar| /E : value set successfully!
HKU\S-1-5-21-892274279-3574375534-938609954-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKU\S-1-5-21-892274279-3574375534-938609954-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\S-1-5-21-892274279-3574375534-938609954-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP| /E : value set successfully!
HKEY_USERS\S-1-5-21-892274279-3574375534-938609954-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-892274279-3574375534-938609954-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6B5863A0-C43F-4C0A-982B-CC0E9125783F}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6B5863A0-C43F-4C0A-982B-CC0E9125783F}\ deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\RSRWin.exe deleted successfully.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\RSRWin.exe not found.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run\\RSRWin.exe deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run\\RSRWin.exe deleted successfully.
Registry value HKEY_USERS\S-1-5-21-892274279-3574375534-938609954-1000\Software\Microsoft\Windows\CurrentVersion\Run\\RSRWin.exe deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{23ec19a4-5bfb-11e1-950b-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{23ec19a4-5bfb-11e1-950b-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4217567c-1c80-11e0-9b5a-6cf0492e15f6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4217567c-1c80-11e0-9b5a-6cf0492e15f6}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7dafd159-9889-11df-90a5-6cf0492e15f6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7dafd159-9889-11df-90a5-6cf0492e15f6}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{872517fc-1e52-11e1-8717-6cf0492e15f6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872517fc-1e52-11e1-8717-6cf0492e15f6}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ac9772ae-6898-11df-9c19-6cf0492e15f6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ac9772ae-6898-11df-9c19-6cf0492e15f6}\ not found.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2B15.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3A8F.tmp\Narrator.exe deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3A8F.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5E64.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8545.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP905C.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPCF8E.tmp folder deleted successfully.
C:\Windows\Installer\MSI25FA.tmp deleted successfully.
C:\Windows\Installer\MSI6144.tmp deleted successfully.
C:\Windows\Installer\MSI6229.tmp deleted successfully.
C:\Windows\Installer\MSI926.tmp deleted successfully.
C:\Windows\Installer\MSIC6DB.tmp deleted successfully.
C:\Windows\Installer\MSIF670.tmp deleted successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
========== SERVICES/DRIVERS ==========
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnUpdater\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\B2C_AGENT\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDFab Passkey\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDFab VDrive\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Infium\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesHelper\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware (reboot)\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MapsGalaxy Search Scope Monitor\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MapsGalaxy_39 Browser Plugin Loader\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NSU_agent\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QIP Internet Guardian\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl11\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RSRWin.exe\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ServeurIPAsde\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Seznam Postak\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk\ deleted successfully.
========== FILES ==========
File\Folder C:\Program Files\Ask.com not found.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Marťas
->Temp folder emptied: 34802375 bytes
->Temporary Internet Files folder emptied: 11523706 bytes
->Java cache emptied: 5096412 bytes
->FireFox cache emptied: 757749586 bytes
->Flash cache emptied: 6822 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 18721 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 772,00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Marťas
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0,00 mb
[EMPTYJAVA]
User: All Users
User: Default
User: Default User
User: Marťas
->Java cache emptied: 0 bytes
User: Public
Total Java Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.54.1 log created on 07272012_081030
Files\Folders moved on Reboot...
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
PendingFileRenameOperations files...
[2012.07.27 08:13:57 | 000,000,000 | ---- | M] () C:\Windows\temp\_avast_\Webshlock.txt : Unable to obtain MD5
Registry entries deleted on Reboot...
Re: prosím o preventivku
Jak se chova nas pacient 
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
jjeennddaa
- Návštěvník
- Příspěvky: 71
- Registrován: 03 bře 2007 17:58
Re: prosím o preventivku
Pacient je ok. akorát ten rsrwin pořáda nezmizel z registrů.
Re: prosím o preventivku
Odnekud se musi natahovat, jelikoz i OTL jej mazalo 
PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
- Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
- Pokud mate Win XP spustte pod uctem Spravce\Administratora
- Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
- Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
- Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
- Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
- Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
- Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
- Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
jjeennddaa
- Návštěvník
- Příspěvky: 71
- Registrován: 03 bře 2007 17:58
Re: prosím o preventivku
ComboFix 12-07-27.03 - Marťas 28.07.2012 12:12:40.1.2 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.2972.1626 [GMT 2:00]
Spuštěný z: c:\users\MarŁas\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\2037CFAF9D.sys
c:\windows\iun6002.exe
c:\windows\PFRO.log
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\drivers\hdusb.sys
c:\windows\system32\muzapp.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_HDUSB
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-06-28 do 2012-07-28 )))))))))))))))))))))))))))))))
.
.
2012-07-28 01:39 . 2012-07-28 01:39 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{10088737-052A-417B-87BA-1049172930FB}\offreg.dll
2012-07-28 01:38 . 2012-06-29 08:44 6891424 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{10088737-052A-417B-87BA-1049172930FB}\mpengine.dll
2012-07-27 06:10 . 2012-07-27 06:10 -------- d-----w- C:\_OTL
2012-07-27 06:00 . 2012-07-27 06:00 119808 ----a-r- c:\users\Marťas\AppData\Roaming\Microsoft\Installer\{CCF298AF-9CE1-4B26-B251-486E98A34789}\icons.exe
2012-07-27 06:00 . 2012-07-27 06:00 -------- d-----w- c:\users\Marťas\AppData\Local\Apps
2012-07-27 05:56 . 2012-07-27 05:56 -------- d-----w- C:\DriveKey
2012-07-27 05:55 . 2001-09-05 02:18 225280 ----a-w- c:\program files\Common Files\InstallShield\IScript\iscript.dll
2012-07-27 05:55 . 2001-09-05 02:18 77824 ----a-w- c:\program files\Common Files\InstallShield\engine\6\Intel 32\ctor.dll
2012-07-27 05:55 . 2001-09-05 02:14 176128 ----a-w- c:\program files\Common Files\InstallShield\engine\6\Intel 32\iuser.dll
2012-07-27 05:55 . 2001-09-05 02:13 32768 ----a-w- c:\program files\Common Files\InstallShield\engine\6\Intel 32\objectps.dll
2012-07-27 05:55 . 2001-09-05 01:24 610436 ----a-w- c:\program files\Common Files\InstallShield\engine\6\Intel 32\IKernel.exe
2012-07-26 06:19 . 2012-07-26 06:19 512 ----a-w- C:\PhysicalMBR.bin
2012-07-25 09:09 . 2009-08-03 22:31 3948600 ----a-r- c:\windows\system32\ntkrlStaforce.exe
2012-07-22 09:24 . 2012-07-22 09:24 -------- d-----w- c:\users\Marťas\AppData\Local\Adobe
2012-07-11 21:36 . 2012-06-12 02:40 2345984 ----a-w- c:\windows\system32\win32k.sys
2012-07-08 05:01 . 2012-07-08 05:01 -------- d-----w- c:\program files\Common Files\Skype
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-27 17:50 . 2012-04-06 04:50 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-07-27 17:50 . 2011-05-19 16:10 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-07-27 06:00 . 2012-07-27 06:00 119808 ----a-r- c:\users\Marťas\AppData\Roaming\Microsoft\Installer\{CCF298AF-9CE1-4B26-B251-486E98A34789}\icons.exe
2012-07-27 06:00 . 2012-07-27 06:00 119808 ----a-r- c:\users\Marťas\AppData\Roaming\Microsoft\Installer\{CCF298AF-9CE1-4B26-B251-486E98A34789}\icons.exe
2012-07-03 16:21 . 2010-05-26 07:08 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-07-03 16:21 . 2012-03-25 06:57 44784 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-07-03 16:21 . 2011-06-08 06:11 721000 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-07-03 16:21 . 2010-05-26 07:08 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-07-03 16:21 . 2010-05-26 07:08 353688 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-07-03 16:21 . 2010-05-26 07:07 57656 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-07-03 16:21 . 2010-06-29 08:30 41224 ----a-w- c:\windows\avastSS.scr
2012-07-03 16:21 . 2010-05-26 07:07 227648 ----a-w- c:\windows\system32\aswBoot.exe
2012-06-25 14:04 . 2012-06-25 14:04 1394248 ----a-w- c:\windows\system32\msxml4.dll
2012-06-02 22:19 . 2012-06-22 17:30 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-22 17:30 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-22 17:30 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-22 17:30 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:19 . 2012-06-22 17:30 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:12 . 2012-06-22 17:30 2422272 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:12 . 2012-06-22 17:30 88576 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 13:19 . 2012-06-22 17:29 171904 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 13:12 . 2012-06-22 17:29 33792 ----a-w- c:\windows\system32\wuapp.exe
2012-06-02 04:40 . 2012-07-11 15:28 225280 ----a-w- c:\windows\system32\schannel.dll
2012-05-31 10:25 . 2010-05-25 19:49 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-05-12 07:58 . 2010-09-01 15:58 2516 --sha-w- c:\programdata\KGyGaAvL.sys
2012-05-01 04:44 . 2012-06-13 04:25 164352 ----a-w- c:\windows\system32\profsvc.dll
2012-07-18 18:00 . 2011-03-22 18:30 136672 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-07-03 16:21 121528 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Seznam Postak"="c:\program files\Seznam.cz\bin\postak.exe" [2012-01-10 491040]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2012-07-03 4273976]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-04-05 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-04-05 175640]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-04-05 169496]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-06-25 7547424]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 09:44 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2010-04-05 11:35 141848 ------w- c:\windows\System32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2010-04-05 11:35 169496 ------w- c:\windows\System32\igfxpers.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel]
2009-06-25 06:07 1833504 ----a-w- c:\program files\Realtek\Audio\HDA\SkyTel.exe
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ICQ"="c:\program files\ICQ7.2\ICQ.exe" silent loginmode=4
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"hpqSRMon"=c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe
"HP Software Update"=c:\program files\HP\HP Software Update\HPWuSchd2.exe
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"NeroFilterCheck"=c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
"Persistence"=c:\windows\system32\igfxpers.exe
"HotKeysCmds"=c:\windows\system32\hkcmd.exe
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
.
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [x]
R3 etdrv;etdrv;c:\windows\etdrv.sys [x]
R3 GVTDrv;GVTDrv;c:\windows\system32\Drivers\GVTDrv.sys [x]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys [x]
R3 StkTMini;Syntek AVStream USB2.0 ATV;c:\windows\system32\Drivers\StkTMini.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 CLHNServiceForPowerDVD;CLHNServiceForPowerDVD;c:\program files\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [x]
R4 CyberLink PowerDVD 11.0 Monitor Service;CyberLink PowerDVD 11.0 Monitor Service;c:\program files\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [x]
R4 CyberLink PowerDVD 11.0 Service;CyberLink PowerDVD 11.0 Service;c:\program files\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dvdfabio;dvdfabio;c:\windows\system32\drivers\dvdfabio.sys [x]
S2 {329F96B6-DF1E-4328-BFDA-39EA953C1312};Power Control [2011/10/30 10:08];c:\program files\CyberLink\PowerDVD11\Common\NavFilter\000.fcl [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 ntk_PowerDVD;ntk_PowerDVD;c:\program files\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD.sys [x]
S2 RegServ;RegServ;c:\windows\srntservice.exe [x]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
S3 vdrive;vdrive;c:\windows\system32\DRIVERS\vdrive.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
Obsah adresáře 'Naplánované úlohy'
.
2012-07-28 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-06 17:50]
.
.
------- Doplňkový sken -------
.
uStart Page =
uDefault_Search_URL =
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
FF - ProfilePath - c:\users\Marťas\AppData\Roaming\Mozilla\Firefox\Profiles\s8dfs4ux.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/firefox?client=firefox-a& ... s:official
FF - prefs.js: keyword.URL - hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?st=kwd&ptb=2DCF44D7-4E98-4867-AA86-7527DCDB05E9&n=77eda394&ind=2012062612&id=UXxdm015YYcz&ptnrS=UXxdm015YYcz&si=maps4pc&searchfor=
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKCU-Run-RSRWin.exe - c:\windows\RSRWin.exe
HKU-Default-Run-RSRWin.exe - c:\windows\RSRWin.exe
MSConfigStartUp-StartCCC - c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
MSConfigStartUp-TDSReanimator - c:\program files\Common Files\Teradyne\TDSReanimator.exe
MSConfigStartUp-UVS10 Preload - c:\program files\Ulead Systems\Ulead VideoStudio SE DVD\uvPL.exe
MSConfigStartUp-UVS11 Preload - c:\program files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe
AddRemove-BlueVoda_Website_Builder_1.0 - c:\windows\iun6002.exe
AddRemove-Cool's_Codec_pack_4.12 - c:\windows\iun6002.exe
AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-05_Sloan - c:\program files\Samsung\USB Drivers\05_Sloan\Uninstall.exe
AddRemove-06_Spencer - c:\program files\Samsung\USB Drivers\06_Spencer\Uninstall.exe
AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-08_EMPChipset - c:\program files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe
AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-17_EMP_Chipset2 - c:\program files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe
AddRemove-18_Zinia_Serial_Driver - c:\program files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe
AddRemove-19_VIA_driver - c:\program files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-21_Searsburg - c:\program files\Samsung\USB Drivers\21_Searsburg\Uninstall.exe
AddRemove-22_WiBro_WiMAX - c:\program files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe
AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{329F96B6-DF1E-4328-BFDA-39EA953C1312}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD11\Common\NavFilter\000.fcl"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\windows\system32\taskhost.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
c:\program files\Google\Update\GoogleUpdate.exe
c:\program files\Common Files\Protexis\License Service\PsiService_2.exe
c:\windows\system32\conhost.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Celkový čas: 2012-07-28 12:25:37 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-07-28 10:25
.
Před spuštěním: Volných bajtů: 80 340 729 856
Po spuštění: Volných bajtů: 80 037 498 880
.
- - End Of File - - F377166E99C7611660F8C1611AA3CF59
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.2972.1626 [GMT 2:00]
Spuštěný z: c:\users\MarŁas\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\2037CFAF9D.sys
c:\windows\iun6002.exe
c:\windows\PFRO.log
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\drivers\hdusb.sys
c:\windows\system32\muzapp.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_HDUSB
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-06-28 do 2012-07-28 )))))))))))))))))))))))))))))))
.
.
2012-07-28 01:39 . 2012-07-28 01:39 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{10088737-052A-417B-87BA-1049172930FB}\offreg.dll
2012-07-28 01:38 . 2012-06-29 08:44 6891424 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{10088737-052A-417B-87BA-1049172930FB}\mpengine.dll
2012-07-27 06:10 . 2012-07-27 06:10 -------- d-----w- C:\_OTL
2012-07-27 06:00 . 2012-07-27 06:00 119808 ----a-r- c:\users\Marťas\AppData\Roaming\Microsoft\Installer\{CCF298AF-9CE1-4B26-B251-486E98A34789}\icons.exe
2012-07-27 06:00 . 2012-07-27 06:00 -------- d-----w- c:\users\Marťas\AppData\Local\Apps
2012-07-27 05:56 . 2012-07-27 05:56 -------- d-----w- C:\DriveKey
2012-07-27 05:55 . 2001-09-05 02:18 225280 ----a-w- c:\program files\Common Files\InstallShield\IScript\iscript.dll
2012-07-27 05:55 . 2001-09-05 02:18 77824 ----a-w- c:\program files\Common Files\InstallShield\engine\6\Intel 32\ctor.dll
2012-07-27 05:55 . 2001-09-05 02:14 176128 ----a-w- c:\program files\Common Files\InstallShield\engine\6\Intel 32\iuser.dll
2012-07-27 05:55 . 2001-09-05 02:13 32768 ----a-w- c:\program files\Common Files\InstallShield\engine\6\Intel 32\objectps.dll
2012-07-27 05:55 . 2001-09-05 01:24 610436 ----a-w- c:\program files\Common Files\InstallShield\engine\6\Intel 32\IKernel.exe
2012-07-26 06:19 . 2012-07-26 06:19 512 ----a-w- C:\PhysicalMBR.bin
2012-07-25 09:09 . 2009-08-03 22:31 3948600 ----a-r- c:\windows\system32\ntkrlStaforce.exe
2012-07-22 09:24 . 2012-07-22 09:24 -------- d-----w- c:\users\Marťas\AppData\Local\Adobe
2012-07-11 21:36 . 2012-06-12 02:40 2345984 ----a-w- c:\windows\system32\win32k.sys
2012-07-08 05:01 . 2012-07-08 05:01 -------- d-----w- c:\program files\Common Files\Skype
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-27 17:50 . 2012-04-06 04:50 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-07-27 17:50 . 2011-05-19 16:10 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-07-27 06:00 . 2012-07-27 06:00 119808 ----a-r- c:\users\Marťas\AppData\Roaming\Microsoft\Installer\{CCF298AF-9CE1-4B26-B251-486E98A34789}\icons.exe
2012-07-27 06:00 . 2012-07-27 06:00 119808 ----a-r- c:\users\Marťas\AppData\Roaming\Microsoft\Installer\{CCF298AF-9CE1-4B26-B251-486E98A34789}\icons.exe
2012-07-03 16:21 . 2010-05-26 07:08 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-07-03 16:21 . 2012-03-25 06:57 44784 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-07-03 16:21 . 2011-06-08 06:11 721000 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-07-03 16:21 . 2010-05-26 07:08 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-07-03 16:21 . 2010-05-26 07:08 353688 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-07-03 16:21 . 2010-05-26 07:07 57656 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-07-03 16:21 . 2010-06-29 08:30 41224 ----a-w- c:\windows\avastSS.scr
2012-07-03 16:21 . 2010-05-26 07:07 227648 ----a-w- c:\windows\system32\aswBoot.exe
2012-06-25 14:04 . 2012-06-25 14:04 1394248 ----a-w- c:\windows\system32\msxml4.dll
2012-06-02 22:19 . 2012-06-22 17:30 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-22 17:30 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-22 17:30 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-22 17:30 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:19 . 2012-06-22 17:30 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:12 . 2012-06-22 17:30 2422272 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:12 . 2012-06-22 17:30 88576 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 13:19 . 2012-06-22 17:29 171904 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 13:12 . 2012-06-22 17:29 33792 ----a-w- c:\windows\system32\wuapp.exe
2012-06-02 04:40 . 2012-07-11 15:28 225280 ----a-w- c:\windows\system32\schannel.dll
2012-05-31 10:25 . 2010-05-25 19:49 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-05-12 07:58 . 2010-09-01 15:58 2516 --sha-w- c:\programdata\KGyGaAvL.sys
2012-05-01 04:44 . 2012-06-13 04:25 164352 ----a-w- c:\windows\system32\profsvc.dll
2012-07-18 18:00 . 2011-03-22 18:30 136672 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-07-03 16:21 121528 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Seznam Postak"="c:\program files\Seznam.cz\bin\postak.exe" [2012-01-10 491040]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2012-07-03 4273976]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-04-05 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-04-05 175640]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-04-05 169496]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-06-25 7547424]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 09:44 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2010-04-05 11:35 141848 ------w- c:\windows\System32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2010-04-05 11:35 169496 ------w- c:\windows\System32\igfxpers.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel]
2009-06-25 06:07 1833504 ----a-w- c:\program files\Realtek\Audio\HDA\SkyTel.exe
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ICQ"="c:\program files\ICQ7.2\ICQ.exe" silent loginmode=4
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"hpqSRMon"=c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe
"HP Software Update"=c:\program files\HP\HP Software Update\HPWuSchd2.exe
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"NeroFilterCheck"=c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
"Persistence"=c:\windows\system32\igfxpers.exe
"HotKeysCmds"=c:\windows\system32\hkcmd.exe
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
.
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [x]
R3 etdrv;etdrv;c:\windows\etdrv.sys [x]
R3 GVTDrv;GVTDrv;c:\windows\system32\Drivers\GVTDrv.sys [x]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys [x]
R3 StkTMini;Syntek AVStream USB2.0 ATV;c:\windows\system32\Drivers\StkTMini.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 CLHNServiceForPowerDVD;CLHNServiceForPowerDVD;c:\program files\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [x]
R4 CyberLink PowerDVD 11.0 Monitor Service;CyberLink PowerDVD 11.0 Monitor Service;c:\program files\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [x]
R4 CyberLink PowerDVD 11.0 Service;CyberLink PowerDVD 11.0 Service;c:\program files\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dvdfabio;dvdfabio;c:\windows\system32\drivers\dvdfabio.sys [x]
S2 {329F96B6-DF1E-4328-BFDA-39EA953C1312};Power Control [2011/10/30 10:08];c:\program files\CyberLink\PowerDVD11\Common\NavFilter\000.fcl [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 ntk_PowerDVD;ntk_PowerDVD;c:\program files\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD.sys [x]
S2 RegServ;RegServ;c:\windows\srntservice.exe [x]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
S3 vdrive;vdrive;c:\windows\system32\DRIVERS\vdrive.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
Obsah adresáře 'Naplánované úlohy'
.
2012-07-28 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-06 17:50]
.
.
------- Doplňkový sken -------
.
uStart Page =
uDefault_Search_URL =
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
FF - ProfilePath - c:\users\Marťas\AppData\Roaming\Mozilla\Firefox\Profiles\s8dfs4ux.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/firefox?client=firefox-a& ... s:official
FF - prefs.js: keyword.URL - hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?st=kwd&ptb=2DCF44D7-4E98-4867-AA86-7527DCDB05E9&n=77eda394&ind=2012062612&id=UXxdm015YYcz&ptnrS=UXxdm015YYcz&si=maps4pc&searchfor=
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKCU-Run-RSRWin.exe - c:\windows\RSRWin.exe
HKU-Default-Run-RSRWin.exe - c:\windows\RSRWin.exe
MSConfigStartUp-StartCCC - c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
MSConfigStartUp-TDSReanimator - c:\program files\Common Files\Teradyne\TDSReanimator.exe
MSConfigStartUp-UVS10 Preload - c:\program files\Ulead Systems\Ulead VideoStudio SE DVD\uvPL.exe
MSConfigStartUp-UVS11 Preload - c:\program files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe
AddRemove-BlueVoda_Website_Builder_1.0 - c:\windows\iun6002.exe
AddRemove-Cool's_Codec_pack_4.12 - c:\windows\iun6002.exe
AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-05_Sloan - c:\program files\Samsung\USB Drivers\05_Sloan\Uninstall.exe
AddRemove-06_Spencer - c:\program files\Samsung\USB Drivers\06_Spencer\Uninstall.exe
AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-08_EMPChipset - c:\program files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe
AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-17_EMP_Chipset2 - c:\program files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe
AddRemove-18_Zinia_Serial_Driver - c:\program files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe
AddRemove-19_VIA_driver - c:\program files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-21_Searsburg - c:\program files\Samsung\USB Drivers\21_Searsburg\Uninstall.exe
AddRemove-22_WiBro_WiMAX - c:\program files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe
AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{329F96B6-DF1E-4328-BFDA-39EA953C1312}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD11\Common\NavFilter\000.fcl"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\windows\system32\taskhost.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
c:\program files\Google\Update\GoogleUpdate.exe
c:\program files\Common Files\Protexis\License Service\PsiService_2.exe
c:\windows\system32\conhost.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Celkový čas: 2012-07-28 12:25:37 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-07-28 10:25
.
Před spuštěním: Volných bajtů: 80 340 729 856
Po spuštění: Volných bajtů: 80 037 498 880
.
- - End Of File - - F377166E99C7611660F8C1611AA3CF59
Přispějete na provoz fóra?