Prosím o preventivní kontrolu logu z RSIT.
Díky
Logfile of random's system information tool 1.09 (written by random/random)
Run by Honza at 2013-10-13 21:39:01
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 7 GB (22%) free of 34 GB
Total RAM: 760 MB (19% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:39:32, on 13.10.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16635)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\SOUNDMAN.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\TP-LINK\COMMON\TWCU.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Wise\Wise Care 365\WiseTray.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\taskeng.exe
C:\Users\Honza\Downloads\Nemazat antiviry\RSIT.exe
C:\Program Files\trend micro\Honza.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {124d001a-bdcb-472f-aa59-bbe7e4bc3204} - (no file)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [T-Mobile CManager] "C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: TP-LINK Wireless Utility.lnk = C:\Program Files\TP-LINK\COMMON\TWCU.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{1C501349-9D92-2FB6-6C78-53ACC94F814A}: NameServer = 93.153.117.1 93.153.117.33
O17 - HKLM\System\CCS\Services\Tcpip\..\{729BB17F-6842-49A5-9DE8-605DC3D55EFE}: NameServer =
O17 - HKLM\System\CCS\Services\Tcpip\..\{F3918571-037A-47BE-87C5-F43E20E26027}: NameServer =
O17 - HKLM\System\CS1\Services\Tcpip\..\{1C501349-9D92-2FB6-6C78-53ACC94F814A}: NameServer = 93.153.117.1 93.153.117.33
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Users\Honza\AppData\Local\DProtect\eBP.dll,C:\Users\Honza\AppData\Local\DProtect\eBPSD.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Ralink Registry Writer (RalinkRegistryWriter) - Ralink Technology, Corp. - C:\Program Files\TP-LINK\COMMON\RaRegistry.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SmartLinkService (SLService) - - C:\Windows\SYSTEM32\slserv.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: Wise Boot Assistant (WiseBootAssistant) - WiseCleaner.com - C:\Program Files\Wise\Wise Care 365\BootTime.exe
--
End of file - 7082 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4247155528-3212375473-46874632-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4247155528-3212375473-46874632-1000UA.job
C:\Windows\tasks\Wise Care 365.job
C:\Windows\tasks\Wise Turbo Checker.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\1c2q9i78.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
"smartwebprinting@hp.com"=C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.117 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.40.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.40.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21 328248]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-10-08 462248]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-08-30 201784]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-10-08 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21 509496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-08-30 201784]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\Windows\SOUNDMAN.EXE [2009-04-14 604704]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2003-11-17 155648]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2003-11-17 118784]
"SynTPStart"=C:\Program Files\Synaptics\SynTP\SynTPStart.exe [2007-10-09 102400]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-08-30 4858968]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"T-Mobile CManager"=C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe [2012-07-14 1841264]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EvtMgr6]
C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Honza\AppData\Local\Google\Update\GoogleUpdate.exe [2013-09-24 116648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Handy Updater]
C:\Program Files\HandyUpdater\HandyUpdater.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyTomTomSA.exe]
C:\Program Files\MyTomTom 3\MyTomTomSA.exe [2013-05-23 455608]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Honza^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Registrace produktu.lnk]
C:\PROGRA~1\COMMON~1\LogiShrd\eReg\SetPoint\eReg.exe [2009-11-16 517384]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Honza^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk]
C:\PROGRA~1\MICROS~2\Office14\ONENOTEM.EXE [2010-03-29 227712]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
TP-LINK Wireless Utility.lnk - C:\Program Files\TP-LINK\COMMON\TWCU.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Users\Honza\AppData\Local\DProtect\eBP.dll,C:\Users\Honza\AppData\Local\DProtect\eBPSD.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxsrvc.dll [2003-11-17 323584]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"vidc.XVID"=xvidvfw.dll
"msacm.l3pacm"=l3codecp.acm
"msacm.aacacm"=AACACM.acm
"msacm.lameacm"=lameACM.acm
"msacm.ac3acm"=ac3acm.acm
"VIDC.LAGS"=lagarith.dll
"VIDC.FFDS"=ff_vfw.dll
"vidc.x264"=x264vfw.dll
"msacm.ac3filter"=ac3filter.acm
"msacm.avis"=ff_acm.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FMVC"=fmcodec.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2013-10-13 21:39:02 ----D---- C:\Program Files\trend micro
2013-10-13 21:39:01 ----D---- C:\rsit
2013-10-13 21:18:57 ----D---- C:\ProgramData\{CC71B1CB-A2E4-4CF7-8EDB-A0E290BA1604}
2013-10-13 21:18:39 ----D---- C:\Program Files\T-Mobile
2013-10-13 21:17:43 ----A---- C:\Windows\system32\WdfCoInstaller01007.dll
2013-10-13 21:17:43 ----A---- C:\Windows\system32\drivers\WdfCoInstaller01007.dll
2013-10-13 21:17:43 ----A---- C:\Windows\system32\drivers\mod7700.sys
2013-10-13 21:17:43 ----A---- C:\Windows\system32\drivers\ewusbwwan.sys
2013-10-13 21:17:43 ----A---- C:\Windows\system32\drivers\ewusbmdm.sys
2013-10-13 21:17:43 ----A---- C:\Windows\system32\drivers\ewdcsc.sys
2013-10-13 21:17:43 ----A---- C:\Windows\system32\drivers\ew_juwwanecm.sys
2013-10-13 21:17:43 ----A---- C:\Windows\system32\drivers\ew_juextctrl.sys
2013-10-13 21:17:43 ----A---- C:\Windows\system32\drivers\ew_jucdcecm.sys
2013-10-13 21:17:43 ----A---- C:\Windows\system32\drivers\ew_jucdcacm.sys
2013-10-13 21:17:43 ----A---- C:\Windows\system32\drivers\ew_jubusenum.sys
2013-10-13 21:17:43 ----A---- C:\Windows\system32\drivers\ew_hwupgrade.sys
2013-10-13 21:17:42 ----A---- C:\Windows\system32\drivers\ew_usbenumfilter.sys
2013-10-13 21:17:42 ----A---- C:\Windows\system32\drivers\ew_hwusbdev.sys
2013-10-13 21:16:46 ----D---- C:\Program Files\Huawei
2013-10-11 22:22:22 ----A---- C:\Windows\system32\FNTCACHE.DAT
2013-10-08 15:06:39 ----A---- C:\Windows\system32\drivers\sp_rsdrv2.sys
2013-10-08 14:01:29 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2013-10-08 14:01:28 ----A---- C:\Windows\system32\drivers\aswSP.sys
2013-10-08 14:01:24 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2013-10-08 14:01:23 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2013-10-08 14:01:22 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2013-10-08 14:01:20 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2013-10-08 14:01:19 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2013-10-08 14:01:13 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2013-10-08 14:01:13 ----A---- C:\Windows\system32\aswBoot.exe
2013-10-08 13:57:15 ----A---- C:\Windows\avastSS.scr
2013-10-08 13:56:08 ----D---- C:\Program Files\AVAST Software
2013-10-08 13:55:00 ----D---- C:\ProgramData\AVAST Software
2013-10-08 13:34:56 ----D---- C:\AdwCleaner
2013-10-08 13:26:03 ----D---- C:\ProgramData\Oracle
2013-10-08 13:25:50 ----D---- C:\Program Files\Common Files\Java
2013-10-08 13:25:16 ----A---- C:\Windows\system32\javaws.exe
2013-10-08 13:24:32 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2013-10-08 13:24:32 ----A---- C:\Windows\system32\javaw.exe
2013-10-08 13:24:32 ----A---- C:\Windows\system32\java.exe
2013-10-08 13:23:50 ----D---- C:\Program Files\Java
2013-10-07 15:00:45 ----D---- C:\Users\Honza\AppData\Roaming\Mozilla
2013-10-07 15:00:27 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-10-07 15:00:15 ----D---- C:\Program Files\Mozilla Firefox
2013-10-07 13:37:33 ----D---- C:\ProgramData\Ralink
2013-10-07 13:36:09 ----A---- C:\Windows\system32\RaCoInst.dat
2013-10-07 13:36:08 ----D---- C:\ProgramData\TP-LINK Driver
2013-10-07 13:36:08 ----A---- C:\Windows\system32\RaCoInst.dll
2013-10-07 13:36:08 ----A---- C:\Windows\system32\drivers\netr28u.sys
2013-10-07 13:35:20 ----D---- C:\Program Files\TP-LINK
2013-10-06 12:53:19 ----D---- C:\Program Files\Microsoft Silverlight
2013-10-06 12:46:18 ----D---- C:\Windows\Sun
======List of files/folders modified in the last 1 month======
2013-10-13 21:39:12 ----D---- C:\Windows\Temp
2013-10-13 21:39:02 ----RD---- C:\Program Files
2013-10-13 21:35:00 ----D---- C:\Windows\system32\config
2013-10-13 21:32:03 ----D---- C:\Windows\System32
2013-10-13 21:32:03 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-10-13 21:32:02 ----D---- C:\Windows\inf
2013-10-13 21:30:41 ----D---- C:\Windows\ModemLogs
2013-10-13 21:19:01 ----D---- C:\Windows\system32\drivers
2013-10-13 21:18:57 ----HD---- C:\ProgramData
2013-10-13 21:17:42 ----D---- C:\Windows\system32\DriverStore
2013-10-13 21:17:42 ----D---- C:\Windows\system32\catroot
2013-10-13 21:12:26 ----D---- C:\Users\Honza\AppData\Roaming\Wise Care 365
2013-10-12 11:03:12 ----D---- C:\Windows
2013-10-11 22:46:20 ----HD---- C:\Config.Msi
2013-10-11 22:44:46 ----D---- C:\Windows\system32\appmgmt
2013-10-11 22:44:45 ----SHD---- C:\Windows\Installer
2013-10-11 22:44:15 ----D---- C:\Program Files\Common Files
2013-10-11 22:44:06 ----D---- C:\Windows\ehome
2013-10-11 22:42:37 ----SHD---- C:\System Volume Information
2013-10-11 22:36:20 ----D---- C:\Windows\system32\catroot2
2013-10-11 22:34:25 ----SD---- C:\Users\Honza\AppData\Roaming\Microsoft
2013-10-11 22:28:05 ----D---- C:\Windows\SoftwareDistribution
2013-10-11 22:22:43 ----D---- C:\Windows\debug
2013-10-11 22:19:21 ----D---- C:\ProgramData\Microsoft Help
2013-10-11 22:03:29 ----D---- C:\Users\Honza\AppData\Roaming\Seznam.cz
2013-10-11 21:53:55 ----D---- C:\Windows\Panther
2013-10-11 21:51:41 ----D---- C:\Windows\system32\Tasks
2013-10-11 21:51:40 ----D---- C:\Windows\Tasks
2013-10-10 17:54:11 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-10-10 17:03:55 ----D---- C:\Windows\system32\NDF
2013-10-08 15:35:49 ----SHD---- C:\Boot
2013-10-08 14:00:38 ----D---- C:\Windows\winsxs
2013-10-08 13:23:56 ----A---- C:\Windows\system32\npDeployJava1.dll
2013-10-08 13:23:56 ----A---- C:\Windows\system32\deployJava1.dll
2013-10-07 17:17:36 ----D---- C:\Users\Honza\AppData\Roaming\Skype
2013-10-07 13:35:18 ----HD---- C:\Program Files\InstallShield Installation Information
2013-10-06 12:54:12 ----SD---- C:\ProgramData\Microsoft
2013-10-06 12:47:35 ----RD---- C:\Program Files\Skype
2013-10-06 12:47:35 ----D---- C:\ProgramData\Skype
2013-09-24 11:15:49 ----D---- C:\Program Files\Google
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-08-30 49376]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-08-30 177864]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 RecAgent;RecAgent; C:\Windows\system32\DRIVERS\RecAgent.sys [2004-11-01 14520]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-08-30 61680]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-08-30 770344]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-08-30 369584]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-08-30 56080]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-08-30 29816]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-08-30 66336]
R3 {6080A529-897E-4629-A488-ABA0C29B635E};Intel(R) Graphics Platform (SoftBIOS) Driver; C:\Windows\system32\drivers\ialmsbw.sys [2003-11-19 122110]
R3 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91};Intel(R) Graphics Chipset (KCH) Driver; C:\Windows\system32\drivers\ialmkchw.sys [2003-11-19 99002]
R3 {E2B953A6-195A-44F9-9BA3-3D5F4E32BB55};AIM 3.0 Part 01 Codec Driver CH-7009-A/CH-7011; C:\Windows\system32\drivers\wA301a.sys [2003-11-19 33847]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\Windows\system32\drivers\RTKVAC.SYS [2009-06-19 4172832]
R3 ew_usbenumfilter;huawei_CompositeFilter; C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys [2010-03-20 11136]
R3 FETNDIS;VIA Rhine-Family Fast Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\fetnd6.sys [2009-07-14 44032]
R3 huawei_cdcacm;huawei_cdcacm; C:\Windows\system32\DRIVERS\ew_jucdcacm.sys [2012-04-23 95616]
R3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys [2012-04-23 76544]
R3 huawei_ext_ctrl;huawei_ext_ctrl; C:\Windows\system32\DRIVERS\ew_juextctrl.sys [2012-04-23 27520]
R3 huawei_wwanecm;huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys [2012-04-23 202752]
R3 ialm;ialm; C:\Windows\system32\DRIVERS\ialmnt5.sys [2003-11-19 95579]
R3 Mtlmnt5;Mtlmnt5; C:\Windows\system32\DRIVERS\Mtlmnt5.sys [2004-11-01 229720]
R3 Slntamr;SmartLink AMR_PCI Driver; C:\Windows\system32\DRIVERS\slntamr.sys [2004-11-01 653960]
R3 SlWdmSup;SlWdmSup; C:\Windows\system32\DRIVERS\SlWdmSup.sys [2004-11-01 13216]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-10-09 192560]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 131072]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-20 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 36864]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [2010-07-27 102784]
S3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2011-09-02 41240]
S3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2011-09-02 39192]
S3 Mtlstrm;Mtlstrm; C:\Windows\system32\DRIVERS\Mtlstrm.sys [2004-11-01 1396048]
S3 netr28u;TP-LINK Wireless USB Adapter; C:\Windows\system32\DRIVERS\netr28u.sys [2010-06-25 854368]
S3 netr73;TP-LINK Wireless USB Adapter Driver; C:\Windows\system32\DRIVERS\netr73.sys [2009-07-14 545792]
S3 PAC7302;Eye 312; C:\Windows\system32\DRIVERS\PAC7302.SYS [2009-04-28 461824]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 SlNtHal;SlNtHal; C:\Windows\system32\DRIVERS\Slnthal.sys [2004-11-01 100176]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-08-23 49664]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\drivers\usb8023x.sys [2013-02-12 15872]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-08-30 46808]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 MbnExt;Mobile Broadband Extension Service; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 RalinkRegistryWriter;Ralink Registry Writer; C:\Program Files\TP-LINK\COMMON\RaRegistry.exe [2010-06-25 185632]
R2 SLService;SmartLinkService; C:\Windows\system32\slserv.exe [2004-11-01 57344]
R2 TeamViewer8;TeamViewer 8; C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe [2013-08-07 4308320]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 WiseBootAssistant;Wise Boot Assistant; C:\Program Files\Wise\Wise Care 365\BootTime.exe [2013-04-25 580232]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-10 257416]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-09-11 118680]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-09-16 3273088]
S3 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-02-29 158856]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-12-03 1343400]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Preventivní kontrola
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Preventivní kontrola
Zdravim 
Ktery silenec dal do pocitace s RAMkou 760 MB Windows 7?
Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text
Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
Ktery silenec dal do pocitace s RAMkou 760 MB Windows 7? Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text
Kód: Vybrat vše
CREATERESTOREPOINT
netsvcs
drivers32
savembr:0
/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop
%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5
*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Preventivní kontrola
Tak ten šílenec s Wwindows 7 jsem já, ale spíše šlo o zoufalý pokus zachránit kamarádovi noťas. Před časem zkolaboval hardisk. Byl zakoupen nový a pak nastal problém jak tam nainstalovat OS. DVD mechanika je totiž nefunkční a jiná tam bohužel nejde. Zkoušeli jsme několik, ale počítač je prostě nevidí. Bootovat přes USB tenle počítač ještě neumí (je staršího data výroby), takže externí mechanika taky nefungovala. Udělali jsme pokus a nainstalovali OS v jiném noťasu a pak přenesli hardisk do tohoto. S Windowsem XP se to nezdařilo tak jsem zkusili sedmičky a to už vyšlo. Doinstalovali jsme ovladače a noťas už pár let funguje. Na zakoupení výkonější Ramky už nějak z finančních důvodů nedošlo tak to zůstalo jak je.
OTL log
OTL logfile created on: 14.10.2013 10:28:19 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Honza\Downloads\Nemazat antiviry
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
759,56 Mb Total Physical Memory | 317,28 Mb Available Physical Memory | 41,77% Memory free
1,85 Gb Paging File | 1,16 Gb Available in Paging File | 62,73% Paging File free
Paging file location(s): c:\pagefile.sys 1138 1138 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 33,11 Gb Total Space | 7,18 Gb Free Space | 21,68% Space Free | Partition Type: NTFS
Computer Name: HONZA-PC | User Name: Honza | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013.10.14 10:25:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Honza\Downloads\Nemazat antiviry\OTL.exe
PRC - [2013.10.02 17:05:02 | 002,146,584 | ---- | M] (Gemfor s.r.o.) -- C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe
PRC - [2013.09.11 04:26:32 | 000,274,840 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013.08.30 09:47:34 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013.08.30 09:47:33 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013.08.23 14:29:54 | 001,174,152 | ---- | M] (WiseCleaner.com) -- C:\Program Files\Wise\Wise Care 365\WiseTray.exe
PRC - [2013.08.07 11:42:30 | 004,308,320 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2012.11.30 04:55:25 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2012.11.23 04:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.06.25 15:57:50 | 000,185,632 | ---- | M] (Ralink Technology, Corp.) -- C:\Program Files\TP-LINK\COMMON\RaRegistry.exe
PRC - [2010.06.25 15:57:42 | 001,638,400 | ---- | M] (TP-LINK TECHNOLOGIES CO., LTD. ) -- C:\Program Files\TP-LINK\COMMON\TWCU.exe
PRC - [2009.04.14 16:43:42 | 000,604,704 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SOUNDMAN.EXE
PRC - [2007.10.09 08:23:32 | 000,102,400 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPStart.exe
PRC - [2004.11.01 17:55:40 | 000,057,344 | ---- | M] ( ) -- C:\Windows\System32\slserv.exe
========== Modules (No Company Name) ==========
MOD - [2013.09.11 04:26:52 | 003,279,768 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2010.06.25 15:57:42 | 000,909,312 | ---- | M] () -- C:\Program Files\TP-LINK\COMMON\RaWLAPI.dll
MOD - [2010.01.30 03:41:12 | 004,254,560 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2008.10.11 23:18:46 | 000,319,488 | ---- | M] () -- C:\Program Files\WinRAR\rarlng.dll
MOD - [2008.09.16 21:18:06 | 000,132,608 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
========== Services (SafeList) ==========
SRV - [2013.10.10 17:54:13 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.10.01 18:47:48 | 000,414,568 | ---- | M] (Gemfor s.r.o.) [Auto | Running] -- C:\Program Files\T-Mobile\Web'n'walk Manager\MbnExt.dll -- (MbnExt)
SRV - [2013.09.16 12:29:40 | 003,273,088 | ---- | M] (Skype Technologies S.A.) [On_Demand | Stopped] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013.09.11 04:26:44 | 000,118,680 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.08.30 09:47:33 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013.08.07 11:42:30 | 004,308,320 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2013.05.27 06:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013.04.25 18:12:00 | 000,580,232 | ---- | M] (WiseCleaner.com) [Auto | Stopped] -- C:\Program Files\Wise\Wise Care 365\BootTime.exe -- (WiseBootAssistant)
SRV - [2012.02.29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [On_Demand | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011.12.03 14:11:32 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010.06.25 15:57:50 | 000,185,632 | ---- | M] (Ralink Technology, Corp.) [Auto | Running] -- C:\Program Files\TP-LINK\COMMON\RaRegistry.exe -- (RalinkRegistryWriter)
SRV - [2010.03.25 11:25:22 | 030,969,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2004.11.01 17:55:40 | 000,057,344 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\slserv.exe -- (SLService)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - [2013.08.30 09:48:13 | 000,369,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2013.08.30 09:48:13 | 000,177,864 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2013.08.30 09:48:13 | 000,056,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2013.08.30 09:48:12 | 000,770,344 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2013.08.30 09:48:12 | 000,061,680 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2013.08.30 09:48:12 | 000,049,376 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013.08.30 09:48:11 | 000,066,336 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2013.08.30 09:48:11 | 000,029,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012.08.23 16:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2012.08.23 16:40:25 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2012.04.23 09:55:12 | 000,202,752 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_juwwanecm.sys -- (huawei_wwanecm)
DRV - [2012.04.23 09:53:36 | 000,095,616 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_jucdcacm.sys -- (huawei_cdcacm)
DRV - [2012.04.23 09:53:36 | 000,076,544 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV - [2012.04.23 09:53:36 | 000,027,520 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_juextctrl.sys -- (huawei_ext_ctrl)
DRV - [2011.11.02 00:56:35 | 000,026,112 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vgapnp.sys -- (vga)
DRV - [2011.09.02 08:31:28 | 000,039,192 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2011.09.02 08:31:20 | 000,041,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2010.11.20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.11.20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010.07.27 09:52:02 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV - [2010.06.25 15:57:42 | 000,854,368 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netr28u.sys -- (netr28u)
DRV - [2010.03.20 12:06:58 | 000,011,136 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_usbenumfilter.sys -- (ew_usbenumfilter)
DRV - [2009.07.14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009.07.14 00:02:53 | 000,545,792 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netr73.sys -- (netr73)
DRV - [2009.07.14 00:02:53 | 000,044,032 | ---- | M] (VIA Technologies, Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\fetnd6.sys -- (FETNDIS)
DRV - [2009.06.19 04:45:02 | 004,172,832 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVAC.SYS -- (ALCXWDM)
DRV - [2009.04.28 10:08:42 | 000,461,824 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PAC7302.SYS -- (PAC7302)
DRV - [2004.11.01 17:30:00 | 000,653,960 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\slntamr.sys -- (Slntamr)
DRV - [2004.11.01 17:26:36 | 000,014,520 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\RecAgent.sys -- (RecAgent)
DRV - [2004.11.01 17:24:00 | 000,229,720 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mtlmnt5.sys -- (Mtlmnt5)
DRV - [2004.11.01 17:19:00 | 000,100,176 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\slnthal.sys -- (SlNtHal)
DRV - [2004.11.01 17:17:26 | 001,396,048 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mtlstrm.sys -- (Mtlstrm)
DRV - [2004.11.01 17:07:50 | 000,013,216 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\slwdmsup.sys -- (SlWdmSup)
DRV - [2003.11.19 23:25:20 | 000,033,847 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wa301a.sys -- ({E2B953A6-195A-44F9-9BA3-3D5F4E32BB55})
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\URLSearchHook: {124d001a-bdcb-472f-aa59-bbe7e4bc3204} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-4247155528-3212375473-46874632-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKU\S-1-5-21-4247155528-3212375473-46874632-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.cz/
IE - HKU\S-1-5-21-4247155528-3212375473-46874632-1000\..\URLSearchHook: {124d001a-bdcb-472f-aa59-bbe7e4bc3204} - No CLSID value found
IE - HKU\S-1-5-21-4247155528-3212375473-46874632-1000\..\SearchScopes,DefaultScope = {BBEC3979-E127-4DA6-88B3-6C8F91A6BBDC}
IE - HKU\S-1-5-21-4247155528-3212375473-46874632-1000\..\SearchScopes\{652FDAFA-3D5D-4F2F-9ABF-A834EC0E7A81}: "URL" = http://tv.seznam.cz/hledej?w={searchTer ... arch_16194
IE - HKU\S-1-5-21-4247155528-3212375473-46874632-1000\..\SearchScopes\{BBEC3979-E127-4DA6-88B3-6C8F91A6BBDC}: "URL" = http://www.google.com/search?q={searchTerms}
IE - HKU\S-1-5-21-4247155528-3212375473-46874632-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:8.0.1497
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:24.0
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.40.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.40.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Honza\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Honza\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Honza\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.04.07 18:51:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.10.08 13:58:03 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.04.07 18:51:03 | 000,000,000 | ---D | M]
[2013.10.07 15:00:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Honza\AppData\Roaming\Mozilla\Extensions
[2013.10.07 15:07:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\1c2q9i78.default\extensions
[2013.10.07 15:00:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013.10.07 15:00:25 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013.10.08 13:58:03 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
========== Chrome ==========
CHR - default_search_provider: qvo6 (Enabled)
CHR - default_search_provider: search_url = http://www.google.com
CHR - default_search_provider: suggest_url = ,
CHR - homepage: http://www.google.com
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Honza\AppData\Local\Google\Chrome\Application\30.0.1599.69\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Honza\AppData\Local\Google\Chrome\Application\30.0.1599.69\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Honza\AppData\Local\Google\Chrome\Application\30.0.1599.69\pdf.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: Foxit Reader Plugin for Mozilla (Enabled) = C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
CHR - plugin: Java(TM) Platform SE 7 U25 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Honza\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Honza\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll
CHR - plugin: Java Deployment Toolkit 7.0.250.17 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - Extension: Dokumenty Google = C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Disk Google = C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: avast! Online Security = C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\8.0.8_0\
CHR - Extension: Skype Click to Call = C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.12.0.13601_0\
CHR - Extension: Chrome In-App Payments service = C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\
CHR - Extension: Gmail = C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [SoundMan] C:\Windows\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)
O4 - HKU\S-1-5-21-4247155528-3212375473-46874632-1000..\Run: [T-Mobile CManager] C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe (Gemfor s.r.o.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-4247155528-3212375473-46874632-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221
O7 - HKU\S-1-5-21-4247155528-3212375473-46874632-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Od&eslat do aplikace OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKLM\..Trusted Domains: mojebanka.cz ([etrading] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mojebanka.cz ([www] https in Trusted sites)
O15 - HKU\S-1-5-21-4247155528-3212375473-46874632-1000\..Trusted Domains: localhost ([]http in Internet)
O15 - HKU\S-1-5-21-4247155528-3212375473-46874632-1000\..Trusted Domains: mojebanka.cz ([etrading] https in Trusted sites)
O15 - HKU\S-1-5-21-4247155528-3212375473-46874632-1000\..Trusted Domains: mojebanka.cz ([www] https in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 10.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{54D54655-FA62-40A4-8356-5085933C7CEA}: DhcpNameServer = 192.168.1.1 10.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{729BB17F-6842-49A5-9DE8-605DC3D55EFE}: NameServer =
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E4140B6D-18C4-4184-9882-93676283BB8C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F3918571-037A-47BE-87C5-F43E20E26027}: NameServer =
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (C:\Users\Honza\AppData\Local\DProtect\eBP.dll) - File not found
O20 - AppInit_DLLs: (C:\Users\Honza\AppData\Local\DProtect\eBPSD.dll蠀Ⴅ䌀䵏位繎1䘀ࠀЀꌺ䬔衃⪥) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxsrvc.dll) - C:\Windows\System32\igfxsrvc.dll (Intel Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{3ae4c09d-343b-11e3-9434-0040d074b1b6}\Shell - "" = AutoRun
O33 - MountPoints2\{3ae4c09d-343b-11e3-9434-0040d074b1b6}\Shell\AutoRun\command - "" = D:\Autorun.exe
O33 - MountPoints2\{3ae4c0b6-343b-11e3-9434-0040d074b1b6}\Shell - "" = AutoRun
O33 - MountPoints2\{3ae4c0b6-343b-11e3-9434-0040d074b1b6}\Shell\AutoRun\command - "" = D:\Autorun.exe
O33 - MountPoints2\{3ae4c0f3-343b-11e3-9434-0040d074b1b6}\Shell - "" = AutoRun
O33 - MountPoints2\{3ae4c0f3-343b-11e3-9434-0040d074b1b6}\Shell\AutoRun\command - "" = D:\Autorun.exe
O33 - MountPoints2\{c9504beb-040b-11e1-828e-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{c9504beb-040b-11e1-828e-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Autorun.exe
O33 - MountPoints2\D\Shell - "" = AutoRun
O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
Drivers32: msacm.aacacm - C:\Windows\System32\AACACM.acm (fccHandler)
Drivers32: msacm.ac3acm - C:\Windows\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.ac3filter - C:\Windows\System32\ac3filter.acm ()
Drivers32: msacm.avis - C:\Windows\System32\ff_acm.acm ()
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3pacm - C:\Windows\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Windows\System32\lameACM.acm (http://lame.sourceforge.net/)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: VIDC.FMVC - C:\Windows\System32\fmcodec.DLL (Fox Magic Software)
Drivers32: VIDC.LAGS - C:\Windows\System32\lagarith.dll ( )
Drivers32: vidc.x264 - C:\Windows\System32\x264vfw.dll ()
Drivers32: vidc.XVID - C:\Windows\System32\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2013.10.14 10:10:09 | 000,000,000 | ---D | C] -- C:\Users\Honza\AppData\Roaming\T-Mobile
[2013.10.14 10:09:33 | 000,000,000 | ---D | C] -- C:\Program Files\T-Mobile
[2013.10.14 10:09:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Gemfor
[2013.10.14 10:08:36 | 000,000,000 | ---D | C] -- C:\ProgramData\{CC71B1CB-A2E4-4CF7-8EDB-A0E290BA1604}
[2013.10.13 21:39:02 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.10.13 21:39:01 | 000,000,000 | ---D | C] -- C:\rsit
[2013.10.13 21:17:43 | 001,112,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WdfCoInstaller01007.dll
[2013.10.13 21:17:43 | 001,112,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfCoInstaller01007.dll
[2013.10.13 21:17:43 | 000,861,696 | ---- | C] (DiBcom SA) -- C:\Windows\System32\drivers\mod7700.sys
[2013.10.13 21:17:43 | 000,377,856 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbwwan.sys
[2013.10.13 21:17:43 | 000,202,752 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_juwwanecm.sys
[2013.10.13 21:17:43 | 000,199,168 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbmdm.sys
[2013.10.13 21:17:43 | 000,095,616 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jucdcacm.sys
[2013.10.13 21:17:43 | 000,076,544 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jubusenum.sys
[2013.10.13 21:17:43 | 000,070,016 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jucdcecm.sys
[2013.10.13 21:17:43 | 000,027,520 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_juextctrl.sys
[2013.10.13 21:17:43 | 000,025,856 | ---- | C] (Huawei Tech. Co., Ltd.) -- C:\Windows\System32\drivers\ewdcsc.sys
[2013.10.13 21:17:43 | 000,019,200 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_hwupgrade.sys
[2013.10.13 21:17:42 | 000,102,784 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_hwusbdev.sys
[2013.10.13 21:17:42 | 000,011,136 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_usbenumfilter.sys
[2013.10.13 21:16:46 | 000,000,000 | ---D | C] -- C:\Program Files\Huawei
[2013.10.08 14:01:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2013.10.08 14:01:29 | 000,029,816 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2013.10.08 14:01:28 | 000,369,584 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2013.10.08 14:01:24 | 000,061,680 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2013.10.08 14:01:23 | 000,056,080 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2013.10.08 14:01:22 | 000,770,344 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2013.10.08 14:01:13 | 000,229,648 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2013.10.08 14:01:13 | 000,066,336 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2013.10.08 13:57:15 | 000,041,664 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2013.10.08 13:56:08 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013.10.08 13:55:00 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2013.10.08 13:34:56 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013.10.08 13:26:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2013.10.08 13:25:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2013.10.08 13:25:16 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2013.10.08 13:24:32 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2013.10.08 13:24:32 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2013.10.08 13:24:32 | 000,094,632 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2013.10.08 13:24:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2013.10.08 13:23:50 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2013.10.07 15:00:46 | 000,000,000 | ---D | C] -- C:\Users\Honza\AppData\Local\Mozilla
[2013.10.07 15:00:45 | 000,000,000 | ---D | C] -- C:\Users\Honza\AppData\Roaming\Mozilla
[2013.10.07 15:00:27 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2013.10.07 15:00:15 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013.10.07 13:37:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Ralink
[2013.10.07 13:36:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-LINK
[2013.10.07 13:36:08 | 000,854,368 | ---- | C] (Ralink Technology Corp.) -- C:\Windows\System32\drivers\netr28u.sys
[2013.10.07 13:36:08 | 000,238,880 | ---- | C] (Ralink Technology, Inc.) -- C:\Windows\System32\RaCoInst.dll
[2013.10.07 13:36:08 | 000,000,000 | ---D | C] -- C:\ProgramData\TP-LINK Driver
[2013.10.07 13:35:20 | 000,000,000 | ---D | C] -- C:\Program Files\TP-LINK
[2013.10.06 13:04:32 | 000,000,000 | ---D | C] -- C:\Users\Honza\kbpki
[2013.10.06 12:54:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013.10.06 12:53:19 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2013.10.06 12:46:18 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2013.09.24 11:18:03 | 000,000,000 | ---D | C] -- C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013.09.21 12:56:40 | 000,000,000 | ---D | C] -- C:\Users\Honza\AppData\Local\DProtect
========== Files - Modified Within 30 Days ==========
[2013.10.14 10:37:55 | 000,000,962 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4247155528-3212375473-46874632-1000UA.job
[2013.10.14 10:32:55 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.10.14 10:22:53 | 000,020,704 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.10.14 10:22:53 | 000,020,704 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.10.14 10:10:02 | 000,001,067 | ---- | M] () -- C:\Users\Honza\Desktop\T-Mobile Internet Manager.lnk
[2013.10.14 10:08:39 | 000,000,398 | ---- | M] () -- C:\Windows\tasks\Wise Care 365.job
[2013.10.14 10:08:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.10.14 10:07:09 | 597,340,160 | -HS- | M] () -- C:\hiberfil.sys
[2013.10.13 21:53:05 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.10.13 21:32:03 | 000,631,292 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2013.10.13 21:32:03 | 000,616,008 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.10.13 21:32:03 | 000,121,914 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2013.10.13 21:32:03 | 000,106,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.10.13 21:19:01 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_ew_juextctrl_01007.Wdf
[2013.10.13 21:18:33 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_ew_jucdcacm_01007.Wdf
[2013.10.13 21:17:50 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_ew_jubusenum_01007.Wdf
[2013.10.11 22:23:16 | 000,000,378 | ---- | M] () -- C:\Windows\tasks\Wise Turbo Checker.job
[2013.10.11 22:23:05 | 000,410,032 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.10.10 17:54:11 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013.10.10 17:54:10 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013.10.10 17:37:12 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4247155528-3212375473-46874632-1000Core.job
[2013.10.08 14:05:17 | 000,001,529 | ---- | M] () -- C:\Users\Honza\Desktop\Google Chrome.lnk
[2013.10.08 14:01:13 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2013.10.08 13:37:19 | 000,001,007 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.10.08 13:24:06 | 000,094,632 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2013.10.08 13:24:02 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2013.10.08 13:24:02 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2013.10.08 13:24:01 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2013.10.08 13:23:56 | 000,868,264 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll
[2013.10.08 13:23:56 | 000,790,440 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll
[2013.10.07 13:36:32 | 000,001,941 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Utility.lnk
[2013.10.07 13:36:32 | 000,001,917 | ---- | M] () -- C:\Users\Public\Desktop\TP-LINK Wireless Utility.lnk
[2013.09.25 10:53:16 | 000,351,720 | ---- | M] () -- C:\Users\Honza\Desktop\Obraz000.jpg
[2013.09.16 10:59:20 | 000,041,984 | ---- | M] () -- C:\Users\Honza\Desktop\Výpis ze zdravotnické dokumentace - agentury (1).tif
========== Files Created - No Company Name ==========
[2013.10.14 10:32:55 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.10.14 10:10:02 | 000,001,067 | ---- | C] () -- C:\Users\Honza\Desktop\T-Mobile Internet Manager.lnk
[2013.10.14 10:09:35 | 000,001,164 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\T-Mobile Internet Manager.lnk
[2013.10.13 21:19:01 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_ew_juextctrl_01007.Wdf
[2013.10.13 21:18:33 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_ew_jucdcacm_01007.Wdf
[2013.10.13 21:17:50 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_ew_jubusenum_01007.Wdf
[2013.10.11 22:22:22 | 000,410,032 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.10.11 21:51:40 | 000,000,378 | ---- | C] () -- C:\Windows\tasks\Wise Turbo Checker.job
[2013.10.08 15:06:39 | 000,032,768 | ---- | C] () -- C:\Windows\System32\drivers\sp_rsdrv2.sys
[2013.10.08 14:01:20 | 000,177,864 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2013.10.08 14:01:19 | 000,049,376 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2013.10.07 15:00:32 | 000,001,019 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013.10.07 15:00:32 | 000,001,007 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.10.07 13:36:32 | 000,001,941 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Utility.lnk
[2013.10.07 13:36:32 | 000,001,917 | ---- | C] () -- C:\Users\Public\Desktop\TP-LINK Wireless Utility.lnk
[2013.10.07 13:36:09 | 000,013,931 | ---- | C] () -- C:\Windows\System32\RaCoInst.dat
[2013.09.25 10:55:19 | 000,351,720 | ---- | C] () -- C:\Users\Honza\Desktop\Obraz000.jpg
[2013.09.24 11:18:03 | 000,001,529 | ---- | C] () -- C:\Users\Honza\Desktop\Google Chrome.lnk
[2013.09.24 11:16:04 | 000,000,962 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4247155528-3212375473-46874632-1000UA.job
[2013.09.24 11:16:01 | 000,000,910 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4247155528-3212375473-46874632-1000Core.job
[2013.09.16 10:59:17 | 000,041,984 | ---- | C] () -- C:\Users\Honza\Desktop\Výpis ze zdravotnické dokumentace - agentury (1).tif
[2013.08.09 13:47:57 | 000,000,135 | ---- | C] () -- C:\Windows\AutoKMS.ini
[2013.07.24 12:39:26 | 000,000,272 | ---- | C] () -- C:\Users\Honza\AppData\Roaming\.backup.dm
[2012.04.07 18:34:35 | 000,179,976 | ---- | C] () -- C:\Windows\hpoins44.dat
[2011.11.17 19:07:23 | 000,011,776 | ---- | C] () -- C:\Users\Honza\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.11.04 12:20:14 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2011.11.04 12:17:27 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011.11.01 23:32:23 | 000,007,597 | ---- | C] () -- C:\Users\Honza\AppData\Local\resmon.resmoncfg
[2011.11.01 01:15:50 | 000,154,144 | ---- | C] () -- C:\Windows\System32\RTLCPAPI.dll
========== ZeroAccess Check ==========
[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2012.12.01 22:50:12 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Ashampoo
[2011.11.02 09:39:16 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Foxit
[2011.11.02 09:39:17 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Foxit Software
[2011.11.07 21:56:28 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\IrfanView
[2011.11.01 01:13:47 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Leadertech
[2013.08.04 20:48:57 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Nico Mak Computing
[2013.10.11 22:03:29 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Seznam.cz
[2013.10.14 10:10:09 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\T-Mobile
[2013.03.25 22:41:17 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\TeamViewer
[2012.08.14 18:59:56 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\TomTom
[2013.07.15 11:58:08 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Unity
[2013.08.25 17:14:04 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\uTorrent
[2011.11.02 21:59:41 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Win7codecs
[2013.10.14 10:09:17 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Wise Care 365
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009.07.14 06:53:46 | 000,032,570 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 06:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2012.12.01 19:26:52 | 000,000,398 | ---- | C] () -- C:\Windows\Tasks\Wise Care 365.job
[2012.12.26 15:24:29 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.09.24 11:16:01 | 000,000,910 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4247155528-3212375473-46874632-1000Core.job
[2013.09.24 11:16:04 | 000,000,962 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4247155528-3212375473-46874632-1000UA.job
[2013.10.11 21:51:40 | 000,000,378 | ---- | C] () -- C:\Windows\Tasks\Wise Turbo Checker.job
< >
< MD5 for: AGP440.SYS >
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2009.07.14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2010.11.20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010.11.20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010.11.20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys
< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
< MD5 for: CRYPTSVC.DLL >
[2012.06.02 06:52:32 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=063DD65889D21035311463337BD268E7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_788c7cc71232cc19\cryptsvc.dll
[2012.04.24 06:36:42 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=06E771AA596B8761107AB57E99F128D7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_77ff39f3f916c65f\cryptsvc.dll
[2012.04.24 06:28:22 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=21993009E0CCB9B4FA195F14D3408626 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_7854c7b7125b248c\cryptsvc.dll
[2013.05.10 06:49:59 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=33ADF6E0853AB39EA1723BE82842C1D3 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_77d7a417f9359661\cryptsvc.dll
[2013.05.13 06:45:55 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=3897DFF247D9ED0006190349DE264E14 -- C:\Windows\System32\cryptsvc.dll
[2013.05.13 06:45:55 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=3897DFF247D9ED0006190349DE264E14 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_77d8a461f934afb8\cryptsvc.dll
[2012.04.24 06:47:04 | 000,139,264 | ---- | M] (Microsoft Corporation) MD5=520A108A2657F4BCA7FCED9CA7D885DE -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17008_none_762f534bfbdf7203\cryptsvc.dll
[2012.06.02 06:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=96C0E38905CFD788313BE8E11DAE3F2F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_77ddc9e5f93000db\cryptsvc.dll
[2009.07.14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
[2010.11.20 14:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
[2013.05.11 06:59:05 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=AC04D05309BB2C418D0D80B9FB014642 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_7883b3211239122d\cryptsvc.dll
[2013.05.10 07:06:21 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=E122AA1C9A3CC46FF9DDDE46E5EB0C58 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_7882b2d71239f8d6\cryptsvc.dll
[2012.06.02 06:41:59 | 000,141,312 | ---- | M] (Microsoft Corporation) MD5=EA8C26ECF1656D9647EF044F115EC6DA -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21225_none_76a05147150ffad1\cryptsvc.dll
[2012.06.02 06:45:21 | 000,139,264 | ---- | M] (Microsoft Corporation) MD5=F2FDE6C8DBAAD44CC58D1E07E4AF4EED -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17035_none_760be2a9fbfa79d1\cryptsvc.dll
[2012.04.24 06:33:53 | 000,141,312 | ---- | M] (Microsoft Corporation) MD5=F522279B4717E2BFF269C771FAC2B78E -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21199_none_7658a1151545269d\cryptsvc.dll
< MD5 for: EXPLORER.EXE >
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe
< MD5 for: HAL.DLL >
[2010.11.20 14:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010.11.20 14:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
[2009.07.14 03:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll
< MD5 for: IASTORV.SYS >
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\drivers\iaStorV.sys
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys
[2011.03.11 07:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_aef580fde910b4b0\iaStorV.sys
[2011.03.11 07:28:00 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys
[2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
[2010.11.20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys
[2011.03.11 07:52:21 | 000,332,160 | ---- | M] (Intel Corporation) MD5=B9039A34C2F8769490DCC494E2402445 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_afae2d45020c148b\iaStorV.sys
< MD5 for: ISAPNP.SYS >
[2009.07.14 03:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\System32\drivers\isapnp.sys
[2009.07.14 03:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\isapnp.sys
[2009.07.14 03:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\isapnp.sys
[2009.07.14 03:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\isapnp.sys
< MD5 for: LSASS.EXE >
[2011.11.17 09:09:25 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=05F38CB7CAB3CE8E9A1812D517DA93EF -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21092_none_a69c8e86d7476262\lsass.exe
[2012.08.24 18:53:44 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=7ABC23F3D86880AD62ACEDC7479608F8 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22099_none_a889f15ed46779fd\lsass.exe
[2011.11.17 07:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=81951F51E318AECC2D68559E47485CC4 -- C:\Windows\System32\lsass.exe
[2011.11.17 07:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=81951F51E318AECC2D68559E47485CC4 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_a84828d7bb1480d7\lsass.exe
[2011.11.17 07:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=81951F51E318AECC2D68559E47485CC4 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_a828bb43bb2beb28\lsass.exe
[2011.11.17 07:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=81951F51E318AECC2D68559E47485CC4 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17940_none_a82d8b59bb293454\lsass.exe
[2012.06.02 06:40:31 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=A6034689ACF9D14973F8384AD5A5451E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21225_none_a6eb42a4d70be51e\lsass.exe
[2011.11.17 07:36:26 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=C2243FF9E9AAD0C30E8B1A0914DA15B6 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16915_none_a66c9bbdbde5f8fa\lsass.exe
[2011.11.17 07:36:26 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=C2243FF9E9AAD0C30E8B1A0914DA15B6 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.17035_none_a656d407bdf6641e\lsass.exe
[2009.07.14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_a620e0e5be1ecda7\lsass.exe
[2009.07.14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_a61fe281be1fb177\lsass.exe
[2009.07.14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_a69eaf60d7456d32\lsass.exe
[2009.07.14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_a851f4adbb0d5141\lsass.exe
[2012.06.02 06:51:22 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=FA7B950E4CA6AA260C4EABA19E03644D -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_a8d76e24d42eb666\lsass.exe
[2011.11.17 07:24:04 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=FBCB2DFA40862DAA7B1534C9538208A5 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_a8a284cad4562b09\lsass.exe
< MD5 for: NDIS.SYS >
[2012.08.22 19:05:16 | 000,712,048 | ---- | M] (Microsoft Corporation) MD5=15B74B6283CEBCCE3054C1001CA01B5E -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_aa0491cf93ad1c31\ndis.sys
[2009.07.14 03:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_a79d81ea7d62a289\ndis.sys
[2012.08.22 19:16:46 | 000,712,048 | ---- | M] (Microsoft Corporation) MD5=8C9C922D71F1CD4DEF73F186416B7896 -- C:\Windows\System32\drivers\ndis.sys
[2012.08.22 19:16:46 | 000,712,048 | ---- | M] (Microsoft Corporation) MD5=8C9C922D71F1CD4DEF73F186416B7896 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_a9bdfee47a5cd154\ndis.sys
[2010.11.20 14:30:06 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_a9ce95b27a512623\ndis.sys
< MD5 for: NETLOGON.DLL >
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\System32\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll
< MD5 for: NVRAID.SYS >
[2009.07.14 03:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) MD5=3F3D04B1D08D43C16EA7963954EC768D -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvraid.sys
[2010.11.20 14:30:06 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=AF2EEC9580C1D32FB7EAF105D9784061 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvraid.sys
[2010.11.20 14:30:06 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=AF2EEC9580C1D32FB7EAF105D9784061 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvraid.sys
[2011.03.11 07:39:00 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=B3E25EE28883877076E0E1FF877D02E0 -- C:\Windows\System32\drivers\nvraid.sys
[2011.03.11 07:39:00 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=B3E25EE28883877076E0E1FF877D02E0 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvraid.sys
[2011.03.11 07:39:00 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=B3E25EE28883877076E0E1FF877D02E0 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvraid.sys
[2011.03.11 07:28:10 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=E3B840350A72CA6F39BD2BEF85A2BCFB -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvraid.sys
[2011.03.11 07:44:01 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=F1B0BED906F97E16F6D0C3629D2F21C6 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvraid.sys
[2011.03.11 07:52:25 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=FCD5C3542A85EEBA7D0833B7E5086C10 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvraid.sys
< MD5 for: NVSTOR.SYS >
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\drivers\nvstor.sys
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys
[2011.03.11 07:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvstor.sys
[2011.03.11 07:28:10 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys
[2011.03.11 07:52:25 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=8A7583A3B58D3EEB28BB26626526BC91 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvstor.sys
[2010.11.20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys
[2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys
< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
< MD5 for: SMSS.EXE >
[2013.03.19 04:43:41 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=0294CC751D7FAEB13621EEFB8A749429 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22280_none_ae7bdfb790cddbcf\smss.exe
[2009.07.14 03:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=16742790895960690237A5143CEDEC8B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_ac10fe207a85352b\smss.exe
[2013.03.19 04:51:05 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=37F4765554F2CD34AAAB616F696E5539 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.21490_none_ac8ab2c593af8bd4\smss.exe
[2013.03.19 04:50:03 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=B24BF638652522BB5E14AB7993FD4A5D -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.17273_none_ac19b4ca7a7f0306\smss.exe
[2013.03.19 04:49:16 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=DE91DCC7BC55E940979097E98F743205 -- C:\Windows\System32\smss.exe
[2013.03.19 04:49:16 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=DE91DCC7BC55E940979097E98F743205 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18113_none_ae40f33e7774c473\smss.exe
[2013.05.06 05:02:20 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=EC745C0949B101129AB6D39CD63808A6 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22318_none_aecf9361908de017\smss.exe
< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
< MD5 for: TCPIP.SYS >
[2011.04.25 06:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys
[2011.06.21 07:34:23 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=04E4A7D53A7ACE02E8C55B17A498F631 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_b513df73c4b4f466\tcpip.sys
[2011.09.29 18:02:44 | 001,301,872 | ---- | M] (Microsoft Corporation) MD5=22F7E7CBCA308DEE3428B097D4F8A61C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_b38e8546e0cbe4a1\tcpip.sys
[2012.08.22 19:05:21 | 001,306,992 | ---- | M] (Microsoft Corporation) MD5=23790A44D9A6B67F8690C34D4F516446 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_b55b785ade04500f\tcpip.sys
[2011.04.25 06:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2009.07.14 03:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2013.01.03 07:01:49 | 001,303,912 | ---- | M] (Microsoft Corporation) MD5=34AE5CC0C7417AB701C2AA8A7BC75417 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_b3c99dece09ecc3b\tcpip.sys
[2010.11.20 14:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2011.09.29 18:17:18 | 001,303,920 | ---- | M] (Microsoft Corporation) MD5=3C1C41E317710F74CEC1E7F0D5325993 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_b5a84e10ddca7566\tcpip.sys
[2013.01.04 06:56:23 | 001,308,504 | ---- | M] (Microsoft Corporation) MD5=4A95845C5F33A4DDEB6AEF6367FB6520 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_b5becc06ddb98192\tcpip.sys
[2012.03.30 12:29:05 | 001,287,024 | ---- | M] (Microsoft Corporation) MD5=55E9965552741F3850CB22CBBA9671ED -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_b2f57423c7b8dea8\tcpip.sys
[2011.09.29 17:43:37 | 001,285,488 | ---- | M] (Microsoft Corporation) MD5=56C198AC82EFA622DD93E9E43575F79C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_b2f8731bc7b62d86\tcpip.sys
[2013.05.08 08:15:22 | 001,309,032 | ---- | M] (Microsoft Corporation) MD5=6088D01FAD49729EA0A5A3D9B9BA8B84 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22319_none_b5b3fe00ddc19aaa\tcpip.sys
[2011.09.29 18:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_b4d1ffa1c4e682b5\tcpip.sys
[2011.04.25 08:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2013.01.03 07:05:20 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=7C0507D2391AF5933600CBCED799F277 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_b502eb9fc4c2a304\tcpip.sys
[2012.03.30 12:23:11 | 001,291,632 | ---- | M] (Microsoft Corporation) MD5=7FA2E0F8B072BD04B77B421480B6CC22 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_b52e5147c4a202d7\tcpip.sys
[2011.04.25 06:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys
[2012.03.30 11:04:23 | 001,306,480 | ---- | M] (Microsoft Corporation) MD5=88FCDB9923EFECA207B3CEBD24407126 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_b583df0adde66104\tcpip.sys
[2011.06.21 07:30:45 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=93C444D118B184452132357C322124CD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_b3703df4e0e237e0\tcpip.sys
[2012.08.22 19:16:54 | 001,292,144 | ---- | M] (Microsoft Corporation) MD5=A5EBB8F648000E88B7D9390B514976BF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_b514e56fc4b40532\tcpip.sys
[2013.01.04 06:55:21 | 001,287,528 | ---- | M] (Microsoft Corporation) MD5=BBCEAEFF1FD72A026F827CBB2F4AA8AD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_b34bcf71c7782cb0\tcpip.sys
[2011.06.21 07:39:53 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=C2DAAEB48F3A47C410B041A0D2382EE1 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_b32e82b7c78da1d1\tcpip.sys
[2013.05.08 07:38:00 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=D32FDAC73FCD76B85389C39BC1087F2A -- C:\Windows\System32\drivers\tcpip.sys
[2013.05.08 07:38:00 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=D32FDAC73FCD76B85389C39BC1087F2A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18148_none_b508ef41c4bd3835\tcpip.sys
[2012.10.03 18:44:01 | 001,308,040 | ---- | M] (Microsoft Corporation) MD5=D490DD0A91B4EAC3B4EE08D11EE37C31 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_b5a428d6ddce3d9a\tcpip.sys
[2011.06.21 08:54:00 | 001,303,424 | ---- | M] (Microsoft Corporation) MD5=DEC4940487050AE13C60C86F40E07E75 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_b583db3edde666b6\tcpip.sys
[2012.10.03 18:58:30 | 001,293,680 | ---- | M] (Microsoft Corporation) MD5=E23A56F843E2AEBBB209D0ACCA73C640 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_b4ef7439c4d0da52\tcpip.sys
[2012.03.30 12:08:19 | 001,303,408 | ---- | M] (Microsoft Corporation) MD5=E47C2844A1605A44178F4281E4D58B3D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_b38bb990e0ccc871\tcpip.sys
OTL log
OTL logfile created on: 14.10.2013 10:28:19 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Honza\Downloads\Nemazat antiviry
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
759,56 Mb Total Physical Memory | 317,28 Mb Available Physical Memory | 41,77% Memory free
1,85 Gb Paging File | 1,16 Gb Available in Paging File | 62,73% Paging File free
Paging file location(s): c:\pagefile.sys 1138 1138 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 33,11 Gb Total Space | 7,18 Gb Free Space | 21,68% Space Free | Partition Type: NTFS
Computer Name: HONZA-PC | User Name: Honza | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013.10.14 10:25:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Honza\Downloads\Nemazat antiviry\OTL.exe
PRC - [2013.10.02 17:05:02 | 002,146,584 | ---- | M] (Gemfor s.r.o.) -- C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe
PRC - [2013.09.11 04:26:32 | 000,274,840 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013.08.30 09:47:34 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013.08.30 09:47:33 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013.08.23 14:29:54 | 001,174,152 | ---- | M] (WiseCleaner.com) -- C:\Program Files\Wise\Wise Care 365\WiseTray.exe
PRC - [2013.08.07 11:42:30 | 004,308,320 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2012.11.30 04:55:25 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2012.11.23 04:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.06.25 15:57:50 | 000,185,632 | ---- | M] (Ralink Technology, Corp.) -- C:\Program Files\TP-LINK\COMMON\RaRegistry.exe
PRC - [2010.06.25 15:57:42 | 001,638,400 | ---- | M] (TP-LINK TECHNOLOGIES CO., LTD. ) -- C:\Program Files\TP-LINK\COMMON\TWCU.exe
PRC - [2009.04.14 16:43:42 | 000,604,704 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SOUNDMAN.EXE
PRC - [2007.10.09 08:23:32 | 000,102,400 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPStart.exe
PRC - [2004.11.01 17:55:40 | 000,057,344 | ---- | M] ( ) -- C:\Windows\System32\slserv.exe
========== Modules (No Company Name) ==========
MOD - [2013.09.11 04:26:52 | 003,279,768 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2010.06.25 15:57:42 | 000,909,312 | ---- | M] () -- C:\Program Files\TP-LINK\COMMON\RaWLAPI.dll
MOD - [2010.01.30 03:41:12 | 004,254,560 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2008.10.11 23:18:46 | 000,319,488 | ---- | M] () -- C:\Program Files\WinRAR\rarlng.dll
MOD - [2008.09.16 21:18:06 | 000,132,608 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
========== Services (SafeList) ==========
SRV - [2013.10.10 17:54:13 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.10.01 18:47:48 | 000,414,568 | ---- | M] (Gemfor s.r.o.) [Auto | Running] -- C:\Program Files\T-Mobile\Web'n'walk Manager\MbnExt.dll -- (MbnExt)
SRV - [2013.09.16 12:29:40 | 003,273,088 | ---- | M] (Skype Technologies S.A.) [On_Demand | Stopped] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013.09.11 04:26:44 | 000,118,680 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.08.30 09:47:33 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013.08.07 11:42:30 | 004,308,320 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2013.05.27 06:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013.04.25 18:12:00 | 000,580,232 | ---- | M] (WiseCleaner.com) [Auto | Stopped] -- C:\Program Files\Wise\Wise Care 365\BootTime.exe -- (WiseBootAssistant)
SRV - [2012.02.29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [On_Demand | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011.12.03 14:11:32 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010.06.25 15:57:50 | 000,185,632 | ---- | M] (Ralink Technology, Corp.) [Auto | Running] -- C:\Program Files\TP-LINK\COMMON\RaRegistry.exe -- (RalinkRegistryWriter)
SRV - [2010.03.25 11:25:22 | 030,969,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2004.11.01 17:55:40 | 000,057,344 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\slserv.exe -- (SLService)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - [2013.08.30 09:48:13 | 000,369,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2013.08.30 09:48:13 | 000,177,864 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2013.08.30 09:48:13 | 000,056,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2013.08.30 09:48:12 | 000,770,344 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2013.08.30 09:48:12 | 000,061,680 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2013.08.30 09:48:12 | 000,049,376 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013.08.30 09:48:11 | 000,066,336 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2013.08.30 09:48:11 | 000,029,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012.08.23 16:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2012.08.23 16:40:25 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2012.04.23 09:55:12 | 000,202,752 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_juwwanecm.sys -- (huawei_wwanecm)
DRV - [2012.04.23 09:53:36 | 000,095,616 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_jucdcacm.sys -- (huawei_cdcacm)
DRV - [2012.04.23 09:53:36 | 000,076,544 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV - [2012.04.23 09:53:36 | 000,027,520 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_juextctrl.sys -- (huawei_ext_ctrl)
DRV - [2011.11.02 00:56:35 | 000,026,112 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vgapnp.sys -- (vga)
DRV - [2011.09.02 08:31:28 | 000,039,192 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2011.09.02 08:31:20 | 000,041,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2010.11.20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.11.20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010.07.27 09:52:02 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV - [2010.06.25 15:57:42 | 000,854,368 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netr28u.sys -- (netr28u)
DRV - [2010.03.20 12:06:58 | 000,011,136 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_usbenumfilter.sys -- (ew_usbenumfilter)
DRV - [2009.07.14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009.07.14 00:02:53 | 000,545,792 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netr73.sys -- (netr73)
DRV - [2009.07.14 00:02:53 | 000,044,032 | ---- | M] (VIA Technologies, Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\fetnd6.sys -- (FETNDIS)
DRV - [2009.06.19 04:45:02 | 004,172,832 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVAC.SYS -- (ALCXWDM)
DRV - [2009.04.28 10:08:42 | 000,461,824 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PAC7302.SYS -- (PAC7302)
DRV - [2004.11.01 17:30:00 | 000,653,960 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\slntamr.sys -- (Slntamr)
DRV - [2004.11.01 17:26:36 | 000,014,520 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\RecAgent.sys -- (RecAgent)
DRV - [2004.11.01 17:24:00 | 000,229,720 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mtlmnt5.sys -- (Mtlmnt5)
DRV - [2004.11.01 17:19:00 | 000,100,176 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\slnthal.sys -- (SlNtHal)
DRV - [2004.11.01 17:17:26 | 001,396,048 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mtlstrm.sys -- (Mtlstrm)
DRV - [2004.11.01 17:07:50 | 000,013,216 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\slwdmsup.sys -- (SlWdmSup)
DRV - [2003.11.19 23:25:20 | 000,033,847 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wa301a.sys -- ({E2B953A6-195A-44F9-9BA3-3D5F4E32BB55})
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\URLSearchHook: {124d001a-bdcb-472f-aa59-bbe7e4bc3204} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-4247155528-3212375473-46874632-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKU\S-1-5-21-4247155528-3212375473-46874632-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.cz/
IE - HKU\S-1-5-21-4247155528-3212375473-46874632-1000\..\URLSearchHook: {124d001a-bdcb-472f-aa59-bbe7e4bc3204} - No CLSID value found
IE - HKU\S-1-5-21-4247155528-3212375473-46874632-1000\..\SearchScopes,DefaultScope = {BBEC3979-E127-4DA6-88B3-6C8F91A6BBDC}
IE - HKU\S-1-5-21-4247155528-3212375473-46874632-1000\..\SearchScopes\{652FDAFA-3D5D-4F2F-9ABF-A834EC0E7A81}: "URL" = http://tv.seznam.cz/hledej?w={searchTer ... arch_16194
IE - HKU\S-1-5-21-4247155528-3212375473-46874632-1000\..\SearchScopes\{BBEC3979-E127-4DA6-88B3-6C8F91A6BBDC}: "URL" = http://www.google.com/search?q={searchTerms}
IE - HKU\S-1-5-21-4247155528-3212375473-46874632-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:8.0.1497
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:24.0
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.40.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.40.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Honza\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Honza\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Honza\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.04.07 18:51:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.10.08 13:58:03 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.04.07 18:51:03 | 000,000,000 | ---D | M]
[2013.10.07 15:00:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Honza\AppData\Roaming\Mozilla\Extensions
[2013.10.07 15:07:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\1c2q9i78.default\extensions
[2013.10.07 15:00:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013.10.07 15:00:25 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013.10.08 13:58:03 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
========== Chrome ==========
CHR - default_search_provider: qvo6 (Enabled)
CHR - default_search_provider: search_url = http://www.google.com
CHR - default_search_provider: suggest_url = ,
CHR - homepage: http://www.google.com
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Honza\AppData\Local\Google\Chrome\Application\30.0.1599.69\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Honza\AppData\Local\Google\Chrome\Application\30.0.1599.69\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Honza\AppData\Local\Google\Chrome\Application\30.0.1599.69\pdf.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: Foxit Reader Plugin for Mozilla (Enabled) = C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
CHR - plugin: Java(TM) Platform SE 7 U25 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Honza\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Honza\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll
CHR - plugin: Java Deployment Toolkit 7.0.250.17 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - Extension: Dokumenty Google = C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Disk Google = C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: avast! Online Security = C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\8.0.8_0\
CHR - Extension: Skype Click to Call = C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.12.0.13601_0\
CHR - Extension: Chrome In-App Payments service = C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\
CHR - Extension: Gmail = C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [SoundMan] C:\Windows\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)
O4 - HKU\S-1-5-21-4247155528-3212375473-46874632-1000..\Run: [T-Mobile CManager] C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe (Gemfor s.r.o.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-4247155528-3212375473-46874632-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221
O7 - HKU\S-1-5-21-4247155528-3212375473-46874632-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Od&eslat do aplikace OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKLM\..Trusted Domains: mojebanka.cz ([etrading] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mojebanka.cz ([www] https in Trusted sites)
O15 - HKU\S-1-5-21-4247155528-3212375473-46874632-1000\..Trusted Domains: localhost ([]http in Internet)
O15 - HKU\S-1-5-21-4247155528-3212375473-46874632-1000\..Trusted Domains: mojebanka.cz ([etrading] https in Trusted sites)
O15 - HKU\S-1-5-21-4247155528-3212375473-46874632-1000\..Trusted Domains: mojebanka.cz ([www] https in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 10.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{54D54655-FA62-40A4-8356-5085933C7CEA}: DhcpNameServer = 192.168.1.1 10.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{729BB17F-6842-49A5-9DE8-605DC3D55EFE}: NameServer =
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E4140B6D-18C4-4184-9882-93676283BB8C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F3918571-037A-47BE-87C5-F43E20E26027}: NameServer =
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (C:\Users\Honza\AppData\Local\DProtect\eBP.dll) - File not found
O20 - AppInit_DLLs: (C:\Users\Honza\AppData\Local\DProtect\eBPSD.dll蠀Ⴅ䌀䵏位繎1䘀ࠀЀꌺ䬔衃⪥) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxsrvc.dll) - C:\Windows\System32\igfxsrvc.dll (Intel Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{3ae4c09d-343b-11e3-9434-0040d074b1b6}\Shell - "" = AutoRun
O33 - MountPoints2\{3ae4c09d-343b-11e3-9434-0040d074b1b6}\Shell\AutoRun\command - "" = D:\Autorun.exe
O33 - MountPoints2\{3ae4c0b6-343b-11e3-9434-0040d074b1b6}\Shell - "" = AutoRun
O33 - MountPoints2\{3ae4c0b6-343b-11e3-9434-0040d074b1b6}\Shell\AutoRun\command - "" = D:\Autorun.exe
O33 - MountPoints2\{3ae4c0f3-343b-11e3-9434-0040d074b1b6}\Shell - "" = AutoRun
O33 - MountPoints2\{3ae4c0f3-343b-11e3-9434-0040d074b1b6}\Shell\AutoRun\command - "" = D:\Autorun.exe
O33 - MountPoints2\{c9504beb-040b-11e1-828e-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{c9504beb-040b-11e1-828e-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Autorun.exe
O33 - MountPoints2\D\Shell - "" = AutoRun
O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
Drivers32: msacm.aacacm - C:\Windows\System32\AACACM.acm (fccHandler)
Drivers32: msacm.ac3acm - C:\Windows\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.ac3filter - C:\Windows\System32\ac3filter.acm ()
Drivers32: msacm.avis - C:\Windows\System32\ff_acm.acm ()
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3pacm - C:\Windows\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Windows\System32\lameACM.acm (http://lame.sourceforge.net/)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: VIDC.FMVC - C:\Windows\System32\fmcodec.DLL (Fox Magic Software)
Drivers32: VIDC.LAGS - C:\Windows\System32\lagarith.dll ( )
Drivers32: vidc.x264 - C:\Windows\System32\x264vfw.dll ()
Drivers32: vidc.XVID - C:\Windows\System32\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2013.10.14 10:10:09 | 000,000,000 | ---D | C] -- C:\Users\Honza\AppData\Roaming\T-Mobile
[2013.10.14 10:09:33 | 000,000,000 | ---D | C] -- C:\Program Files\T-Mobile
[2013.10.14 10:09:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Gemfor
[2013.10.14 10:08:36 | 000,000,000 | ---D | C] -- C:\ProgramData\{CC71B1CB-A2E4-4CF7-8EDB-A0E290BA1604}
[2013.10.13 21:39:02 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.10.13 21:39:01 | 000,000,000 | ---D | C] -- C:\rsit
[2013.10.13 21:17:43 | 001,112,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WdfCoInstaller01007.dll
[2013.10.13 21:17:43 | 001,112,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfCoInstaller01007.dll
[2013.10.13 21:17:43 | 000,861,696 | ---- | C] (DiBcom SA) -- C:\Windows\System32\drivers\mod7700.sys
[2013.10.13 21:17:43 | 000,377,856 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbwwan.sys
[2013.10.13 21:17:43 | 000,202,752 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_juwwanecm.sys
[2013.10.13 21:17:43 | 000,199,168 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbmdm.sys
[2013.10.13 21:17:43 | 000,095,616 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jucdcacm.sys
[2013.10.13 21:17:43 | 000,076,544 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jubusenum.sys
[2013.10.13 21:17:43 | 000,070,016 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jucdcecm.sys
[2013.10.13 21:17:43 | 000,027,520 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_juextctrl.sys
[2013.10.13 21:17:43 | 000,025,856 | ---- | C] (Huawei Tech. Co., Ltd.) -- C:\Windows\System32\drivers\ewdcsc.sys
[2013.10.13 21:17:43 | 000,019,200 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_hwupgrade.sys
[2013.10.13 21:17:42 | 000,102,784 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_hwusbdev.sys
[2013.10.13 21:17:42 | 000,011,136 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_usbenumfilter.sys
[2013.10.13 21:16:46 | 000,000,000 | ---D | C] -- C:\Program Files\Huawei
[2013.10.08 14:01:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2013.10.08 14:01:29 | 000,029,816 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2013.10.08 14:01:28 | 000,369,584 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2013.10.08 14:01:24 | 000,061,680 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2013.10.08 14:01:23 | 000,056,080 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2013.10.08 14:01:22 | 000,770,344 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2013.10.08 14:01:13 | 000,229,648 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2013.10.08 14:01:13 | 000,066,336 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2013.10.08 13:57:15 | 000,041,664 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2013.10.08 13:56:08 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013.10.08 13:55:00 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2013.10.08 13:34:56 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013.10.08 13:26:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2013.10.08 13:25:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2013.10.08 13:25:16 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2013.10.08 13:24:32 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2013.10.08 13:24:32 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2013.10.08 13:24:32 | 000,094,632 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2013.10.08 13:24:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2013.10.08 13:23:50 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2013.10.07 15:00:46 | 000,000,000 | ---D | C] -- C:\Users\Honza\AppData\Local\Mozilla
[2013.10.07 15:00:45 | 000,000,000 | ---D | C] -- C:\Users\Honza\AppData\Roaming\Mozilla
[2013.10.07 15:00:27 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2013.10.07 15:00:15 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013.10.07 13:37:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Ralink
[2013.10.07 13:36:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-LINK
[2013.10.07 13:36:08 | 000,854,368 | ---- | C] (Ralink Technology Corp.) -- C:\Windows\System32\drivers\netr28u.sys
[2013.10.07 13:36:08 | 000,238,880 | ---- | C] (Ralink Technology, Inc.) -- C:\Windows\System32\RaCoInst.dll
[2013.10.07 13:36:08 | 000,000,000 | ---D | C] -- C:\ProgramData\TP-LINK Driver
[2013.10.07 13:35:20 | 000,000,000 | ---D | C] -- C:\Program Files\TP-LINK
[2013.10.06 13:04:32 | 000,000,000 | ---D | C] -- C:\Users\Honza\kbpki
[2013.10.06 12:54:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013.10.06 12:53:19 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2013.10.06 12:46:18 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2013.09.24 11:18:03 | 000,000,000 | ---D | C] -- C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013.09.21 12:56:40 | 000,000,000 | ---D | C] -- C:\Users\Honza\AppData\Local\DProtect
========== Files - Modified Within 30 Days ==========
[2013.10.14 10:37:55 | 000,000,962 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4247155528-3212375473-46874632-1000UA.job
[2013.10.14 10:32:55 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.10.14 10:22:53 | 000,020,704 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.10.14 10:22:53 | 000,020,704 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.10.14 10:10:02 | 000,001,067 | ---- | M] () -- C:\Users\Honza\Desktop\T-Mobile Internet Manager.lnk
[2013.10.14 10:08:39 | 000,000,398 | ---- | M] () -- C:\Windows\tasks\Wise Care 365.job
[2013.10.14 10:08:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.10.14 10:07:09 | 597,340,160 | -HS- | M] () -- C:\hiberfil.sys
[2013.10.13 21:53:05 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.10.13 21:32:03 | 000,631,292 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2013.10.13 21:32:03 | 000,616,008 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.10.13 21:32:03 | 000,121,914 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2013.10.13 21:32:03 | 000,106,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.10.13 21:19:01 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_ew_juextctrl_01007.Wdf
[2013.10.13 21:18:33 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_ew_jucdcacm_01007.Wdf
[2013.10.13 21:17:50 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_ew_jubusenum_01007.Wdf
[2013.10.11 22:23:16 | 000,000,378 | ---- | M] () -- C:\Windows\tasks\Wise Turbo Checker.job
[2013.10.11 22:23:05 | 000,410,032 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.10.10 17:54:11 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013.10.10 17:54:10 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013.10.10 17:37:12 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4247155528-3212375473-46874632-1000Core.job
[2013.10.08 14:05:17 | 000,001,529 | ---- | M] () -- C:\Users\Honza\Desktop\Google Chrome.lnk
[2013.10.08 14:01:13 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2013.10.08 13:37:19 | 000,001,007 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.10.08 13:24:06 | 000,094,632 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2013.10.08 13:24:02 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2013.10.08 13:24:02 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2013.10.08 13:24:01 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2013.10.08 13:23:56 | 000,868,264 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll
[2013.10.08 13:23:56 | 000,790,440 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll
[2013.10.07 13:36:32 | 000,001,941 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Utility.lnk
[2013.10.07 13:36:32 | 000,001,917 | ---- | M] () -- C:\Users\Public\Desktop\TP-LINK Wireless Utility.lnk
[2013.09.25 10:53:16 | 000,351,720 | ---- | M] () -- C:\Users\Honza\Desktop\Obraz000.jpg
[2013.09.16 10:59:20 | 000,041,984 | ---- | M] () -- C:\Users\Honza\Desktop\Výpis ze zdravotnické dokumentace - agentury (1).tif
========== Files Created - No Company Name ==========
[2013.10.14 10:32:55 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.10.14 10:10:02 | 000,001,067 | ---- | C] () -- C:\Users\Honza\Desktop\T-Mobile Internet Manager.lnk
[2013.10.14 10:09:35 | 000,001,164 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\T-Mobile Internet Manager.lnk
[2013.10.13 21:19:01 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_ew_juextctrl_01007.Wdf
[2013.10.13 21:18:33 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_ew_jucdcacm_01007.Wdf
[2013.10.13 21:17:50 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_ew_jubusenum_01007.Wdf
[2013.10.11 22:22:22 | 000,410,032 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.10.11 21:51:40 | 000,000,378 | ---- | C] () -- C:\Windows\tasks\Wise Turbo Checker.job
[2013.10.08 15:06:39 | 000,032,768 | ---- | C] () -- C:\Windows\System32\drivers\sp_rsdrv2.sys
[2013.10.08 14:01:20 | 000,177,864 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2013.10.08 14:01:19 | 000,049,376 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2013.10.07 15:00:32 | 000,001,019 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013.10.07 15:00:32 | 000,001,007 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.10.07 13:36:32 | 000,001,941 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Utility.lnk
[2013.10.07 13:36:32 | 000,001,917 | ---- | C] () -- C:\Users\Public\Desktop\TP-LINK Wireless Utility.lnk
[2013.10.07 13:36:09 | 000,013,931 | ---- | C] () -- C:\Windows\System32\RaCoInst.dat
[2013.09.25 10:55:19 | 000,351,720 | ---- | C] () -- C:\Users\Honza\Desktop\Obraz000.jpg
[2013.09.24 11:18:03 | 000,001,529 | ---- | C] () -- C:\Users\Honza\Desktop\Google Chrome.lnk
[2013.09.24 11:16:04 | 000,000,962 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4247155528-3212375473-46874632-1000UA.job
[2013.09.24 11:16:01 | 000,000,910 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4247155528-3212375473-46874632-1000Core.job
[2013.09.16 10:59:17 | 000,041,984 | ---- | C] () -- C:\Users\Honza\Desktop\Výpis ze zdravotnické dokumentace - agentury (1).tif
[2013.08.09 13:47:57 | 000,000,135 | ---- | C] () -- C:\Windows\AutoKMS.ini
[2013.07.24 12:39:26 | 000,000,272 | ---- | C] () -- C:\Users\Honza\AppData\Roaming\.backup.dm
[2012.04.07 18:34:35 | 000,179,976 | ---- | C] () -- C:\Windows\hpoins44.dat
[2011.11.17 19:07:23 | 000,011,776 | ---- | C] () -- C:\Users\Honza\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.11.04 12:20:14 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2011.11.04 12:17:27 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011.11.01 23:32:23 | 000,007,597 | ---- | C] () -- C:\Users\Honza\AppData\Local\resmon.resmoncfg
[2011.11.01 01:15:50 | 000,154,144 | ---- | C] () -- C:\Windows\System32\RTLCPAPI.dll
========== ZeroAccess Check ==========
[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2012.12.01 22:50:12 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Ashampoo
[2011.11.02 09:39:16 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Foxit
[2011.11.02 09:39:17 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Foxit Software
[2011.11.07 21:56:28 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\IrfanView
[2011.11.01 01:13:47 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Leadertech
[2013.08.04 20:48:57 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Nico Mak Computing
[2013.10.11 22:03:29 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Seznam.cz
[2013.10.14 10:10:09 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\T-Mobile
[2013.03.25 22:41:17 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\TeamViewer
[2012.08.14 18:59:56 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\TomTom
[2013.07.15 11:58:08 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Unity
[2013.08.25 17:14:04 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\uTorrent
[2011.11.02 21:59:41 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Win7codecs
[2013.10.14 10:09:17 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Wise Care 365
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009.07.14 06:53:46 | 000,032,570 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 06:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2012.12.01 19:26:52 | 000,000,398 | ---- | C] () -- C:\Windows\Tasks\Wise Care 365.job
[2012.12.26 15:24:29 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.09.24 11:16:01 | 000,000,910 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4247155528-3212375473-46874632-1000Core.job
[2013.09.24 11:16:04 | 000,000,962 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4247155528-3212375473-46874632-1000UA.job
[2013.10.11 21:51:40 | 000,000,378 | ---- | C] () -- C:\Windows\Tasks\Wise Turbo Checker.job
< >
< MD5 for: AGP440.SYS >
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2009.07.14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2010.11.20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010.11.20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010.11.20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys
< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
< MD5 for: CRYPTSVC.DLL >
[2012.06.02 06:52:32 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=063DD65889D21035311463337BD268E7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_788c7cc71232cc19\cryptsvc.dll
[2012.04.24 06:36:42 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=06E771AA596B8761107AB57E99F128D7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_77ff39f3f916c65f\cryptsvc.dll
[2012.04.24 06:28:22 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=21993009E0CCB9B4FA195F14D3408626 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_7854c7b7125b248c\cryptsvc.dll
[2013.05.10 06:49:59 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=33ADF6E0853AB39EA1723BE82842C1D3 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_77d7a417f9359661\cryptsvc.dll
[2013.05.13 06:45:55 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=3897DFF247D9ED0006190349DE264E14 -- C:\Windows\System32\cryptsvc.dll
[2013.05.13 06:45:55 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=3897DFF247D9ED0006190349DE264E14 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_77d8a461f934afb8\cryptsvc.dll
[2012.04.24 06:47:04 | 000,139,264 | ---- | M] (Microsoft Corporation) MD5=520A108A2657F4BCA7FCED9CA7D885DE -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17008_none_762f534bfbdf7203\cryptsvc.dll
[2012.06.02 06:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=96C0E38905CFD788313BE8E11DAE3F2F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_77ddc9e5f93000db\cryptsvc.dll
[2009.07.14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
[2010.11.20 14:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
[2013.05.11 06:59:05 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=AC04D05309BB2C418D0D80B9FB014642 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_7883b3211239122d\cryptsvc.dll
[2013.05.10 07:06:21 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=E122AA1C9A3CC46FF9DDDE46E5EB0C58 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_7882b2d71239f8d6\cryptsvc.dll
[2012.06.02 06:41:59 | 000,141,312 | ---- | M] (Microsoft Corporation) MD5=EA8C26ECF1656D9647EF044F115EC6DA -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21225_none_76a05147150ffad1\cryptsvc.dll
[2012.06.02 06:45:21 | 000,139,264 | ---- | M] (Microsoft Corporation) MD5=F2FDE6C8DBAAD44CC58D1E07E4AF4EED -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17035_none_760be2a9fbfa79d1\cryptsvc.dll
[2012.04.24 06:33:53 | 000,141,312 | ---- | M] (Microsoft Corporation) MD5=F522279B4717E2BFF269C771FAC2B78E -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21199_none_7658a1151545269d\cryptsvc.dll
< MD5 for: EXPLORER.EXE >
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe
< MD5 for: HAL.DLL >
[2010.11.20 14:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010.11.20 14:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
[2009.07.14 03:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll
< MD5 for: IASTORV.SYS >
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\drivers\iaStorV.sys
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys
[2011.03.11 07:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_aef580fde910b4b0\iaStorV.sys
[2011.03.11 07:28:00 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys
[2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
[2010.11.20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys
[2011.03.11 07:52:21 | 000,332,160 | ---- | M] (Intel Corporation) MD5=B9039A34C2F8769490DCC494E2402445 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_afae2d45020c148b\iaStorV.sys
< MD5 for: ISAPNP.SYS >
[2009.07.14 03:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\System32\drivers\isapnp.sys
[2009.07.14 03:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\isapnp.sys
[2009.07.14 03:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\isapnp.sys
[2009.07.14 03:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\isapnp.sys
< MD5 for: LSASS.EXE >
[2011.11.17 09:09:25 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=05F38CB7CAB3CE8E9A1812D517DA93EF -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21092_none_a69c8e86d7476262\lsass.exe
[2012.08.24 18:53:44 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=7ABC23F3D86880AD62ACEDC7479608F8 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22099_none_a889f15ed46779fd\lsass.exe
[2011.11.17 07:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=81951F51E318AECC2D68559E47485CC4 -- C:\Windows\System32\lsass.exe
[2011.11.17 07:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=81951F51E318AECC2D68559E47485CC4 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_a84828d7bb1480d7\lsass.exe
[2011.11.17 07:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=81951F51E318AECC2D68559E47485CC4 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_a828bb43bb2beb28\lsass.exe
[2011.11.17 07:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=81951F51E318AECC2D68559E47485CC4 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17940_none_a82d8b59bb293454\lsass.exe
[2012.06.02 06:40:31 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=A6034689ACF9D14973F8384AD5A5451E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21225_none_a6eb42a4d70be51e\lsass.exe
[2011.11.17 07:36:26 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=C2243FF9E9AAD0C30E8B1A0914DA15B6 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16915_none_a66c9bbdbde5f8fa\lsass.exe
[2011.11.17 07:36:26 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=C2243FF9E9AAD0C30E8B1A0914DA15B6 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.17035_none_a656d407bdf6641e\lsass.exe
[2009.07.14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_a620e0e5be1ecda7\lsass.exe
[2009.07.14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_a61fe281be1fb177\lsass.exe
[2009.07.14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_a69eaf60d7456d32\lsass.exe
[2009.07.14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_a851f4adbb0d5141\lsass.exe
[2012.06.02 06:51:22 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=FA7B950E4CA6AA260C4EABA19E03644D -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_a8d76e24d42eb666\lsass.exe
[2011.11.17 07:24:04 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=FBCB2DFA40862DAA7B1534C9538208A5 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_a8a284cad4562b09\lsass.exe
< MD5 for: NDIS.SYS >
[2012.08.22 19:05:16 | 000,712,048 | ---- | M] (Microsoft Corporation) MD5=15B74B6283CEBCCE3054C1001CA01B5E -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_aa0491cf93ad1c31\ndis.sys
[2009.07.14 03:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_a79d81ea7d62a289\ndis.sys
[2012.08.22 19:16:46 | 000,712,048 | ---- | M] (Microsoft Corporation) MD5=8C9C922D71F1CD4DEF73F186416B7896 -- C:\Windows\System32\drivers\ndis.sys
[2012.08.22 19:16:46 | 000,712,048 | ---- | M] (Microsoft Corporation) MD5=8C9C922D71F1CD4DEF73F186416B7896 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_a9bdfee47a5cd154\ndis.sys
[2010.11.20 14:30:06 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_a9ce95b27a512623\ndis.sys
< MD5 for: NETLOGON.DLL >
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\System32\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll
< MD5 for: NVRAID.SYS >
[2009.07.14 03:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) MD5=3F3D04B1D08D43C16EA7963954EC768D -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvraid.sys
[2010.11.20 14:30:06 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=AF2EEC9580C1D32FB7EAF105D9784061 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvraid.sys
[2010.11.20 14:30:06 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=AF2EEC9580C1D32FB7EAF105D9784061 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvraid.sys
[2011.03.11 07:39:00 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=B3E25EE28883877076E0E1FF877D02E0 -- C:\Windows\System32\drivers\nvraid.sys
[2011.03.11 07:39:00 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=B3E25EE28883877076E0E1FF877D02E0 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvraid.sys
[2011.03.11 07:39:00 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=B3E25EE28883877076E0E1FF877D02E0 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvraid.sys
[2011.03.11 07:28:10 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=E3B840350A72CA6F39BD2BEF85A2BCFB -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvraid.sys
[2011.03.11 07:44:01 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=F1B0BED906F97E16F6D0C3629D2F21C6 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvraid.sys
[2011.03.11 07:52:25 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=FCD5C3542A85EEBA7D0833B7E5086C10 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvraid.sys
< MD5 for: NVSTOR.SYS >
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\drivers\nvstor.sys
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys
[2011.03.11 07:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvstor.sys
[2011.03.11 07:28:10 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys
[2011.03.11 07:52:25 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=8A7583A3B58D3EEB28BB26626526BC91 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvstor.sys
[2010.11.20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys
[2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys
< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
< MD5 for: SMSS.EXE >
[2013.03.19 04:43:41 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=0294CC751D7FAEB13621EEFB8A749429 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22280_none_ae7bdfb790cddbcf\smss.exe
[2009.07.14 03:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=16742790895960690237A5143CEDEC8B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_ac10fe207a85352b\smss.exe
[2013.03.19 04:51:05 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=37F4765554F2CD34AAAB616F696E5539 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.21490_none_ac8ab2c593af8bd4\smss.exe
[2013.03.19 04:50:03 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=B24BF638652522BB5E14AB7993FD4A5D -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.17273_none_ac19b4ca7a7f0306\smss.exe
[2013.03.19 04:49:16 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=DE91DCC7BC55E940979097E98F743205 -- C:\Windows\System32\smss.exe
[2013.03.19 04:49:16 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=DE91DCC7BC55E940979097E98F743205 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18113_none_ae40f33e7774c473\smss.exe
[2013.05.06 05:02:20 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=EC745C0949B101129AB6D39CD63808A6 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22318_none_aecf9361908de017\smss.exe
< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
< MD5 for: TCPIP.SYS >
[2011.04.25 06:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys
[2011.06.21 07:34:23 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=04E4A7D53A7ACE02E8C55B17A498F631 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_b513df73c4b4f466\tcpip.sys
[2011.09.29 18:02:44 | 001,301,872 | ---- | M] (Microsoft Corporation) MD5=22F7E7CBCA308DEE3428B097D4F8A61C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_b38e8546e0cbe4a1\tcpip.sys
[2012.08.22 19:05:21 | 001,306,992 | ---- | M] (Microsoft Corporation) MD5=23790A44D9A6B67F8690C34D4F516446 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_b55b785ade04500f\tcpip.sys
[2011.04.25 06:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2009.07.14 03:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2013.01.03 07:01:49 | 001,303,912 | ---- | M] (Microsoft Corporation) MD5=34AE5CC0C7417AB701C2AA8A7BC75417 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_b3c99dece09ecc3b\tcpip.sys
[2010.11.20 14:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2011.09.29 18:17:18 | 001,303,920 | ---- | M] (Microsoft Corporation) MD5=3C1C41E317710F74CEC1E7F0D5325993 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_b5a84e10ddca7566\tcpip.sys
[2013.01.04 06:56:23 | 001,308,504 | ---- | M] (Microsoft Corporation) MD5=4A95845C5F33A4DDEB6AEF6367FB6520 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_b5becc06ddb98192\tcpip.sys
[2012.03.30 12:29:05 | 001,287,024 | ---- | M] (Microsoft Corporation) MD5=55E9965552741F3850CB22CBBA9671ED -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_b2f57423c7b8dea8\tcpip.sys
[2011.09.29 17:43:37 | 001,285,488 | ---- | M] (Microsoft Corporation) MD5=56C198AC82EFA622DD93E9E43575F79C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_b2f8731bc7b62d86\tcpip.sys
[2013.05.08 08:15:22 | 001,309,032 | ---- | M] (Microsoft Corporation) MD5=6088D01FAD49729EA0A5A3D9B9BA8B84 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22319_none_b5b3fe00ddc19aaa\tcpip.sys
[2011.09.29 18:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_b4d1ffa1c4e682b5\tcpip.sys
[2011.04.25 08:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2013.01.03 07:05:20 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=7C0507D2391AF5933600CBCED799F277 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_b502eb9fc4c2a304\tcpip.sys
[2012.03.30 12:23:11 | 001,291,632 | ---- | M] (Microsoft Corporation) MD5=7FA2E0F8B072BD04B77B421480B6CC22 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_b52e5147c4a202d7\tcpip.sys
[2011.04.25 06:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys
[2012.03.30 11:04:23 | 001,306,480 | ---- | M] (Microsoft Corporation) MD5=88FCDB9923EFECA207B3CEBD24407126 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_b583df0adde66104\tcpip.sys
[2011.06.21 07:30:45 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=93C444D118B184452132357C322124CD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_b3703df4e0e237e0\tcpip.sys
[2012.08.22 19:16:54 | 001,292,144 | ---- | M] (Microsoft Corporation) MD5=A5EBB8F648000E88B7D9390B514976BF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_b514e56fc4b40532\tcpip.sys
[2013.01.04 06:55:21 | 001,287,528 | ---- | M] (Microsoft Corporation) MD5=BBCEAEFF1FD72A026F827CBB2F4AA8AD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_b34bcf71c7782cb0\tcpip.sys
[2011.06.21 07:39:53 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=C2DAAEB48F3A47C410B041A0D2382EE1 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_b32e82b7c78da1d1\tcpip.sys
[2013.05.08 07:38:00 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=D32FDAC73FCD76B85389C39BC1087F2A -- C:\Windows\System32\drivers\tcpip.sys
[2013.05.08 07:38:00 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=D32FDAC73FCD76B85389C39BC1087F2A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18148_none_b508ef41c4bd3835\tcpip.sys
[2012.10.03 18:44:01 | 001,308,040 | ---- | M] (Microsoft Corporation) MD5=D490DD0A91B4EAC3B4EE08D11EE37C31 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_b5a428d6ddce3d9a\tcpip.sys
[2011.06.21 08:54:00 | 001,303,424 | ---- | M] (Microsoft Corporation) MD5=DEC4940487050AE13C60C86F40E07E75 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_b583db3edde666b6\tcpip.sys
[2012.10.03 18:58:30 | 001,293,680 | ---- | M] (Microsoft Corporation) MD5=E23A56F843E2AEBBB209D0ACCA73C640 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_b4ef7439c4d0da52\tcpip.sys
[2012.03.30 12:08:19 | 001,303,408 | ---- | M] (Microsoft Corporation) MD5=E47C2844A1605A44178F4281E4D58B3D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_b38bb990e0ccc871\tcpip.sys
Re: Preventivní kontrola
OTL log - pokračování
< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009.10.28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
< MD5 for: WS2_32.DLL >
[2010.11.20 14:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\System32\ws2_32.dll
[2010.11.20 14:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
[2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll
< >
< %systemroot%*.* /U /s >
[16 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
[2011.11.04 13:43:23 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\Acronis
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data\Application Data
[2012.12.01 22:50:02 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\ashampoo
[2013.10.08 13:56:08 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\AVAST Software
[2013.07.24 12:40:13 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\ClubSanDisk
[2011.11.01 00:16:10 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data\Data aplikací
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data\Desktop
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data\Documents
[2011.11.01 00:16:10 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data\Dokumenty
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data\Favorites
[2013.10.14 10:09:02 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\Gemfor
[2012.04.07 18:55:31 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\HP
[2012.04.07 18:47:24 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\HP Product Assistant
[2011.12.26 22:58:27 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\Lavasoft
[2011.11.04 23:12:02 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\Logishrd
[2013.10.06 12:54:12 | 000,000,000 | --SD | M] -- C:\ProgramData\Application Data\Microsoft
[2013.10.11 22:19:21 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\Microsoft Help
[2013.03.24 00:59:16 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\Mozilla
[2011.11.01 00:16:10 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data\Nabídka Start
[2011.11.01 00:16:10 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data\Oblíbené položky
[2013.10.08 13:26:11 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\Oracle
[2011.11.01 00:16:10 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data\Plocha
[2013.10.07 13:38:55 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\Ralink
[2013.10.06 12:47:35 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\Skype
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data\Start Menu
[2013.08.07 22:04:15 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\Sun
[2013.08.08 14:20:28 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\TEMP
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data\Templates
[2013.10.07 13:36:08 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\TP-LINK Driver
[2011.11.05 18:31:27 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\WEBREG
[2011.11.02 21:59:41 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\Win7codecs
[2013.10.14 10:08:36 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\{CC71B1CB-A2E4-4CF7-8EDB-A0E290BA1604}
[2011.11.01 00:16:10 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data\Šablony
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
File not found -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
[2013.09.16 12:29:40 | 003,273,088 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
[2010.06.25 15:58:02 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\TP-LINK Driver\TP-LINK Wireless Utility\Driver\devcon.exe
[2010.06.25 15:58:02 | 000,533,792 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\TP-LINK Driver\TP-LINK Wireless Utility\Driver\RaInst.exe
[2013.09.16 12:29:40 | 003,273,088 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
[2010.06.25 15:58:02 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\TP-LINK Driver\TP-LINK Wireless Utility\Driver\devcon.exe
[2010.06.25 15:58:02 | 000,533,792 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\TP-LINK Driver\TP-LINK Wireless Utility\Driver\RaInst.exe
[2013.09.16 12:29:40 | 003,273,088 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
[2010.06.25 15:58:02 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\TP-LINK Driver\TP-LINK Wireless Utility\Driver\devcon.exe
[2010.06.25 15:58:02 | 000,533,792 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\TP-LINK Driver\TP-LINK Wireless Utility\Driver\RaInst.exe
[2013.09.16 12:29:40 | 003,273,088 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
[2010.06.25 15:58:02 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\TP-LINK Driver\TP-LINK Wireless Utility\Driver\devcon.exe
[2010.06.25 15:58:02 | 000,533,792 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\TP-LINK Driver\TP-LINK Wireless Utility\Driver\RaInst.exe
[2013.09.16 12:29:40 | 003,273,088 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
[2010.06.25 15:58:02 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\TP-LINK Driver\TP-LINK Wireless Utility\Driver\devcon.exe
[2010.06.25 15:58:02 | 000,533,792 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\TP-LINK Driver\TP-LINK Wireless Utility\Driver\RaInst.exe
[2013.09.16 12:29:40 | 003,273,088 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
[2010.06.25 15:58:02 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\TP-LINK Driver\TP-LINK Wireless Utility\Driver\devcon.exe
[2010.06.25 15:58:02 | 000,533,792 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\TP-LINK Driver\TP-LINK Wireless Utility\Driver\RaInst.exe
[2013.09.16 12:29:40 | 003,273,088 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
[2010.06.25 15:58:02 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\TP-LINK Driver\TP-LINK Wireless Utility\Driver\devcon.exe
[2010.06.25 15:58:02 | 000,533,792 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\TP-LINK Driver\TP-LINK Wireless Utility\Driver\RaInst.exe
[2013.09.16 12:29:40 | 003,273,088 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
[2010.06.25 15:58:02 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\TP-LINK Driver\TP-LINK Wireless Utility\Driver\devcon.exe
[2010.06.25 15:58:02 | 000,533,792 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\TP-LINK Driver\TP-LINK Wireless Utility\Driver\RaInst.exe
[2013.09.16 12:29:40 | 003,273,088 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Application Data\Application Data\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
[2010.06.25 15:58:02 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\Application Data\Application Data\Application Data\TP-LINK Driver\TP-LINK Wireless Utility\Driver\devcon.exe
[2010.06.25 15:58:02 | 000,533,792 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\TP-LINK Driver\TP-LINK Wireless Utility\Driver\RaInst.exe
[2013.09.16 12:29:40 | 003,273,088 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Application Data\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
[2010.06.25 15:58:02 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\Application Data\Application Data\TP-LINK Driver\TP-LINK Wireless Utility\Driver\devcon.exe
[2010.06.25 15:58:02 | 000,533,792 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\TP-LINK Driver\TP-LINK Wireless Utility\Driver\RaInst.exe
[2013.09.16 12:29:40 | 003,273,088 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
[2010.06.25 15:58:02 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\Application Data\TP-LINK Driver\TP-LINK Wireless Utility\Driver\devcon.exe
[2010.06.25 15:58:02 | 000,533,792 | ---- | M] () -- C:\ProgramData\Application Data\TP-LINK Driver\TP-LINK Wireless Utility\Driver\RaInst.exe
< %APPDATA%\*. >
[2011.11.01 23:16:51 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Adobe
[2012.08.16 16:41:50 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Ahead
[2012.12.01 22:50:12 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Ashampoo
[2011.11.02 09:39:16 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Foxit
[2011.11.02 09:39:17 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Foxit Software
[2011.11.05 18:32:58 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\HP
[2011.11.01 00:19:01 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Identities
[2011.11.07 21:56:28 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\IrfanView
[2011.11.01 01:13:47 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Leadertech
[2011.11.01 01:08:51 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Logishrd
[2011.11.01 01:14:05 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Logitech
[2011.11.01 23:16:52 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Macromedia
[2009.07.14 11:20:06 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Media Center Programs
[2013.10.11 22:34:25 | 000,000,000 | --SD | M] -- C:\Users\Honza\AppData\Roaming\Microsoft
[2013.10.07 15:00:57 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Mozilla
[2013.08.04 20:48:57 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Nico Mak Computing
[2013.10.11 22:03:29 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Seznam.cz
[2013.10.07 17:17:36 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Skype
[2013.10.14 10:10:09 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\T-Mobile
[2013.03.25 22:41:17 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\TeamViewer
[2012.08.14 18:59:56 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\TomTom
[2013.07.15 11:58:08 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Unity
[2013.08.25 17:14:04 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\uTorrent
[2011.11.02 21:59:41 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Win7codecs
[2011.11.01 00:52:51 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\WinRAR
[2013.10.14 10:09:17 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Wise Care 365
< %APPDATA%\*.exe /s >
[2011.11.01 01:13:44 | 000,053,248 | R--- | M] (Acresso Software Inc.) -- C:\Users\Honza\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2011.11.02 00:56:35 | 000,026,112 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\vgapnp.sys
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2013.10.14 10:22:53 | 000,020,704 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.10.14 10:22:53 | 000,020,704 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.10.11 22:23:05 | 000,410,032 | ---- | M] () -- C:\Windows\system32\FNTCACHE.DAT
[2013.10.13 21:32:03 | 000,121,914 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2013.10.13 21:32:03 | 000,106,388 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2013.10.13 21:32:03 | 000,631,292 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2013.10.13 21:32:03 | 000,616,008 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2013.10.13 21:32:03 | 001,470,062 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"T-Mobile CManager" = "C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe" -autorun -- [2013.10.02 17:05:02 | 002,146,584 | ---- | M] (Gemfor s.r.o.)
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs
< >
< type c:\boot.ini >> test.txt /c >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.10.14 10:32:55 | 000,000,512 | ---- | M] () MD5=418C50710F39D52FC65350F63F4741F3 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
< *keygen* /s >
< *AntiWPA* /s >
< *loader* /s >
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Skype\Apps\login\images\loader.png
[2012.08.03 09:59:49 | 000,000,060 | ---- | M] () -- \Documents and Settings\Honza\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\7KSDPDM4\superhry.cz\HSO_40e1f8z\bushroaylits.swf\MiniclipLoaderAd.sol
[2010.03.24 21:12:34 | 000,249,680 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2010.03.24 21:12:34 | 000,018,264 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2009.05.21 21:38:08 | 000,007,507 | ---- | M] () -- \Program Files\HP\Digital Imaging\HelpViewer\Resources\Loader.swf
[2009.05.21 21:54:18 | 000,030,776 | ---- | M] () -- \Program Files\HP\Digital Imaging\smart web printing\RsrcLoaderLib.dll
[2009.05.21 21:54:18 | 000,002,713 | ---- | M] () -- \Program Files\HP\Digital Imaging\smart web printing\MozillaAddOn3\xre\components\uriloader.xpt
[2008.02.25 08:05:22 | 000,856,064 | ---- | M] () -- \Program Files\The KMPlayer\ImLoader.dll
[2008.06.20 20:13:32 | 000,044,032 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \ProgramData\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \ProgramData\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \ProgramData\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \ProgramData\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \Users\All Users\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \Users\All Users\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2012.08.03 09:59:49 | 000,000,060 | ---- | M] () -- \Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\7KSDPDM4\superhry.cz\HSO_40e1f8z\bushroaylits.swf\MiniclipLoaderAd.sol
[2009.07.14 14:25:34 | 002,202,645 | R--- | M] () -- \Windows\Setup\SCRIPTS\Windows7Loader.exe
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2011.11.03 20:33:41 | 000,003,530 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2009.07.14 10:42:11 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.07.14 03:47:46 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009.08.19 09:38:48 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed.manifest
[2009.08.19 09:21:21 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20509_none_5be12f8ee6d3987e.manifest
[2010.11.20 06:02:40 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2009.07.14 03:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:19:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.18 13:09:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_0ae0ab79dce0fb26\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:45:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:56:23 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_0a96fc99dd17f16b\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:53 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_0adfad15dce1def6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:42:56 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_0b6949e0f5ff7ec0\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:48:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:44:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_0b12ca80f6405e48\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:39:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_0b5e7bdaf60797d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:32:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
< *minodlogin* /s >
< *tnod* /s >
< *AutoKMS* /s >
[2013.08.09 13:47:57 | 000,000,135 | ---- | M] () -- \Windows\AutoKMS.ini
[2012.12.02 14:23:03 | 001,725,440 | ---- | M] () -- \Windows\AutoKMS\AutoKMS.exe
[2012.12.02 14:23:06 | 000,000,768 | ---- | M] () -- \Windows\AutoKMS\AutoKMS.ini
[2012.12.26 15:26:52 | 000,023,971 | ---- | M] () -- \Windows\AutoKMS\AutoKMS.log
< *activator* /s >
< *serial* /s >
File not found -- \Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009.05.21 19:57:00 | 000,004,185 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009.05.21 19:57:00 | 000,004,185 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009.05.21 19:57:00 | 000,004,185 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009.05.21 19:57:00 | 000,004,185 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009.05.21 19:57:00 | 000,004,185 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009.05.21 19:57:00 | 000,004,185 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009.05.21 19:57:00 | 000,004,185 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009.05.21 19:57:00 | 000,004,185 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Application Data\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009.05.21 19:57:00 | 000,004,185 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009.05.21 19:57:00 | 000,004,185 | ---- | M] () -- \Documents and Settings\All Users\Application Data\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009.05.21 19:57:00 | 000,004,185 | ---- | M] () -- \Documents and Settings\All Users\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2011.03.10 00:43:26 | 000,413,696 | ---- | M] () -- \Program Files\Microsoft Silverlight\4.0.60310.0\System.Runtime.Serialization.dll
[2013.10.06 12:53:56 | 001,186,816 | ---- | M] () -- \Program Files\Microsoft Silverlight\4.0.60310.0\System.Runtime.Serialization.ni.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.05 03:53:39 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
File not found -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009.05.21 19:57:00 | 000,004,185 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009.05.21 19:57:00 | 000,004,185 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009.05.21 19:57:00 | 000,004,185 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009.05.21 19:57:00 | 000,004,185 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009.05.21 19:57:00 | 000,004,185 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009.05.21 19:57:00 | 000,004,185 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009.05.21 19:57:00 | 000,004,185 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009.05.21 19:57:00 | 000,004,185 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009.05.21 19:57:00 | 000,004,185 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009.05.21 19:57:00 | 000,004,185 | ---- | M] () -- \ProgramData\Application Data\Application Data\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009.05.21 19:57:00 | 000,004,185 | ---- | M] () -- \ProgramData\Application Data\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009.05.21 19:57:00 | 000,004,185 | ---- | M] () -- \ProgramData\HP\LGT\Data\Models\Images\identifying_serial.jpg
File not found -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009.05.21 19:57:00 | 000,004,185 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009.05.21 19:57:00 | 000,004,185 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009.05.21 19:57:00 | 000,004,185 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009.05.21 19:57:00 | 000,004,185 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009.05.21 19:57:00 | 000,004,185 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009.05.21 19:57:00 | 000,004,185 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009.05.21 19:57:00 | 000,004,185 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009.05.21 19:57:00 | 000,004,185 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009.05.21 19:57:00 | 000,004,185 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009.05.21 19:57:00 | 000,004,185 | ---- | M] () -- \Users\All Users\Application Data\Application Data\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009.05.21 19:57:00 | 000,004,185 | ---- | M] () -- \Users\All Users\Application Data\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009.05.21 19:57:00 | 000,004,185 | ---- | M] () -- \Users\All Users\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009.07.14 10:43:23 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.13 03:55:26 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.08.12 04:28:00 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\a300d50e46379ad6eca7f58e63f4ed70\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.08.12 04:31:27 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\c476801f82f0b0cff48afcafce7e919d\System.Runtime.Serialization.ni.dll
[2013.08.12 20:34:09 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\5f0cbd7489fce0c1617c0d28f1258cc8\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.08.12 20:33:56 | 002,647,552 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\6b3adc90b6f811b557d290e1436e7ff8\System.Runtime.Serialization.ni.dll
[2013.08.12 14:52:44 | 000,009,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\cda839ea462e123d42cb6d0883cf0f4d\System.Xml.Serialization.ni.dll
[2011.12.26 21:37:58 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.08.12 19:14:10 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2011.12.26 21:37:57 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2013.08.12 19:14:04 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.08.12 19:14:22 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.05 03:53:33 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.10.05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 14:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 14:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.06 17:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2010.06.15 03:33:16 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 03:33:16 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2009.07.14 10:43:17 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 01:45:33 | 000,083,456 | ---- | M] () -- \Windows\System32\drivers\serial.sys
[2009.07.14 10:43:30 | 000,009,728 | ---- | M] () -- \Windows\System32\drivers\cs-CZ\serial.sys.mui
[2009.07.14 00:13:45 | 001,068,032 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\mdmmotsm.inf_x86_neutral_c1415d9789c54b89\smserial.sys
[2009.07.14 01:45:33 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_x86_neutral_c1a802e06677f73f\serial.sys
[2009.07.14 00:09:18 | 000,031,232 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_x86_neutral_63e72c669d043f14\grserial.sys
[2009.07.14 03:52:33 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896.manifest
[2010.11.20 06:06:16 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2012.10.05 19:15:39 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285.manifest
[2012.10.05 19:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d.manifest
[2009.07.14 10:42:43 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2012.10.05 21:04:43 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f.manifest
[2012.10.05 21:02:24 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797.manifest
[2009.07.14 03:51:52 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9.manifest
[2010.11.20 06:05:38 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2012.10.05 19:15:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8.manifest
[2012.10.05 19:17:15 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0.manifest
[2009.07.14 03:49:26 | 000,002,762 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486.manifest
[2009.07.14 03:45:27 | 000,000,866 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_2c93290b67c98d09.manifest
[2009.07.14 03:57:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b.manifest
[2010.11.20 06:10:46 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2012.10.05 19:19:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa.manifest
[2012.10.05 19:22:10 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2.manifest
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2009.07.14 10:43:23 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 23:14:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896\System.Runtime.Serialization.dll
[2010.11.05 03:52:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2012.10.05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285\System.Runtime.Serialization.dll
[2012.10.05 12:56:07 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d\System.Runtime.Serialization.dll
[2009.07.14 10:43:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2010.11.13 03:55:26 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f\System.RunTime.Serialization.Resources.dll
[2010.11.13 04:37:50 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797\System.RunTime.Serialization.Resources.dll
[2009.06.10 23:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9\System.Runtime.Serialization.dll
[2010.11.05 03:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8\System.Runtime.Serialization.dll
[2012.10.05 12:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0\System.Runtime.Serialization.dll
[2009.07.14 00:13:45 | 001,068,032 | ---- | M] () -- \Windows\winsxs\x86_mdmmotsm.inf_31bf3856ad364e35_6.1.7600.16385_none_7a97936f8a972896\smserial.sys
[2009.07.14 10:43:15 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_c002c1170ca9a88f\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.05 03:53:33 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_c233d4df09982c29\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.07.14 10:43:17 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2009.07.14 10:43:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_5d4a68b4b3d26ecc\System.RunTime.Serialization.Resources.dll
[2010.11.05 03:53:39 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2009.07.14 10:43:30 | 000,009,728 | ---- | M] () -- \Windows\winsxs\x86_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_c48c78a9ad8ff996\serial.sys.mui
[2009.07.14 01:45:33 | 000,083,456 | ---- | M] () -- \Windows\winsxs\x86_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_f86e06d519b1d9a4\serial.sys
[2009.07.14 00:09:18 | 000,031,232 | ---- | M] () -- \Windows\winsxs\x86_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_7280378295916274\grserial.sys
[2009.06.10 23:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b\System.Runtime.Serialization.dll
[2010.11.05 03:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa\System.Runtime.Serialization.dll
[2012.10.05 12:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2\System.Runtime.Serialization.dll
< *w7lxe* /s >
< End of report >
< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009.10.28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
< MD5 for: WS2_32.DLL >
[2010.11.20 14:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\System32\ws2_32.dll
[2010.11.20 14:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
[2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll
< >
< %systemroot%*.* /U /s >
[16 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
[2011.11.04 13:43:23 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\Acronis
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data\Application Data
[2012.12.01 22:50:02 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\ashampoo
[2013.10.08 13:56:08 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\AVAST Software
[2013.07.24 12:40:13 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\ClubSanDisk
[2011.11.01 00:16:10 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data\Data aplikací
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data\Desktop
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data\Documents
[2011.11.01 00:16:10 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data\Dokumenty
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data\Favorites
[2013.10.14 10:09:02 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\Gemfor
[2012.04.07 18:55:31 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\HP
[2012.04.07 18:47:24 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\HP Product Assistant
[2011.12.26 22:58:27 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\Lavasoft
[2011.11.04 23:12:02 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\Logishrd
[2013.10.06 12:54:12 | 000,000,000 | --SD | M] -- C:\ProgramData\Application Data\Microsoft
[2013.10.11 22:19:21 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\Microsoft Help
[2013.03.24 00:59:16 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\Mozilla
[2011.11.01 00:16:10 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data\Nabídka Start
[2011.11.01 00:16:10 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data\Oblíbené položky
[2013.10.08 13:26:11 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\Oracle
[2011.11.01 00:16:10 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data\Plocha
[2013.10.07 13:38:55 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\Ralink
[2013.10.06 12:47:35 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\Skype
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data\Start Menu
[2013.08.07 22:04:15 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\Sun
[2013.08.08 14:20:28 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\TEMP
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data\Templates
[2013.10.07 13:36:08 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\TP-LINK Driver
[2011.11.05 18:31:27 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\WEBREG
[2011.11.02 21:59:41 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\Win7codecs
[2013.10.14 10:08:36 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\{CC71B1CB-A2E4-4CF7-8EDB-A0E290BA1604}
[2011.11.01 00:16:10 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data\Šablony
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
File not found -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
[2013.09.16 12:29:40 | 003,273,088 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
[2010.06.25 15:58:02 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\TP-LINK Driver\TP-LINK Wireless Utility\Driver\devcon.exe
[2010.06.25 15:58:02 | 000,533,792 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\TP-LINK Driver\TP-LINK Wireless Utility\Driver\RaInst.exe
[2013.09.16 12:29:40 | 003,273,088 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
[2010.06.25 15:58:02 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\TP-LINK Driver\TP-LINK Wireless Utility\Driver\devcon.exe
[2010.06.25 15:58:02 | 000,533,792 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\TP-LINK Driver\TP-LINK Wireless Utility\Driver\RaInst.exe
[2013.09.16 12:29:40 | 003,273,088 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
[2010.06.25 15:58:02 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\TP-LINK Driver\TP-LINK Wireless Utility\Driver\devcon.exe
[2010.06.25 15:58:02 | 000,533,792 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\TP-LINK Driver\TP-LINK Wireless Utility\Driver\RaInst.exe
[2013.09.16 12:29:40 | 003,273,088 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
[2010.06.25 15:58:02 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\TP-LINK Driver\TP-LINK Wireless Utility\Driver\devcon.exe
[2010.06.25 15:58:02 | 000,533,792 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\TP-LINK Driver\TP-LINK Wireless Utility\Driver\RaInst.exe
[2013.09.16 12:29:40 | 003,273,088 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
[2010.06.25 15:58:02 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\TP-LINK Driver\TP-LINK Wireless Utility\Driver\devcon.exe
[2010.06.25 15:58:02 | 000,533,792 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\TP-LINK Driver\TP-LINK Wireless Utility\Driver\RaInst.exe
[2013.09.16 12:29:40 | 003,273,088 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
[2010.06.25 15:58:02 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\TP-LINK Driver\TP-LINK Wireless Utility\Driver\devcon.exe
[2010.06.25 15:58:02 | 000,533,792 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\TP-LINK Driver\TP-LINK Wireless Utility\Driver\RaInst.exe
[2013.09.16 12:29:40 | 003,273,088 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
[2010.06.25 15:58:02 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\TP-LINK Driver\TP-LINK Wireless Utility\Driver\devcon.exe
[2010.06.25 15:58:02 | 000,533,792 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\TP-LINK Driver\TP-LINK Wireless Utility\Driver\RaInst.exe
[2013.09.16 12:29:40 | 003,273,088 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
[2010.06.25 15:58:02 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\TP-LINK Driver\TP-LINK Wireless Utility\Driver\devcon.exe
[2010.06.25 15:58:02 | 000,533,792 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\TP-LINK Driver\TP-LINK Wireless Utility\Driver\RaInst.exe
[2013.09.16 12:29:40 | 003,273,088 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Application Data\Application Data\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
[2010.06.25 15:58:02 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\Application Data\Application Data\Application Data\TP-LINK Driver\TP-LINK Wireless Utility\Driver\devcon.exe
[2010.06.25 15:58:02 | 000,533,792 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\TP-LINK Driver\TP-LINK Wireless Utility\Driver\RaInst.exe
[2013.09.16 12:29:40 | 003,273,088 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Application Data\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
[2010.06.25 15:58:02 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\Application Data\Application Data\TP-LINK Driver\TP-LINK Wireless Utility\Driver\devcon.exe
[2010.06.25 15:58:02 | 000,533,792 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\TP-LINK Driver\TP-LINK Wireless Utility\Driver\RaInst.exe
[2013.09.16 12:29:40 | 003,273,088 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
[2010.06.25 15:58:02 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\Application Data\TP-LINK Driver\TP-LINK Wireless Utility\Driver\devcon.exe
[2010.06.25 15:58:02 | 000,533,792 | ---- | M] () -- C:\ProgramData\Application Data\TP-LINK Driver\TP-LINK Wireless Utility\Driver\RaInst.exe
< %APPDATA%\*. >
[2011.11.01 23:16:51 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Adobe
[2012.08.16 16:41:50 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Ahead
[2012.12.01 22:50:12 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Ashampoo
[2011.11.02 09:39:16 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Foxit
[2011.11.02 09:39:17 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Foxit Software
[2011.11.05 18:32:58 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\HP
[2011.11.01 00:19:01 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Identities
[2011.11.07 21:56:28 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\IrfanView
[2011.11.01 01:13:47 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Leadertech
[2011.11.01 01:08:51 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Logishrd
[2011.11.01 01:14:05 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Logitech
[2011.11.01 23:16:52 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Macromedia
[2009.07.14 11:20:06 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Media Center Programs
[2013.10.11 22:34:25 | 000,000,000 | --SD | M] -- C:\Users\Honza\AppData\Roaming\Microsoft
[2013.10.07 15:00:57 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Mozilla
[2013.08.04 20:48:57 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Nico Mak Computing
[2013.10.11 22:03:29 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Seznam.cz
[2013.10.07 17:17:36 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Skype
[2013.10.14 10:10:09 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\T-Mobile
[2013.03.25 22:41:17 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\TeamViewer
[2012.08.14 18:59:56 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\TomTom
[2013.07.15 11:58:08 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Unity
[2013.08.25 17:14:04 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\uTorrent
[2011.11.02 21:59:41 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Win7codecs
[2011.11.01 00:52:51 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\WinRAR
[2013.10.14 10:09:17 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Wise Care 365
< %APPDATA%\*.exe /s >
[2011.11.01 01:13:44 | 000,053,248 | R--- | M] (Acresso Software Inc.) -- C:\Users\Honza\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2011.11.02 00:56:35 | 000,026,112 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\vgapnp.sys
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2013.10.14 10:22:53 | 000,020,704 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.10.14 10:22:53 | 000,020,704 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.10.11 22:23:05 | 000,410,032 | ---- | M] () -- C:\Windows\system32\FNTCACHE.DAT
[2013.10.13 21:32:03 | 000,121,914 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2013.10.13 21:32:03 | 000,106,388 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2013.10.13 21:32:03 | 000,631,292 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2013.10.13 21:32:03 | 000,616,008 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2013.10.13 21:32:03 | 001,470,062 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"T-Mobile CManager" = "C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe" -autorun -- [2013.10.02 17:05:02 | 002,146,584 | ---- | M] (Gemfor s.r.o.)
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs
< >
< type c:\boot.ini >> test.txt /c >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.10.14 10:32:55 | 000,000,512 | ---- | M] () MD5=418C50710F39D52FC65350F63F4741F3 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
< *keygen* /s >
< *AntiWPA* /s >
< *loader* /s >
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Skype\Apps\login\images\loader.png
[2012.08.03 09:59:49 | 000,000,060 | ---- | M] () -- \Documents and Settings\Honza\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\7KSDPDM4\superhry.cz\HSO_40e1f8z\bushroaylits.swf\MiniclipLoaderAd.sol
[2010.03.24 21:12:34 | 000,249,680 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2010.03.24 21:12:34 | 000,018,264 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2009.05.21 21:38:08 | 000,007,507 | ---- | M] () -- \Program Files\HP\Digital Imaging\HelpViewer\Resources\Loader.swf
[2009.05.21 21:54:18 | 000,030,776 | ---- | M] () -- \Program Files\HP\Digital Imaging\smart web printing\RsrcLoaderLib.dll
[2009.05.21 21:54:18 | 000,002,713 | ---- | M] () -- \Program Files\HP\Digital Imaging\smart web printing\MozillaAddOn3\xre\components\uriloader.xpt
[2008.02.25 08:05:22 | 000,856,064 | ---- | M] () -- \Program Files\The KMPlayer\ImLoader.dll
[2008.06.20 20:13:32 | 000,044,032 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \ProgramData\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \ProgramData\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \ProgramData\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \ProgramData\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \Users\All Users\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \Users\All Users\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2012.08.03 09:59:49 | 000,000,060 | ---- | M] () -- \Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\7KSDPDM4\superhry.cz\HSO_40e1f8z\bushroaylits.swf\MiniclipLoaderAd.sol
[2009.07.14 14:25:34 | 002,202,645 | R--- | M] () -- \Windows\Setup\SCRIPTS\Windows7Loader.exe
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2011.11.03 20:33:41 | 000,003,530 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2009.07.14 10:42:11 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.07.14 03:47:46 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009.08.19 09:38:48 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed.manifest
[2009.08.19 09:21:21 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20509_none_5be12f8ee6d3987e.manifest
[2010.11.20 06:02:40 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2009.07.14 03:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:19:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.18 13:09:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_0ae0ab79dce0fb26\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:45:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:56:23 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_0a96fc99dd17f16b\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:53 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_0adfad15dce1def6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:42:56 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_0b6949e0f5ff7ec0\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:48:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:44:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_0b12ca80f6405e48\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:39:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_0b5e7bdaf60797d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:32:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
< *minodlogin* /s >
< *tnod* /s >
< *AutoKMS* /s >
[2013.08.09 13:47:57 | 000,000,135 | ---- | M] () -- \Windows\AutoKMS.ini
[2012.12.02 14:23:03 | 001,725,440 | ---- | M] () -- \Windows\AutoKMS\AutoKMS.exe
[2012.12.02 14:23:06 | 000,000,768 | ---- | M] () -- \Windows\AutoKMS\AutoKMS.ini
[2012.12.26 15:26:52 | 000,023,971 | ---- | M] () -- \Windows\AutoKMS\AutoKMS.log
< *activator* /s >
< *serial* /s >
File not found -- \Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009.05.21 19:57:00 | 000,004,185 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009.05.21 19:57:00 | 000,004,185 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009.05.21 19:57:00 | 000,004,185 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009.05.21 19:57:00 | 000,004,185 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009.05.21 19:57:00 | 000,004,185 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009.05.21 19:57:00 | 000,004,185 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009.05.21 19:57:00 | 000,004,185 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009.05.21 19:57:00 | 000,004,185 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Application Data\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009.05.21 19:57:00 | 000,004,185 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009.05.21 19:57:00 | 000,004,185 | ---- | M] () -- \Documents and Settings\All Users\Application Data\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009.05.21 19:57:00 | 000,004,185 | ---- | M] () -- \Documents and Settings\All Users\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2011.03.10 00:43:26 | 000,413,696 | ---- | M] () -- \Program Files\Microsoft Silverlight\4.0.60310.0\System.Runtime.Serialization.dll
[2013.10.06 12:53:56 | 001,186,816 | ---- | M] () -- \Program Files\Microsoft Silverlight\4.0.60310.0\System.Runtime.Serialization.ni.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.05 03:53:39 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
File not found -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009.05.21 19:57:00 | 000,004,185 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009.05.21 19:57:00 | 000,004,185 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009.05.21 19:57:00 | 000,004,185 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009.05.21 19:57:00 | 000,004,185 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009.05.21 19:57:00 | 000,004,185 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009.05.21 19:57:00 | 000,004,185 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009.05.21 19:57:00 | 000,004,185 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009.05.21 19:57:00 | 000,004,185 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009.05.21 19:57:00 | 000,004,185 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009.05.21 19:57:00 | 000,004,185 | ---- | M] () -- \ProgramData\Application Data\Application Data\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009.05.21 19:57:00 | 000,004,185 | ---- | M] () -- \ProgramData\Application Data\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009.05.21 19:57:00 | 000,004,185 | ---- | M] () -- \ProgramData\HP\LGT\Data\Models\Images\identifying_serial.jpg
File not found -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009.05.21 19:57:00 | 000,004,185 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009.05.21 19:57:00 | 000,004,185 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009.05.21 19:57:00 | 000,004,185 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009.05.21 19:57:00 | 000,004,185 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009.05.21 19:57:00 | 000,004,185 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009.05.21 19:57:00 | 000,004,185 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009.05.21 19:57:00 | 000,004,185 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009.05.21 19:57:00 | 000,004,185 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009.05.21 19:57:00 | 000,004,185 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009.05.21 19:57:00 | 000,004,185 | ---- | M] () -- \Users\All Users\Application Data\Application Data\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009.05.21 19:57:00 | 000,004,185 | ---- | M] () -- \Users\All Users\Application Data\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009.05.21 19:57:00 | 000,004,185 | ---- | M] () -- \Users\All Users\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009.07.14 10:43:23 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.13 03:55:26 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.08.12 04:28:00 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\a300d50e46379ad6eca7f58e63f4ed70\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.08.12 04:31:27 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\c476801f82f0b0cff48afcafce7e919d\System.Runtime.Serialization.ni.dll
[2013.08.12 20:34:09 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\5f0cbd7489fce0c1617c0d28f1258cc8\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.08.12 20:33:56 | 002,647,552 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\6b3adc90b6f811b557d290e1436e7ff8\System.Runtime.Serialization.ni.dll
[2013.08.12 14:52:44 | 000,009,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\cda839ea462e123d42cb6d0883cf0f4d\System.Xml.Serialization.ni.dll
[2011.12.26 21:37:58 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.08.12 19:14:10 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2011.12.26 21:37:57 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2013.08.12 19:14:04 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.08.12 19:14:22 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.05 03:53:33 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.10.05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 14:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 14:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.06 17:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2010.06.15 03:33:16 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 03:33:16 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2009.07.14 10:43:17 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 01:45:33 | 000,083,456 | ---- | M] () -- \Windows\System32\drivers\serial.sys
[2009.07.14 10:43:30 | 000,009,728 | ---- | M] () -- \Windows\System32\drivers\cs-CZ\serial.sys.mui
[2009.07.14 00:13:45 | 001,068,032 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\mdmmotsm.inf_x86_neutral_c1415d9789c54b89\smserial.sys
[2009.07.14 01:45:33 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_x86_neutral_c1a802e06677f73f\serial.sys
[2009.07.14 00:09:18 | 000,031,232 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_x86_neutral_63e72c669d043f14\grserial.sys
[2009.07.14 03:52:33 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896.manifest
[2010.11.20 06:06:16 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2012.10.05 19:15:39 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285.manifest
[2012.10.05 19:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d.manifest
[2009.07.14 10:42:43 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2012.10.05 21:04:43 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f.manifest
[2012.10.05 21:02:24 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797.manifest
[2009.07.14 03:51:52 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9.manifest
[2010.11.20 06:05:38 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2012.10.05 19:15:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8.manifest
[2012.10.05 19:17:15 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0.manifest
[2009.07.14 03:49:26 | 000,002,762 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486.manifest
[2009.07.14 03:45:27 | 000,000,866 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_2c93290b67c98d09.manifest
[2009.07.14 03:57:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b.manifest
[2010.11.20 06:10:46 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2012.10.05 19:19:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa.manifest
[2012.10.05 19:22:10 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2.manifest
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2009.07.14 10:43:23 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 23:14:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896\System.Runtime.Serialization.dll
[2010.11.05 03:52:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2012.10.05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285\System.Runtime.Serialization.dll
[2012.10.05 12:56:07 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d\System.Runtime.Serialization.dll
[2009.07.14 10:43:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2010.11.13 03:55:26 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f\System.RunTime.Serialization.Resources.dll
[2010.11.13 04:37:50 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797\System.RunTime.Serialization.Resources.dll
[2009.06.10 23:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9\System.Runtime.Serialization.dll
[2010.11.05 03:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8\System.Runtime.Serialization.dll
[2012.10.05 12:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0\System.Runtime.Serialization.dll
[2009.07.14 00:13:45 | 001,068,032 | ---- | M] () -- \Windows\winsxs\x86_mdmmotsm.inf_31bf3856ad364e35_6.1.7600.16385_none_7a97936f8a972896\smserial.sys
[2009.07.14 10:43:15 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_c002c1170ca9a88f\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.05 03:53:33 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_c233d4df09982c29\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.07.14 10:43:17 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2009.07.14 10:43:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_5d4a68b4b3d26ecc\System.RunTime.Serialization.Resources.dll
[2010.11.05 03:53:39 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2009.07.14 10:43:30 | 000,009,728 | ---- | M] () -- \Windows\winsxs\x86_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_c48c78a9ad8ff996\serial.sys.mui
[2009.07.14 01:45:33 | 000,083,456 | ---- | M] () -- \Windows\winsxs\x86_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_f86e06d519b1d9a4\serial.sys
[2009.07.14 00:09:18 | 000,031,232 | ---- | M] () -- \Windows\winsxs\x86_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_7280378295916274\grserial.sys
[2009.06.10 23:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b\System.Runtime.Serialization.dll
[2010.11.05 03:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa\System.Runtime.Serialization.dll
[2012.10.05 12:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2\System.Runtime.Serialization.dll
< *w7lxe* /s >
< End of report >
Re: Preventivní kontrola
Extras.Txt
OTL Extras logfile created on: 14.10.2013 10:28:19 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Honza\Downloads\Nemazat antiviry
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
759,56 Mb Total Physical Memory | 317,28 Mb Available Physical Memory | 41,77% Memory free
1,85 Gb Paging File | 1,16 Gb Available in Paging File | 62,73% Paging File free
Paging file location(s): c:\pagefile.sys 1138 1138 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 33,11 Gb Total Space | 7,18 Gb Free Space | 21,68% Space Free | Partition Type: NTFS
Computer Name: HONZA-PC | User Name: Honza | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- Reg Error: Key error. File not found
[HKEY_USERS\S-1-5-21-4247155528-3212375473-46874632-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Opera\Opera.exe" "%1"
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with &IrfanView] -- "C:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01ACE15A-1462-4169-84A9-03FB7EFE2798}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{1D98BB46-B99A-4806-9158-4E7F97435595}" = lport=445 | protocol=6 | dir=in | app=system |
"{263C79F2-1A9A-4081-8752-77F06C88DFD4}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2CD0E5D0-9D61-496C-8D96-5E986C00F846}" = rport=137 | protocol=17 | dir=out | app=system |
"{2EED67C9-1178-41C0-9CDB-AB65DAEF3E1C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3D81A861-A814-454D-A6C0-99BD81B24F0A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{41D99217-4C53-4775-A00A-54F95297869B}" = lport=139 | protocol=6 | dir=in | app=system |
"{46B2F019-2F41-4C2C-A6F6-B81B237069EC}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{500ABC2E-01A0-431B-A005-2C4568670227}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{5178F1D0-51BF-4710-A7EA-944A8935A95D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5BB9E3AF-E71F-4532-AFAD-9917095B6CE0}" = rport=139 | protocol=6 | dir=out | app=system |
"{60BB8E84-53D1-424B-B09F-8EC2835B38D9}" = lport=137 | protocol=17 | dir=in | app=system |
"{6410D9FD-B691-46B8-B9CC-1EEE3B872EAF}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{6C11C370-57C5-4808-8443-8C27E2AAA483}" = rport=138 | protocol=17 | dir=out | app=system |
"{857AA5D3-4D7E-4966-BB2E-3F199D7426AF}" = rport=10243 | protocol=6 | dir=out | app=system |
"{8A20EF87-8156-41CC-8EDA-775E54F00C05}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{8A4BBDD0-9BEF-4D06-BAC7-DEB30A844189}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{8CC1C4C8-49AA-40FF-B663-5BC473AE4E68}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{964BD781-A381-4A3F-9B2C-3F182119DB3A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9AC470CF-35D5-4372-8A7F-C6D7A42F0B8B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A9412F07-CCF2-4DC1-A9DF-DD618136C792}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CA8CAFEC-80F7-46BB-887D-765F2D8495AA}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CB828571-7E1D-429E-A775-BF497851D741}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D9F25233-66B6-4805-BA92-DAEF3E1476B5}" = lport=10243 | protocol=6 | dir=in | app=system |
"{DA20CE0B-88AE-4181-99E0-DAF9F3D713A5}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DC22353E-D74A-4DF2-8983-64100D1AC6DC}" = rport=445 | protocol=6 | dir=out | app=system |
"{E6F857F4-F8CC-4DEE-ACC5-258C97F0FE98}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{ECC85A08-2FC0-4C38-8B78-C8BFE195F218}" = lport=2869 | protocol=6 | dir=in | app=system |
"{EE78A2AD-4BC1-4E5F-811A-F5E0D0669168}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FDE35B0B-1243-49A9-9DB6-05F292B2005A}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FEDC3302-D325-4557-8214-740A83763A11}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{FFDA85FE-B578-415C-A3D0-C1942DD846F0}" = lport=138 | protocol=17 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0D435054-FFF5-4ED3-8FE3-6F14493380B2}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{0EFF2CD6-95AE-4CFE-86C1-C6625E28FBCE}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe |
"{0FAAF0D3-A84C-4407-889F-FEEBC83422C7}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{102964FD-D354-4C75-B3B6-917143957E11}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe |
"{14D4B974-64AD-468C-A4B4-B0B7F1FED9CD}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{1A12E5B2-92D2-4D9D-8D5F-1391F78ADEB0}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{244F88E3-7E97-4853-B399-C4E4A55322EF}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe |
"{2C836483-98D0-4E06-B58D-8679C0663307}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{49A02433-C623-4B76-96EF-835D9E62AA5B}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version8\teamviewer.exe |
"{4F440836-0DEE-4A3E-9AFD-5A45304F7227}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{51604916-719B-4E9A-BFD1-215D35A386CD}" = protocol=6 | dir=out | app=system |
"{5181ED85-171B-407F-8EC9-4857F64C5220}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{55AA64BA-8578-4447-A424-E033140B7BEB}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{59A72F1C-6BB9-40C6-A41E-8CAC86FF34EC}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{6354DC0F-90A4-4B49-8201-FE88595B25BF}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version8\teamviewer_service.exe |
"{6A0993ED-92C2-4E55-913B-B862D0C8D0CB}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{6B6EC289-BFE8-472A-89E2-18651CB0468F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{6CC7E67B-BB12-428E-9F40-519079A7CF38}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6FF28ADE-1063-4BF5-8177-C37F3E5FD6F5}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{72B12669-13AD-4FAD-86B4-A92E927C0678}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{7AEB5B23-2893-4937-9A31-50218382AE22}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{7F804B6B-C011-49E7-8144-F0D9279D6C0A}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{85FB5543-BEA9-4A9C-ABE4-0FC78E4D7014}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe |
"{96F52DC4-EE7B-43A0-9B51-FE929F1B283A}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqcopy2.exe |
"{A1F3D7CD-59BA-4E2F-A003-7087B990EB98}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{ABD2E7BB-51A9-4A2C-BB80-C390EC211955}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe |
"{B78DE316-0C6F-4AC6-8BD2-AE7B2E6C563F}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe |
"{BCE8838E-3BF9-48A1-A6A2-50222D41DAB0}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe |
"{BE912DDA-C3E3-4D61-9DB2-4E324F8B7AC4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C10A9F66-A908-44D4-93FB-E6B05EADA5A8}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{C5185F8B-BD8F-43A8-B097-8911897961D3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C64F1175-AA51-4152-A27D-D454EBBE839E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{CA0C2AAC-06A2-45AF-8462-1CADF730002B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CAF1FF23-7C92-47E7-A6F1-D234E8ACDCD2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D4B98057-03C4-4A2F-A6D1-800B62A4330B}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version8\teamviewer.exe |
"{D587D193-E7E7-4456-BD20-C4F61A67BC4C}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe |
"{DA40F477-2BF2-4B2A-A55A-920A97F5665F}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E3EF89FF-DFE9-48BC-BB7C-F97F1B3BEB43}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E4976824-EE37-4372-9578-805C56749CE6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E524994A-D590-46E6-8CB2-E3F55B7975A7}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe |
"{E68B0E12-28ED-470F-9F62-FD0BF7CB91A9}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe |
"{E97B98CB-74C5-43B7-AC52-032B7D948C0F}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version8\teamviewer_service.exe |
"{EB18C2F4-FD46-4AE1-9D76-735CA242F093}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe |
"{F8A6A009-ADB5-49F7-81B6-98EC7C6CDBF1}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe |
"{F964B15C-AB49-4000-AE99-83E86FFB15A5}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"TCP Query User{7AC31718-B67B-4408-8F31-981611A36960}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=6 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe |
"UDP Query User{E2CFA68F-2BF7-4C44-9DD2-B088B626B5F6}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=17 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{26A24AE4-039D-4CA4-87B4-2F83217040FF}" = Java 7 Update 40
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{42E2EEB2-D48E-4A47-B181-32ECA031D93B}" = DJ_AIO_06_F2400_SW_Min
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{4412F224-3849-4461-A3E9-DEEF8D252790}" = Visual Studio C++ 10.0 Runtime
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BAA71B6-8F43-4C72-931A-3354ABB0258A}" = F2400
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6FFEF5E1-F7B0-40DD-838D-557BD7EE4301}" = TP-LINK Wireless Utility
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Extreme Graphics 2 Driver
"{8C0CAA7A-3272-4991-A808-2C7559DE3409}" = Win7codecs
"{90140000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{922E8525-AC7E-4294-ACAA-43712D4423C0}" = Adobe Flash Player 10 ActiveX
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A80FA752-C491-4ED9-ABF0-4278563160B2}" = 32 Bit HP CIO Components Installer
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects
"{C82D8932-EB28-4da6-9582-33D515D46F04}" = Huawei Drivers
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CDBF8C2D-04B0-4F9B-9AE1-7422F7F0EC94}" = HP Deskjet F2400 All-In-One Driver Software 13.0 Rel .6
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{E864A1C8-EEE1-47D0-A7F8-00CC86D26D5E}_is1" = Wise Care 365 version 2.84
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{FAF26102-09D7-4C58-AB01-0D59A2E517CA}" = Copy
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE v.6.81
"aTube Catcher" = aTube Catcher
"avast" = avast! Free Antivirus
"CCleaner" = CCleaner
"Foxit Reader" = Foxit Reader
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Print Projects" = HP Print Projects 1.0
"HP Smart Web Printing" = HP Smart Web Printing 4.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"IrfanView" = IrfanView (remove only)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Mozilla Firefox 24.0 (x86 cs)" = Mozilla Firefox 24.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MyTomTom" = MyTomTom 3.2.0.1116
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"Shop for HP Supplies" = Shop for HP Supplies
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TeamViewer 8" = TeamViewer 8
"The KMPlayer" = The KMPlayer (remove only)
"T-Mobile Communication Centre" = T-Mobile Internet Manager
"WinRAR archiver" = WinRAR
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-4247155528-3212375473-46874632-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"UnityWebPlayer" = Unity Web Player
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 30.11.2012 17:40:51 | Computer Name = Honza-PC | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro c:\program files\irfanview\Plugins\Riot.dll
se nezdařilo. Chyba v souboru manifestu nebo zásady c:\program files\irfanview\Plugins\Riot.dll
na řádku 8. Hodnota atributu name v prvku file je neplatná.
Error - 1.12.2012 13:31:23 | Computer Name = Honza-PC | Source = VSS | ID = 8194
Description =
Error - 2.12.2012 10:12:12 | Computer Name = Honza-PC | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro c:\program files\irfanview\Plugins\Riot.dll
se nezdařilo. Chyba v souboru manifestu nebo zásady c:\program files\irfanview\Plugins\Riot.dll
na řádku 8. Hodnota atributu name v prvku file je neplatná.
Error - 3.12.2012 17:51:45 | Computer Name = Honza-PC | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro c:\program files\irfanview\Plugins\Riot.dll
se nezdařilo. Chyba v souboru manifestu nebo zásady c:\program files\irfanview\Plugins\Riot.dll
na řádku 8. Hodnota atributu name v prvku file je neplatná.
Error - 4.12.2012 12:03:11 | Computer Name = Honza-PC | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro c:\program files\irfanview\Plugins\Riot.dll
se nezdařilo. Chyba v souboru manifestu nebo zásady c:\program files\irfanview\Plugins\Riot.dll
na řádku 8. Hodnota atributu name v prvku file je neplatná.
Error - 6.12.2012 6:15:38 | Computer Name = Honza-PC | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro c:\program files\irfanview\Plugins\Riot.dll
se nezdařilo. Chyba v souboru manifestu nebo zásady c:\program files\irfanview\Plugins\Riot.dll
na řádku 8. Hodnota atributu name v prvku file je neplatná.
Error - 7.12.2012 15:39:34 | Computer Name = Honza-PC | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro c:\program files\irfanview\Plugins\Riot.dll
se nezdařilo. Chyba v souboru manifestu nebo zásady c:\program files\irfanview\Plugins\Riot.dll
na řádku 8. Hodnota atributu name v prvku file je neplatná.
Error - 9.12.2012 13:29:05 | Computer Name = Honza-PC | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro c:\program files\irfanview\Plugins\Riot.dll
se nezdařilo. Chyba v souboru manifestu nebo zásady c:\program files\irfanview\Plugins\Riot.dll
na řádku 8. Hodnota atributu name v prvku file je neplatná.
Error - 14.12.2012 15:25:16 | Computer Name = Honza-PC | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro c:\program files\irfanview\Plugins\Riot.dll
se nezdařilo. Chyba v souboru manifestu nebo zásady c:\program files\irfanview\Plugins\Riot.dll
na řádku 8. Hodnota atributu name v prvku file je neplatná.
Error - 20.12.2012 12:17:54 | Computer Name = Honza-PC | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro c:\program files\irfanview\Plugins\Riot.dll
se nezdařilo. Chyba v souboru manifestu nebo zásady c:\program files\irfanview\Plugins\Riot.dll
na řádku 8. Hodnota atributu name v prvku file je neplatná.
[ System Events ]
Error - 12.10.2013 5:02:51 | Computer Name = Honza-PC | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description = Některé funkce řízení napájení při činnosti procesoru byly zakázány
z důvodu potíží s firmwarem. Požádejte výrobce počítače o aktualizovaný firmware.
Error - 12.10.2013 5:04:25 | Computer Name = Honza-PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: cdrom
Error - 12.10.2013 14:58:57 | Computer Name = Honza-PC | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description = Některé funkce řízení napájení při činnosti procesoru byly zakázány
z důvodu potíží s firmwarem. Požádejte výrobce počítače o aktualizovaný firmware.
Error - 12.10.2013 15:00:01 | Computer Name = Honza-PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: cdrom
Error - 13.10.2013 15:11:20 | Computer Name = Honza-PC | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description = Některé funkce řízení napájení při činnosti procesoru byly zakázány
z důvodu potíží s firmwarem. Požádejte výrobce počítače o aktualizovaný firmware.
Error - 13.10.2013 15:12:05 | Computer Name = Honza-PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: cdrom
Error - 13.10.2013 15:30:51 | Computer Name = Honza-PC | Source = Server | ID = 2505
Description = Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{1C501349-9D92-2FB6-6C78-53ACC94F814A},
protože jiný počítač v síti má stejný název. Server nelze spustit.
Error - 13.10.2013 15:31:36 | Computer Name = Honza-PC | Source = Server | ID = 2505
Description = Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{1C501349-9D92-2FB6-6C78-53ACC94F814A},
protože jiný počítač v síti má stejný název. Server nelze spustit.
Error - 14.10.2013 4:07:01 | Computer Name = Honza-PC | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description = Některé funkce řízení napájení při činnosti procesoru byly zakázány
z důvodu potíží s firmwarem. Požádejte výrobce počítače o aktualizovaný firmware.
Error - 14.10.2013 4:08:54 | Computer Name = Honza-PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: cdrom
< End of report >
OTL Extras logfile created on: 14.10.2013 10:28:19 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Honza\Downloads\Nemazat antiviry
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
759,56 Mb Total Physical Memory | 317,28 Mb Available Physical Memory | 41,77% Memory free
1,85 Gb Paging File | 1,16 Gb Available in Paging File | 62,73% Paging File free
Paging file location(s): c:\pagefile.sys 1138 1138 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 33,11 Gb Total Space | 7,18 Gb Free Space | 21,68% Space Free | Partition Type: NTFS
Computer Name: HONZA-PC | User Name: Honza | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- Reg Error: Key error. File not found
[HKEY_USERS\S-1-5-21-4247155528-3212375473-46874632-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Opera\Opera.exe" "%1"
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with &IrfanView] -- "C:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01ACE15A-1462-4169-84A9-03FB7EFE2798}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{1D98BB46-B99A-4806-9158-4E7F97435595}" = lport=445 | protocol=6 | dir=in | app=system |
"{263C79F2-1A9A-4081-8752-77F06C88DFD4}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2CD0E5D0-9D61-496C-8D96-5E986C00F846}" = rport=137 | protocol=17 | dir=out | app=system |
"{2EED67C9-1178-41C0-9CDB-AB65DAEF3E1C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3D81A861-A814-454D-A6C0-99BD81B24F0A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{41D99217-4C53-4775-A00A-54F95297869B}" = lport=139 | protocol=6 | dir=in | app=system |
"{46B2F019-2F41-4C2C-A6F6-B81B237069EC}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{500ABC2E-01A0-431B-A005-2C4568670227}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{5178F1D0-51BF-4710-A7EA-944A8935A95D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5BB9E3AF-E71F-4532-AFAD-9917095B6CE0}" = rport=139 | protocol=6 | dir=out | app=system |
"{60BB8E84-53D1-424B-B09F-8EC2835B38D9}" = lport=137 | protocol=17 | dir=in | app=system |
"{6410D9FD-B691-46B8-B9CC-1EEE3B872EAF}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{6C11C370-57C5-4808-8443-8C27E2AAA483}" = rport=138 | protocol=17 | dir=out | app=system |
"{857AA5D3-4D7E-4966-BB2E-3F199D7426AF}" = rport=10243 | protocol=6 | dir=out | app=system |
"{8A20EF87-8156-41CC-8EDA-775E54F00C05}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{8A4BBDD0-9BEF-4D06-BAC7-DEB30A844189}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{8CC1C4C8-49AA-40FF-B663-5BC473AE4E68}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{964BD781-A381-4A3F-9B2C-3F182119DB3A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9AC470CF-35D5-4372-8A7F-C6D7A42F0B8B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A9412F07-CCF2-4DC1-A9DF-DD618136C792}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CA8CAFEC-80F7-46BB-887D-765F2D8495AA}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CB828571-7E1D-429E-A775-BF497851D741}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D9F25233-66B6-4805-BA92-DAEF3E1476B5}" = lport=10243 | protocol=6 | dir=in | app=system |
"{DA20CE0B-88AE-4181-99E0-DAF9F3D713A5}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DC22353E-D74A-4DF2-8983-64100D1AC6DC}" = rport=445 | protocol=6 | dir=out | app=system |
"{E6F857F4-F8CC-4DEE-ACC5-258C97F0FE98}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{ECC85A08-2FC0-4C38-8B78-C8BFE195F218}" = lport=2869 | protocol=6 | dir=in | app=system |
"{EE78A2AD-4BC1-4E5F-811A-F5E0D0669168}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FDE35B0B-1243-49A9-9DB6-05F292B2005A}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FEDC3302-D325-4557-8214-740A83763A11}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{FFDA85FE-B578-415C-A3D0-C1942DD846F0}" = lport=138 | protocol=17 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0D435054-FFF5-4ED3-8FE3-6F14493380B2}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{0EFF2CD6-95AE-4CFE-86C1-C6625E28FBCE}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe |
"{0FAAF0D3-A84C-4407-889F-FEEBC83422C7}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{102964FD-D354-4C75-B3B6-917143957E11}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe |
"{14D4B974-64AD-468C-A4B4-B0B7F1FED9CD}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{1A12E5B2-92D2-4D9D-8D5F-1391F78ADEB0}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{244F88E3-7E97-4853-B399-C4E4A55322EF}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe |
"{2C836483-98D0-4E06-B58D-8679C0663307}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{49A02433-C623-4B76-96EF-835D9E62AA5B}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version8\teamviewer.exe |
"{4F440836-0DEE-4A3E-9AFD-5A45304F7227}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{51604916-719B-4E9A-BFD1-215D35A386CD}" = protocol=6 | dir=out | app=system |
"{5181ED85-171B-407F-8EC9-4857F64C5220}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{55AA64BA-8578-4447-A424-E033140B7BEB}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{59A72F1C-6BB9-40C6-A41E-8CAC86FF34EC}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{6354DC0F-90A4-4B49-8201-FE88595B25BF}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version8\teamviewer_service.exe |
"{6A0993ED-92C2-4E55-913B-B862D0C8D0CB}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{6B6EC289-BFE8-472A-89E2-18651CB0468F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{6CC7E67B-BB12-428E-9F40-519079A7CF38}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6FF28ADE-1063-4BF5-8177-C37F3E5FD6F5}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{72B12669-13AD-4FAD-86B4-A92E927C0678}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{7AEB5B23-2893-4937-9A31-50218382AE22}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{7F804B6B-C011-49E7-8144-F0D9279D6C0A}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{85FB5543-BEA9-4A9C-ABE4-0FC78E4D7014}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe |
"{96F52DC4-EE7B-43A0-9B51-FE929F1B283A}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqcopy2.exe |
"{A1F3D7CD-59BA-4E2F-A003-7087B990EB98}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{ABD2E7BB-51A9-4A2C-BB80-C390EC211955}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe |
"{B78DE316-0C6F-4AC6-8BD2-AE7B2E6C563F}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe |
"{BCE8838E-3BF9-48A1-A6A2-50222D41DAB0}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe |
"{BE912DDA-C3E3-4D61-9DB2-4E324F8B7AC4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C10A9F66-A908-44D4-93FB-E6B05EADA5A8}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{C5185F8B-BD8F-43A8-B097-8911897961D3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C64F1175-AA51-4152-A27D-D454EBBE839E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{CA0C2AAC-06A2-45AF-8462-1CADF730002B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CAF1FF23-7C92-47E7-A6F1-D234E8ACDCD2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D4B98057-03C4-4A2F-A6D1-800B62A4330B}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version8\teamviewer.exe |
"{D587D193-E7E7-4456-BD20-C4F61A67BC4C}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe |
"{DA40F477-2BF2-4B2A-A55A-920A97F5665F}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E3EF89FF-DFE9-48BC-BB7C-F97F1B3BEB43}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E4976824-EE37-4372-9578-805C56749CE6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E524994A-D590-46E6-8CB2-E3F55B7975A7}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe |
"{E68B0E12-28ED-470F-9F62-FD0BF7CB91A9}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe |
"{E97B98CB-74C5-43B7-AC52-032B7D948C0F}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version8\teamviewer_service.exe |
"{EB18C2F4-FD46-4AE1-9D76-735CA242F093}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe |
"{F8A6A009-ADB5-49F7-81B6-98EC7C6CDBF1}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe |
"{F964B15C-AB49-4000-AE99-83E86FFB15A5}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"TCP Query User{7AC31718-B67B-4408-8F31-981611A36960}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=6 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe |
"UDP Query User{E2CFA68F-2BF7-4C44-9DD2-B088B626B5F6}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=17 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{26A24AE4-039D-4CA4-87B4-2F83217040FF}" = Java 7 Update 40
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{42E2EEB2-D48E-4A47-B181-32ECA031D93B}" = DJ_AIO_06_F2400_SW_Min
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{4412F224-3849-4461-A3E9-DEEF8D252790}" = Visual Studio C++ 10.0 Runtime
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BAA71B6-8F43-4C72-931A-3354ABB0258A}" = F2400
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6FFEF5E1-F7B0-40DD-838D-557BD7EE4301}" = TP-LINK Wireless Utility
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Extreme Graphics 2 Driver
"{8C0CAA7A-3272-4991-A808-2C7559DE3409}" = Win7codecs
"{90140000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{922E8525-AC7E-4294-ACAA-43712D4423C0}" = Adobe Flash Player 10 ActiveX
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A80FA752-C491-4ED9-ABF0-4278563160B2}" = 32 Bit HP CIO Components Installer
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects
"{C82D8932-EB28-4da6-9582-33D515D46F04}" = Huawei Drivers
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CDBF8C2D-04B0-4F9B-9AE1-7422F7F0EC94}" = HP Deskjet F2400 All-In-One Driver Software 13.0 Rel .6
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{E864A1C8-EEE1-47D0-A7F8-00CC86D26D5E}_is1" = Wise Care 365 version 2.84
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{FAF26102-09D7-4C58-AB01-0D59A2E517CA}" = Copy
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE v.6.81
"aTube Catcher" = aTube Catcher
"avast" = avast! Free Antivirus
"CCleaner" = CCleaner
"Foxit Reader" = Foxit Reader
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Print Projects" = HP Print Projects 1.0
"HP Smart Web Printing" = HP Smart Web Printing 4.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"IrfanView" = IrfanView (remove only)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Mozilla Firefox 24.0 (x86 cs)" = Mozilla Firefox 24.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MyTomTom" = MyTomTom 3.2.0.1116
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"Shop for HP Supplies" = Shop for HP Supplies
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TeamViewer 8" = TeamViewer 8
"The KMPlayer" = The KMPlayer (remove only)
"T-Mobile Communication Centre" = T-Mobile Internet Manager
"WinRAR archiver" = WinRAR
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-4247155528-3212375473-46874632-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"UnityWebPlayer" = Unity Web Player
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 30.11.2012 17:40:51 | Computer Name = Honza-PC | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro c:\program files\irfanview\Plugins\Riot.dll
se nezdařilo. Chyba v souboru manifestu nebo zásady c:\program files\irfanview\Plugins\Riot.dll
na řádku 8. Hodnota atributu name v prvku file je neplatná.
Error - 1.12.2012 13:31:23 | Computer Name = Honza-PC | Source = VSS | ID = 8194
Description =
Error - 2.12.2012 10:12:12 | Computer Name = Honza-PC | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro c:\program files\irfanview\Plugins\Riot.dll
se nezdařilo. Chyba v souboru manifestu nebo zásady c:\program files\irfanview\Plugins\Riot.dll
na řádku 8. Hodnota atributu name v prvku file je neplatná.
Error - 3.12.2012 17:51:45 | Computer Name = Honza-PC | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro c:\program files\irfanview\Plugins\Riot.dll
se nezdařilo. Chyba v souboru manifestu nebo zásady c:\program files\irfanview\Plugins\Riot.dll
na řádku 8. Hodnota atributu name v prvku file je neplatná.
Error - 4.12.2012 12:03:11 | Computer Name = Honza-PC | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro c:\program files\irfanview\Plugins\Riot.dll
se nezdařilo. Chyba v souboru manifestu nebo zásady c:\program files\irfanview\Plugins\Riot.dll
na řádku 8. Hodnota atributu name v prvku file je neplatná.
Error - 6.12.2012 6:15:38 | Computer Name = Honza-PC | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro c:\program files\irfanview\Plugins\Riot.dll
se nezdařilo. Chyba v souboru manifestu nebo zásady c:\program files\irfanview\Plugins\Riot.dll
na řádku 8. Hodnota atributu name v prvku file je neplatná.
Error - 7.12.2012 15:39:34 | Computer Name = Honza-PC | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro c:\program files\irfanview\Plugins\Riot.dll
se nezdařilo. Chyba v souboru manifestu nebo zásady c:\program files\irfanview\Plugins\Riot.dll
na řádku 8. Hodnota atributu name v prvku file je neplatná.
Error - 9.12.2012 13:29:05 | Computer Name = Honza-PC | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro c:\program files\irfanview\Plugins\Riot.dll
se nezdařilo. Chyba v souboru manifestu nebo zásady c:\program files\irfanview\Plugins\Riot.dll
na řádku 8. Hodnota atributu name v prvku file je neplatná.
Error - 14.12.2012 15:25:16 | Computer Name = Honza-PC | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro c:\program files\irfanview\Plugins\Riot.dll
se nezdařilo. Chyba v souboru manifestu nebo zásady c:\program files\irfanview\Plugins\Riot.dll
na řádku 8. Hodnota atributu name v prvku file je neplatná.
Error - 20.12.2012 12:17:54 | Computer Name = Honza-PC | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro c:\program files\irfanview\Plugins\Riot.dll
se nezdařilo. Chyba v souboru manifestu nebo zásady c:\program files\irfanview\Plugins\Riot.dll
na řádku 8. Hodnota atributu name v prvku file je neplatná.
[ System Events ]
Error - 12.10.2013 5:02:51 | Computer Name = Honza-PC | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description = Některé funkce řízení napájení při činnosti procesoru byly zakázány
z důvodu potíží s firmwarem. Požádejte výrobce počítače o aktualizovaný firmware.
Error - 12.10.2013 5:04:25 | Computer Name = Honza-PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: cdrom
Error - 12.10.2013 14:58:57 | Computer Name = Honza-PC | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description = Některé funkce řízení napájení při činnosti procesoru byly zakázány
z důvodu potíží s firmwarem. Požádejte výrobce počítače o aktualizovaný firmware.
Error - 12.10.2013 15:00:01 | Computer Name = Honza-PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: cdrom
Error - 13.10.2013 15:11:20 | Computer Name = Honza-PC | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description = Některé funkce řízení napájení při činnosti procesoru byly zakázány
z důvodu potíží s firmwarem. Požádejte výrobce počítače o aktualizovaný firmware.
Error - 13.10.2013 15:12:05 | Computer Name = Honza-PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: cdrom
Error - 13.10.2013 15:30:51 | Computer Name = Honza-PC | Source = Server | ID = 2505
Description = Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{1C501349-9D92-2FB6-6C78-53ACC94F814A},
protože jiný počítač v síti má stejný název. Server nelze spustit.
Error - 13.10.2013 15:31:36 | Computer Name = Honza-PC | Source = Server | ID = 2505
Description = Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{1C501349-9D92-2FB6-6C78-53ACC94F814A},
protože jiný počítač v síti má stejný název. Server nelze spustit.
Error - 14.10.2013 4:07:01 | Computer Name = Honza-PC | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description = Některé funkce řízení napájení při činnosti procesoru byly zakázány
z důvodu potíží s firmwarem. Požádejte výrobce počítače o aktualizovaný firmware.
Error - 14.10.2013 4:08:54 | Computer Name = Honza-PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: cdrom
< End of report >
Re: Preventivní kontrola
Ten system ale moc legalni nebude, ze? 
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Preventivní kontrola
No comment 
Re: Preventivní kontrola
Pravidla fora hovori jasne http://forum.viry.cz/viewtopic.php?f=12&t=115512Mamlas01 píše:No comment
Pomáhat NELZE:
2) Pokud stroj uživatele prokazatelně obsahuje nelegální hostitelský čí ochranný software
(operační systém, antivir, firewall, atd.), je nutné navést uživatele k nápravě, např. skrze neplacený software,
a začít řešit, až v době kdy je PC "v pořádku". V případě že uživatel nechce na pravidla přistoupit,
je nutné jej vyzvat ať fórum opustí, a vrátí se až je splní.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Preventivní kontrola
Děkuji za váš ztracený čas.
Re: Preventivní kontrola
No neni samozrejme zac
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Přispějete na provoz fóra?