Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Preventivní kontrola

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
Ladislav Scholze
Návštěvník
Návštěvník
Příspěvky: 47
Registrován: 06 led 2013 10:18

Re: Preventivní kontrola

#31 Příspěvek od Ladislav Scholze »

Takže posílám log

RogueKiller V8.4.3 [Jan 10 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Ladislav Scholze [Práva správce]
Mód : Kontrola -- Datum : 01/16/2013 19:20:22

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\windows\system32\drivers\etc\hosts



¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: WDC WD6400BPVT-60HXZT1 +++++
--- User ---
[MBR] 4d03127019e76ee52d130522fc468cf0
[BSP] d4065d26e0ae07e47fc70680adf8d2e7 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 300 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 616448 | Size: 587798 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1204426752 | Size: 17258 Mo
3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 1239771136 | Size: 5115 Mo
User = LL1 ... OK!
User != LL2 ... KO!
--- LL2 ---
[MBR] 8d7c17ec0ab52f8d4bc5cb08cd1bc581
[BSP] d4065d26e0ae07e47fc70680adf8d2e7 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 300 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 616448 | Size: 61440 Mo
2 - [ACTIVE] FAT16 (0x06) [VISIBLE] Offset (sectors): 167999488 | Size: 1001 Mo
3 - [XXXXXX] FAT16 (0x06) [VISIBLE] Offset (sectors): 171999232 | Size: 2000 Mo

+++++ PhysicalDrive1: Seagate Expansion USB Device +++++
--- User ---
[MBR] 44cf74389316a22363a2e2562fb35a2a
[BSP] ce204d5178e9d50ca000b45f63c7272e : MBR Code unknown
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 953867 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Dokončeno : << RKreport[6]_S_01162013_02d1920.txt >>
RKreport[1]_S_01102013_02d1719.txt ; RKreport[2]_D_01112013_02d0623.txt ; RKreport[3]_S_01112013_02d0624.txt ; RKreport[4]_D_01112013_02d0624.txt ; RKreport[5]_H_01112013_02d0626.txt ;
RKreport[6]_S_01162013_02d1920.txt
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Preventivní kontrola

#32 Příspěvek od Márty84 »

:arrow: Udelejte sken s AVPTool http://forum.viry.cz/viewtopic.php?f=29&t=58179
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Ladislav Scholze
Návštěvník
Návštěvník
Příspěvky: 47
Registrován: 06 led 2013 10:18

Re: Preventivní kontrola

#33 Příspěvek od Ladislav Scholze »

sken s AVPTool jsem provedl, ale žádný log to nevygenerovalo.

LS
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Preventivní kontrola

#34 Příspěvek od Márty84 »

A delal jste to podle navodu? Tam je napsano, jak log ulozit.



:arrow: Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s
Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Ladislav Scholze
Návštěvník
Návštěvník
Příspěvky: 47
Registrován: 06 led 2013 10:18

Re: Preventivní kontrola

#35 Příspěvek od Ladislav Scholze »

Dobré ráno,

dělal jsem to podle návodu, ale výsledek je jak jsem psal.
Co se týče programu OTL i zde jsem postupoval dle Vašeho návodu a hlásí mi to: Nelze vytvořit soubor C: \ Users \ LADISLAV SCHOLZE \ Desktop \ cmd.bat
Tím veškerá činnost končí.

Hezký den
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Preventivní kontrola

#36 Příspěvek od Márty84 »

Obcas se to stane, ze OTL tuhle chybku vyhodi :roll:

Spustte ho podle stejneho navodu jeste jednou, ale s timto upravenym skriptem

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

*crack* /s
*keygen* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Ladislav Scholze
Návštěvník
Návštěvník
Příspěvky: 47
Registrován: 06 led 2013 10:18

Re: Preventivní kontrola

#37 Příspěvek od Ladislav Scholze »

Takže výsledek z OTL:

OTL logfile created on: 18.1.2013 7:31:18 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Ladislav Scholze\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,94 Gb Total Physical Memory | 1,86 Gb Available Physical Memory | 47,30% Memory free
7,87 Gb Paging File | 5,61 Gb Available in Paging File | 71,28% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 574,02 Gb Total Space | 425,61 Gb Free Space | 74,15% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 850,56 Gb Free Space | 91,31% Space Free | Partition Type: NTFS
Drive E: | 16,85 Gb Total Space | 2,55 Gb Free Space | 15,11% Space Free | Partition Type: NTFS
Drive F: | 4,98 Gb Total Space | 4,98 Gb Free Space | 99,83% Space Free | Partition Type: FAT32
Drive I: | 111,79 Gb Total Space | 6,25 Gb Free Space | 5,60% Space Free | Partition Type: NTFS

Computer Name: NTBLS01 | User Name: Ladislav Scholze | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013.01.17 06:12:24 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Ladislav Scholze\Desktop\OTL.exe
PRC - [2013.01.08 01:06:24 | 001,248,360 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2012.12.02 16:45:54 | 002,846,168 | ---- | M] (Mister Group) -- C:\Program Files (x86)\System Explorer\SystemExplorer.exe
PRC - [2012.01.10 15:16:38 | 000,675,872 | ---- | M] (Seznam.cz a.s.) -- C:\Program Files (x86)\Seznam.cz\bin\MiniBrowser.exe
PRC - [2012.01.10 15:16:10 | 000,491,040 | ---- | M] () -- C:\Program Files (x86)\Seznam.cz\bin\postak.exe
PRC - [2011.10.01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011.10.01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011.03.29 01:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2011.02.12 04:07:16 | 000,820,048 | R--- | M] (DigitalPersona, Inc.) -- c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
PRC - [2011.02.09 19:28:12 | 001,318,912 | ---- | M] () -- C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
PRC - [2011.02.07 19:41:26 | 000,320,000 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
PRC - [2011.02.01 09:23:10 | 001,127,448 | ---- | M] (PDF Complete Inc) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe
PRC - [2011.01.28 23:27:06 | 000,281,656 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
PRC - [2011.01.28 17:41:30 | 000,133,688 | ---- | M] (Hewlett-Packard Company) -- c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe
PRC - [2011.01.26 18:00:00 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011.01.18 21:42:44 | 000,113,264 | ---- | M] (Portrait Displays, Inc.) -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
PRC - [2011.01.17 20:42:04 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011.01.17 20:42:02 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2011.01.12 19:12:06 | 000,036,864 | ---- | M] (Hewlett-Packard Development Company, L.P) -- c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
PRC - [2011.01.07 04:08:38 | 000,138,400 | ---- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
PRC - [2010.11.29 20:10:32 | 000,210,896 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
PRC - [2010.11.11 08:43:00 | 000,502,464 | ---- | M] (ArcSoft, Inc.) -- C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe


========== Modules (No Company Name) ==========

MOD - [2013.01.08 01:06:22 | 000,460,392 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\ppgooglenaclpluginchrome.dll
MOD - [2013.01.08 01:06:19 | 004,012,648 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\pdf.dll
MOD - [2013.01.08 01:05:29 | 000,598,120 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\libglesv2.dll
MOD - [2013.01.08 01:05:28 | 000,124,520 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\libegl.dll
MOD - [2013.01.08 01:05:25 | 001,553,000 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\ffmpegsumo.dll
MOD - [2012.01.10 15:16:10 | 000,491,040 | ---- | M] () -- C:\Program Files (x86)\Seznam.cz\bin\postak.exe
MOD - [2012.01.10 13:51:40 | 000,822,816 | ---- | M] () -- C:\Program Files (x86)\Seznam.cz\bin\email.4.dll
MOD - [2012.01.10 13:51:14 | 001,151,520 | ---- | M] () -- C:\Program Files (x86)\Seznam.cz\bin\core.4.dll


========== Services (SafeList) ==========

SRV:64bit: - [2012.09.12 20:21:48 | 000,368,896 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2012.09.12 20:21:48 | 000,022,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2011.03.28 07:44:46 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011.02.12 04:07:16 | 000,481,104 | R--- | M] (DigitalPersona, Inc.) [Auto | Running] -- c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe -- (DpHost)
SRV:64bit: - [2011.02.09 19:28:12 | 001,318,912 | ---- | M] () [Auto | Running] -- C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe -- (McAfee Endpoint Encryption Agent)
SRV:64bit: - [2011.01.28 17:41:30 | 000,133,688 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe -- (HPDayStarterService)
SRV:64bit: - [2011.01.27 10:52:00 | 000,296,448 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2011.01.27 02:11:48 | 000,131,128 | ---- | M] (Hewlett-Packard Company) [Auto | Stopped] -- C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe -- (HP Power Assistant Service)
SRV:64bit: - [2011.01.27 00:01:00 | 000,030,520 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2011.01.22 03:36:02 | 003,154,224 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysNative\vcsFPService.exe -- (vcsFPService)
SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\svchost.exe -- (HPSLPSVC)
SRV:64bit: - [2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\svchost.exe -- (hpqddsvc)
SRV:64bit: - [2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (hpqcxs08)
SRV:64bit: - [2009.03.03 11:42:00 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV - [2013.01.12 06:07:22 | 000,115,760 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.01.09 05:17:51 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.11.25 05:13:12 | 000,821,720 | ---- | M] (Mister Group) [On_Demand | Running] -- C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe -- (SystemExplorerHelpService)
SRV - [2012.07.13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.06.11 10:33:26 | 000,724,376 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011.10.01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011.10.01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011.07.20 13:37:54 | 000,206,336 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Zrychleni Pocitace\PCSUService.exe -- (PCSUService)
SRV - [2011.04.05 19:13:46 | 001,094,712 | ---- | M] (Hewlett-Packard Development Company L.P.) [On_Demand | Stopped] -- c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe -- (hpCMSrv)
SRV - [2011.03.29 01:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2011.03.07 21:48:10 | 000,062,184 | ---- | M] (Xobni Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Xobni\XobniService.exe -- (XobniService)
SRV - [2011.02.07 19:41:26 | 000,320,000 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe -- (HPFSService)
SRV - [2011.02.03 23:09:18 | 000,464,480 | ---- | M] (Hewlett-Packard Company) [On_Demand | Stopped] -- c:\Windows\SysWOW64\flcdlock.exe -- (FLCDLOCK)
SRV - [2011.02.01 09:23:10 | 001,127,448 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2011.01.28 23:27:06 | 000,281,656 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe -- (hpHotkeyMonitor)
SRV - [2011.01.26 18:00:00 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2011.01.22 03:24:50 | 002,708,784 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vcsFPService.exe -- (vcsFPService)
SRV - [2011.01.18 21:42:44 | 000,113,264 | ---- | M] (Portrait Displays, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe -- (PdiService)
SRV - [2011.01.17 20:42:04 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011.01.17 20:42:02 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2011.01.12 19:12:06 | 000,036,864 | ---- | M] (Hewlett-Packard Development Company, L.P) [On_Demand | Running] -- c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe -- (HP ProtectTools Service)
SRV - [2011.01.07 04:08:38 | 000,138,400 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (Atheros Bt&Wlan Coex Agent)
SRV - [2011.01.07 04:06:56 | 000,053,920 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2010.11.29 20:10:32 | 000,210,896 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe -- (jhi_service)
SRV - [2010.11.11 08:43:00 | 000,502,464 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe -- (uArcCapture)
SRV - [2010.03.18 21:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.18 19:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012.12.19 14:47:20 | 000,132,008 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV:64bit: - [2012.08.30 21:03:48 | 000,128,456 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012.06.11 10:33:46 | 000,026,112 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.01.09 16:28:20 | 000,171,008 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys -- (nmwcdnsux64)
DRV:64bit: - [2012.01.09 16:28:20 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2012.01.09 16:28:20 | 000,012,800 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsucx64.sys -- (nmwcdnsucx64)
DRV:64bit: - [2012.01.09 16:28:20 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2012.01.09 16:28:20 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2012.01.09 16:28:18 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2011.11.13 05:58:16 | 000,279,616 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011.10.01 08:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011.10.01 08:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011.10.01 08:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011.10.01 08:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011.03.28 08:14:48 | 009,319,424 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011.03.28 07:09:12 | 000,303,616 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.02.09 19:59:52 | 000,168,008 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\MfeEpePc.sys -- (MfeEpePc)
DRV:64bit: - [2011.02.07 15:50:26 | 000,063,336 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\DAMDrv64.sys -- (DAMDrv)
DRV:64bit: - [2011.02.04 04:59:06 | 001,413,680 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011.01.31 11:04:42 | 000,174,168 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)
DRV:64bit: - [2011.01.27 10:52:00 | 000,520,192 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2011.01.27 06:57:12 | 012,273,408 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd)
DRV:64bit: - [2011.01.27 00:01:00 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2011.01.27 00:01:00 | 000,030,008 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2011.01.13 02:51:44 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011.01.12 19:11:20 | 002,611,704 | ---- | M] (Sunplus Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SPUVCBv_x64.sys -- (SPUVCbv)
DRV:64bit: - [2011.01.08 16:16:24 | 002,698,240 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2011.01.07 04:07:32 | 000,279,200 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2011.01.07 04:07:30 | 000,201,376 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2011.01.07 04:07:30 | 000,154,272 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2011.01.07 04:07:30 | 000,055,456 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2011.01.07 04:07:28 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2011.01.07 04:07:26 | 000,298,144 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2011.01.07 04:07:26 | 000,028,832 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2010.12.10 22:50:36 | 000,181,248 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010.12.10 22:50:36 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010.12.03 01:02:58 | 000,025,912 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV:64bit: - [2010.11.30 17:32:38 | 000,406,632 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 11:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010.11.20 10:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010.11.11 08:46:00 | 000,032,192 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArcSoftVCapture.sys -- (ARCVCAM)
DRV:64bit: - [2010.10.20 02:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010.10.14 21:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2009.12.30 09:21:26 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 00:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2009.06.10 22:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2005.09.23 22:18:34 | 000,261,120 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MarvinBus64.sys -- (MarvinBus)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMNTDF
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-2535219242-432159718-1589159201-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF
IE - HKU\S-1-5-21-2535219242-432159718-1589159201-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKU\S-1-5-21-2535219242-432159718-1589159201-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://www.google.com
IE - HKU\S-1-5-21-2535219242-432159718-1589159201-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-2535219242-432159718-1589159201-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://www.google.com
IE - HKU\S-1-5-21-2535219242-432159718-1589159201-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://www.google.com
IE - HKU\S-1-5-21-2535219242-432159718-1589159201-1001\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2535219242-432159718-1589159201-1001\..\SearchScopes\{431552E5-0BA3-4CE6-99AC-B3D923A03651}: "URL" = http://websearch.ask.com/redirect?clien ... CC8150AD60&
IE - HKU\S-1-5-21-2535219242-432159718-1589159201-1001\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox
IE - HKU\S-1-5-21-2535219242-432159718-1589159201-1001\..\SearchScopes\{F3F1F401-D438-429B-B720-B98020CB43AA}: "URL" = http://search.conduit.com/ResultsExt.as ... =CT2481032
IE - HKU\S-1-5-21-2535219242-432159718-1589159201-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: false
FF - prefs.js..browser.startup.homepage: "http://translate.google.cz/"
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.13
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com: c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt\ [2011.05.10 21:06:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files (x86)\Nokia\Nokia PC Suite 7\bkmrksync\ [2012.09.27 14:22:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.01.12 06:07:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.01.12 06:06:59 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.01.12 06:07:23 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.01.12 06:06:59 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Ladislav Scholze\AppData\Roaming\IDM\idmmzcc3

[2012.04.15 07:18:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ladislav Scholze\AppData\Roaming\Mozilla\Extensions
[2013.01.12 07:21:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ladislav Scholze\AppData\Roaming\Mozilla\Firefox\Profiles\mlev00wi.default\extensions
[2013.01.12 07:21:35 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Ladislav Scholze\AppData\Roaming\Mozilla\Firefox\Profiles\mlev00wi.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012.11.29 15:47:10 | 000,197,580 | ---- | M] () (No name found) -- C:\Users\Ladislav Scholze\AppData\Roaming\Mozilla\Firefox\Profiles\mlev00wi.default\extensions\ftdownloader@ftdownloader.com.xpi
[2013.01.12 06:06:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013.01.12 06:07:23 | 000,262,704 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.12.09 08:31:59 | 000,002,208 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
[2012.12.09 08:31:59 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2012.12.09 08:31:59 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2012.12.09 08:31:59 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.12.25 07:18:52 | 000,003,269 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Web Search.xml
[2012.12.09 08:31:59 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - homepage:
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},
CHR - homepage:
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\pdf.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: Disk Google = C:\Users\Ladislav Scholze\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Ladislav Scholze\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\Ladislav Scholze\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Full Screen Weather = C:\Users\Ladislav Scholze\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkkaebihfmbofclegkcfkkemepfehibg\1.3_0\
CHR - Extension: Gmail = C:\Users\Ladislav Scholze\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (File Sanitizer for HP ProtectTools) - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O3 - HKU\S-1-5-21-2535219242-432159718-1589159201-1001\..\Toolbar\WebBrowser: (no name) - {124D001A-BDCB-472F-AA59-BBE7E4BC3204} - No CLSID value found.
O3 - HKU\S-1-5-21-2535219242-432159718-1589159201-1001\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4 - HKLM..\Run: [4-Day Forecast] C:\Program Files (x86)\4-Day Forecast\4-Day Forecast\4-Day Forecast.exe ()
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2535219242-432159718-1589159201-1001..\Run: [Seznam Postak] C:\Program Files (x86)\Seznam.cz\bin\postak.exe ()
O4 - HKU\S-1-5-21-2535219242-432159718-1589159201-1001..\Run: [SystemExplorerAutoStart] C:\Program Files (x86)\System Explorer\SystemExplorer.exe (Mister Group)
O4 - HKU\S-1-5-21-2535219242-432159718-1589159201-1001..\Run: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O9 - Extra Button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - Reg Error: Key error. File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{333F1D5D-E9A3-46C3-BDDD-42907D27686B}: DhcpNameServer = 192.168.0.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AF6701EF-25BE-4E15-9CB5-CA4350160CB7}: DhcpNameServer = 192.168.0.1 192.168.1.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe) - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe (DigitalPersona, Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\DeviceNP: DllName - (DeviceNP.dll) - C:\windows\SysWow64\DeviceNP.dll (Hewlett-Packard Company)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point


Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: vidc.XVID - xvidvfw.dll ()
Drivers32: msacm.l3acm - C:\windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.mjpg - pvmjpg30.dll File not found
Drivers32: vidc.XVID - C:\windows\SysWow64\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2013.01.17 06:12:22 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Ladislav Scholze\Desktop\OTL.exe
[2013.01.16 20:37:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2013.01.16 17:28:41 | 005,022,302 | ---- | C] (Swearware) -- C:\Users\Ladislav Scholze\Desktop\ComboFix.exe
[2013.01.16 15:40:02 | 000,000,000 | --SD | C] -- C:\ComboFix
[2013.01.15 13:37:35 | 000,000,000 | ---D | C] -- C:\windows\temp
[2013.01.15 13:04:20 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.01.15 13:03:44 | 000,000,000 | ---D | C] -- C:\windows\erdnt
[2013.01.15 10:35:31 | 000,000,000 | ---D | C] -- C:\Users\Ladislav Scholze\AppData\Roaming\Leadertech
[2013.01.12 06:06:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.01.12 05:48:20 | 000,147,456 | ---- | C] (Eric_71) -- C:\Users\Ladislav Scholze\Desktop\MbrScan.exe
[2013.01.11 06:40:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2013.01.10 17:18:58 | 000,000,000 | ---D | C] -- C:\Users\Ladislav Scholze\Desktop\RK_Quarantine
[2013.01.10 17:11:49 | 010,156,344 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Ladislav Scholze\Documents\mbam-setup-1.70.0.1100.exe
[2013.01.10 06:55:42 | 000,000,000 | ---D | C] -- C:\Users\Ladislav Scholze\AppData\Roaming\Malwarebytes
[2013.01.10 06:54:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.01.10 06:54:08 | 000,000,000 | ---D | C] -- C:\Users\Ladislav Scholze\AppData\Local\Programs
[2013.01.10 06:53:51 | 010,156,344 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Ladislav Scholze\Desktop\mbam-setup-1.70.0.1100.exe
[2013.01.09 17:54:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
[2013.01.09 05:38:24 | 000,046,592 | ---- | C] (Microsoft) -- C:\windows\SysWow64\fpb.rs
[2013.01.09 05:38:24 | 000,046,592 | ---- | C] (Microsoft) -- C:\windows\SysNative\fpb.rs
[2013.01.09 05:38:24 | 000,045,568 | ---- | C] (Microsoft) -- C:\windows\SysWow64\oflc-nz.rs
[2013.01.09 05:38:24 | 000,045,568 | ---- | C] (Microsoft) -- C:\windows\SysNative\oflc-nz.rs
[2013.01.09 05:38:24 | 000,043,520 | ---- | C] (Microsoft) -- C:\windows\SysWow64\csrr.rs
[2013.01.09 05:38:24 | 000,043,520 | ---- | C] (Microsoft) -- C:\windows\SysNative\csrr.rs
[2013.01.09 05:38:24 | 000,040,960 | ---- | C] (Microsoft) -- C:\windows\SysWow64\cob-au.rs
[2013.01.09 05:38:23 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\gameux.dll
[2013.01.09 05:38:23 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\gameux.dll
[2013.01.09 05:38:23 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Wpc.dll
[2013.01.09 05:38:23 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Wpc.dll
[2013.01.09 05:38:23 | 000,044,544 | ---- | C] (Microsoft) -- C:\windows\SysWow64\pegibbfc.rs
[2013.01.09 05:38:23 | 000,044,544 | ---- | C] (Microsoft) -- C:\windows\SysNative\pegibbfc.rs
[2013.01.09 05:38:23 | 000,040,960 | ---- | C] (Microsoft) -- C:\windows\SysNative\cob-au.rs
[2013.01.09 05:38:23 | 000,030,720 | ---- | C] (Microsoft) -- C:\windows\SysWow64\usk.rs
[2013.01.09 05:38:23 | 000,030,720 | ---- | C] (Microsoft) -- C:\windows\SysNative\usk.rs
[2013.01.09 05:38:23 | 000,021,504 | ---- | C] (Microsoft) -- C:\windows\SysWow64\grb.rs
[2013.01.09 05:38:23 | 000,021,504 | ---- | C] (Microsoft) -- C:\windows\SysNative\grb.rs
[2013.01.09 05:38:23 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysWow64\pegi-pt.rs
[2013.01.09 05:38:23 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysNative\pegi-pt.rs
[2013.01.09 05:38:23 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysWow64\pegi.rs
[2013.01.09 05:38:23 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysNative\pegi.rs
[2013.01.09 05:38:23 | 000,015,360 | ---- | C] (Microsoft) -- C:\windows\SysWow64\djctq.rs
[2013.01.09 05:38:23 | 000,015,360 | ---- | C] (Microsoft) -- C:\windows\SysNative\djctq.rs
[2013.01.09 05:38:21 | 000,055,296 | ---- | C] (Microsoft) -- C:\windows\SysWow64\cero.rs
[2013.01.09 05:38:21 | 000,055,296 | ---- | C] (Microsoft) -- C:\windows\SysNative\cero.rs
[2013.01.09 05:38:21 | 000,051,712 | ---- | C] (Microsoft) -- C:\windows\SysWow64\esrb.rs
[2013.01.09 05:38:21 | 000,051,712 | ---- | C] (Microsoft) -- C:\windows\SysNative\esrb.rs
[2013.01.09 05:38:21 | 000,023,552 | ---- | C] (Microsoft) -- C:\windows\SysWow64\oflc.rs
[2013.01.09 05:38:21 | 000,023,552 | ---- | C] (Microsoft) -- C:\windows\SysNative\oflc.rs
[2013.01.09 05:38:21 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysWow64\pegi-fi.rs
[2013.01.09 05:38:21 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysNative\pegi-fi.rs
[2013.01.09 05:38:09 | 000,750,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\win32spl.dll
[2013.01.09 05:38:09 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\win32spl.dll
[2013.01.09 05:37:58 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ncrypt.dll
[2013.01.09 05:37:51 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\usp10.dll
[2013.01.09 05:37:34 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KernelBase.dll
[2013.01.09 05:37:33 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kernel32.dll
[2013.01.09 05:37:32 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64win.dll
[2013.01.09 05:37:32 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\conhost.exe
[2013.01.09 05:37:32 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64.dll
[2013.01.09 05:37:32 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winsrv.dll
[2013.01.09 05:37:32 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntvdm64.dll
[2013.01.09 05:37:32 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntvdm64.dll
[2013.01.09 05:37:32 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64cpu.dll
[2013.01.09 05:37:32 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wow32.dll
[2013.01.09 05:37:31 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2013.01.09 05:37:31 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2013.01.09 05:37:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2013.01.09 05:37:30 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2013.01.09 05:37:30 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2013.01.09 05:37:30 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2013.01.09 05:37:30 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2013.01.09 05:37:30 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2013.01.09 05:37:30 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2013.01.09 05:37:30 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2013.01.09 05:37:30 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2013.01.09 05:37:30 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2013.01.09 05:37:30 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2013.01.09 05:37:30 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2013.01.09 05:37:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013.01.09 05:37:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2013.01.09 05:37:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2013.01.09 05:37:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2013.01.09 05:37:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2013.01.09 05:37:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2013.01.09 05:37:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2013.01.09 05:37:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2013.01.09 05:37:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.09 05:37:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2013.01.09 05:37:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2013.01.09 05:37:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2013.01.09 05:37:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2013.01.09 05:37:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2013.01.09 05:37:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2013.01.09 05:37:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2013.01.09 05:37:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2013.01.09 05:37:29 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.09 05:37:29 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2013.01.09 05:37:29 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2013.01.09 05:37:29 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2013.01.09 05:37:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2013.01.09 05:37:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2013.01.09 05:37:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2013.01.09 05:37:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2013.01.09 05:37:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2013.01.09 05:37:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2013.01.09 05:37:28 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\setup16.exe
[2013.01.09 05:37:28 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\instnm.exe
[2013.01.09 05:37:28 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2013.01.09 05:37:28 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2013.01.09 05:37:28 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2013.01.09 05:37:28 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2013.01.09 05:37:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2013.01.09 05:37:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2013.01.09 05:37:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013.01.09 05:37:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2013.01.09 05:37:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2013.01.09 05:37:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2013.01.09 05:37:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2013.01.09 05:37:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2013.01.09 05:37:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2013.01.09 05:37:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2013.01.09 05:37:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2013.01.09 05:37:27 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\user.exe
[2013.01.09 05:37:15 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskhost.exe
[2013.01.09 05:17:24 | 016,369,160 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerInstaller.exe
[2013.01.07 17:41:05 | 000,000,000 | ---D | C] -- C:\Users\Ladislav Scholze\Documents\ArcSoft TotalMedia Studio
[2013.01.06 10:55:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013.01.06 10:54:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2013.01.06 10:06:41 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.01.06 10:06:41 | 000,000,000 | ---D | C] -- C:\rsit
[2013.01.06 07:17:54 | 000,000,000 | ---D | C] -- C:\ProgramData\SystemExplorer
[2013.01.06 07:17:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Explorer
[2013.01.06 07:17:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\System Explorer
[2013.01.03 20:13:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
[2013.01.01 09:29:36 | 000,000,000 | ---D | C] -- C:\FFOutput
[2013.01.01 09:28:13 | 000,000,000 | ---D | C] -- C:\Users\Ladislav Scholze\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
[2012.12.25 07:17:47 | 000,000,000 | ---D | C] -- C:\Users\Ladislav Scholze\AppData\Local\DownTango
[2012.12.25 07:17:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Red Sky
[2012.12.21 07:57:18 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysNative\atmfd.dll
[2012.12.21 07:57:18 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\windows\SysNative\atmlib.dll
[2012.12.21 07:57:18 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\windows\SysWow64\atmlib.dll
[2012.12.21 07:57:16 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\atmfd.dll
[2012.12.20 06:12:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid
[2012.12.20 06:12:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Xvid
[2012.12.19 14:47:20 | 000,204,200 | ---- | C] (Oracle Corporation) -- C:\windows\SysNative\VBoxNetFltNobj.dll
[2012.12.19 14:47:20 | 000,132,008 | ---- | C] (Oracle Corporation) -- C:\windows\SysNative\drivers\VBoxNetAdp.sys
[2012.12.19 07:46:48 | 000,000,000 | ---D | C] -- C:\Users\Ladislav Scholze\AppData\Local\PutLockerDownloader
[2 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013.01.18 07:33:00 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.01.18 07:30:49 | 000,019,760 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.01.18 07:30:49 | 000,019,760 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.01.18 07:29:04 | 001,578,106 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2013.01.18 07:29:04 | 000,666,896 | ---- | M] () -- C:\windows\SysNative\perfh005.dat
[2013.01.18 07:29:04 | 000,652,600 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2013.01.18 07:29:04 | 000,140,302 | ---- | M] () -- C:\windows\SysNative\perfc005.dat
[2013.01.18 07:29:04 | 000,121,274 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2013.01.18 07:24:01 | 000,002,255 | ---- | M] () -- C:\Users\Ladislav Scholze\Desktop\Google Chrome.lnk
[2013.01.18 07:23:59 | 000,000,968 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.01.18 07:22:35 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013.01.18 07:22:26 | 4226,138,112 | -HS- | M] () -- C:\hiberfil.sys
[2013.01.17 07:42:00 | 000,000,914 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2013.01.17 06:59:00 | 000,000,972 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.01.17 06:12:24 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Ladislav Scholze\Desktop\OTL.exe
[2013.01.16 20:36:11 | 152,221,232 | ---- | M] () -- C:\Users\Ladislav Scholze\Desktop\setup_11.0.0.1245.x01_2013_01_16_21_42.exe
[2013.01.16 17:28:56 | 005,022,302 | ---- | M] (Swearware) -- C:\Users\Ladislav Scholze\Desktop\ComboFix.exe
[2013.01.12 05:49:43 | 000,000,512 | ---- | M] () -- C:\Users\Ladislav Scholze\Desktop\Dump_Hdd1_DR1.mbr
[2013.01.12 05:49:42 | 000,000,512 | ---- | M] () -- C:\Users\Ladislav Scholze\Desktop\Dump_Hdd0_DR0.old
[2013.01.12 05:49:42 | 000,000,512 | ---- | M] () -- C:\Users\Ladislav Scholze\Desktop\Dump_Hdd0_DR0.mbr
[2013.01.12 05:48:22 | 000,147,456 | ---- | M] (Eric_71) -- C:\Users\Ladislav Scholze\Desktop\MbrScan.exe
[2013.01.11 06:40:33 | 000,001,066 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013.01.10 17:18:31 | 000,764,416 | ---- | M] () -- C:\Users\Ladislav Scholze\Desktop\RogueKiller.exe
[2013.01.10 06:53:57 | 010,156,344 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Ladislav Scholze\Documents\mbam-setup-1.70.0.1100.exe
[2013.01.10 06:53:57 | 010,156,344 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Ladislav Scholze\Desktop\mbam-setup-1.70.0.1100.exe
[2013.01.09 18:45:57 | 000,554,087 | ---- | M] () -- C:\Users\Ladislav Scholze\Desktop\adwcleaner.exe
[2013.01.09 17:54:38 | 000,001,076 | ---- | M] () -- C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
[2013.01.09 17:24:01 | 000,453,896 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2013.01.09 17:23:48 | 000,000,376 | ---- | M] () -- C:\windows\tasks\HPCeeScheduleForLadislav Scholze.job
[2013.01.09 08:01:11 | 001,557,328 | ---- | M] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2013.01.09 05:17:50 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2013.01.09 05:17:50 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.01.09 05:17:33 | 016,369,160 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerInstaller.exe
[2013.01.06 07:17:53 | 000,001,086 | ---- | M] () -- C:\Users\Public\Desktop\System Explorer.lnk
[2013.01.05 09:32:27 | 000,000,123 | ---- | M] () -- C:\windows\wininit.ini
[2013.01.03 20:13:33 | 000,001,126 | ---- | M] () -- C:\Users\Public\Desktop\Foxit Reader.lnk
[2013.01.02 11:38:38 | 000,000,349 | ---- | M] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2013.01.01 09:28:13 | 000,001,198 | ---- | M] () -- C:\Users\Ladislav Scholze\Desktop\Format Factory.lnk
[2012.12.19 14:47:20 | 000,204,200 | ---- | M] (Oracle Corporation) -- C:\windows\SysNative\VBoxNetFltNobj.dll
[2012.12.19 14:47:20 | 000,132,008 | ---- | M] (Oracle Corporation) -- C:\windows\SysNative\drivers\VBoxNetAdp.sys
[2 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013.01.17 06:16:26 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.01.16 20:31:36 | 152,221,232 | ---- | C] () -- C:\Users\Ladislav Scholze\Desktop\setup_11.0.0.1245.x01_2013_01_16_21_42.exe
[2013.01.12 05:49:43 | 000,000,512 | ---- | C] () -- C:\Users\Ladislav Scholze\Desktop\Dump_Hdd1_DR1.mbr
[2013.01.12 05:49:42 | 000,000,512 | ---- | C] () -- C:\Users\Ladislav Scholze\Desktop\Dump_Hdd0_DR0.old
[2013.01.12 05:49:42 | 000,000,512 | ---- | C] () -- C:\Users\Ladislav Scholze\Desktop\Dump_Hdd0_DR0.mbr
[2013.01.11 06:40:33 | 000,001,066 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013.01.10 17:18:26 | 000,764,416 | ---- | C] () -- C:\Users\Ladislav Scholze\Desktop\RogueKiller.exe
[2013.01.09 18:45:53 | 000,554,087 | ---- | C] () -- C:\Users\Ladislav Scholze\Desktop\adwcleaner.exe
[2013.01.09 17:54:38 | 000,001,076 | ---- | C] () -- C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
[2013.01.06 10:55:18 | 000,002,255 | ---- | C] () -- C:\Users\Ladislav Scholze\Desktop\Google Chrome.lnk
[2013.01.06 10:54:25 | 000,000,972 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.01.06 10:54:25 | 000,000,968 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.01.06 07:17:53 | 000,001,086 | ---- | C] () -- C:\Users\Public\Desktop\System Explorer.lnk
[2013.01.05 09:32:27 | 000,000,123 | ---- | C] () -- C:\windows\wininit.ini
[2013.01.03 20:13:33 | 000,001,126 | ---- | C] () -- C:\Users\Public\Desktop\Foxit Reader.lnk
[2013.01.01 09:28:13 | 000,001,198 | ---- | C] () -- C:\Users\Ladislav Scholze\Desktop\Format Factory.lnk
[2013.01.01 08:56:46 | 000,000,376 | ---- | C] () -- C:\windows\tasks\HPCeeScheduleForLadislav Scholze.job
[2012.12.25 07:18:57 | 000,011,264 | ---- | C] () -- C:\windows\Launcher.exe
[2012.12.20 06:12:37 | 000,696,832 | ---- | C] () -- C:\windows\SysNative\xvidcore.dll
[2012.12.20 06:12:37 | 000,645,632 | ---- | C] () -- C:\windows\SysWow64\xvidcore.dll
[2012.12.20 06:12:37 | 000,255,488 | ---- | C] () -- C:\windows\SysNative\xvidvfw.dll
[2012.12.20 06:12:37 | 000,240,640 | ---- | C] () -- C:\windows\SysWow64\xvidvfw.dll
[2012.12.20 06:12:37 | 000,173,568 | ---- | C] () -- C:\windows\SysNative\xvid.ax
[2012.12.20 06:12:37 | 000,153,088 | ---- | C] () -- C:\windows\SysWow64\xvid.ax
[2012.11.12 10:04:31 | 000,223,667 | ---- | C] () -- C:\windows\hpoins18.dat
[2012.11.12 10:04:31 | 000,005,355 | ---- | C] () -- C:\windows\hpomdl18.dat
[2012.04.29 12:15:16 | 000,000,017 | ---- | C] () -- C:\Users\Ladislav Scholze\AppData\Local\resmon.resmoncfg
[2011.12.23 17:49:41 | 000,033,134 | ---- | C] () -- C:\Users\Ladislav Scholze\AppData\Roaming\UserTile.png
[2011.12.23 16:29:37 | 000,005,632 | ---- | C] () -- C:\Users\Ladislav Scholze\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.12.14 04:32:35 | 000,000,017 | ---- | C] () -- C:\windows\SysWow64\shortcut_ex.dat
[2011.10.22 19:28:52 | 000,019,918 | ---- | C] () -- C:\windows\Q-Dir.ini
[2011.08.26 06:05:43 | 000,003,120 | ---- | C] () -- C:\windows\SysWow64\drivers\wdfecaf.sys
[2011.08.26 05:53:29 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin
[2011.08.26 05:50:18 | 000,003,914 | ---- | C] () -- C:\windows\SysWow64\atipblup.dat
[2011.08.26 05:49:01 | 000,094,776 | ---- | C] () -- C:\windows\un_dext.exe
[2011.08.26 05:49:01 | 000,087,928 | ---- | C] () -- C:\windows\SPRemove_x64.exe
[2011.08.26 05:49:01 | 000,014,409 | ---- | C] () -- C:\windows\TWAIN2080.ini
[2011.08.26 05:49:01 | 000,003,648 | ---- | C] () -- C:\windows\Dext_36.ini
[2011.08.26 05:49:01 | 000,002,153 | ---- | C] () -- C:\windows\remove.ini
[2011.08.26 05:49:00 | 000,003,926 | ---- | C] () -- C:\windows\Dext_12.ini
[2011.08.26 05:49:00 | 000,003,892 | ---- | C] () -- C:\windows\Dext_27.ini
[2011.08.26 05:49:00 | 000,003,884 | ---- | C] () -- C:\windows\Dext_25.ini
[2011.08.26 05:49:00 | 000,003,882 | ---- | C] () -- C:\windows\Dext_21.ini
[2011.08.26 05:49:00 | 000,003,820 | ---- | C] () -- C:\windows\Dext_11.ini
[2011.08.26 05:49:00 | 000,003,802 | ---- | C] () -- C:\windows\Dext_14.ini
[2011.08.26 05:49:00 | 000,003,802 | ---- | C] () -- C:\windows\Dext_05.ini
[2011.08.26 05:49:00 | 000,003,704 | ---- | C] () -- C:\windows\Dext_10.ini
[2011.08.26 05:49:00 | 000,003,700 | ---- | C] () -- C:\windows\Dext_16.ini
[2011.08.26 05:49:00 | 000,003,682 | ---- | C] () -- C:\windows\Dext_08.ini
[2011.08.26 05:49:00 | 000,003,672 | ---- | C] () -- C:\windows\Dext_31.ini
[2011.08.26 05:49:00 | 000,003,624 | ---- | C] () -- C:\windows\Dext_1046.ini
[2011.08.26 05:49:00 | 000,003,622 | ---- | C] () -- C:\windows\Dext_20.ini
[2011.08.26 05:49:00 | 000,003,588 | ---- | C] () -- C:\windows\Dext_06.ini
[2011.08.26 05:49:00 | 000,003,586 | ---- | C] () -- C:\windows\Dext_22.ini
[2011.08.26 05:49:00 | 000,003,550 | ---- | C] () -- C:\windows\Dext_19.ini
[2011.08.26 05:49:00 | 000,003,550 | ---- | C] () -- C:\windows\Dext_07.ini
[2011.08.26 05:49:00 | 000,003,522 | ---- | C] () -- C:\windows\Dext_02.ini
[2011.08.26 05:49:00 | 000,003,492 | ---- | C] () -- C:\windows\Dext_24.ini
[2011.08.26 05:49:00 | 000,003,450 | ---- | C] () -- C:\windows\Dext_29.ini
[2011.08.26 05:49:00 | 000,003,416 | ---- | C] () -- C:\windows\Dext_01.ini
[2011.08.26 05:49:00 | 000,003,342 | ---- | C] () -- C:\windows\Dext_30.ini
[2011.08.26 05:49:00 | 000,003,220 | ---- | C] () -- C:\windows\Dext_09.ini
[2011.08.26 05:49:00 | 000,003,174 | ---- | C] () -- C:\windows\Dext_13.ini
[2011.08.26 05:49:00 | 000,002,850 | ---- | C] () -- C:\windows\Dext_04.ini
[2011.08.26 05:49:00 | 000,002,750 | ---- | C] () -- C:\windows\Dext_17.ini
[2011.08.26 05:49:00 | 000,002,674 | ---- | C] () -- C:\windows\Dext_18.ini
[2011.08.26 05:49:00 | 000,002,638 | ---- | C] () -- C:\windows\Dext_2052.ini
[2011.05.10 21:28:42 | 000,003,120 | ---- | C] () -- C:\windows\SysWow64\drivers\wdfdcfd.sys
[2011.05.10 21:12:08 | 000,000,178 | ---- | C] () -- C:\windows\SysWow64\HPPA.ini
[2011.05.10 21:06:25 | 000,003,120 | ---- | C] () -- C:\windows\SysWow64\drivers\wdfdchh.sys
[2011.05.10 20:40:54 | 001,557,328 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2011.03.28 20:10:12 | 000,059,904 | ---- | C] () -- C:\windows\SysWow64\OVDecode.dll
[2011.03.17 18:05:12 | 000,003,914 | ---- | C] () -- C:\windows\SysWow64\atipblag.dat
[2011.02.25 23:32:12 | 000,012,144 | ---- | C] () -- C:\windows\HPun2430Version.dll
[2011.02.12 04:07:16 | 000,000,256 | ---- | C] () -- C:\windows\SysWow64\DPSCEL.dll.hpsign
[2011.02.12 04:07:16 | 000,000,256 | ---- | C] () -- C:\windows\SysWow64\DPFPApi.dll.hpsign
[2011.02.12 04:07:16 | 000,000,256 | ---- | C] () -- C:\windows\SysWow64\DPClback.dll.hpsign
[2011.02.12 04:04:36 | 000,000,256 | ---- | C] () -- C:\windows\SysWow64\DPLic.dll.hpsign
[2011.02.04 04:56:58 | 000,066,856 | ---- | C] () -- C:\windows\SysWow64\SynTPEnhPS.dll
[2011.02.03 23:09:24 | 000,366,176 | ---- | C] () -- C:\windows\SysWow64\flcdlmsg.dll
[2011.02.03 04:49:02 | 000,000,256 | ---- | C] () -- C:\windows\SysWow64\DPFPApiUI.dll.hpsign
[2011.02.03 04:47:42 | 000,000,256 | ---- | C] () -- C:\windows\SysWow64\DPPassFilter.dll.hpsign
[2011.02.03 04:47:42 | 000,000,256 | ---- | C] () -- C:\windows\SysWow64\DPCrProv.dll.hpsign
[2011.01.30 00:49:32 | 000,017,232 | ---- | C] () -- C:\windows\SysWow64\CoHpCasl.exe
[2011.01.27 06:55:20 | 000,960,940 | ---- | C] () -- C:\windows\SysWow64\igkrng600.bin
[2011.01.27 06:55:20 | 000,213,332 | ---- | C] () -- C:\windows\SysWow64\igfcg600m.bin
[2011.01.27 06:55:20 | 000,145,804 | ---- | C] () -- C:\windows\SysWow64\igcompkrng600.bin
[2011.01.22 20:40:54 | 000,000,256 | ---- | C] () -- C:\windows\SysWow64\vcsAPIShared.dll.hpsign

========== ZeroAccess Check ==========

[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2011.12.17 23:07:27 | 000,000,000 | ---D | M] -- C:\Users\Ladislav Scholze\AppData\Roaming\Ashampoo
[2011.11.21 17:35:08 | 000,000,000 | ---D | M] -- C:\Users\Ladislav Scholze\AppData\Roaming\Canneverbe Limited
[2011.11.13 06:58:17 | 000,000,000 | ---D | M] -- C:\Users\Ladislav Scholze\AppData\Roaming\DAEMON Tools Lite
[2011.10.20 16:42:49 | 000,000,000 | ---D | M] -- C:\Users\Ladislav Scholze\AppData\Roaming\DigitalPersona
[2011.12.19 09:09:01 | 000,000,000 | ---D | M] -- C:\Users\Ladislav Scholze\AppData\Roaming\DMCache
[2012.12.16 10:22:30 | 000,000,000 | ---D | M] -- C:\Users\Ladislav Scholze\AppData\Roaming\Flood Light Games
[2013.01.17 01:11:17 | 000,000,000 | ---D | M] -- C:\Users\Ladislav Scholze\AppData\Roaming\FreeCommander
[2013.01.15 10:35:31 | 000,000,000 | ---D | M] -- C:\Users\Ladislav Scholze\AppData\Roaming\Leadertech
[2012.10.29 18:06:18 | 000,000,000 | ---D | M] -- C:\Users\Ladislav Scholze\AppData\Roaming\LibreOffice
[2012.11.10 18:16:29 | 000,000,000 | ---D | M] -- C:\Users\Ladislav Scholze\AppData\Roaming\Nokia
[2011.10.21 07:05:52 | 000,000,000 | ---D | M] -- C:\Users\Ladislav Scholze\AppData\Roaming\OpenOffice.org
[2012.09.27 14:27:17 | 000,000,000 | ---D | M] -- C:\Users\Ladislav Scholze\AppData\Roaming\PC Suite
[2012.12.05 09:25:27 | 000,000,000 | ---D | M] -- C:\Users\Ladislav Scholze\AppData\Roaming\PDF Writer
[2012.12.11 18:35:40 | 000,000,000 | ---D | M] -- C:\Users\Ladislav Scholze\AppData\Roaming\Popisovac
[2011.12.10 11:42:35 | 000,000,000 | ---D | M] -- C:\Users\Ladislav Scholze\AppData\Roaming\Publish Providers
[2011.10.22 20:25:47 | 000,000,000 | ---D | M] -- C:\Users\Ladislav Scholze\AppData\Roaming\Q-Dir
[2012.10.10 18:38:28 | 000,000,000 | ---D | M] -- C:\Users\Ladislav Scholze\AppData\Roaming\SoftGrid Client
[2011.12.18 06:33:50 | 000,000,000 | ---D | M] -- C:\Users\Ladislav Scholze\AppData\Roaming\Sony
[2011.10.20 16:50:58 | 000,000,000 | ---D | M] -- C:\Users\Ladislav Scholze\AppData\Roaming\Synaptics
[2012.11.01 05:04:38 | 000,000,000 | ---D | M] -- C:\Users\Ladislav Scholze\AppData\Roaming\Systweak
[2012.10.28 18:29:24 | 000,000,000 | ---D | M] -- C:\Users\Ladislav Scholze\AppData\Roaming\TP
[2011.10.29 05:57:41 | 000,000,000 | ---D | M] -- C:\Users\Ladislav Scholze\AppData\Roaming\WildTangent
[2012.11.12 10:22:11 | 000,000,000 | ---D | M] -- C:\Users\Ladislav Scholze\AppData\Roaming\Windows Live Writer
[2013.01.12 06:37:10 | 000,000,000 | ---D | M] -- C:\Users\Ladislav Scholze\AppData\Roaming\Zoner

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009.07.14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\windows\Tasks\SA.DAT
[2009.07.14 06:08:49 | 000,032,624 | ---- | C] () -- C:\windows\Tasks\SCHEDLGU.TXT
[2011.10.20 16:41:39 | 000,000,340 | ---- | C] () -- C:\windows\Tasks\HPCeeScheduleForNTBLS01$.job
[2012.04.13 07:52:28 | 000,000,914 | ---- | C] () -- C:\windows\Tasks\Adobe Flash Player Updater.job
[2013.01.01 08:56:46 | 000,000,376 | ---- | C] () -- C:\windows\Tasks\HPCeeScheduleForLadislav Scholze.job
[2013.01.06 10:54:25 | 000,000,968 | ---- | C] () -- C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.01.06 10:54:25 | 000,000,972 | ---- | C] () -- C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
Nahoru
Ladislav Scholze
Návštěvník
Návštěvník
Příspěvky: 47
Registrován: 06 led 2013 10:18

Re: Preventivní kontrola

#38 Příspěvek od Ladislav Scholze »

druhá část

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.20776_none_39c28c74544f69e8\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009.10.01 08:17:00 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=2632B7125E0730E019532CFCFFFFBFC0 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.20538_none_e28cf2983c0715a1\autochk.exe
[2009.10.01 08:42:15 | 000,777,216 | ---- | M] (Microsoft Corporation) MD5=3AE12EC776AB9830462E8197FB5C88CF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.20538_none_3eab8e1bf46486d7\autochk.exe
[2010.11.20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\windows\SysNative\autochk.exe
[2010.11.20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 02:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\windows\SysNative\drivers\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011.02.26 07:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2010.10.29 06:11:26 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2010.10.29 06:07:43 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.10.29 06:11:26 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2010.10.29 06:07:43 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2010.10.29 06:11:26 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2010.10.29 06:07:43 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2010.10.29 06:11:26 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 07:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2010.10.29 06:07:43 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: HAL.DLL >
[2009.09.01 07:34:28 | 000,263,256 | ---- | M] (Microsoft Corporation) MD5=01B586A0B8C8D860457892F80B85A5CD -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16416_none_076a95ef732190e3\hal.dll
[2009.09.01 08:03:17 | 000,263,240 | ---- | M] (Microsoft Corporation) MD5=514D418248FECD24D96E7219162BDFDD -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.20519_none_07f733988c3c7cb2\hal.dll
[2009.07.14 02:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\windows\SysNative\hal.dll
[2010.11.20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\windows\SysNative\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\windows\SysNative\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.04.25 06:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys
[2012.10.03 18:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\windows\SysNative\drivers\tcpip.sys
[2012.10.03 18:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2011.09.29 18:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2010.11.20 14:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2011.06.21 07:16:55 | 001,888,128 | ---- | M] (Microsoft Corporation) MD5=5279D4DD69C7C71524B8E7A5746D15CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_0f8ed978993fa916\tcpip.sys
[2010.10.29 06:13:55 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2012.03.30 11:19:17 | 001,877,872 | ---- | M] (Microsoft Corporation) MD5=5EFD096DEF47F8B88EF591DA92143440 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_0faa5514992a39a7\tcpip.sys
[2011.04.25 06:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys
[2012.03.30 12:09:53 | 001,895,280 | ---- | M] (Microsoft Corporation) MD5=624C5B3AA4C99B3184BB922D9ECE3FF0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_0f140fa780164fde\tcpip.sys
[2012.08.22 19:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2010.04.09 12:06:28 | 001,898,376 | ---- | M] (Microsoft Corporation) MD5=7FC877A25796D8ADF539E64703FCA7E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16569_none_0f2ca8c580036f65\tcpip.sys
[2012.03.30 11:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2010.10.29 06:13:55 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009.07.14 02:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2011.04.25 06:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2011.06.21 07:20:30 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2010.04.09 08:56:29 | 001,892,232 | ---- | M] (Microsoft Corporation) MD5=A9C0F786AC1F736891D05CE0A1D29DEB -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20687_none_0f9ea52499331463\tcpip.sys
[2011.09.29 17:17:51 | 001,886,064 | ---- | M] (Microsoft Corporation) MD5=AC3E29880DB5659532A1AA3439304A43 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_0fad20ca992955d7\tcpip.sys
[2012.03.30 12:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2011.04.25 07:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2011.06.21 07:27:14 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=B9D87C7707F058AC652A398CD28DE14B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_0f4d1e3b7feb1307\tcpip.sys
[2012.10.03 18:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2011.06.21 07:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys
[2011.09.29 17:24:44 | 001,897,328 | ---- | M] (Microsoft Corporation) MD5=F18F56EFC0BFB9C87BA01C37B27F4DA5 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_0f170e9f80139ebc\tcpip.sys
[2012.08.22 19:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys
[2011.09.29 17:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\windows\SysNative\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\windows\SysNative\winlogon.exe
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2010.10.29 06:11:26 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2010.10.29 06:11:26 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< >

< %systemroot%*.* /U /s >
[5 C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[9 C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[3 C:\windows\Installer\*.tmp files -> C:\windows\Installer\*.tmp -> ]
[1 C:\windows\SoftwareDistribution\Download\b0298e25856368497ed03e4c8c6c7474\*.tmp files -> C:\windows\SoftwareDistribution\Download\b0298e25856368497ed03e4c8c6c7474\*.tmp -> ]
[1 C:\windows\SoftwareDistribution\Download\deab066ce99613d184e5a249327f18e7\*.tmp files -> C:\windows\SoftwareDistribution\Download\deab066ce99613d184e5a249327f18e7\*.tmp -> ]
[1 C:\windows\SoftwareDistribution\Download\e3fa33a2a9cfba6be75e7186e03e98ee\*.tmp files -> C:\windows\SoftwareDistribution\Download\e3fa33a2a9cfba6be75e7186e03e98ee\*.tmp -> ]
[2 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ]
[2 C:\windows\System32\config\systemprofile\AppData\Roaming\SoftGrid Client\*.tmp files -> C:\windows\System32\config\systemprofile\AppData\Roaming\SoftGrid Client\*.tmp -> ]
[4 C:\windows\System32\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\*.tmp files -> C:\windows\System32\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\*.tmp -> ]
[2 C:\windows\SysWOW64\*.tmp files -> C:\windows\SysWOW64\*.tmp -> ]
[2 C:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\*.tmp files -> C:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\*.tmp -> ]
[4 C:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\*.tmp files -> C:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\*.tmp -> ]
[1 C:\windows\twain_32\*.tmp files -> C:\windows\twain_32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2011.10.27 16:30:15 | 000,000,000 | ---D | M] -- C:\Users\Ladislav Scholze\AppData\Roaming\Adobe
[2013.01.07 17:40:54 | 000,000,000 | ---D | M] -- C:\Users\Ladislav Scholze\AppData\Roaming\ArcSoft
[2011.12.17 23:07:27 | 000,000,000 | ---D | M] -- C:\Users\Ladislav Scholze\AppData\Roaming\Ashampoo
[2011.10.20 16:52:00 | 000,000,000 | ---D | M] -- C:\Users\Ladislav Scholze\AppData\Roaming\ATI
[2011.11.21 17:35:08 | 000,000,000 | ---D | M] -- C:\Users\Ladislav Scholze\AppData\Roaming\Canneverbe Limited
[2011.11.13 06:58:17 | 000,000,000 | ---D | M] -- C:\Users\Ladislav Scholze\AppData\Roaming\DAEMON Tools Lite
[2011.10.20 16:42:49 | 000,000,000 | ---D | M] -- C:\Users\Ladislav Scholze\AppData\Roaming\DigitalPersona
[2011.12.19 09:09:01 | 000,000,000 | ---D | M] -- C:\Users\Ladislav Scholze\AppData\Roaming\DMCache
[2012.12.11 19:58:14 | 000,000,000 | ---D | M] -- C:\Users\Ladislav Scholze\AppData\Roaming\dvdcss
[2012.12.16 10:22:30 | 000,000,000 | ---D | M] -- C:\Users\Ladislav Scholze\AppData\Roaming\Flood Light Games
[2013.01.17 01:11:17 | 000,000,000 | ---D | M] -- C:\Users\Ladislav Scholze\AppData\Roaming\FreeCommander
[2011.11.01 09:31:27 | 000,000,000 | ---D | M] -- C:\Users\Ladislav Scholze\AppData\Roaming\Hewlett-Packard
[2012.11.12 10:27:24 | 000,000,000 | ---D | M] -- C:\Users\Ladislav Scholze\AppData\Roaming\HP
[2011.10.24 19:16:21 | 000,000,000 | ---D | M] -- C:\Users\Ladislav Scholze\AppData\Roaming\hpqLog
[2011.10.20 16:50:34 | 000,000,000 | ---D | M] -- C:\Users\Ladislav Scholze\AppData\Roaming\Identities
[2011.10.20 16:51:00 | 000,000,000 | ---D | M] -- C:\Users\Ladislav Scholze\AppData\Roaming\Intel Corporation
[2013.01.15 10:35:31 | 000,000,000 | ---D | M] -- C:\Users\Ladislav Scholze\AppData\Roaming\Leadertech
[2012.10.29 18:06:18 | 000,000,000 | ---D | M] -- C:\Users\Ladislav Scholze\AppData\Roaming\LibreOffice
[2011.10.21 06:48:55 | 000,000,000 | ---D | M] -- C:\Users\Ladislav Scholze\AppData\Roaming\Macromedia
[2013.01.10 06:55:42 | 000,000,000 | ---D | M] -- C:\Users\Ladislav Scholze\AppData\Roaming\Malwarebytes
[2012.12.27 06:27:20 | 000,000,000 | --SD | M] -- C:\Users\Ladislav Scholze\AppData\Roaming\Microsoft
[2011.10.24 19:09:51 | 000,000,000 | ---D | M] -- C:\Users\Ladislav Scholze\AppData\Roaming\Mozilla
[2012.11.10 18:16:29 | 000,000,000 | ---D | M] -- C:\Users\Ladislav Scholze\AppData\Roaming\Nokia
[2011.10.21 07:05:52 | 000,000,000 | ---D | M] -- C:\Users\Ladislav Scholze\AppData\Roaming\OpenOffice.org
[2012.09.27 14:27:17 | 000,000,000 | ---D | M] -- C:\Users\Ladislav Scholze\AppData\Roaming\PC Suite
[2012.12.05 09:25:27 | 000,000,000 | ---D | M] -- C:\Users\Ladislav Scholze\AppData\Roaming\PDF Writer
[2012.12.11 18:35:40 | 000,000,000 | ---D | M] -- C:\Users\Ladislav Scholze\AppData\Roaming\Popisovac
[2011.12.10 11:42:35 | 000,000,000 | ---D | M] -- C:\Users\Ladislav Scholze\AppData\Roaming\Publish Providers
[2011.10.22 20:25:47 | 000,000,000 | ---D | M] -- C:\Users\Ladislav Scholze\AppData\Roaming\Q-Dir
[2012.12.30 06:29:50 | 000,000,000 | ---D | M] -- C:\Users\Ladislav Scholze\AppData\Roaming\Skype
[2012.10.10 18:38:28 | 000,000,000 | ---D | M] -- C:\Users\Ladislav Scholze\AppData\Roaming\SoftGrid Client
[2011.12.18 06:33:50 | 000,000,000 | ---D | M] -- C:\Users\Ladislav Scholze\AppData\Roaming\Sony
[2011.10.20 16:50:58 | 000,000,000 | ---D | M] -- C:\Users\Ladislav Scholze\AppData\Roaming\Synaptics
[2012.11.01 05:04:38 | 000,000,000 | ---D | M] -- C:\Users\Ladislav Scholze\AppData\Roaming\Systweak
[2012.10.28 18:29:24 | 000,000,000 | ---D | M] -- C:\Users\Ladislav Scholze\AppData\Roaming\TP
[2013.01.17 07:44:49 | 000,000,000 | ---D | M] -- C:\Users\Ladislav Scholze\AppData\Roaming\vlc
[2011.10.29 05:57:41 | 000,000,000 | ---D | M] -- C:\Users\Ladislav Scholze\AppData\Roaming\WildTangent
[2012.11.12 10:22:11 | 000,000,000 | ---D | M] -- C:\Users\Ladislav Scholze\AppData\Roaming\Windows Live Writer
[2012.05.29 15:21:38 | 000,000,000 | ---D | M] -- C:\Users\Ladislav Scholze\AppData\Roaming\WinRAR
[2013.01.12 06:37:10 | 000,000,000 | ---D | M] -- C:\Users\Ladislav Scholze\AppData\Roaming\Zoner

< %APPDATA%\*.exe /s >
[2011.12.18 05:59:48 | 000,029,926 | R--- | M] () -- C:\Users\Ladislav Scholze\AppData\Roaming\Microsoft\Installer\{6DE721A5-5E89-4D74-994C-652BB3C0672E}\ARPPRODUCTICON.exe
[2012.09.27 14:45:05 | 000,053,248 | R--- | M] (Flexera Software, Inc.) -- C:\Users\Ladislav Scholze\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\ARPPRODUCTICON.exe
[2012.09.27 14:45:05 | 000,049,152 | R--- | M] (Flexera Software, Inc.) -- C:\Users\Ladislav Scholze\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\NewShortcut2_1C7B7089989A424FB39D41A32581C775.exe
[2012.09.27 14:45:05 | 000,073,728 | R--- | M] (Flexera Software, Inc.) -- C:\Users\Ladislav Scholze\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\NewShortcut46_74B9CE5DF1F4447F982DCA29A461B529.exe
[2012.09.27 14:45:06 | 000,073,728 | R--- | M] (Flexera Software, Inc.) -- C:\Users\Ladislav Scholze\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\NewShortcut47_74B9CE5DF1F4447F982DCA29A461B529.exe
[2012.09.27 14:45:06 | 000,049,152 | R--- | M] (Flexera Software, Inc.) -- C:\Users\Ladislav Scholze\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\Uninstall_QA_OTI_H_FE5D756F71E147C4972AD6775344B40B.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2 C:\windows\system32\*.tmp files -> C:\windows\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job >
[2013.01.18 07:42:04 | 000,000,914 | ---- | M] () -- C:\windows\Tasks\Adobe Flash Player Updater.job
[2013.01.18 07:23:59 | 000,000,968 | ---- | M] () -- C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.01.17 06:59:00 | 000,000,972 | ---- | M] () -- C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
[2013.01.09 17:23:48 | 000,000,376 | ---- | M] () -- C:\windows\Tasks\HPCeeScheduleForLadislav Scholze.job
[2012.11.28 22:12:58 | 000,000,340 | ---- | M] () -- C:\windows\Tasks\HPCeeScheduleForNTBLS01$.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >
[2 C:\windows\system32\*.tmp files -> C:\windows\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013.01.18 07:25:39 | 000,000,018 | ---- | M] () -- C:\windows\system32\log.txt
[2 C:\windows\system32\*.tmp files -> C:\windows\system32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< >

< *crack* /s >
[2010.03.04 21:37:46 | 000,000,721 | ---- | M] () -- \Program Files (x86)\Pinnacle\Studio 15\Plugins\RTFx\HfxXML\Crackers.xml
[2010.03.04 21:37:46 | 000,000,738 | ---- | M] () -- \Program Files (x86)\Pinnacle\Studio 15\Plugins\RTFx\HfxXML\FireCracker.xml
[2010.03.04 21:37:46 | 000,010,179 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Effects\65 - Patriotic\FireCracker.hfx
[2010.03.04 21:37:46 | 000,008,201 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Effects\70 - Foods\Crackers.hfx
[2010.03.04 21:45:04 | 001,543,882 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Objects\Food\Cracker.hfo
[2010.03.04 21:45:06 | 000,026,143 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Objects\Patriotic\Firecracker BAM.hfo
[2010.03.04 21:45:06 | 000,027,267 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Objects\Patriotic\Firecracker bottom.hfo
[2010.03.04 21:45:06 | 000,080,879 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Objects\Patriotic\Firecracker top.hfo
[2010.10.19 13:32:04 | 000,843,284 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\Sound Effects\UFX – Gag\Whip Crack Vx.wav
[2010.10.19 13:32:04 | 000,843,284 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\Sound Effects\UFX – Gag\Whip Crack.wav
[2010.10.19 13:32:06 | 000,597,884 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\Sound Effects\UFX – Hrající si děti\Bat Crack .wav
[2010.10.19 13:32:08 | 016,633,220 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\Sound Effects\UFX – Zimní radovánky\Crackling Hearth.wav

< *keygen* /s >

< *loader* /s >
[2009.11.19 03:40:08 | 000,076,288 | ---- | M] () -- \Program Files (x86)\ArcSoft\TotalMedia Suite\Label Maker\uACM_Loader.dll
[2009.11.27 16:22:00 | 000,084,480 | ---- | M] () -- \Program Files (x86)\ArcSoft\TotalMedia Suite\WebCam Companion 3\ASDownloader.exe
[2009.11.27 16:23:00 | 000,338,432 | ---- | M] () -- \Program Files (x86)\ArcSoft\TotalMedia Suite\WebCam Companion 3\SnapFishUploader.dll
[2010.10.07 03:36:40 | 000,265,552 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2010.10.07 03:36:40 | 000,018,264 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2012.02.03 03:32:08 | 000,112,128 | ---- | M] () -- \Program Files (x86)\Common Files\Nokia\Tss\ProductApiLoader\ta_productapiloader.dll
[2011.01.25 11:16:44 | 000,053,248 | ---- | M] () -- \Program Files (x86)\Hewlett-Packard\HP Setup\ContentDownloader.exe
[2011.01.25 11:11:12 | 000,005,974 | ---- | M] () -- \Program Files (x86)\Hewlett-Packard\HP Setup\ContentDownloader.exe.config
[2010.03.05 22:12:10 | 000,675,568 | ---- | M] () -- \Program Files (x86)\HP Games\HP Game Console\WTDownloader.exe
[2012.10.11 04:44:54 | 000,007,024 | ---- | M] () -- \Program Files (x86)\LibreOffice 3.6\program\pythonloader.py
[2012.10.11 04:39:10 | 000,027,136 | ---- | M] () -- \Program Files (x86)\LibreOffice 3.6\program\pythonloader.uno.dll
[2012.10.11 04:48:32 | 000,000,171 | ---- | M] () -- \Program Files (x86)\LibreOffice 3.6\program\pythonloader.uno.ini
[2012.10.10 16:55:28 | 000,124,234 | ---- | M] () -- \Program Files (x86)\LibreOffice 3.6\share\extensions\report-builder\libloader-1.1.6.jar
[2012.10.11 04:39:28 | 000,059,392 | ---- | M] () -- \Program Files (x86)\LibreOffice 3.6\URE\bin\javaloader.uno.dll
[2012.10.10 10:58:56 | 000,004,488 | ---- | M] () -- \Program Files (x86)\LibreOffice 3.6\URE\java\unoloader.jar
[2008.01.16 20:35:50 | 000,004,608 | ---- | M] () -- \Program Files (x86)\Mio Technology\MioMore Desktop\AxInterop.POILOADER_OCXLib.dll
[2008.01.16 20:35:52 | 000,024,576 | ---- | M] () -- \Program Files (x86)\Mio Technology\MioMore Desktop\back_POILoader.dll
[2008.01.16 20:35:50 | 000,005,632 | ---- | M] () -- \Program Files (x86)\Mio Technology\MioMore Desktop\Interop.POILOADER_OCXLib.dll
[2008.03.13 20:55:42 | 000,000,458 | ---- | M] () -- \Program Files (x86)\Mio Technology\MioMore Desktop\Loader.ini
[2008.02.20 15:01:32 | 000,000,435 | ---- | M] () -- \Program Files (x86)\Mio Technology\MioMore Desktop\Loader.ini.bak
[2008.03.07 19:51:36 | 000,024,576 | ---- | M] () -- \Program Files (x86)\Mio Technology\MioMore Desktop\POILoader.dll
[2008.03.17 15:14:02 | 000,094,208 | ---- | M] () -- \Program Files (x86)\Mio Technology\MioMore Desktop\POILoaderDataOper.dll
[2008.03.19 18:37:46 | 000,049,152 | ---- | M] () -- \Program Files (x86)\Mio Technology\MioMore Desktop\POILoaderPanel.dll
[2008.03.14 17:30:22 | 000,000,448 | ---- | M] () -- \Program Files (x86)\Mio Technology\MioMore Desktop\POILoader_Cfg.xml
[2008.02.19 16:32:26 | 000,909,312 | ---- | M] () -- \Program Files (x86)\Mio Technology\MioMore Desktop\POILoader_OCX.ocx
[2007.12.27 09:42:46 | 000,001,936 | ---- | M] () -- \Program Files (x86)\Mio Technology\MioMore Desktop\POILoader_OCX.tlb
[2 \Program Files (x86)\Mio Technology\MioMore Desktop\*.tmp files -> \Program Files (x86)\Mio Technology\MioMore Desktop\*.tmp -> ]
[2008.03.04 19:41:40 | 000,032,768 | ---- | M] () -- \Program Files (x86)\Mio Technology\MioMore Desktop\Language\POILoader.exe.0405.MUI
[2008.03.04 19:41:40 | 000,032,768 | ---- | M] () -- \Program Files (x86)\Mio Technology\MioMore Desktop\Language\POILoader.exe.040E.MUI
[2008.03.04 19:41:40 | 000,032,768 | ---- | M] () -- \Program Files (x86)\Mio Technology\MioMore Desktop\Language\POILoader.exe.0415.MUI
[2008.03.04 19:41:40 | 000,032,768 | ---- | M] () -- \Program Files (x86)\Mio Technology\MioMore Desktop\Language\POILoader.exe.0418.MUI
[2008.03.04 19:41:40 | 000,032,768 | ---- | M] () -- \Program Files (x86)\Mio Technology\MioMore Desktop\Language\POILoader.exe.0419.MUI
[2008.03.04 19:41:40 | 000,032,768 | ---- | M] () -- \Program Files (x86)\Mio Technology\MioMore Desktop\Language\POILoader.exe.041B.MUI
[2008.03.04 19:41:40 | 000,032,768 | ---- | M] () -- \Program Files (x86)\Mio Technology\MioMore Desktop\Language\POILoader.exe.041F.MUI
[2008.03.04 19:41:40 | 000,032,768 | ---- | M] () -- \Program Files (x86)\Mio Technology\MioMore Desktop\Language\POILoader.exe.0809.MUI
[2012.06.26 11:36:20 | 000,002,560 | ---- | M] () -- \Program Files (x86)\Nokia\Nokia PC Suite 7\Lang\MapLoader_cze.NLR
[2011.01.17 15:21:04 | 000,006,263 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\Basis\program\pythonloader.py
[2011.10.21 07:01:26 | 000,021,504 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\Basis\program\pythonloader.uno.dll
[2011.01.17 16:00:08 | 000,000,171 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\Basis\program\pythonloader.uno.ini
[2011.10.21 07:01:30 | 000,029,184 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\URE\bin\javaloader.uno.dll
[2010.11.19 11:24:20 | 000,003,689 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\URE\java\unoloader.jar
[2010.10.07 03:36:40 | 000,387,408 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2010.10.07 03:36:40 | 000,018,264 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2012.07.10 10:33:04 | 000,430,080 | ---- | M] () -- \Program Files\Zoner\Photo Studio 14\Plugins\Facebook\ZPSFacebookUploader.exe
[2012.06.05 13:35:30 | 000,442,368 | ---- | M] () -- \Program Files\Zoner\Photo Studio 14\Plugins\Flickr\ZPSFlickrUploader.exe
[2010.04.29 15:12:42 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 14\Plugins\Flickr\ZPSPluginLoader.exe
[2011.03.08 18:09:04 | 000,194,048 | ---- | M] () -- \Program Files\Zoner\Photo Studio 14\Plugins\Picasa\ZPSPicasaUploader.exe
[2010.04.29 15:12:40 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 14\Plugins\Picasa\ZPSPluginLoader.exe
[2012.07.13 12:59:04 | 000,102,824 | ---- | M] () -- \Program Files\Zoner\Photo Studio 14\Program32\8bfLoader.exe
[2012.07.13 12:59:16 | 000,016,808 | ---- | M] () -- \Program Files\Zoner\Photo Studio 14\Program32\WICLoader.exe
[2012.07.13 12:59:54 | 000,019,368 | ---- | M] () -- \Program Files\Zoner\Photo Studio 14\Program64\WICLoader.exe
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2011.12.11 21:02:38 | 000,000,747 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\Common\css\online_loader.css
[2011.12.11 21:02:37 | 000,000,640 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\Common\img\mini_loader_off.gif
[2011.12.11 21:02:37 | 000,002,068 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\Common\img\mini_loader_on.gif
[2011.12.11 21:02:37 | 000,012,527 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\Common\img\windowed_loader_75.gif
[2011.12.11 21:02:38 | 000,003,194 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\Common\js\online_loader.js
[2011.12.11 21:02:38 | 000,000,659 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\de\Online_Loader.html
[2011.12.11 21:02:37 | 000,003,083 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\de\img\going_online_loader.gif
[2011.12.11 21:02:37 | 000,003,241 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\de\img\onlineloader_retry.gif
[2008.11.10 22:39:16 | 000,000,600 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\de\swf\loader_web.swf
[2011.12.11 21:02:38 | 000,000,659 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\en\Online_Loader.html
[2011.12.11 21:02:37 | 000,003,065 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\en\img\going_online_loader.gif
[2011.12.11 21:02:37 | 000,003,097 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\en\img\onlineloader_retry.gif
[2008.11.10 22:39:16 | 000,000,600 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\en\swf\loader_web.swf
[2011.12.11 21:02:39 | 000,000,659 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\en-us\Online_Loader.html
[2008.11.10 22:39:16 | 000,000,600 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\en-us\fs_wire\swf\loader_web.swf
[2011.12.11 21:02:37 | 000,003,065 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\en-us\img\going_online_loader.gif
[2011.12.11 21:02:37 | 000,003,097 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\en-us\img\onlineloader_retry.gif
[2011.12.11 21:02:39 | 000,000,659 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\es\Online_Loader.html
[2011.12.11 21:02:37 | 000,003,199 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\es\img\going_online_loader.gif
[2011.12.11 21:02:37 | 000,003,515 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\es\img\onlineloader_retry.gif
[2008.11.10 22:39:16 | 000,000,600 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\es\swf\loader_web.swf
[2011.12.11 21:02:39 | 000,000,659 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\es-es\Online_Loader.html
[2011.12.11 21:02:37 | 000,003,031 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\es-es\img\going_online_loader.gif
[2011.12.11 21:02:37 | 000,003,665 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\es-es\img\onlineloader_retry.gif
[2008.11.10 22:39:16 | 000,000,600 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\es-es\swf\loader_web.swf
[2011.12.11 21:02:41 | 000,000,659 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\fr\Online_Loader.html
[2011.12.11 21:02:37 | 000,003,143 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\fr\img\going_online_loader.gif
[2011.12.11 21:02:37 | 000,003,545 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\fr\img\onlineloader_retry.gif
[2008.11.10 22:39:16 | 000,000,600 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\fr\swf\loader_web.swf
[2011.12.11 21:02:41 | 000,000,659 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\it\Online_Loader.html
[2011.12.11 21:02:38 | 000,003,186 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\it\img\going_online_loader.gif
[2011.12.11 21:02:38 | 000,003,368 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\it\img\onlineloader_retry.gif
[2008.11.10 22:39:16 | 000,000,600 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\it\swf\loader_web.swf
[2011.12.11 21:02:41 | 000,000,659 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\ko-kr\Online_Loader.html
[2011.12.11 21:02:38 | 000,003,160 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\ko-kr\img\going_online_loader.gif
[2011.12.11 21:02:38 | 000,003,054 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\ko-kr\img\onlineloader_retry.gif
[2008.11.10 22:39:16 | 000,000,600 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\ko-kr\swf\loader_web.swf
[2011.12.11 21:02:41 | 000,000,659 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\pt\Online_Loader.html
[2011.12.11 21:02:38 | 000,003,210 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\pt\img\going_online_loader.gif
[2011.12.11 21:02:38 | 000,003,581 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\pt\img\onlineloader_retry.gif
[2011.12.11 21:02:43 | 000,000,659 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\zh\Online_Loader.html
[2011.12.11 21:02:38 | 000,003,111 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\zh\img\going_online_loader.gif
[2011.12.11 21:02:38 | 000,003,092 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\zh\img\onlineloader_retry.gif
[2008.11.10 22:39:16 | 000,000,600 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\zh\swf\loader_web.swf
[2011.12.11 21:02:44 | 000,000,659 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\zh-cn\Online_Loader.html
[2011.12.11 21:02:38 | 000,002,778 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\zh-cn\img\going_online_loader.gif
[2011.12.11 21:02:38 | 000,003,219 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\zh-cn\img\onlineloader_retry.gif
[2008.11.10 22:39:16 | 000,000,600 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\zh-cn\swf\loader_web.swf
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2011.12.11 21:02:38 | 000,000,747 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\Common\css\online_loader.css
[2011.12.11 21:02:37 | 000,000,640 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\Common\img\mini_loader_off.gif
[2011.12.11 21:02:37 | 000,002,068 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\Common\img\mini_loader_on.gif
[2011.12.11 21:02:37 | 000,012,527 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\Common\img\windowed_loader_75.gif
[2011.12.11 21:02:38 | 000,003,194 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\Common\js\online_loader.js
[2011.12.11 21:02:38 | 000,000,659 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\de\Online_Loader.html
[2011.12.11 21:02:37 | 000,003,083 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\de\img\going_online_loader.gif
[2011.12.11 21:02:37 | 000,003,241 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\de\img\onlineloader_retry.gif
[2008.11.10 22:39:16 | 000,000,600 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\de\swf\loader_web.swf
[2011.12.11 21:02:38 | 000,000,659 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\en\Online_Loader.html
[2011.12.11 21:02:37 | 000,003,065 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\en\img\going_online_loader.gif
[2011.12.11 21:02:37 | 000,003,097 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\en\img\onlineloader_retry.gif
[2008.11.10 22:39:16 | 000,000,600 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\en\swf\loader_web.swf
[2011.12.11 21:02:39 | 000,000,659 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\en-us\Online_Loader.html
[2008.11.10 22:39:16 | 000,000,600 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\en-us\fs_wire\swf\loader_web.swf
[2011.12.11 21:02:37 | 000,003,065 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\en-us\img\going_online_loader.gif
[2011.12.11 21:02:37 | 000,003,097 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\en-us\img\onlineloader_retry.gif
[2011.12.11 21:02:39 | 000,000,659 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\es\Online_Loader.html
[2011.12.11 21:02:37 | 000,003,199 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\es\img\going_online_loader.gif
[2011.12.11 21:02:37 | 000,003,515 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\es\img\onlineloader_retry.gif
[2008.11.10 22:39:16 | 000,000,600 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\es\swf\loader_web.swf
[2011.12.11 21:02:39 | 000,000,659 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\es-es\Online_Loader.html
[2011.12.11 21:02:37 | 000,003,031 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\es-es\img\going_online_loader.gif
[2011.12.11 21:02:37 | 000,003,665 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\es-es\img\onlineloader_retry.gif
[2008.11.10 22:39:16 | 000,000,600 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\es-es\swf\loader_web.swf
[2011.12.11 21:02:41 | 000,000,659 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\fr\Online_Loader.html
[2011.12.11 21:02:37 | 000,003,143 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\fr\img\going_online_loader.gif
[2011.12.11 21:02:37 | 000,003,545 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\fr\img\onlineloader_retry.gif
[2008.11.10 22:39:16 | 000,000,600 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\fr\swf\loader_web.swf
[2011.12.11 21:02:41 | 000,000,659 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\it\Online_Loader.html
[2011.12.11 21:02:38 | 000,003,186 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\it\img\going_online_loader.gif
[2011.12.11 21:02:38 | 000,003,368 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\it\img\onlineloader_retry.gif
[2008.11.10 22:39:16 | 000,000,600 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\it\swf\loader_web.swf
[2011.12.11 21:02:41 | 000,000,659 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\ko-kr\Online_Loader.html
[2011.12.11 21:02:38 | 000,003,160 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\ko-kr\img\going_online_loader.gif
[2011.12.11 21:02:38 | 000,003,054 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\ko-kr\img\onlineloader_retry.gif
[2008.11.10 22:39:16 | 000,000,600 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\ko-kr\swf\loader_web.swf
[2011.12.11 21:02:41 | 000,000,659 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\pt\Online_Loader.html
[2011.12.11 21:02:38 | 000,003,210 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\pt\img\going_online_loader.gif
[2011.12.11 21:02:38 | 000,003,581 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\pt\img\onlineloader_retry.gif
[2011.12.11 21:02:43 | 000,000,659 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\zh\Online_Loader.html
[2011.12.11 21:02:38 | 000,003,111 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\zh\img\going_online_loader.gif
[2011.12.11 21:02:38 | 000,003,092 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\zh\img\onlineloader_retry.gif
[2008.11.10 22:39:16 | 000,000,600 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\zh\swf\loader_web.swf
[2011.12.11 21:02:44 | 000,000,659 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\zh-cn\Online_Loader.html
[2011.12.11 21:02:38 | 000,002,778 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\zh-cn\img\going_online_loader.gif
[2011.12.11 21:02:38 | 000,003,219 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\zh-cn\img\onlineloader_retry.gif
[2008.11.10 22:39:16 | 000,000,600 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\zh-cn\swf\loader_web.swf
[2011.11.13 05:59:15 | 000,057,728 | ---- | M] () -- \Users\Ladislav Scholze\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\img\dt_dadget_loader.png
[2011.11.13 05:59:16 | 000,057,728 | ---- | M] () -- \Users\Ladislav Scholze\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin1\dt_dadget_loader.png
[2011.11.13 05:59:16 | 000,057,728 | ---- | M] () -- \Users\Ladislav Scholze\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin2\dt_dadget_loader.png
[2011.11.13 05:59:16 | 000,057,728 | ---- | M] () -- \Users\Ladislav Scholze\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin3\dt_dadget_loader.png
[2011.11.13 05:59:16 | 000,057,728 | ---- | M] () -- \Users\Ladislav Scholze\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin4\dt_dadget_loader.png
[2011.11.13 05:59:17 | 000,061,770 | ---- | M] () -- \Users\Ladislav Scholze\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin5\dt_dadget_loader.png
[2011.11.13 05:59:17 | 000,061,770 | ---- | M] () -- \Users\Ladislav Scholze\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin6\dt_dadget_loader.png
[2012.11.29 15:47:10 | 000,197,580 | ---- | M] () -- \Users\Ladislav Scholze\AppData\Roaming\Mozilla\Firefox\Profiles\mlev00wi.default\extensions\ftdownloader@ftdownloader.com.xpi
[2008.07.02 06:26:42 | 002,749,311 | ---- | M] () -- \Users\Ladislav Scholze\Music\Clapton Eric_2000_Most Famous Hits - The Album. CD1\Freight Loader.mp3
[2010.03.24 19:35:48 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_amd64_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.03.24 19:12:34 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.03.24 19:35:48 | 000,370,512 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\VSTOLoader_dll_amd64.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.03.24 19:12:34 | 000,249,680 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2012.11.30 05:45:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[1996.10.15 08:53:16 | 000,078,848 | ---- | M] () -- \Windows\System32\INLOADER.DLL
[2 \Windows\System32\*.tmp files -> \Windows\System32\*.tmp -> ]
[2012.11.30 05:45:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[1996.10.15 08:53:16 | 000,078,848 | ---- | M] () -- \Windows\SysWOW64\INLOADER.DLL
[2 \Windows\SysWOW64\*.tmp files -> \Windows\SysWOW64\*.tmp -> ]
[2009.07.14 02:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 02:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:04:54 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_66c2596d956d1920\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.18 16:22:27 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_66ff46fd953e6c5c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:28:57 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_66dcd6a595588d81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:41:11 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_66b5981d957562a1\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:06:43 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_67770e0aae6a7c68\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:46:36 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_6787e564ae5ceff6\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:26:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_67667556ae762a72\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:36:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_67316604ae9dcf7e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:38:32 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_68c05c919281774d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:38:48 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:09:47 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_6907efc6abd0db81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.10 21:11:42 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2011.05.10 21:11:42 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2011.05.10 21:11:42 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2011.05.10 21:11:42 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2011.05.10 21:11:42 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2011.10.30 05:50:59 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.10.30 05:50:59 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2011.10.30 05:50:59 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2011.10.30 05:50:59 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2011.10.30 05:51:00 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 03:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2011.05.10 21:09:14 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 03:44:20 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2009.07.14 03:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011.02.05 14:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.02.05 14:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010.11.20 05:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 18:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 14:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 03:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:19:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.18 12:09:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_0ae0ab79dce0fb26\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:45:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:56:23 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_0a96fc99dd17f16b\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:42:56 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_0b6949e0f5ff7ec0\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:48:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:44:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_0b12ca80f6405e48\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:32:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >
Nahoru
Ladislav Scholze
Návštěvník
Návštěvník
Příspěvky: 47
Registrován: 06 led 2013 10:18

Re: Preventivní kontrola

#39 Příspěvek od Ladislav Scholze »

třetí část:

< *serial* /s >
[2012.10.10 16:55:28 | 000,021,761 | ---- | M] () -- \Program Files (x86)\LibreOffice 3.6\share\extensions\report-builder\libserializer-1.1.6.jar
[2012.04.11 00:15:28 | 000,434,288 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.10411.0\System.Runtime.Serialization.dll
[2012.05.21 14:04:59 | 001,164,288 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.10411.0\System.Runtime.Serialization.ni.dll
[2012.10.05 11:53:23 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.05 02:53:39 | 000,090,112 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2011.01.27 01:35:02 | 000,000,256 | ---- | M] () -- \Program Files\Hewlett-Packard\HP Power Assistant\HPCommon.XmlSerializers.dll.hpsign
[2012.04.11 03:37:58 | 000,434,288 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.10411.0\System.Runtime.Serialization.dll
[2012.05.21 14:05:26 | 001,546,240 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.10411.0\System.Runtime.Serialization.ni.dll
[2012.10.05 11:52:37 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.05 02:54:42 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2009.09.20 10:53:30 | 000,004,185 | ---- | M] () -- \ProgramData\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009.09.20 10:53:30 | 000,004,185 | ---- | M] () -- \Users\All Users\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2008.09.04 09:06:40 | 000,079,120 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\HfxSerial.exe
[2008.09.04 09:07:02 | 000,010,512 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-CHS.dll
[2008.09.04 09:07:04 | 000,011,024 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-DEU.dll
[2008.09.04 09:07:04 | 000,011,024 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-ESP.dll
[2008.09.04 09:07:06 | 000,011,024 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-FRA.dll
[2008.09.04 09:07:10 | 000,011,024 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-ITA.dll
[2008.09.04 09:07:14 | 000,010,512 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-JPN.dll
[2008.09.04 09:07:14 | 000,010,512 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-KOR.dll
[2008.09.04 09:07:16 | 000,011,024 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-NLD.dll
[2011.05.10 21:11:16 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.13 03:02:06 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2012.10.05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.01.09 17:31:59 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\2ad51da1b752b19c992fcefd56eb7c01\System.Runtime.Serialization.ni.dll
[2013.01.09 17:31:14 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\eb4fa29ea9ab56d453b36696edbe6423\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.01.09 17:32:19 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\32072ac29ee7bc9e2ccab4fb8aa46d54\System.Runtime.Serialization.ni.dll
[2013.01.09 17:27:36 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\8e03b29f6562f1b7ce14fa3337d9cee2\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.01.10 06:03:51 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\77abf1693d291d374b58ffbbfe36d4dd\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.01.10 06:04:17 | 002,647,040 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\910fe53ec2122cf3a2ad11c2b2f5cbfd\System.Runtime.Serialization.ni.dll
[2013.01.10 06:06:21 | 000,009,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\058c3947c450591cb81643529cfd5ca7\System.Xml.Serialization.ni.dll
[2013.01.10 08:44:46 | 003,412,992 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\a3a3ccd41789ba4eb01f51db6c508222\System.Runtime.Serialization.ni.dll
[2013.01.10 08:45:56 | 000,376,832 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\c79d7323e38d906c09917fe1d40b2ad7\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.01.10 08:48:56 | 000,010,240 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.Serializ#\7711bba76f0bf9a22deaa8bb2e09bb16\System.Xml.Serialization.ni.dll
[2013.01.09 07:58:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.01.09 07:58:26 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.01.09 07:58:31 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.05 02:53:33 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.10.05 11:53:24 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 21:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 21:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.06 15:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2009.06.10 21:40:06 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.05 02:54:38 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2012.10.05 11:52:38 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 21:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 21:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.06 15:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2012.10.05 21:09:22 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_ar-sa_da66fe5d47789091.manifest
[2012.10.05 21:03:20 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_da-dk_622a3c9da1a8c4d8.manifest
[2012.10.05 19:10:04 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_de-de_626f1d4da174828e.manifest
[2012.10.05 21:02:37 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_el-gr_8f546afdbfc776f0.manifest
[2012.10.05 20:54:09 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_es-es_8f50994bbfc949f4.manifest
[2012.10.05 21:02:40 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_fi-fi_bd1d8c79dd71129a.manifest
[2012.10.05 19:08:58 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_fr-fr_bcc53fc7ddb1f222.manifest
[2012.10.05 21:01:09 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_he-il_17cecb28196cb924.manifest
[2012.10.05 21:12:17 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_hu-hu_177d7e9619a74ce6.manifest
[2012.10.05 21:12:18 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_it-it_44f22512378ff514.manifest
[2012.10.05 20:11:25 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_ja-jp_7275361e55708151.manifest
[2012.10.05 20:10:37 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_ko-kr_9fd8712c7363f96b.manifest
[2012.10.05 21:02:32 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_nb-no_282c61bccd26f48f.manifest
[2012.10.05 21:12:15 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_nl-nl_2856d464cd059e22.manifest
[2012.10.05 21:12:17 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_pl-pl_832c821908e5590e.manifest
[2012.10.05 20:51:35 | 000,001,635 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_pt-br_82f38a4d090ef34a.manifest
[2012.10.05 21:12:12 | 000,001,632 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_pt-pt_82de0509091f034e.manifest
[2012.10.05 21:03:52 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_ru-ru_dda9e31b4505f382.manifest
[2012.10.05 21:12:13 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_sv-se_0bc2b8ff62732b3f.manifest
[2012.10.05 21:12:16 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_tr-tr_389cffb580d00e96.manifest
[2012.10.05 20:15:11 | 000,001,638 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_zh-cn_493f19f4345813af.manifest
[2012.10.05 20:15:20 | 000,001,638 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_zh-tw_48ddeaee34a0debf.manifest
[2012.10.05 20:54:03 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_ar-sa_c395599f61238589.manifest
[2012.10.05 20:54:13 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_da-dk_4b5897dfbb53b9d0.manifest
[2012.10.05 18:58:55 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_de-de_4b9d788fbb1f7786.manifest
[2012.10.05 20:53:49 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_el-gr_7882c63fd9726be8.manifest
[2012.10.05 20:48:11 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_es-es_787ef48dd9743eec.manifest
[2012.10.05 20:52:37 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_fi-fi_a64be7bbf71c0792.manifest
[2012.10.05 19:00:18 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_fr-fr_a5f39b09f75ce71a.manifest
[2012.10.05 20:54:34 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_he-il_00fd266a3317ae1c.manifest
[2012.10.05 20:59:30 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_hu-hu_00abd9d8335241de.manifest
[2012.10.05 20:59:26 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_it-it_2e208054513aea0c.manifest
[2012.10.05 20:01:19 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_ja-jp_5ba391606f1b7649.manifest
[2012.10.05 20:03:36 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_ko-kr_8906cc6e8d0eee63.manifest
[2012.10.05 20:54:16 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_nb-no_115abcfee6d1e987.manifest
[2012.10.05 21:00:42 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_nl-nl_11852fa6e6b0931a.manifest
[2012.10.05 21:00:50 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_pl-pl_6c5add5b22904e06.manifest
[2012.10.05 20:48:47 | 000,001,635 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_pt-br_6c21e58f22b9e842.manifest
[2012.10.05 21:00:41 | 000,001,632 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_pt-pt_6c0c604b22c9f846.manifest
[2012.10.05 20:54:16 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_ru-ru_c6d83e5d5eb0e87a.manifest
[2012.10.05 21:00:43 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_sv-se_f4f114417c1e2037.manifest
[2012.10.05 21:00:35 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_tr-tr_21cb5af79a7b038e.manifest
[2012.10.05 20:03:52 | 000,001,638 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_zh-cn_326d75364e0308a7.manifest
[2012.10.05 20:03:53 | 000,001,638 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_zh-tw_320c46304e4bd3b7.manifest
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2 \Windows\System32\*.tmp files -> \Windows\System32\*.tmp -> ]
[2011.05.10 21:11:09 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 01:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009.06.10 21:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2 \Windows\SysWOW64\*.tmp files -> \Windows\SysWOW64\*.tmp -> ]
[2011.05.10 21:11:09 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\cs-CZ\serialui.dll.mui
[2011.05.10 21:11:14 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_1c215c9ac50719c5\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2010.11.05 02:54:38 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_1e527062c1f59d5f\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2011.05.10 21:11:18 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23\serialui.dll.mui
[2009.07.14 03:26:50 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_en-us_edb61e94e4562781\serialui.dll.mui
[2011.05.10 21:14:49 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_hr-hr_d6754bf9bc719d3c\serialui.dll.mui
[2011.05.10 21:03:52 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_d5f23af62a751552\serialui.dll.mui
[2011.05.10 21:06:59 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sl-si_d5045cae2b0f2835\serialui.dll.mui
[2009.07.14 02:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2011.05.10 21:11:26 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_b96904386c2fe002\System.RunTime.Serialization.Resources.dll
[2010.11.05 02:54:42 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_bb9a1800691e639c\System.RunTime.Serialization.Resources.dll
[2011.05.10 21:11:19 | 000,009,728 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_20ab142d65ed6acc\serial.sys.mui
[2009.07.14 03:30:28 | 000,010,240 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_en-us_64015f894ce7c72a\serial.sys.mui
[2009.07.14 01:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009.06.10 21:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.10 21:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2009.06.10 21:30:46 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.16385_none_5943b25a748cb06c\System.Runtime.Serialization.dll
[2010.11.05 02:52:16 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722\System.Runtime.Serialization.dll
[2012.10.05 11:52:38 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b\System.Runtime.Serialization.dll
[2012.10.05 11:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53\System.Runtime.Serialization.dll
[2009.06.10 21:30:43 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_941abf24c884ab05\System.Runtime.Serialization.dll
[2010.11.05 02:52:08 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb\System.Runtime.Serialization.dll
[2012.10.05 11:52:37 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4\System.Runtime.Serialization.dll
[2012.10.05 11:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec\System.Runtime.Serialization.dll
[2011.10.30 05:49:26 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011.10.30 05:49:26 | 000,017,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8_kdcom.dll_db5e7744
[2011.05.10 21:11:43 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23_serialui.dll.mui_7d29d2a3
[2009.07.14 03:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2011.05.10 21:11:38 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009.07.14 03:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009.07.14 03:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2011.02.05 14:10:43 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16757_none_6dccf6b5c641c933.manifest
[2011.02.05 14:05:47 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.20897_none_6e2b53d0df7fd8c1.manifest
[2011.02.05 18:35:45 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011.02.05 14:11:05 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009.07.14 03:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2009.07.14 03:26:23 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.16385_none_5943b25a748cb06c.manifest
[2010.11.20 05:21:24 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722.manifest
[2012.10.05 19:18:30 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b.manifest
[2012.10.05 19:10:31 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53.manifest
[2009.07.14 03:27:09 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_941abf24c884ab05.manifest
[2010.11.20 05:22:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb.manifest
[2012.10.05 19:19:07 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4.manifest
[2012.10.05 19:11:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec.manifest
[2009.07.14 02:52:33 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896.manifest
[2010.11.20 04:06:16 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2012.10.05 18:15:39 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285.manifest
[2012.10.05 18:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d.manifest
[2011.05.10 21:10:21 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2009.07.14 03:42:40 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_en-us_8f71d563bf7aa3c2.manifest
[2012.10.05 21:12:17 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f.manifest
[2012.10.05 19:09:41 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_en-us_8f4bb639bfcd9db1.manifest
[2012.10.05 20:59:28 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797.manifest
[2012.10.05 18:57:17 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_en-us_787a117bd97892a9.manifest
[2009.07.14 02:51:52 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9.manifest
[2010.11.20 04:05:38 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2012.10.05 18:15:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8.manifest
[2012.10.05 18:17:15 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0.manifest
[2009.07.14 02:57:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b.manifest
[2010.11.20 04:10:46 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2012.10.05 18:19:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa.manifest
[2012.10.05 18:22:10 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2.manifest
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2011.05.10 21:11:16 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 22:14:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896\System.Runtime.Serialization.dll
[2010.11.05 02:52:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2012.10.05 11:53:24 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285\System.Runtime.Serialization.dll
[2012.10.05 11:56:07 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d\System.Runtime.Serialization.dll
[2011.05.10 21:11:26 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2010.11.13 03:02:06 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f\System.RunTime.Serialization.Resources.dll
[2010.11.13 03:37:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797\System.RunTime.Serialization.Resources.dll
[2009.06.10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9\System.Runtime.Serialization.dll
[2010.11.05 02:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2012.10.05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8\System.Runtime.Serialization.dll
[2012.10.05 11:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0\System.Runtime.Serialization.dll
[2011.05.10 21:11:18 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_267606ecf967dbc0\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.05 02:53:33 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_28a71ab4f6565f5a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2011.05.10 21:11:09 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 03:10:04 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_en-us_919783112bf8b64b\serialui.dll.mui
[2011.05.10 21:14:47 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_hr-hr_7a56b07604142c06\serialui.dll.mui
[2011.05.10 21:03:53 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_79d39f727217a41c\serialui.dll.mui
[2011.05.10 21:07:00 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sl-si_78e5c12a72b1b6ff\serialui.dll.mui
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2011.05.10 21:11:26 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_5d4a68b4b3d26ecc\System.RunTime.Serialization.Resources.dll
[2010.11.05 02:53:39 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2009.06.10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b\System.Runtime.Serialization.dll
[2010.11.05 02:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2012.10.05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa\System.Runtime.Serialization.dll
[2012.10.05 11:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2\System.Runtime.Serialization.dll

< *w7lxe* /s >

< End of report >
Nahoru
Ladislav Scholze
Návštěvník
Návštěvník
Příspěvky: 47
Registrován: 06 led 2013 10:18

Re: Preventivní kontrola

#40 Příspěvek od Ladislav Scholze »

Další soubor

OTL Extras logfile created on: 18.1.2013 7:31:18 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Ladislav Scholze\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,94 Gb Total Physical Memory | 1,86 Gb Available Physical Memory | 47,30% Memory free
7,87 Gb Paging File | 5,61 Gb Available in Paging File | 71,28% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 574,02 Gb Total Space | 425,61 Gb Free Space | 74,15% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 850,56 Gb Free Space | 91,31% Space Free | Partition Type: NTFS
Drive E: | 16,85 Gb Total Space | 2,55 Gb Free Space | 15,11% Space Free | Partition Type: NTFS
Drive F: | 4,98 Gb Total Space | 4,98 Gb Free Space | 99,83% Space Free | Partition Type: FAT32
Drive I: | 111,79 Gb Total Space | 6,25 Gb Free Space | 5,60% Space Free | Partition Type: NTFS

Computer Name: NTBLS01 | User Name: Ladislav Scholze | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2535219242-432159718-1589159201-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{032676EA-7901-4337-AE8A-DDADBAB03C45}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{047D7A99-FBDA-4946-9A25-C93DC2C5E547}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0846E946-885D-4D4B-84E6-B49A431511AD}" = lport=445 | protocol=6 | dir=in | app=system |
"{08BE685A-84FE-407D-AC8D-F0B6AD2FB285}" = rport=137 | protocol=17 | dir=out | app=system |
"{0D4AEE8D-E2EF-4DBE-A001-9D7F3DEDD378}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{10AFF0F8-A3B2-4CAC-A40B-C46FAA2DBE0B}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{12D88236-F27E-4FC6-9F00-814FDA2167D3}" = lport=139 | protocol=6 | dir=in | app=system |
"{12FBC5CA-0FBC-487A-8D29-2E321BBEE94D}" = lport=137 | protocol=17 | dir=in | app=system |
"{1D3EC911-FC98-415F-AA2F-8DE49DBDB603}" = rport=139 | protocol=6 | dir=out | app=system |
"{216A2C1A-42C8-4AD5-8C0D-528C973F6C59}" = lport=138 | protocol=17 | dir=in | app=system |
"{22086038-820B-4710-BDE6-C924A8449EF8}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{31173C40-E916-4A35-910F-8266F5C9CD75}" = lport=2869 | protocol=6 | dir=in | app=system |
"{3AEE4EDA-2DE7-4E4A-BA99-B9B464A86DCF}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3CB98494-F06E-485A-9D51-4FCF9F7C5BF6}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{41809AED-AF9A-42C4-BC50-02BF08107E6C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4958B420-E46D-4F7C-A0DC-5B4ED79F4765}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4B6AA934-4677-4BEE-B4B4-22EE8180BA10}" = rport=10243 | protocol=6 | dir=out | app=system |
"{6AC308A8-C12C-4BE4-BBD0-281A7B89617B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{76A96A68-8044-4FDD-9839-11998094B2FA}" = rport=445 | protocol=6 | dir=out | app=system |
"{7D134BE8-0826-4ABA-BD2E-4837BC99E379}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7EFF1B5A-205B-4345-8D7B-B8D2A6BF2FE7}" = rport=138 | protocol=17 | dir=out | app=system |
"{83579F73-F8D4-4669-BE84-9151C15D7A69}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{88A25E2D-D173-462E-9271-0D3E0B516313}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8D1C27A1-D39E-46B5-8E42-1E077251D0D3}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8E381027-8B55-4804-9F7E-95B7D922BA1A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9BD51D91-5A2D-4139-B361-3EA316ABE6F9}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{9C70341A-FC84-4F8A-9354-4A6F4DC2F29E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A9B50B6A-A61E-4A64-8398-9F7DD90A7A5E}" = lport=10243 | protocol=6 | dir=in | app=system |
"{AED206AF-2287-4BA3-9A4E-4C51FFF02A12}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{B002B662-D476-4B7D-AB60-BB38F855472B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CCC8C6A4-4B5F-4C2B-9F05-3878D31CEA06}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{CF9D2880-1FAF-4F7A-8886-DBA9099F11EA}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{ED3E14D5-9B42-4116-8537-B6C9D959F6E3}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{F17BF9D5-6481-4D28-8C25-45BE60B7C21C}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0487BD24-8F1E-49C7-B7C2-337D3B998F63}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{208E3AE4-A357-4959-AA49-659206EBA9E8}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 15\programs\umi.exe |
"{222E78D8-DAFE-4102-B9E0-E2CA10AE862E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{2F655E14-8DDB-455F-8AA1-D4FDAB3C046F}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3236E784-E6CF-4E53-A0BC-F96CF4BBD5CA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{43F8722F-29BF-4F57-B229-F63D7E38A3E6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{499A28F6-F324-41D3-B40A-A22C96F2B45A}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{6477D5A2-55AC-4378-9291-EDD2CAC050E2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{6778CBA0-B567-478A-9BFC-D36F7A78A336}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 15\programs\rm.exe |
"{68283F95-CBE0-47C1-8A3B-16A8BF983CB1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6D36E0E6-DDFB-4F8B-8741-3AD0DE101FA9}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 15\programs\studio.exe |
"{7B94AA3E-FB13-40BE-85A3-A35B5BB4FEF0}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{89BEB28E-8D68-4C44-AF50-F666B197CAB7}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{8B13A18D-94DA-4D10-9A44-9B3A19BAB3A7}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{924DCC51-67C0-423E-AF36-DBF3C62B1673}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{92D9DCAF-E339-4CA4-AB8C-63E28F3597C7}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 15\programs\studio.exe |
"{A3108B2A-FCC3-450B-9E19-D4DBD0525044}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{A5218EF0-70AB-4949-88B1-D32366D60B8F}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{AE696EAB-DB2B-4A49-9A93-4CF8F13451CC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C0A9A265-82BB-4490-BACB-A3C54D3B11C6}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{C298CD5F-557E-4C2A-80A3-C530AD56E6DF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CA7779FE-F7D5-4053-8CE9-0752860BCC26}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 15\programs\umi.exe |
"{CB8B630E-BBB2-43A2-B1A8-439A860E6455}" = protocol=6 | dir=out | app=system |
"{CDAE9F67-E531-4F69-B92B-99D866583F0C}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D0E07E23-928F-4EEC-87C8-FBD5CCA7F982}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D3147EA0-9EAB-423E-B689-D303107228B0}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D4D7754C-8D87-480B-AFF8-246BA6CB3390}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 15\programs\rm.exe |
"{E2BC12ED-C5C8-48F4-8DCF-1B63D94DAB31}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{EFE78C0F-A8D4-4891-95B5-64FF6E45F2C9}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{F6497C17-2075-4BD4-9725-BEC7EEB2C9AC}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{FEAB1018-D463-447E-84B8-69470368EADE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}" = Network64
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{17016DA1-F040-4032-BD36-34DD317BC9D5}" = HP Photosmart All-In-One Driver Software 13.0 Rel. A
"{17CA32D1-73BD-4990-B8F6-369D8D34B05D}" = Microsoft Antimalware Service CS-CZ Language Pack
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Bluetooth Win7 Suite (64)
"{3D8EDF72-13CC-4E51-AAB6-32A20524D2E0}" = HP Power Assistant
"{422BA615-2133-4DC0-8673-09C8CC7557F2}" = HP ProtectTools Security Manager
"{483D5A49-A26B-4CB8-AA2D-0D1811322061}" = HP DayStarter
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{555ECC75-AB3B-6434-8900-2BBA4F91F107}" = ccc-utility64
"{55B52830-024A-443E-AF61-61E1E71AFA1B}" = Device Access Manager for HP ProtectTools
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{63E42DE7-C468-31B0-E373-173C67C87B88}" = ATI Catalyst Install Manager
"{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 2.5.7
"{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}" = Network64
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6DE721A5-5E89-4D74-994C-652BB3C0672E}" = Ovladače videa společnosti Pinnacle
"{7D1C63D1-6520-49DA-B738-958133526E80}" = HP HotKey Support
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{83DA38AB-1014-41C2-A3CD-E2B93832A71A}" = HP 3D DriveGuard
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A0041CD-277C-4C1F-BFE4-7AC508B20B4C}" = Drive Encryption For HP ProtectTools
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2010
"{90140000-006D-0405-1000-0000000FF1CE}" = Microsoft Office Klikni a spusť 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A8A0B1C1-FBC7-4790-8E26-9DA1A6A95452}" = Oracle VM VirtualBox 4.2.6
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{ACA53F68-B003-4D0E-9C3D-0C4EE09D08A8}" = Privacy Manager for HP ProtectTools
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{C78D3032-9DFD-41D0-9DE9-58EAE750CBA4}" = Microsoft Security Client
"{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}" = HP Auto
"{D3A775F2-2674-4452-8D80-1FC1446052EE}" = Face Recognition for HP ProtectTools
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client CS-CZ Language Pack
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FB06FBC7-3CE3-50D9-1803-CC28E5ADF780}" = WMV9/VC-1 Video Playback
"{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
"{FFC3E41D-2C2B-45B7-9AD9-5EA19572DD26}" = Validity Fingerprint Sensor Driver
"62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F" = Balíček ovladače systému Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0)
"72A50F48CC5601190B9C4E74D81161693133E7F7" = Balíček ovladače systému Windows - Nokia Modem (02/25/2011 7.01.0.9)
"CCleaner" = CCleaner
"E0AC723A3DE3A04256288CADBBB011B112AED454" = Balíček ovladače systému Windows - Nokia Modem (02/25/2011 4.7)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Security Essentials
"PCSU-SL_is1" = Zrychleni Pocitace - Kompletně odinstalovat
"Recuva" = Recuva
"STORMWARE PDF Printer_is1" = STORMWARE PDF Printer 8.2.0.1406
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"ZonerPhotoStudio14_CZ_is1" = Zoner Photo Studio 14

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03046EBB-CB7C-4B98-BEFB-690EB955DA22}" = HP Setup
"{073F306D-9851-4969-B828-7B6444D07D55}" = Windows Live Photo Common
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{08F10409-00BB-8843-4813-37FDDD972CB1}" = CCC Help Chinese Standard
"{08FB6F00-7D8D-5474-B70D-607638405BEB}" = CCC Help Korean
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}" = SDK
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{11C9A461-DD9D-4C71-85A4-6DCE7F99CC44}" = HP Wallpaper
"{12379137-5A34-8311-A00C-4571E468F507}" = CCC Help Polish
"{1362E602-9625-42D3-B57F-CDA9D26F9DA8}" = Pinnacle Studio 15
"{1392513C-F92A-2893-E263-071E943CB4B8}" = Catalyst Control Center InstallProxy
"{1529490E-DC67-A7DA-E7FE-789B929E67F0}" = CCC Help Norwegian
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{190A7D93-3823-439C-91B9-ADCE3EC2A6A2}" = ArcSoft Webcam Sharing Manager
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83216029FF}" = Java(TM) 6 Update 29
"{2A7EF808-14F3-4E93-BE3A-1675EE5332A4}" = AIO_CDA_ProductContext
"{2C43790E-8470-1027-82D3-DF319F3C410F}" = Intel(R) Identity Protection Technology 1.0.71.0
"{2E07A6AE-C2EC-05DB-8344-B562E5D9E341}" = CCC Help Swedish
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2F16E8D3-71D7-41A5-975E-4D94FA4811DF}" = LibreOffice 3.6
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3E918CE9-BDA6-282D-0E19-E11DF8004ABE}" = CCC Help Thai
"{4037A2B9-A976-4538-8B08-A0D95B637F35}" = C5100
"{40F485F7-6478-4896-B0D5-F94BE677EB78}_is1" = System Explorer 4.0.0
"{410DF0AA-882D-450D-9E1B-F5397ACFFA80}" = Windows Live Essentials
"{4114A073-7385-4742-8A5E-A5788FAC838F}" = ArcSoft TotalMedia
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{4441B01C-0AF2-6EE7-CDB3-AD0DB41E7147}" = CCC Help Hungarian
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4B21E4B2-89B8-499D-803A-34ABF929401E}" = HP Connection Manager
"{4D141929-141B-4605-95D6-2B8650C1C6DA}" = Windows Live UX Platform Language Pack
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{531000B3-DBEE-4115-BBF3-DA48B67C053F}" = HP Software Setup
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{54C65FE7-83BD-4A5B-A9B4-41F793C5F241}" = HP System Default Settings
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5E627606-53B9-42D1-97E1-D03F6229E248}" = Windows Live UX Platform Language Pack
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{644F4910-E812-49AD-93EC-86828CB81A0D}" = PC Connectivity Solution
"{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{668643A5-48DD-B0E9-62E1-1FDA18D54F66}" = CCC Help Finnish
"{6712B795-DCB1-473F-908E-43DAB21E4CE0}" = STORMWARE POHODA Start CZ
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6845255F-15CC-4DD1-94D5-D38F370118B3}_is1" = Auslogics Duplicate File Finder
"{69EA3784-E961-76A2-6C11-7B83AA50E56A}" = CCC Help Czech
"{6A9C9BE1-14A3-42ED-A388-42E30A1412E9}" = HP Documentation
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6B556C37-8919-4991-AC34-93D018B9EA49}" = Windows Live Photo Common
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6D6ADF03-B257-4EA5-BBC1-1D145AF8D514}" = File Sanitizer For HP ProtectTools
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.2.0
"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7130468A-F53F-4698-8C09-A339EA3B05E6}" = Nokia Software Updater
"{71543470-E3F8-6A06-08C8-783CD286D2BA}" = CCC Help German
"{737DCE46-824C-40BA-8776-81D9D1DB04AB}" = Catalyst Control Center - Branding
"{76BAC71B-00A7-BBFA-5DAE-EEB0DF9F4098}" = CCC Help English
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}" = Pošta Windows Live
"{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}" = Windows Live Writer Resources
"{7CF1347C-61F6-C495-127C-912FD6CB432D}" = CCC Help Japanese
"{7E90B133-FF47-48BB-91B8-36FC5A548FE9}" = Windows Live Writer Resources
"{80C45B94-2BA0-8E23-95A7-8A9FCD836EFD}" = PX Profile Update
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{85BE1D9F-FC67-E84E-F73A-BC7125E3B717}" = CCC Help Portuguese
"{866C4563-ED53-43F3-A29D-8BEE2BD1BA3C}" = Nokia PC Suite
"{8DC069E7-893C-41E1-9442-DE89FEC33371}" = Xobni Core
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0015-0405-0000-0000000FF1CE}_Office14.SingleImage_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0016-0405-0000-0000000FF1CE}_Office14.SingleImage_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0018-0405-0000-0000000FF1CE}_Office14.SingleImage_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-0019-0405-0000-0000000FF1CE}_Office14.SingleImage_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001A-0405-0000-0000000FF1CE}_Office14.SingleImage_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001B-0405-0000-0000000FF1CE}_Office14.SingleImage_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0405-0000-0000000FF1CE}_Office14.SingleImage_{2304F942-79D2-46F7-A512-269A7F5B7EFC}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-001F-041B-0000-0000000FF1CE}_Office14.SingleImage_{A162C5E6-7778-4D5B-9F0A-38F0122DD859}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0405-1000-0000000FF1CE}_Office14.SingleImage_{AB90513B-B892-41B5-8F8B-1D356A449652}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-002C-0405-0000-0000000FF1CE}_Office14.SingleImage_{8148DB19-71B1-4415-8B26-DF5B9E873FC3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-006E-0405-0000-0000000FF1CE}_Office14.SingleImage_{EEF3E2C0-135B-44DC-BEDD-7F01CFBEFF46}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00A1-0405-0000-0000000FF1CE}_Office14.SingleImage_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140011-0066-0405-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - čeština
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{95140000-00AF-0405-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer
"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A101F637-2E56-42C0-8E08-F1E9086BFAF3}" = Windows Live Movie Maker
"{A1EFCBD2-B171-E24D-FAD2-4E711A312DEF}" = CCC Help Danish
"{A5436728-2DFD-4221-B4D7-F49F740134C9}" = c5100_Help
"{A57025CC-5F2E-4D01-B387-06DB10500D43}" = Nokia Connectivity Cable Driver
"{A7AEE29F-839E-46B5-B347-6D430618129F}" = AIO_CDA_Software
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{AB9F8790-4ECB-1BFA-1B80-21DCD40664C3}" = CCC Help Greek
"{ABE2F2AA-7ADC-4717-9573-BF3F83C696AC}" = Windows Live Mail
"{ADC70B7A-530B-46E3-8384-48D22681A41E}" = Theft Recovery for HP ProtectTools
"{AE6BF609-EF6A-8764-85EE-6CC65602D88E}" = CCC Help Chinese Traditional
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B17C38D4-36B6-4941-BD24-917AA8092E84}" = 4-Day Forecast
"{B26B64E8-DB83-7904-2DF9-F92A7ABC14D9}" = Catalyst Control Center Localization All
"{B3E31950-C92F-BCD9-963D-A520887A262A}" = CCC Help Turkish
"{B6D8A751-F5E6-11E0-9DE8-005056C00008}" = MSVCRT Redists
"{B7B67AA5-12DA-4F01-918D-B1BF66779D8A}" = Windows Live Writer Resources
"{B7F60A16-7A7B-41FB-9AE3-DE9E324FBA06}" = HP Software Framework
"{BC7BED89-618B-4E89-8ADF-75D47F276223}" = Pinnacle Studio 15 Ultimate Collection Plugins
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BE211EBE-AC92-515C-D122-A9DD0BC9FFA9}" = Catalyst Control Center
"{C01FCACE-CC3D-49A2-ADC2-583A49857C58}" = Windows Live Essentials
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C6CD49BC-E6A5-F247-0489-F3188F300A8E}" = Catalyst Control Center Profiles Mobile
"{C7C60D93-E5B7-82D7-44A4-E3EE404B56A3}" = CCC Help Dutch
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CBD548E9-E421-7B51-5732-2F63B37589E2}" = CCC Help French
"{CD6A498E-0FF5-49CE-A70C-2D342E68E709}" = MioMore Desktop
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFC1988A-F492-4BC5-B6F7-683A95718AE9}" = HP ESU for Microsoft Windows 7
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D5B94160-4A07-4956-9C73-8C5EEFEF180F}" = OpenOffice.org 3.3
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{D7922D23-642E-0649-A3C9-38F9E0FA263E}" = CCC Help Russian
"{D86B0E2E-DF9A-441C-AF77-8D1A0FF00FA6}" = AIO_Scan
"{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DF2035BE-5820-4965-BD97-7FAF8D4A7879}" = Microsoft_VC90_CRT_x86
"{DF63FA79-75AE-45D6-715E-81E92F134702}" = CCC Help Italian
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E2531547-0789-690E-9F12-3EDBDBC64DA8}" = CCC Help Spanish
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E5377D46-83C5-445A-A1F1-830336B42A10}" = Windows Live Galerija fotografija
"{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}" = Fotogalerija Windows Live
"{EA777812-4905-4C08-8F6E-13BDCC734609}" = Windows Live UX Platform Language Pack
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F07E6C5F-6AE1-72B3-8659-08E2ABB86DF8}" = Catalyst Control Center Graphics Previews Common
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Display Audio Driver
"{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}" = Realtek Ethernet Controller All-In-One Windows Driver
"{FA6CF94F-DACF-4FE7-959D-55C421B91B17}" = Windows Live Mail
"{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FC030CB5-46A6-4229-AD6E-0AC869F509C8}" = Pinnacle Studio Bonus Content
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FF737490-5A2D-4269-9D82-97DB2F7C0B09}" = Windows Live Movie Maker
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"ArcSoft TotalMedia" = ArcSoft TotalMedia
"Ashampoo Burning Studio 2012_is1" = Ashampoo Burning Studio 2012 v10.0.15
"DAEMON Tools Lite" = DAEMON Tools Lite
"FormatFactory" = FormatFactory 3.00
"Foxit Reader_is1" = Foxit Reader
"FreeCommander_is1" = FreeCommander 2009.02b
"Freeraser" = Freeraser
"Google Chrome" = Google Chrome
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"InstallShield_{ADC70B7A-530B-46E3-8384-48D22681A41E}" = Theft Recovery for HP ProtectTools
"Knoll Light Factory EZ Studio 15" = Knoll Light Factory EZ Studio 15
"Magic Bullet Looks Studio 15" = Magic Bullet Looks Studio 15
"Mozilla Firefox 18.0 (x86 cs)" = Mozilla Firefox 18.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"My HP Game Console" = HP Game Console
"Nokia PC Suite" = Nokia PC Suite
"Office14.Click2Run" = Microsoft Office Klikni a spusť 2010
"Office14.SingleImage" = Microsoft Office 2010 pro studenty a domácnosti
"PDF Complete" = PDF Complete Special Edition
"Q-Dir" = Q-Dir
"Red Giant ToonIt Studio 15" = Red Giant ToonIt Studio 15
"Revo Uninstaller" = Revo Uninstaller 1.94
"stax-Pinnacle_is1" = SureThing Express Labeler
"Sunplus SPUVCb" = HP HD Webcam [Fixed]
"szn-software-postak" = Seznam Pošťák 2 (Všichni uživatelé tohoto počítače.)
"Trapcode 3DStroke Studio 15" = Trapcode 3DStroke Studio 15
"Trapcode Particular Studio" = Trapcode Particular Studio
"Trapcode Shine Studio 15" = Trapcode Shine Studio 15
"VIP Access SDK" = VIP Access SDK x64(1.0.0.50)
"VLC media player" = VLC media player 2.0.5
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite" = Windows Live Essentials
"WT087328" = Blackhawk Striker 2
"WT087330" = Bounce Symphony
"WT087343" = Dora's World Adventure
"WT087361" = FATE
"WT087362" = Final Drive Nitro
"WT087394" = Penguins!
"WT087395" = Poker Superstars III
"WT087396" = Polar Bowler
"WT087397" = Polar Golfer
"WT087501" = Plants vs. Zombies
"WT089299" = Mystery P.I. - The London Caper
"WT089307" = Virtual Villagers 4 - The Tree of Life
"WT089308" = Blasterball 3
"WT089328" = Farm Frenzy
"WT089359" = Cake Mania
"WT089362" = Agatha Christie - Peril at End House
"WT089451" = World Cup Cricket 20-20
"WT089453" = Bejeweled 2 Deluxe
"WT089454" = Chuzzle Deluxe
"WT089455" = Zuma Deluxe
"XobniMain" = Xobni
"Xvid Video Codec 1.3.2" = Xvid Video Codec
"Zoner Photo Map - ČR a SR 1:100 000_is1" = Zoner Photo Map - ČR a SR 1:100 000

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 15.11.2012 5:37:00 | Computer Name = NTBLS01 | Source = Application Hang | ID = 1002
Description = Program SDShred.exe verze 1.0.2.5 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
17e4 Čas spuštění: 01cdc314830ec163 Čas ukončení: 0 Cesta k aplikaci: C:\Program Files
(x86)\Spybot - Search & Destroy\SDShred.exe ID hlášení: ec5750a5-2f07-11e2-a676-d0df9a91cc02


Error - 27.11.2012 0:47:39 | Computer Name = NTBLS01 | Source = Microsoft Office 14 | ID = 2001
Description = Microsoft Excel: Rejected Safe Mode action : V aplikaci Excel došlo
k závažnému problému s doplňkem privacy manager add-in. Pokud se tato zpráva zobrazila
vícekrát, měli byste tento doplněk zakázat a zjistit, zda je k dispozici aktualizace.
Chcete tento doplněk zakázat?.

Error - 4.12.2012 1:20:53 | Computer Name = NTBLS01 | Source = Application Hang | ID = 1002
Description = Program soffice.bin verze 3.6.3.1 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
1464 Čas spuštění: 01cdd1de9edf607d Čas ukončení: 5 Cesta k aplikaci: C:\Program Files
(x86)\LibreOffice 3.6\program\soffice.bin ID hlášení: 59c29432-3dd2-11e2-8c2e-d0df9a91cc02


Error - 5.12.2012 0:55:05 | Computer Name = NTBLS01 | Source = Application Hang | ID = 1002
Description = Program hpiscnapp.exe verze 13.0.0.131 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
199c Čas spuštění: 01cdd2a46fba618a Čas ukončení: 17 Cesta k aplikaci: C:\Program
Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe ID hlášení: da6bd824-3e97-11e2-8c2e-d0df9a91cc02


Error - 11.12.2012 14:45:56 | Computer Name = NTBLS01 | Source = Application Hang | ID = 1002
Description = Program Popisovac.exe verze 4.2.0.0 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
8c10 Čas spuštění: 01cdd7c5f027e721 Čas ukončení: 23 Cesta k aplikaci: C:\Program
Files (x86)\Popisovač CD-DVD 4\Popisovac.exe ID hlášení: f3334f9b-43c2-11e2-91af-d0df9a91cc02


Error - 13.12.2012 2:47:17 | Computer Name = NTBLS01 | Source = Application Hang | ID = 1002
Description = Program SDShred.exe verze 1.0.2.5 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
850 Čas spuštění: 01cdd8fc8bac16a7 Čas ukončení: 0 Cesta k aplikaci: C:\Program Files
(x86)\Spybot - Search & Destroy\SDShred.exe ID hlášení: dc8d4a83-44f0-11e2-928e-d0df9a91cc02


Error - 13.12.2012 3:21:07 | Computer Name = NTBLS01 | Source = Application Hang | ID = 1002
Description = Program SDShred.exe verze 1.0.2.5 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
ee0 Čas spuštění: 01cdd8fff28c1670 Čas ukončení: 0 Cesta k aplikaci: C:\Program Files
(x86)\Spybot - Search & Destroy\SDShred.exe ID hlášení: 9671164c-44f5-11e2-928e-d0df9a91cc02


Error - 17.12.2012 0:56:15 | Computer Name = NTBLS01 | Source = Application Error | ID = 1000
Description = Název chybující aplikace: POWERPNT.EXE, verze: 14.0.6009.1000, časové
razítko: 0x4cc1a4ed Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko:
0x00000000 Kód výjimky: 0xc0000005 Posun chyby: 0x90900000 ID chybujícího procesu:
0x1740 Čas spuštění chybující aplikace: 0x01cddc123e4fa665 Cesta k chybující aplikaci:
C:\PROGRA~2\MICROS~1\Office14\POWERPNT.EXE Cesta k chybujícímu modulu: unknown ID
zprávy: 156deed1-4806-11e2-b562-d0df9a91cc02

Error - 17.12.2012 1:11:37 | Computer Name = NTBLS01 | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Explorer.EXE, verze: 6.1.7601.17567, časové
razítko: 0x4d672ee4 Název chybujícího modulu: DUI70.dll, verze: 6.1.7600.16385,
časové razítko: 0x4a5bdf25 Kód výjimky: 0xc0000005 Posun chyby: 0x0000000000002d87
ID
chybujícího procesu: 0x1424 Čas spuštění chybující aplikace: 0x01cddc0f3f5413de Cesta
k chybující aplikaci: C:\windows\Explorer.EXE Cesta k chybujícímu modulu: C:\windows\system32\DUI70.dll
ID
zprávy: 3b2ef4f6-4808-11e2-b562-d0df9a91cc02

Error - 19.12.2012 3:34:30 | Computer Name = NTBLS01 | Source = Application Error | ID = 1000
Description = Název chybující aplikace: HPDayStarterService.exe, verze: 2.0.0.12,
časové razítko: 0x4d42d67a Název chybujícího modulu: mfc90u.dll, verze: 9.0.30729.6161,
časové razítko: 0x4dad06e1 Kód výjimky: 0x40000015 Posun chyby: 0x0005d37c ID chybujícího
procesu: 0x85c Čas spuštění chybující aplikace: 0x01cddda0f4adf9de Cesta k chybující
aplikaci: c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe
Cesta
k chybujícímu modulu: C:\windows\WinSxS\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll
ID
zprávy: 8612c907-49ae-11e2-8fc8-d0df9a91cc02

Error - 20.12.2012 1:32:40 | Computer Name = NTBLS01 | Source = Application Hang | ID = 1002
Description = Program Studio.exe verze 15.0.0.7593 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
e00 Čas spuštění: 01cdde73445f6451 Čas ukončení: 10 Cesta k aplikaci: C:\Program Files
(x86)\Pinnacle\Studio 15\Programs\Studio.exe ID hlášení: a4f9b318-4a66-11e2-907e-d0df9a91cc02


[ Hewlett-Packard Events ]
Error - 30.6.2012 2:50:38 | Computer Name = NTBLS01 | Source = HPSF.exe | ID = 4000
Description =

Error - 4.7.2012 3:10:26 | Computer Name = NTBLS01 | Source = HPSF.exe | ID = 4000
Description =

Error - 9.7.2012 8:47:05 | Computer Name = NTBLS01 | Source = HPSF.exe | ID = 4000
Description =

Error - 10.7.2012 2:27:35 | Computer Name = NTBLS01 | Source = HPSF.exe | ID = 4000
Description =

Error - 11.7.2012 3:26:41 | Computer Name = NTBLS01 | Source = HPSF.exe | ID = 4000
Description =

Error - 20.7.2012 0:27:52 | Computer Name = NTBLS01 | Source = HPSF.exe | ID = 4000
Description =

Error - 29.7.2012 23:54:20 | Computer Name = NTBLS01 | Source = HPSF.exe | ID = 4000
Description =

Error - 31.7.2012 0:19:48 | Computer Name = NTBLS01 | Source = HPSF.exe | ID = 4000
Description =

Error - 1.8.2012 1:53:30 | Computer Name = NTBLS01 | Source = HPSFMsgr.exe | ID = 2000
Description = HP Error ID: -2147467261 v HPSA_Messenger.MessengerPopUpWindow.btnStackPopUp_Click(Object
sender, RoutedEventArgs e) Message: Odkaz na objekt není nastaven na instanci objektu.
StackTrace:
v HPSA_Messenger.MessengerPopUpWindow.btnStackPopUp_Click(Object sender, RoutedEventArgs
e) Source: HPSFMsgr Name: HPSFMsgr.exe Version: 01.00.00.00 Path: C:\Program Files
(x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe Format:
cs-CZ RAM: 4030 Ram Utilization: 40 TargetSite: Void btnStackPopUp_Click(System.Object,
System.Windows.RoutedEventArgs)

Error - 5.8.2012 2:07:53 | Computer Name = NTBLS01 | Source = HPSF.exe | ID = 4000
Description =

[ HP Connection Manager Events ]
Error - 9.1.2013 3:00:39 | Computer Name = NTBLS01 | Source = hpCMSrv | ID = 5
Description = 2013/01/09 08:00:39.402|00000214|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - 9.1.2013 3:01:03 | Computer Name = NTBLS01 | Source = hpCMSrv | ID = 5
Description = 2013/01/09 08:01:03.769|00000214|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - 9.1.2013 3:01:19 | Computer Name = NTBLS01 | Source = hpCMSrv | ID = 5
Description = 2013/01/09 08:01:19.213|00000214|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - 9.1.2013 3:01:39 | Computer Name = NTBLS01 | Source = hpCMSrv | ID = 5
Description = 2013/01/09 08:01:39.400|00000214|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - 9.1.2013 3:01:50 | Computer Name = NTBLS01 | Source = hpCMSrv | ID = 5
Description = 2013/01/09 08:01:50.101|00000214|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - 14.1.2013 17:11:48 | Computer Name = NTBLS01 | Source = hpMobile | ID = 5
Description = 2013.01.14 22:11:47.719|00001084|Error |[HP.Mobile]NamedPipe::SendStringToServer{bool(string)}|Timeout
sending to server

Error - 14.1.2013 17:11:48 | Computer Name = NTBLS01 | Source = hpMobile | ID = 5
Description = 2013.01.14 22:11:48.732|00001084|Error |[HP.Mobile]NamedPipe::SendStringToServer{bool(string)}|Timeout
sending to server

Error - 14.1.2013 17:12:00 | Computer Name = NTBLS01 | Source = hpMobile | ID = 5
Description = 2013.01.14 22:12:00.715|000016E0|Error |[HP.Mobile]NamedPipe::SendStringToServer{bool(string)}|Timeout
sending to server

Error - 14.1.2013 17:12:00 | Computer Name = NTBLS01 | Source = hpMobile | ID = 5
Description = 2013.01.14 22:12:00.993|000016E0|Error |[HP.Mobile]NamedPipe::SendStringToServer{bool(string)}|Timeout
sending to server

Error - 16.1.2013 2:46:46 | Computer Name = NTBLS01 | Source = hpMobile | ID = 5
Description = 2013.01.16 07:46:46.431|00000CD0|Error |[HP.Mobile]NamedPipe::SendStringToServer{bool(string)}|Timeout
sending to server

[ HP Power Assistant Events ]
Error - 10.1.2013 0:30:02 | Computer Name = NTBLS01 | Source = HP PA Service | ID = 1006
Description = The Power Assistant service has crashed due to an unhandled exception.
Please
restart HP Power Assistant application. Additional details may be available in the
Details section. DETAILS Cíl vyvolání způsobil výjimku.ServiceWorkerMethod ABORTED!
-

Error - 10.1.2013 0:43:54 | Computer Name = NTBLS01 | Source = HP PA Service | ID = 1027
Description = An error occured in HP Power Assistant application, module [HPPA_Service].
Please
restart HP Power Assistant application. Additional details may be available in the
Details section. DETAILS Nelze načíst soubor nebo sestavení CaslShared, Version=3.5.1.1,
Culture=neutral, PublicKeyToken=9c6f83d5b7f3d097 nebo jeden z jejich závislých
prvků. Systém nemůže nalézt uvedený soubor.

Error - 10.1.2013 0:43:54 | Computer Name = NTBLS01 | Source = HP PA Service | ID = 1027
Description = An error occured in HP Power Assistant application, module [HPPA_Service].
Please
restart HP Power Assistant application. Additional details may be available in the
Details section. DETAILS Nelze načíst soubor nebo sestavení CaslShared, Version=3.5.1.1,
Culture=neutral, PublicKeyToken=9c6f83d5b7f3d097 nebo jeden z jejich závislých
prvků. Systém nemůže nalézt uvedený soubor.

Error - 10.1.2013 0:43:55 | Computer Name = NTBLS01 | Source = HP PA Service | ID = 1006
Description = The Power Assistant service has crashed due to an unhandled exception.
Please
restart HP Power Assistant application. Additional details may be available in the
Details section. DETAILS Cíl vyvolání způsobil výjimku.ServiceWorkerMethod ABORTED!
-

Error - 10.1.2013 12:11:06 | Computer Name = NTBLS01 | Source = HP PA Service | ID = 1027
Description = An error occured in HP Power Assistant application, module [HPPA_Service].
Please
restart HP Power Assistant application. Additional details may be available in the
Details section. DETAILS Nelze načíst soubor nebo sestavení CaslShared, Version=3.5.1.1,
Culture=neutral, PublicKeyToken=9c6f83d5b7f3d097 nebo jeden z jejich závislých
prvků. Systém nemůže nalézt uvedený soubor.

Error - 10.1.2013 12:11:06 | Computer Name = NTBLS01 | Source = HP PA Service | ID = 1027
Description = An error occured in HP Power Assistant application, module [HPPA_Service].
Please
restart HP Power Assistant application. Additional details may be available in the
Details section. DETAILS Nelze načíst soubor nebo sestavení CaslShared, Version=3.5.1.1,
Culture=neutral, PublicKeyToken=9c6f83d5b7f3d097 nebo jeden z jejich závislých
prvků. Systém nemůže nalézt uvedený soubor.

Error - 10.1.2013 12:11:06 | Computer Name = NTBLS01 | Source = HP PA Service | ID = 1006
Description = The Power Assistant service has crashed due to an unhandled exception.
Please
restart HP Power Assistant application. Additional details may be available in the
Details section. DETAILS Cíl vyvolání způsobil výjimku.ServiceWorkerMethod ABORTED!
-

Error - 10.1.2013 12:18:21 | Computer Name = NTBLS01 | Source = HP PA Service | ID = 1027
Description = An error occured in HP Power Assistant application, module [HPPA_Service].
Please
restart HP Power Assistant application. Additional details may be available in the
Details section. DETAILS Nelze načíst soubor nebo sestavení CaslShared, Version=3.5.1.1,
Culture=neutral, PublicKeyToken=9c6f83d5b7f3d097 nebo jeden z jejich závislých
prvků. Systém nemůže nalézt uvedený soubor.

Error - 10.1.2013 12:18:21 | Computer Name = NTBLS01 | Source = HP PA Service | ID = 1027
Description = An error occured in HP Power Assistant application, module [HPPA_Service].
Please
restart HP Power Assistant application. Additional details may be available in the
Details section. DETAILS Nelze načíst soubor nebo sestavení CaslShared, Version=3.5.1.1,
Culture=neutral, PublicKeyToken=9c6f83d5b7f3d097 nebo jeden z jejich závislých
prvků. Systém nemůže nalézt uvedený soubor.

Error - 10.1.2013 12:18:23 | Computer Name = NTBLS01 | Source = HP PA Service | ID = 1006
Description = The Power Assistant service has crashed due to an unhandled exception.
Please
restart HP Power Assistant application. Additional details may be available in the
Details section. DETAILS Cíl vyvolání způsobil výjimku.ServiceWorkerMethod ABORTED!
-

[ Media Center Events ]
Error - 2.2.2012 3:44:15 | Computer Name = NTBLS01 | Source = MCUpdate | ID = 0
Description = 8:44:15 - Chyba při připojování k Internetu 8:44:15 - Nelze kontaktovat
server..

Error - 2.2.2012 3:44:28 | Computer Name = NTBLS01 | Source = MCUpdate | ID = 0
Description = 8:44:20 - Chyba při připojování k Internetu 8:44:20 - Nelze kontaktovat
server..

Error - 8.2.2012 23:33:14 | Computer Name = NTBLS01 | Source = MCUpdate | ID = 0
Description = 4:33:04 - Chyba při připojování k Internetu 4:33:04 - Nelze kontaktovat
server..

Error - 13.11.2012 0:42:40 | Computer Name = NTBLS01 | Source = MCUpdate | ID = 0
Description = 5:42:40 - Načtení položky MCEClientUX se nezdařilo. (Chyba: Nadřízené
připojení bylo uzavřeno: Nepodařilo se nastavit vztah důvěryhodnosti pro zabezpečený
kanál SSL/TLS..)

Error - 10.1.2013 2:56:24 | Computer Name = NTBLS01 | Source = MCUpdate | ID = 0
Description = 7:56:15 - Načtení položky Directory se nezdařilo. (Chyba: Nadřízené
připojení bylo uzavřeno: Nepodařilo se nastavit vztah důvěryhodnosti pro zabezpečený
kanál SSL/TLS..)

[ System Events ]
Error - 16.1.2013 11:16:42 | Computer Name = NTBLS01 | Source = Service Control Manager | ID = 7023
Description = Služba HP Network Devices Support byla ukončena s následující chybou:
%%2

Error - 16.1.2013 11:16:44 | Computer Name = NTBLS01 | Source = Service Control Manager | ID = 7034
Description = Služba HP Power Assistant Service byla neočekávaně ukončena. Tento
stav nastal již 1krát.

Error - 17.1.2013 2:54:06 | Computer Name = NTBLS01 | Source = DCOM | ID = 10010
Description =

Error - 18.1.2013 2:22:50 | Computer Name = NTBLS01 | Source = Service Control Manager | ID = 7023
Description = Služba Služba HP CUE DeviceDiscovery byla ukončena s následující chybou:
%%2

Error - 18.1.2013 2:22:50 | Computer Name = NTBLS01 | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby PC Speed Up Service bylo dosaženo časového
limitu (30000 ms).

Error - 18.1.2013 2:22:50 | Computer Name = NTBLS01 | Source = Service Control Manager | ID = 7000
Description = Služba PC Speed Up Service neuspěla při spuštění v důsledku následující
chyby: %%1053

Error - 18.1.2013 2:23:26 | Computer Name = NTBLS01 | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby XobniService bylo dosaženo časového
limitu (30000 ms).

Error - 18.1.2013 2:23:26 | Computer Name = NTBLS01 | Source = Service Control Manager | ID = 7000
Description = Služba XobniService neuspěla při spuštění v důsledku následující chyby:
%%1053

Error - 18.1.2013 2:25:36 | Computer Name = NTBLS01 | Source = Service Control Manager | ID = 7023
Description = Služba HP Network Devices Support byla ukončena s následující chybou:
%%2

Error - 18.1.2013 2:25:43 | Computer Name = NTBLS01 | Source = Service Control Manager | ID = 7034
Description = Služba HP Power Assistant Service byla neočekávaně ukončena. Tento
stav nastal již 1krát.


< End of report >
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Preventivní kontrola

#41 Příspěvek od Márty84 »

Omlouvam se ze pisu az ted, ale byl jsem mimo domov a tedy mimo pc.


:arrow: Najdete tento soubor C:\PhysicalMBR.bin a otestujte ho na virustotal, pripadne jotti http://forum.viry.cz/viewtopic.php?f=29&t=5846
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Ladislav Scholze
Návštěvník
Návštěvník
Příspěvky: 47
Registrován: 06 led 2013 10:18

Re: Preventivní kontrola

#42 Příspěvek od Ladislav Scholze »

Dobrý den, zde je výsledek z Jottyho Malwarw test:

Název souboru: PhysicalMBR.bin
Stav:
Test dokončen. 0 z 20 programů nalezlo škodlivý kód.
Test proveden: Út 22 led 2013 06:11:07 (CET)

a ještě z Virustotal:

SHA256: b7405a5688e4dbf0b51c70b5f53ee35e029fdd62fcc9cbdd179fd39feb9d5d26
File name: file-5043894_bin
Detection ratio: 0 / 46
Analysis date: 2013-01-22 05:13:55 UTC ( 16 minut ago )
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Preventivní kontrola

#43 Příspěvek od Márty84 »

:arrow: Stejnym zpusobem otestujte jeste tyto 3 soubory
C:\Users\Ladislav Scholze\Desktop\Dump_Hdd1_DR1.mbr
C:\Users\Ladislav Scholze\Desktop\Dump_Hdd0_DR0.old
C:\Users\Ladislav Scholze\Desktop\Dump_Hdd0_DR0.mbr



:arrow: Znovu spustte OTL jako spravce
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[RESETHOSTS]
[Purity]

:services
AdobeFlashPlayerUpdateSvc
SkypeUpdate
PCSUService
MfeEpePc

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\Program Files (x86)\Zrychleni Pocitace

:otl
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMNTDF
IE:64bit: - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = http://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = http://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
IE - HKU\S-1-5-21-2535219242-432159718-1589159201-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF
IE - HKU\S-1-5-21-2535219242-432159718-1589159201-1001\..\SearchScopes\{431552E5-0BA3-4CE6-99AC-B3D923A03651}: "URL" = http://websearch.ask.com/redirect?clien ... &src=kw&q={searchTerms}&locale=&apn_ptnrs=RY&apn_dtid=YYYYYYYYCZ&apn_uid=ca2e9337-69a9-4587-ac2f-8e3d795eb73d&apn_sauid=16585E77-D970-40F5-B082-65CC8150AD60&
IE - HKU\S-1-5-21-2535219242-432159718-1589159201-1001\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = http://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
IE - HKU\S-1-5-21-2535219242-432159718-1589159201-1001\..\SearchScopes\{F3F1F401-D438-429B-B720-B98020CB43AA}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2481032
[2012.12.25 07:18:52 | 000,003,269 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Web Search.xml
O3 - HKU\S-1-5-21-2535219242-432159718-1589159201-1001\..\Toolbar\WebBrowser: (no name) - {124D001A-BDCB-472F-AA59-BBE7E4BC3204} - No CLSID value found.
O3 - HKU\S-1-5-21-2535219242-432159718-1589159201-1001\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found
O9 - Extra Button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - Reg Error: Key error. File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
[5 C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[9 C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[3 C:\windows\Installer\*.tmp files -> C:\windows\Installer\*.tmp -> ]
[1 C:\windows\SoftwareDistribution\Download\b0298e25856368497ed03e4c8c6c7474\*.tmp files -> C:\windows\SoftwareDistribution\Download\b0298e25856368497ed03e4c8c6c7474\*.tmp -> ]
[1 C:\windows\SoftwareDistribution\Download\deab066ce99613d184e5a249327f18e7\*.tmp files -> C:\windows\SoftwareDistribution\Download\deab066ce99613d184e5a249327f18e7\*.tmp -> ]
[1 C:\windows\SoftwareDistribution\Download\e3fa33a2a9cfba6be75e7186e03e98ee\*.tmp files -> C:\windows\SoftwareDistribution\Download\e3fa33a2a9cfba6be75e7186e03e98ee\*.tmp -> ]
[2 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ]
[2 C:\windows\System32\config\systemprofile\AppData\Roaming\SoftGrid Client\*.tmp files -> C:\windows\System32\config\systemprofile\AppData\Roaming\SoftGrid Client\*.tmp -> ]
[4 C:\windows\System32\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\*.tmp files -> C:\windows\System32\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\*.tmp -> ]
[2 C:\windows\SysWOW64\*.tmp files -> C:\windows\SysWOW64\*.tmp -> ]
[2 C:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\*.tmp files -> C:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\*.tmp -> ]
[4 C:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\*.tmp files -> C:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\*.tmp -> ]
[1 C:\windows\twain_32\*.tmp files -> C:\windows\twain_32\*.tmp -> ]
[2011.10.20 16:41:39 | 000,000,340 | ---- | C] () -- C:\windows\Tasks\HPCeeScheduleForNTBLS01$.job
[2012.04.13 07:52:28 | 000,000,914 | ---- | C] () -- C:\windows\Tasks\Adobe Flash Player Updater.job
[2013.01.01 08:56:46 | 000,000,376 | ---- | C] () -- C:\windows\Tasks\HPCeeScheduleForLadislav Scholze.job
[2013.01.06 10:54:25 | 000,000,968 | ---- | C] () -- C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.01.06 10:54:25 | 000,000,972 | ---- | C] () -- C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Ladislav Scholze
Návštěvník
Návštěvník
Příspěvky: 47
Registrován: 06 led 2013 10:18

Re: Preventivní kontrola

#44 Příspěvek od Ladislav Scholze »

Název souboru: Dump_Hdd0_DR0.mbr
Stav:
Test dokončen. 0 z 20 programů nalezlo škodlivý kód.
Test proveden: Út 22 led 2013 09:23:41 (CET)

SHA256: 076a27c79e5ace2a3d47f9dd2e83e4ff6ea8872b3c2218f66c92b89b55f36560
File name: mbrvt
Detection ratio: 1 / 46
Analysis date: 2013-01-22 02:16:29 UTC
eSafe Win32.Spyeye.Conf 20130120
( Jde o soubor Hdd1_DR1.mbr. Jotty jej nebere, píše že už jej analyzoval).

SHA256: b7405a5688e4dbf0b51c70b5f53ee35e029fdd62fcc9cbdd179fd39feb9d5d26
File name: file-5043894_bin
Detection ratio: 0 / 46
Analysis date: 2013-01-22 05:13:55 UTC
( jde o soubor Hdd0_DR0.old ).
Nahoru
Ladislav Scholze
Návštěvník
Návštěvník
Příspěvky: 47
Registrován: 06 led 2013 10:18

Re: Preventivní kontrola

#45 Příspěvek od Ladislav Scholze »

Zde je zpráva z OTL

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 402 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Ladislav Scholze
->Temp folder emptied: 38872099 bytes
->Temporary Internet Files folder emptied: 8308110 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 70113230 bytes
->Google Chrome cache emptied: 393213764 bytes
->Flash cache emptied: 536 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 59983 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50507 bytes
RecycleBin emptied: 4502720 bytes

Total Files Cleaned = 491,00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Ladislav Scholze
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb

C:\windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
========== SERVICES/DRIVERS ==========
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
Service SkypeUpdate stopped successfully!
Service SkypeUpdate deleted successfully!
Service PCSUService stopped successfully!
Service PCSUService deleted successfully!
Error: Unable to stop service MfeEpePc!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MfeEpePc deleted successfully.
========== FILES ==========
File/Folder C:\windows\system32\*.tmp.dll not found.
File/Folder C:\windows\system32\SET*.tmp not found.
File/Folder C:\windows\*.tmp not found.
C:\Program Files (x86)\Zrychleni Pocitace folder moved successfully.
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}\ not found.
HKU\S-1-5-21-2535219242-432159718-1589159201-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-2535219242-432159718-1589159201-1001\Software\Microsoft\Internet Explorer\SearchScopes\{431552E5-0BA3-4CE6-99AC-B3D923A03651}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{431552E5-0BA3-4CE6-99AC-B3D923A03651}\ not found.
Registry key HKEY_USERS\S-1-5-21-2535219242-432159718-1589159201-1001\Software\Microsoft\Internet Explorer\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}\ not found.
Registry key HKEY_USERS\S-1-5-21-2535219242-432159718-1589159201-1001\Software\Microsoft\Internet Explorer\SearchScopes\{F3F1F401-D438-429B-B720-B98020CB43AA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3F1F401-D438-429B-B720-B98020CB43AA}\ not found.
C:\Program Files (x86)\Mozilla Firefox\searchplugins\Web Search.xml moved successfully.
Registry value HKEY_USERS\S-1-5-21-2535219242-432159718-1589159201-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{124D001A-BDCB-472F-AA59-BBE7E4BC3204} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{124D001A-BDCB-472F-AA59-BBE7E4BC3204}\ not found.
Registry value HKEY_USERS\S-1-5-21-2535219242-432159718-1589159201-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}\ not found.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{7815BE26-237D-41A8-A98F-F7BD75F71086}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7815BE26-237D-41A8-A98F-F7BD75F71086}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{DDE87865-83C5-48c4-8357-2F5B1AA84522}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DDE87865-83C5-48c4-8357-2F5B1AA84522}\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP48D2.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4EDB.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5253.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPAB5C.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP3534.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP5C72.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP68D0.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP7751.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP8FC0.tmp\mscorlib.dll deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP8FC0.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPCE84.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPD27C.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder deleted successfully.
C:\windows\Installer\MSI1F81.tmp deleted successfully.
C:\windows\Installer\MSIA86D.tmp deleted successfully.
C:\windows\Installer\MSIC581.tmp deleted successfully.
C:\windows\SoftwareDistribution\Download\b0298e25856368497ed03e4c8c6c7474\BIT786D.tmp deleted successfully.
C:\windows\SoftwareDistribution\Download\deab066ce99613d184e5a249327f18e7\BIT43E0.tmp deleted successfully.
C:\windows\SoftwareDistribution\Download\e3fa33a2a9cfba6be75e7186e03e98ee\BIT1B6C.tmp deleted successfully.
C:\windows\System32\config\systemprofile\AppData\Roaming\SoftGrid Client\sho4CC9.tmp deleted successfully.
C:\windows\System32\config\systemprofile\AppData\Roaming\SoftGrid Client\shoF97.tmp deleted successfully.
C:\windows\System32\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\ico11E7.tmp deleted successfully.
C:\windows\System32\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\ico21B1.tmp deleted successfully.
C:\windows\System32\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\ico57B3.tmp deleted successfully.
C:\windows\System32\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\ico6456.tmp deleted successfully.
C:\windows\twain_32\hpqgnds2.tmp deleted successfully.
File C:\windows\Tasks\HPCeeScheduleForNTBLS01$.job not found.
C:\Windows\Tasks\Adobe Flash Player Updater.job moved successfully.
C:\Windows\Tasks\HPCeeScheduleForLadislav Scholze.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.

OTL by OldTimer - Version 3.2.69.0 log created on 01222013_094656

Files\Folders moved on Reboot...
C:\Users\Ladislav Scholze\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
Nahoru
Zamčeno

Zpět na „Preventivní kontroly logů“