Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Preventivní kontrola

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
zdenek_s
Návštěvník
Návštěvník
Příspěvky: 47
Registrován: 30 pro 2013 23:16

Preventivní kontrola

#1 Příspěvek od zdenek_s »

Dobrý den

Rád bych zkonroloval PC , kompletně jsem ho přeinstalovat , tedy alespoň část disku kde býval systém.
Nepoužíval jsem dosud antivir , chci si být jistý že začínám na čistém PC. (a co log 2 části disku (D:) který používám jako úložiště ?)

zde je LOG:

Logfile of random's system information tool 1.08 (written by random/random)
Run by Zdenek at 2013-12-31 00:05:23
Microsoft Windows 7 Ultimate
System drive C: has 435 GB (97%) free of 450 GB
Total RAM: 4091 MB (78% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:05:26, on 31.12.2013
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Zdenek.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 4484 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\sppsvc.exe
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"taskhost.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"taskhost.exe"
taskeng.exe {27C2C310-24A1-4BA0-A94D-E63335D8AE49}
C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-3125576463-4268054155-1718322632-10012_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-3125576463-4268054155-1718322632-10012 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520
"C:\Users\Zdenek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FDT2CVU2\RSITx64[1].exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
wmiadap.exe /F /T /R

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 3 months======

2013-12-31 08:53:03 ----D---- C:\Windows\Panther
2013-12-31 08:52:38 ----D---- C:\Windows\system32\OEM
2013-12-31 00:05:23 ----D---- C:\rsit
2013-12-31 00:05:23 ----D---- C:\Program Files\trend micro
2013-12-31 00:05:00 ----D---- C:\Users\Zdenek\AppData\Roaming\Mozilla
2013-12-31 00:04:52 ----D---- C:\ProgramData\Mozilla
2013-12-31 00:04:52 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-31 00:04:51 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-12-31 00:01:39 ----D---- C:\Users\Zdenek\AppData\Roaming\Identities
2013-12-31 00:01:25 ----SD---- C:\Users\Zdenek\AppData\Roaming\Microsoft
2013-12-31 00:01:25 ----D---- C:\Users\Zdenek\AppData\Roaming\Media Center Programs
2013-12-30 23:59:55 ----SHD---- C:\Recovery
2013-12-30 23:59:55 ----SHD---- C:\ProgramData\Šablony
2013-12-30 23:59:55 ----SHD---- C:\ProgramData\Plocha
2013-12-30 23:59:55 ----SHD---- C:\ProgramData\Oblíbené položky
2013-12-30 23:59:55 ----SHD---- C:\ProgramData\Nabídka Start
2013-12-30 23:59:55 ----SHD---- C:\ProgramData\Dokumenty
2013-12-30 23:59:55 ----SHD---- C:\ProgramData\Data aplikací
2013-12-30 23:56:37 ----D---- C:\Windows\SoftwareDistribution
2013-12-30 23:54:05 ----D---- C:\Windows\Prefetch
2013-12-30 23:53:51 ----ASH---- C:\pagefile.sys
2013-12-30 23:53:50 ----SHD---- C:\System Volume Information
2013-12-30 23:53:50 ----ASH---- C:\hiberfil.sys

======List of files/folders modified in the last 3 months======

2013-12-31 00:05:23 ----RD---- C:\Program Files
2013-12-31 00:04:52 ----RD---- C:\Program Files (x86)
2013-12-31 00:04:52 ----HD---- C:\ProgramData
2013-12-31 00:03:56 ----D---- C:\Windows\Microsoft.NET
2013-12-31 00:03:55 ----RSD---- C:\Windows\assembly
2013-12-31 00:02:59 ----D---- C:\Windows\system32\Tasks
2013-12-31 00:01:35 ----SHD---- C:\$Recycle.Bin
2013-12-31 00:01:24 ----RD---- C:\Users
2013-12-31 00:00:25 ----D---- C:\Windows\Temp
2013-12-31 00:00:25 ----D---- C:\Windows\Setup
2013-12-31 00:00:16 ----D---- C:\Windows\rescache
2013-12-30 23:59:56 ----SD---- C:\ProgramData\Microsoft
2013-12-30 23:59:55 ----D---- C:\Program Files\Windows NT
2013-12-30 23:59:30 ----D---- C:\Windows\debug
2013-12-30 23:59:27 ----D---- C:\Windows\system32\config
2013-12-30 23:58:38 ----D---- C:\Windows\winsxs
2013-12-30 23:57:09 ----D---- C:\Windows\system32\sysprep
2013-12-30 23:57:03 ----D---- C:\Windows
2013-12-30 23:56:35 ----D---- C:\Windows\system32\drivers
2013-12-30 23:56:20 ----D---- C:\Windows\System32
2013-12-30 23:55:11 ----D---- C:\Windows\system32\catroot2
2013-12-30 23:54:39 ----D---- C:\Windows\inf
2013-12-30 23:54:25 ----D---- C:\Windows\CSC

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R3 RTL8167;Ovladač Realtek 8167 NT; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-12-05 119408]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]

-----------------EOF-----------------
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Preventivní kontrola

#2 Příspěvek od Márty84 »

Zdravim :)

:arrow: Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s
Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
zdenek_s
Návštěvník
Návštěvník
Příspěvky: 47
Registrován: 30 pro 2013 23:16

Re: Preventivní kontrola

#3 Příspěvek od zdenek_s »

OTL logfile created on: 31.12.2013 12:19:20 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Zdenek\Downloads
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4,00 Gb Total Physical Memory | 2,75 Gb Available Physical Memory | 68,72% Memory free
7,99 Gb Paging File | 6,63 Gb Available in Paging File | 82,97% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 439,36 Gb Total Space | 417,60 Gb Free Space | 95,05% Space Free | Partition Type: NTFS
Drive D: | 492,06 Gb Total Space | 264,15 Gb Free Space | 53,68% Space Free | Partition Type: NTFS

Computer Name: ZDENEK-PC | User Name: Zdenek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013.12.31 12:18:22 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Zdenek\Downloads\OTL.exe
PRC - [2013.12.31 00:27:33 | 003,764,024 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013.12.31 00:27:33 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013.12.10 03:15:27 | 002,279,712 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2013.12.10 03:14:56 | 001,494,304 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2013.12.05 20:34:42 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013.11.14 12:56:57 | 001,028,384 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
PRC - [2013.11.11 08:59:20 | 000,414,496 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe


========== Modules (No Company Name) ==========

MOD - [2013.12.31 00:27:33 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2013.12.05 20:36:56 | 003,559,024 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013.12.31 00:27:33 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2013.12.10 03:14:39 | 015,129,376 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013.12.31 00:38:59 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.12.10 03:14:56 | 001,494,304 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2013.11.11 08:59:20 | 000,414,496 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013.12.31 00:29:37 | 000,079,672 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\aswstm.sys -- (aswStm)
DRV:64bit: - [2013.12.31 00:27:34 | 001,034,464 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2013.12.31 00:27:34 | 000,422,216 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2013.12.31 00:27:34 | 000,207,904 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013.12.31 00:27:34 | 000,092,544 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013.12.31 00:27:34 | 000,078,648 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2013.12.31 00:27:34 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013.12.05 09:42:30 | 000,039,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2013.11.14 12:57:05 | 000,196,384 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2009.07.14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.07.14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 02:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:35:42 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3125576463-4268054155-1718322632-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3125576463-4268054155-1718322632-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-3125576463-4268054155-1718322632-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:9.0.2011.70
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.12.31 00:27:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

[2013.12.31 00:05:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Zdenek\AppData\Roaming\Mozilla\Extensions
[2013.12.31 00:15:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013.12.31 00:15:43 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2013.12.31 00:04:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013.12.31 00:04:51 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013.12.31 00:27:34 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Nvtmru] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.45.2)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.45.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FFB3E2E6-1AD4-4163-A30B-3C1552F959BC}: DhcpNameServer = 10.0.0.138
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2013.12.31 08:53:03 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2013.12.31 08:52:38 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\OEM
[2013.12.31 00:54:23 | 000,000,000 | ---D | C] -- C:\Users\Zdenek\AppData\Local\NVIDIA Corporation
[2013.12.31 00:54:14 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll
[2013.12.31 00:54:14 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll
[2013.12.31 00:54:13 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll
[2013.12.31 00:54:13 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll
[2013.12.31 00:54:12 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll
[2013.12.31 00:54:12 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll
[2013.12.31 00:53:53 | 001,100,248 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspcap64.dll
[2013.12.31 00:53:53 | 000,982,232 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspcap.dll
[2013.12.31 00:52:18 | 000,039,200 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvvad64v.sys
[2013.12.31 00:52:18 | 000,032,544 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvaudcap32v.dll
[2013.12.31 00:51:51 | 000,000,000 | ---D | C] -- C:\Users\Zdenek\AppData\Local\NVIDIA
[2013.12.31 00:46:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2013.12.31 00:46:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2013.12.31 00:45:23 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2013.12.31 00:45:08 | 006,674,208 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2013.12.31 00:45:08 | 003,490,080 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2013.12.31 00:45:08 | 002,559,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2013.12.31 00:45:08 | 000,219,424 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2013.12.31 00:45:08 | 000,063,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2013.12.31 00:44:52 | 000,061,216 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2013.12.31 00:44:52 | 000,053,024 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2013.12.31 00:44:47 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2013.12.31 00:44:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2013.12.31 00:41:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2013.12.31 00:41:00 | 000,000,000 | ---D | C] -- C:\Users\Zdenek\AppData\Roaming\Macromedia
[2013.12.31 00:41:00 | 000,000,000 | ---D | C] -- C:\Users\Zdenek\AppData\Local\Macromedia
[2013.12.31 00:41:00 | 000,000,000 | ---D | C] -- C:\Users\Zdenek\AppData\Roaming\Adobe
[2013.12.31 00:39:56 | 001,942,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll
[2013.12.31 00:39:56 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll
[2013.12.31 00:39:56 | 000,320,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHost.exe
[2013.12.31 00:39:56 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHost.exe
[2013.12.31 00:39:56 | 000,109,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHostProxy.dll
[2013.12.31 00:39:56 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHostProxy.dll
[2013.12.31 00:39:56 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netfxperf.dll
[2013.12.31 00:39:56 | 000,048,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netfxperf.dll
[2013.12.31 00:39:02 | 000,035,104 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvaudcap64v.dll
[2013.12.31 00:39:01 | 001,510,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco64.dll
[2013.12.31 00:39:01 | 000,196,384 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2013.12.31 00:39:01 | 000,031,520 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2013.12.31 00:39:00 | 030,361,888 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2013.12.31 00:39:00 | 022,951,200 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2013.12.31 00:39:00 | 018,293,608 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2013.12.31 00:39:00 | 015,862,272 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2013.12.31 00:39:00 | 011,514,624 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2013.12.31 00:39:00 | 009,619,872 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2013.12.31 00:39:00 | 001,436,528 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2013.12.31 00:39:00 | 001,242,400 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2013.12.31 00:39:00 | 000,317,472 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2013.12.31 00:39:00 | 000,266,984 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2013.12.31 00:38:59 | 025,257,248 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2013.12.31 00:38:59 | 018,208,624 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2013.12.31 00:38:59 | 017,560,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2013.12.31 00:38:59 | 015,218,504 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2013.12.31 00:38:59 | 011,600,432 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2013.12.31 00:38:59 | 009,691,888 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2013.12.31 00:38:59 | 003,132,704 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2013.12.31 00:38:59 | 003,125,024 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2013.12.31 00:38:59 | 003,069,608 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2013.12.31 00:38:59 | 002,947,872 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2013.12.31 00:38:59 | 002,747,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2013.12.31 00:38:59 | 002,697,248 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2013.12.31 00:38:59 | 001,884,448 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6433182.dll
[2013.12.31 00:38:59 | 001,511,712 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6433182.dll
[2013.12.31 00:38:59 | 000,707,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2013.12.31 00:38:59 | 000,692,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.12.31 00:38:59 | 000,657,184 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2013.12.31 00:38:59 | 000,609,568 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2013.12.31 00:38:59 | 000,562,464 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2013.12.31 00:38:59 | 000,168,616 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2013.12.31 00:38:59 | 000,141,336 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2013.12.31 00:38:59 | 000,071,048 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.12.31 00:38:58 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2013.12.31 00:38:57 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2013.12.31 00:38:33 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2013.12.31 00:38:21 | 000,000,000 | ---D | C] -- C:\Users\Zdenek\AppData\Local\Adobe
[2013.12.31 00:38:08 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2013.12.31 00:34:38 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2013.12.31 00:34:38 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2013.12.31 00:34:28 | 002,719,504 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll
[2013.12.31 00:34:27 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2013.12.31 00:34:27 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2013.12.31 00:34:27 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2013.12.31 00:34:27 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2013.12.31 00:34:26 | 000,332,320 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll
[2013.12.31 00:34:25 | 000,477,216 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll
[2013.12.31 00:34:25 | 000,149,536 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll
[2013.12.31 00:34:24 | 001,814,560 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll
[2013.12.31 00:34:24 | 001,631,264 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll
[2013.12.31 00:34:24 | 001,206,304 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll
[2013.12.31 00:34:23 | 000,612,384 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl
[2013.12.31 00:34:23 | 000,372,936 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2013.12.31 00:34:23 | 000,307,920 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2013.12.31 00:34:23 | 000,201,928 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2013.12.31 00:34:23 | 000,099,016 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2013.12.31 00:34:23 | 000,076,488 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2013.12.31 00:34:22 | 000,307,920 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2013.12.31 00:34:22 | 000,068,640 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInst64.dll
[2013.12.31 00:34:20 | 002,197,264 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll
[2013.12.31 00:34:20 | 000,325,904 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2013.12.31 00:34:20 | 000,078,936 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBWrp64.dll
[2013.12.31 00:34:20 | 000,064,600 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBppld64.dll
[2013.12.31 00:34:19 | 000,607,832 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBAPO64.dll
[2013.12.31 00:34:19 | 000,531,032 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysWow64\MBAPO32.dll
[2013.12.31 00:34:19 | 000,060,504 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBPPCn64.dll
[2013.12.31 00:34:17 | 000,328,608 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2013.12.31 00:34:15 | 000,168,864 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll
[2013.12.31 00:34:15 | 000,108,960 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll
[2013.12.31 00:34:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2013.12.31 00:34:14 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2013.12.31 00:34:09 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2013.12.31 00:34:08 | 001,247,776 | R--- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2013.12.31 00:34:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2013.12.31 00:30:08 | 000,000,000 | ---D | C] -- C:\Users\Zdenek\AppData\Roaming\AVAST Software
[2013.12.31 00:27:44 | 000,000,000 | ---D | C] -- C:\Users\Zdenek\AppData\Local\Google
[2013.12.31 00:27:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2013.12.31 00:27:40 | 000,079,672 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswstm.sys
[2013.12.31 00:27:38 | 001,034,464 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2013.12.31 00:27:38 | 000,422,216 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2013.12.31 00:27:37 | 000,078,648 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2013.12.31 00:27:36 | 000,092,544 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2013.12.31 00:27:35 | 000,334,136 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2013.12.31 00:27:34 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2013.12.31 00:26:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2013.12.31 00:26:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013.12.31 00:26:48 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013.12.31 00:23:36 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013.12.31 00:23:19 | 000,000,000 | ---D | C] -- C:\Users\Zdenek\AppData\Roaming\uTorrent
[2013.12.31 00:23:08 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2013.12.31 00:21:07 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2013.12.31 00:17:32 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cabview.dll
[2013.12.31 00:17:32 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cabview.dll
[2013.12.31 00:17:31 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2013.12.31 00:17:31 | 000,826,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2013.12.31 00:15:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2013.12.31 00:15:42 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013.12.31 00:15:42 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013.12.31 00:15:42 | 000,174,504 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013.12.31 00:15:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2013.12.31 00:14:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2013.12.31 00:14:29 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2013.12.31 00:14:29 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2013.12.31 00:14:29 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2013.12.31 00:14:23 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2013.12.31 00:14:23 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2013.12.31 00:14:23 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2013.12.31 00:14:17 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2013.12.31 00:14:17 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2013.12.31 00:12:56 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2013.12.31 00:11:20 | 000,000,000 | ---D | C] -- C:\Users\Zdenek\AppData\Roaming\WinRAR
[2013.12.31 00:11:20 | 000,000,000 | ---D | C] -- C:\Users\Zdenek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013.12.31 00:11:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013.12.31 00:11:18 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2013.12.31 00:05:23 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.12.31 00:05:23 | 000,000,000 | ---D | C] -- C:\rsit
[2013.12.31 00:05:00 | 000,000,000 | ---D | C] -- C:\Users\Zdenek\AppData\Roaming\Mozilla
[2013.12.31 00:05:00 | 000,000,000 | ---D | C] -- C:\Users\Zdenek\AppData\Local\Mozilla
[2013.12.31 00:04:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2013.12.31 00:04:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.12.31 00:01:48 | 000,000,000 | R--D | C] -- C:\Users\Zdenek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2013.12.31 00:01:48 | 000,000,000 | R--D | C] -- C:\Users\Zdenek\Searches
[2013.12.31 00:01:48 | 000,000,000 | R--D | C] -- C:\Users\Zdenek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2013.12.31 00:01:39 | 000,000,000 | ---D | C] -- C:\Users\Zdenek\AppData\Roaming\Identities
[2013.12.31 00:01:36 | 000,000,000 | R--D | C] -- C:\Users\Zdenek\Contacts
[2013.12.31 00:01:35 | 000,000,000 | ---D | C] -- C:\Users\Zdenek\AppData\Local\VirtualStore
[2013.12.31 00:01:25 | 000,000,000 | --SD | C] -- C:\Users\Zdenek\AppData\Roaming\Microsoft
[2013.12.31 00:01:25 | 000,000,000 | R--D | C] -- C:\Users\Zdenek\Videos
[2013.12.31 00:01:25 | 000,000,000 | R--D | C] -- C:\Users\Zdenek\Saved Games
[2013.12.31 00:01:25 | 000,000,000 | R--D | C] -- C:\Users\Zdenek\Pictures
[2013.12.31 00:01:25 | 000,000,000 | R--D | C] -- C:\Users\Zdenek\Music
[2013.12.31 00:01:25 | 000,000,000 | R--D | C] -- C:\Users\Zdenek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2013.12.31 00:01:25 | 000,000,000 | R--D | C] -- C:\Users\Zdenek\Links
[2013.12.31 00:01:25 | 000,000,000 | R--D | C] -- C:\Users\Zdenek\Favorites
[2013.12.31 00:01:25 | 000,000,000 | R--D | C] -- C:\Users\Zdenek\Downloads
[2013.12.31 00:01:25 | 000,000,000 | R--D | C] -- C:\Users\Zdenek\Documents
[2013.12.31 00:01:25 | 000,000,000 | R--D | C] -- C:\Users\Zdenek\Desktop
[2013.12.31 00:01:25 | 000,000,000 | R--D | C] -- C:\Users\Zdenek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013.12.31 00:01:25 | 000,000,000 | -HSD | C] -- C:\Users\Zdenek\AppData\Local\Temporary Internet Files
[2013.12.31 00:01:25 | 000,000,000 | -HSD | C] -- C:\Users\Zdenek\Šablony
[2013.12.31 00:01:25 | 000,000,000 | -HSD | C] -- C:\Users\Zdenek\Soubory cookie
[2013.12.31 00:01:25 | 000,000,000 | -HSD | C] -- C:\Users\Zdenek\SendTo
[2013.12.31 00:01:25 | 000,000,000 | -HSD | C] -- C:\Users\Zdenek\Poslední
[2013.12.31 00:01:25 | 000,000,000 | -HSD | C] -- C:\Users\Zdenek\Okolní tiskárny
[2013.12.31 00:01:25 | 000,000,000 | -HSD | C] -- C:\Users\Zdenek\Okolní síť
[2013.12.31 00:01:25 | 000,000,000 | -HSD | C] -- C:\Users\Zdenek\Documents\Obrázky
[2013.12.31 00:01:25 | 000,000,000 | -HSD | C] -- C:\Users\Zdenek\Nabídka Start
[2013.12.31 00:01:25 | 000,000,000 | -HSD | C] -- C:\Users\Zdenek\Local Settings
[2013.12.31 00:01:25 | 000,000,000 | -HSD | C] -- C:\Users\Zdenek\Documents\Hudba
[2013.12.31 00:01:25 | 000,000,000 | -HSD | C] -- C:\Users\Zdenek\AppData\Local\History
[2013.12.31 00:01:25 | 000,000,000 | -HSD | C] -- C:\Users\Zdenek\Documents\Filmy
[2013.12.31 00:01:25 | 000,000,000 | -HSD | C] -- C:\Users\Zdenek\Dokumenty
[2013.12.31 00:01:25 | 000,000,000 | -HSD | C] -- C:\Users\Zdenek\Data aplikací
[2013.12.31 00:01:25 | 000,000,000 | -HSD | C] -- C:\Users\Zdenek\AppData\Local\Data aplikací
[2013.12.31 00:01:25 | 000,000,000 | -H-D | C] -- C:\Users\Zdenek\AppData
[2013.12.31 00:01:25 | 000,000,000 | ---D | C] -- C:\Users\Zdenek\AppData\Local\Temp
[2013.12.31 00:01:25 | 000,000,000 | ---D | C] -- C:\Users\Zdenek\AppData\Local\Microsoft
[2013.12.31 00:01:25 | 000,000,000 | ---D | C] -- C:\Users\Zdenek\AppData\Roaming\Media Center Programs
[2013.12.30 23:59:55 | 000,000,000 | -HSD | C] -- C:\ProgramData\Šablony
[2013.12.30 23:59:55 | 000,000,000 | -HSD | C] -- C:\Recovery
[2013.12.30 23:59:55 | 000,000,000 | -HSD | C] -- C:\ProgramData\Plocha
[2013.12.30 23:59:55 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Obrázky
[2013.12.30 23:59:55 | 000,000,000 | -HSD | C] -- C:\ProgramData\Oblíbené položky
[2013.12.30 23:59:55 | 000,000,000 | -HSD | C] -- C:\ProgramData\Nabídka Start
[2013.12.30 23:59:55 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Hudba
[2013.12.30 23:59:55 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Filmy
[2013.12.30 23:59:55 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenty
[2013.12.30 23:59:55 | 000,000,000 | -HSD | C] -- C:\ProgramData\Data aplikací
[2013.12.30 23:56:37 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2013.12.30 23:54:05 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2013.12.30 23:53:50 | 000,000,000 | -HSD | C] -- C:\System Volume Information
========== Files - Modified Within 30 Days ==========

[2013.12.31 12:22:18 | 001,575,230 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.12.31 12:22:18 | 000,665,706 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2013.12.31 12:22:18 | 000,651,450 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.12.31 12:22:18 | 000,139,402 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2013.12.31 12:22:18 | 000,120,382 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.12.31 12:21:25 | 000,010,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.12.31 12:21:25 | 000,010,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.12.31 12:20:45 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.12.31 12:16:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.12.31 12:15:53 | 3217,678,336 | -HS- | M] () -- C:\hiberfil.sys
[2013.12.31 02:15:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.12.31 00:44:09 | 001,553,692 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.12.31 00:38:59 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.12.31 00:38:59 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.12.31 00:32:25 | 000,000,010 | ---- | M] () -- C:\Windows\GSetup.ini
[2013.12.31 00:29:37 | 000,079,672 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswstm.sys
[2013.12.31 00:27:34 | 001,034,464 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2013.12.31 00:27:34 | 000,422,216 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2013.12.31 00:27:34 | 000,334,136 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2013.12.31 00:27:34 | 000,207,904 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2013.12.31 00:27:34 | 000,092,544 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2013.12.31 00:27:34 | 000,078,648 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2013.12.31 00:27:34 | 000,065,776 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2013.12.31 00:27:34 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2013.12.31 00:26:45 | 000,096,168 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013.12.31 00:26:44 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013.12.31 00:26:44 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013.12.31 00:26:44 | 000,174,504 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013.12.31 00:24:03 | 000,000,853 | ---- | M] () -- C:\Users\Zdenek\Desktop\µTorrent.lnk
[2013.12.31 00:04:53 | 000,001,151 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.12.30 23:57:50 | 000,068,220 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2013.12.30 23:57:50 | 000,068,220 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2013.12.30 23:54:15 | 000,274,736 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.12.10 03:13:11 | 000,982,232 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspcap.dll
[2013.12.10 03:13:01 | 001,100,248 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspcap64.dll
[2013.12.05 09:42:30 | 000,039,200 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvvad64v.sys
[2013.12.05 09:42:26 | 000,035,104 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvaudcap64v.dll
[2013.12.05 09:42:26 | 000,032,544 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvaudcap32v.dll
========== Files Created - No Company Name ==========

[2013.12.31 12:20:45 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.12.31 00:45:08 | 003,467,927 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin
[2013.12.31 00:42:45 | 001,553,692 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.12.31 00:39:03 | 000,000,914 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.12.31 00:38:59 | 000,023,754 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2013.12.31 00:32:25 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2013.12.31 00:27:39 | 000,207,904 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2013.12.31 00:27:38 | 000,065,776 | ---- | C] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2013.12.31 00:24:03 | 000,000,853 | ---- | C] () -- C:\Users\Zdenek\Desktop\µTorrent.lnk
[2013.12.31 00:04:53 | 000,001,163 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013.12.31 00:04:53 | 000,001,151 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.12.31 00:01:54 | 000,001,413 | ---- | C] () -- C:\Users\Zdenek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2013.12.31 00:01:50 | 000,001,447 | ---- | C] () -- C:\Users\Zdenek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013.12.30 23:57:30 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2013.12.30 23:57:21 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2013.12.30 23:53:50 | 3217,678,336 | -HS- | C] () -- C:\hiberfil.sys

========== ZeroAccess Check ==========

[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2009.07.14 02:41:54 | 014,161,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2009.07.14 02:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.07.14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013.12.31 00:30:08 | 000,000,000 | ---D | M] -- C:\Users\Zdenek\AppData\Roaming\AVAST Software
[2013.12.31 00:47:24 | 000,000,000 | ---D | M] -- C:\Users\Zdenek\AppData\Roaming\uTorrent

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009.07.14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 06:08:49 | 000,001,768 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2013.12.31 00:39:03 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job

< >

< MD5 for: AGP440.SYS >
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\SysWOW64\autochk.exe
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 02:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\SysNative\autochk.exe
[2009.07.14 02:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\drivers\cdrom.sys
[2009.07.14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys
[2009.07.14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2009.07.14 02:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\SysNative\cryptsvc.dll
[2009.07.14 02:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_d1f48b0bb4805490\cryptsvc.dll
[2009.07.14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\SysWOW64\cryptsvc.dll
[2009.07.14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\SysWOW64\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2009.07.14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\explorer.exe
[2009.07.14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe

< MD5 for: HAL.DLL >
[2009.07.14 02:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\SysNative\hal.dll
[2009.07.14 02:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll

< MD5 for: IASTORV.SYS >
[2009.07.14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2009.07.14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys
[2009.07.14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\drivers\isapnp.sys
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\isapnp.sys
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\isapnp.sys

< MD5 for: LSASS.EXE >
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\SysNative\lsass.exe
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_023f7c69767c3edd\lsass.exe

< MD5 for: NDIS.SYS >
[2009.07.14 02:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\SysNative\drivers\ndis.sys
[2009.07.14 02:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009.07.14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\SysNative\netlogon.dll
[2009.07.14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

< MD5 for: NVRAID.SYS >
[2009.07.14 02:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\SysNative\drivers\nvraid.sys
[2009.07.14 02:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvraid.sys
[2009.07.14 02:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2009.07.14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysNative\drivers\nvstor.sys
[2009.07.14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\SysNative\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll

< MD5 for: SMSS.EXE >
[2009.07.14 02:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\SysNative\smss.exe
[2009.07.14 02:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2009.07.14 02:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\SysNative\drivers\tcpip.sys
[2009.07.14 02:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys

< MD5 for: USERINIT.EXE >
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\SysNative\winlogon.exe
[2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe

< MD5 for: WS2_32.DLL >
[2009.07.14 02:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\SysNative\ws2_32.dll
[2009.07.14 02:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_4eaca269e8070c6b\ws2_32.dll
[2009.07.14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\SysWOW64\ws2_32.dll
[2009.07.14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[1 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[2 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\0046bd816e918e1cd23bfc35d0bf4738\*.tmp files -> C:\Windows\SoftwareDistribution\Download\0046bd816e918e1cd23bfc35d0bf4738\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\021a47f6c64d82f5692ec501dba91d82\*.tmp files -> C:\Windows\SoftwareDistribution\Download\021a47f6c64d82f5692ec501dba91d82\*.tmp -> ]
[2 C:\Windows\SoftwareDistribution\Download\0342adea596c99ef18bfd5035d54d3e9\*.tmp files -> C:\Windows\SoftwareDistribution\Download\0342adea596c99ef18bfd5035d54d3e9\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\042ca727227440da4873d9d5dba62f31\*.tmp files -> C:\Windows\SoftwareDistribution\Download\042ca727227440da4873d9d5dba62f31\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\04d59a5003510e3464f3d7221a17d675\*.tmp files -> C:\Windows\SoftwareDistribution\Download\04d59a5003510e3464f3d7221a17d675\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\052d66685e46be761e2962e9ce9c858c\*.tmp files -> C:\Windows\SoftwareDistribution\Download\052d66685e46be761e2962e9ce9c858c\*.tmp -> ]
[2 C:\Windows\SoftwareDistribution\Download\05fbb475829a46b6ac5f3db9c37f86ab\*.tmp files -> C:\Windows\SoftwareDistribution\Download\05fbb475829a46b6ac5f3db9c37f86ab\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\0ad334ca22963efa20822ed19c83876a\*.tmp files -> C:\Windows\SoftwareDistribution\Download\0ad334ca22963efa20822ed19c83876a\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\0c84742169a0e6fc9830e49da6f14881\*.tmp files -> C:\Windows\SoftwareDistribution\Download\0c84742169a0e6fc9830e49da6f14881\*.tmp -> ]
[2 C:\Windows\SoftwareDistribution\Download\10e53aef6b5bdde2469c00a66f17f611\*.tmp files -> C:\Windows\SoftwareDistribution\Download\10e53aef6b5bdde2469c00a66f17f611\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\12e6820eedd64890fd0b4579df24c295\*.tmp files -> C:\Windows\SoftwareDistribution\Download\12e6820eedd64890fd0b4579df24c295\*.tmp -> ]
[2 C:\Windows\SoftwareDistribution\Download\163564e56e05550a8da7a2042391de12\*.tmp files -> C:\Windows\SoftwareDistribution\Download\163564e56e05550a8da7a2042391de12\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\1db78f609291c2bd8a0a4cc4d0d49fa3\*.tmp files -> C:\Windows\SoftwareDistribution\Download\1db78f609291c2bd8a0a4cc4d0d49fa3\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\2167501e3204365c66ac57bff27ffb31\*.tmp files -> C:\Windows\SoftwareDistribution\Download\2167501e3204365c66ac57bff27ffb31\*.tmp -> ]
[2 C:\Windows\SoftwareDistribution\Download\24cd6d07fe1d702b5a7f38ebda5af65f\*.tmp files -> C:\Windows\SoftwareDistribution\Download\24cd6d07fe1d702b5a7f38ebda5af65f\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\256594a67223d62216fed56f344c66ec\*.tmp files -> C:\Windows\SoftwareDistribution\Download\256594a67223d62216fed56f344c66ec\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\257b1765baa58c28523327af8d7765fd\*.tmp files -> C:\Windows\SoftwareDistribution\Download\257b1765baa58c28523327af8d7765fd\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\2bfd732c1a716b2c55b428af98e8c9da\*.tmp files -> C:\Windows\SoftwareDistribution\Download\2bfd732c1a716b2c55b428af98e8c9da\*.tmp -> ]
[2 C:\Windows\SoftwareDistribution\Download\2d300a3fd419672345ebd40d4acd2565\*.tmp files -> C:\Windows\SoftwareDistribution\Download\2d300a3fd419672345ebd40d4acd2565\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\2dd536446c76225c85091e91aa4027a6\*.tmp files -> C:\Windows\SoftwareDistribution\Download\2dd536446c76225c85091e91aa4027a6\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\2e9f90c1fc608e5b6592b4315a89bd7e\*.tmp files -> C:\Windows\SoftwareDistribution\Download\2e9f90c1fc608e5b6592b4315a89bd7e\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\2f00439d478ad76fc0ba49d018ea7d78\*.tmp files -> C:\Windows\SoftwareDistribution\Download\2f00439d478ad76fc0ba49d018ea7d78\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\35c21d9bcb0c332376fc8d93c04088c9\*.tmp files -> C:\Windows\SoftwareDistribution\Download\35c21d9bcb0c332376fc8d93c04088c9\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\3ae79fc198c0eccc4b97ae284fa849bb\*.tmp files -> C:\Windows\SoftwareDistribution\Download\3ae79fc198c0eccc4b97ae284fa849bb\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\3d3d81025e02e7b37166619681b26bc7\*.tmp files -> C:\Windows\SoftwareDistribution\Download\3d3d81025e02e7b37166619681b26bc7\*.tmp -> ]
[2 C:\Windows\SoftwareDistribution\Download\3de6f53eb60133179b82e8db1989d2a8\*.tmp files -> C:\Windows\SoftwareDistribution\Download\3de6f53eb60133179b82e8db1989d2a8\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\3fb9f048b3a15699a4176d855e442f87\*.tmp files -> C:\Windows\SoftwareDistribution\Download\3fb9f048b3a15699a4176d855e442f87\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\41891482d3acaa8ffc353a74701d8f0c\*.tmp files -> C:\Windows\SoftwareDistribution\Download\41891482d3acaa8ffc353a74701d8f0c\*.tmp -> ]
[2 C:\Windows\SoftwareDistribution\Download\43f9d3a3ce553a3bd82cfec8ebc5fe42\*.tmp files -> C:\Windows\SoftwareDistribution\Download\43f9d3a3ce553a3bd82cfec8ebc5fe42\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\45eabe704cc5c1068c014ce816b40387\*.tmp files -> C:\Windows\SoftwareDistribution\Download\45eabe704cc5c1068c014ce816b40387\*.tmp -> ]
[2 C:\Windows\SoftwareDistribution\Download\46364c43d212f280261ac4a7030238d9\*.tmp files -> C:\Windows\SoftwareDistribution\Download\46364c43d212f280261ac4a7030238d9\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\4a3c94505d5ed5e2b3f2257fcc1a8b4a\*.tmp files -> C:\Windows\SoftwareDistribution\Download\4a3c94505d5ed5e2b3f2257fcc1a8b4a\*.tmp -> ]
[2 C:\Windows\SoftwareDistribution\Download\4be26a326d83ee85e2a2aa1f84c239a4\*.tmp files -> C:\Windows\SoftwareDistribution\Download\4be26a326d83ee85e2a2aa1f84c239a4\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\4bf93eb2380ea091df65ef13a75aba3f\*.tmp files -> C:\Windows\SoftwareDistribution\Download\4bf93eb2380ea091df65ef13a75aba3f\*.tmp -> ]
[2 C:\Windows\SoftwareDistribution\Download\4bf9df843471694e34b6c9e4af8cfd8c\*.tmp files -> C:\Windows\SoftwareDistribution\Download\4bf9df843471694e34b6c9e4af8cfd8c\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\4fb77267f77150068cd93c98c7ed6725\*.tmp files -> C:\Windows\SoftwareDistribution\Download\4fb77267f77150068cd93c98c7ed6725\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\51b229c3fa405a91da392a18aa5d47ff\*.tmp files -> C:\Windows\SoftwareDistribution\Download\51b229c3fa405a91da392a18aa5d47ff\*.tmp -> ]
[2 C:\Windows\SoftwareDistribution\Download\51b8454f957ea2e1cb759b797aed611c\*.tmp files -> C:\Windows\SoftwareDistribution\Download\51b8454f957ea2e1cb759b797aed611c\*.tmp -> ]
[2 C:\Windows\SoftwareDistribution\Download\54d7377f352488006958c46edb8cd6e9\*.tmp files -> C:\Windows\SoftwareDistribution\Download\54d7377f352488006958c46edb8cd6e9\*.tmp -> ]
[2 C:\Windows\SoftwareDistribution\Download\566e2aae74f1078189cd24f419758e8e\*.tmp files -> C:\Windows\SoftwareDistribution\Download\566e2aae74f1078189cd24f419758e8e\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\5960c74dfb44a70bd9a9b7e78116b734\*.tmp files -> C:\Windows\SoftwareDistribution\Download\5960c74dfb44a70bd9a9b7e78116b734\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\5ae7f50bab39adb68e48d30b5358bcab\*.tmp files -> C:\Windows\SoftwareDistribution\Download\5ae7f50bab39adb68e48d30b5358bcab\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\5b7181b3b2cead4e46dc6404a74548f1\*.tmp files -> C:\Windows\SoftwareDistribution\Download\5b7181b3b2cead4e46dc6404a74548f1\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\5f6328e4ae044e83f1e8acc2207be577\*.tmp files -> C:\Windows\SoftwareDistribution\Download\5f6328e4ae044e83f1e8acc2207be577\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\5f685afc546781b0d6c810b43e47e8a4\*.tmp files -> C:\Windows\SoftwareDistribution\Download\5f685afc546781b0d6c810b43e47e8a4\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\616b3417f596ae4f3a67f4c2695c6b66\*.tmp files -> C:\Windows\SoftwareDistribution\Download\616b3417f596ae4f3a67f4c2695c6b66\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\62436a59c786a147ce2be50abb2ec760\*.tmp files -> C:\Windows\SoftwareDistribution\Download\62436a59c786a147ce2be50abb2ec760\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\6254b0afb75738dfecf8aae26fe4d2a4\*.tmp files -> C:\Windows\SoftwareDistribution\Download\6254b0afb75738dfecf8aae26fe4d2a4\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\62abd846a792159930c3a655e8423ae7\*.tmp files -> C:\Windows\SoftwareDistribution\Download\62abd846a792159930c3a655e8423ae7\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\64adbad529e5e191c66d74fdbd0bda2b\*.tmp files -> C:\Windows\SoftwareDistribution\Download\64adbad529e5e191c66d74fdbd0bda2b\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\6584239d534c5b9de813d91ff98cf10b\*.tmp files -> C:\Windows\SoftwareDistribution\Download\6584239d534c5b9de813d91ff98cf10b\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\664db1ae97b7a3678983f78252ecab85\*.tmp files -> C:\Windows\SoftwareDistribution\Download\664db1ae97b7a3678983f78252ecab85\*.tmp -> ]
[2 C:\Windows\SoftwareDistribution\Download\66c655cbfd521c4ca69f7f4100fe219b\*.tmp files -> C:\Windows\SoftwareDistribution\Download\66c655cbfd521c4ca69f7f4100fe219b\*.tmp -> ]
[2 C:\Windows\SoftwareDistribution\Download\6a0f44afb333ccc3320fd72d9e20c57c\*.tmp files -> C:\Windows\SoftwareDistribution\Download\6a0f44afb333ccc3320fd72d9e20c57c\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\6b0bdde49b5690a84b648bf988bee0bf\*.tmp files -> C:\Windows\SoftwareDistribution\Download\6b0bdde49b5690a84b648bf988bee0bf\*.tmp -> ]
[2 C:\Windows\SoftwareDistribution\Download\6c089e69f25245442c43448856f64e27\*.tmp files -> C:\Windows\SoftwareDistribution\Download\6c089e69f25245442c43448856f64e27\*.tmp -> ]
[2 C:\Windows\SoftwareDistribution\Download\6e17bb3b4b3d13bca64d525f50f75eab\*.tmp files -> C:\Windows\SoftwareDistribution\Download\6e17bb3b4b3d13bca64d525f50f75eab\*.tmp -> ]
[2 C:\Windows\SoftwareDistribution\Download\71e79ff014f223d2cda8d22e9aef98f0\*.tmp files -> C:\Windows\SoftwareDistribution\Download\71e79ff014f223d2cda8d22e9aef98f0\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\737e41c23b7b8fd0612f4adc363709af\*.tmp files -> C:\Windows\SoftwareDistribution\Download\737e41c23b7b8fd0612f4adc363709af\*.tmp -> ]
[2 C:\Windows\SoftwareDistribution\Download\744e0b5f0af338fac0ac2e56546a57b3\*.tmp files -> C:\Windows\SoftwareDistribution\Download\744e0b5f0af338fac0ac2e56546a57b3\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\747ee5081ad54f6f5da5b26722a1f4af\*.tmp files -> C:\Windows\SoftwareDistribution\Download\747ee5081ad54f6f5da5b26722a1f4af\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\7654a03b1ed5598d31de2e94eedd9fbf\*.tmp files -> C:\Windows\SoftwareDistribution\Download\7654a03b1ed5598d31de2e94eedd9fbf\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\7804a1f8b43282eb8b8d1f62a5419400\*.tmp files -> C:\Windows\SoftwareDistribution\Download\7804a1f8b43282eb8b8d1f62a5419400\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\7d511b22c437b255c856f85cd7c94bf8\*.tmp files -> C:\Windows\SoftwareDistribution\Download\7d511b22c437b255c856f85cd7c94bf8\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\81b05cced7830a9582907bed4c864462\*.tmp files -> C:\Windows\SoftwareDistribution\Download\81b05cced7830a9582907bed4c864462\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\821770186b2275f82265ae996d339310\*.tmp files -> C:\Windows\SoftwareDistribution\Download\821770186b2275f82265ae996d339310\*.tmp -> ]
[2 C:\Windows\SoftwareDistribution\Download\885c37bbe91cc69d17195cb6e9de4d14\*.tmp files -> C:\Windows\SoftwareDistribution\Download\885c37bbe91cc69d17195cb6e9de4d14\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\89022a070100f44a14cc08c69201840a\*.tmp files -> C:\Windows\SoftwareDistribution\Download\89022a070100f44a14cc08c69201840a\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\89a2eb0c236d79d5682334260cbabbaf\*.tmp files -> C:\Windows\SoftwareDistribution\Download\89a2eb0c236d79d5682334260cbabbaf\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\8bc6e6dab4242173d80f9a2dc0d926a7\*.tmp files -> C:\Windows\SoftwareDistribution\Download\8bc6e6dab4242173d80f9a2dc0d926a7\*.tmp -> ]
[2 C:\Windows\SoftwareDistribution\Download\8dff913fc410d6d286e0f56ecd36878b\*.tmp files -> C:\Windows\SoftwareDistribution\Download\8dff913fc410d6d286e0f56ecd36878b\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\927442c5af101cb9ff7e0098f8e55777\*.tmp files -> C:\Windows\SoftwareDistribution\Download\927442c5af101cb9ff7e0098f8e55777\*.tmp -> ]
[2 C:\Windows\SoftwareDistribution\Download\932c29bfb6b98dc70ded67928a871195\*.tmp files -> C:\Windows\SoftwareDistribution\Download\932c29bfb6b98dc70ded67928a871195\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\9af7b9da07f7666f7dfdfac9095bcd5a\*.tmp files -> C:\Windows\SoftwareDistribution\Download\9af7b9da07f7666f7dfdfac9095bcd5a\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\a412981cbad7898153c8ce7f0c075440\*.tmp files -> C:\Windows\SoftwareDistribution\Download\a412981cbad7898153c8ce7f0c075440\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\a51ff4bb9fdafea243340db35fa63250\*.tmp files -> C:\Windows\SoftwareDistribution\Download\a51ff4bb9fdafea243340db35fa63250\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\a6a436869cb61685873af73519af6af1\*.tmp files -> C:\Windows\SoftwareDistribution\Download\a6a436869cb61685873af73519af6af1\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\a7d328c08da9874af81f9f13c1a22e45\*.tmp files -> C:\Windows\SoftwareDistribution\Download\a7d328c08da9874af81f9f13c1a22e45\*.tmp -> ]
[2 C:\Windows\SoftwareDistribution\Download\a865d4a14f90d4c98678d580cf594a1a\*.tmp files -> C:\Windows\SoftwareDistribution\Download\a865d4a14f90d4c98678d580cf594a1a\*.tmp -> ]
[2 C:\Windows\SoftwareDistribution\Download\a9887f7815e64ccd1553bb2a046c78dc\*.tmp files -> C:\Windows\SoftwareDistribution\Download\a9887f7815e64ccd1553bb2a046c78dc\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\aad570e66ed99476ffc34f33ccbc37c7\*.tmp files -> C:\Windows\SoftwareDistribution\Download\aad570e66ed99476ffc34f33ccbc37c7\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\ae733d6c242783c4f9425afab6311492\*.tmp files -> C:\Windows\SoftwareDistribution\Download\ae733d6c242783c4f9425afab6311492\*.tmp -> ]
[2 C:\Windows\SoftwareDistribution\Download\b24f07abf2eb6b9a4d21454a207eabd3\*.tmp files -> C:\Windows\SoftwareDistribution\Download\b24f07abf2eb6b9a4d21454a207eabd3\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\b331b5cc58ca0235f3454d37bcb34d86\*.tmp files -> C:\Windows\SoftwareDistribution\Download\b331b5cc58ca0235f3454d37bcb34d86\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\b38797ecc6a89041838bcb6a6380c875\*.tmp files -> C:\Windows\SoftwareDistribution\Download\b38797ecc6a89041838bcb6a6380c875\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\b6f499fd925978ee7dd3b9944fc0134e\*.tmp files -> C:\Windows\SoftwareDistribution\Download\b6f499fd925978ee7dd3b9944fc0134e\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\b7dc53891d2c2a9eb3326342c2894d1e\*.tmp files -> C:\Windows\SoftwareDistribution\Download\b7dc53891d2c2a9eb3326342c2894d1e\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\b88e27f9bdaed8d4546c658147e54556\*.tmp files -> C:\Windows\SoftwareDistribution\Download\b88e27f9bdaed8d4546c658147e54556\*.tmp -> ]
[2 C:\Windows\SoftwareDistribution\Download\b95cad50b6ba451d5e62abd17cefa446\*.tmp files -> C:\Windows\SoftwareDistribution\Download\b95cad50b6ba451d5e62abd17cefa446\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\bf113fb7e83bb9aff81ee89f6f722e57\*.tmp files -> C:\Windows\SoftwareDistribution\Download\bf113fb7e83bb9aff81ee89f6f722e57\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\bf9ee418da6bbd9366bf468a0ba6d667\*.tmp files -> C:\Windows\SoftwareDistribution\Download\bf9ee418da6bbd9366bf468a0ba6d667\*.tmp -> ]
[2 C:\Windows\SoftwareDistribution\Download\c20a9125d57fc9edbd48bd80e0026711\*.tmp files -> C:\Windows\SoftwareDistribution\Download\c20a9125d57fc9edbd48bd80e0026711\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\c39802a9c5f9f3d39db36ed45f55f9f0\*.tmp files -> C:\Windows\SoftwareDistribution\Download\c39802a9c5f9f3d39db36ed45f55f9f0\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\c3a0cd88b72094ac46625c1cc9cfa43b\*.tmp files -> C:\Windows\SoftwareDistribution\Download\c3a0cd88b72094ac46625c1cc9cfa43b\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\c6a0ede8bf584e022ba7c28c9f6b4fb8\*.tmp files -> C:\Windows\SoftwareDistribution\Download\c6a0ede8bf584e022ba7c28c9f6b4fb8\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\c736709f4588b90de21ce555b085f95b\*.tmp files -> C:\Windows\SoftwareDistribution\Download\c736709f4588b90de21ce555b085f95b\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\cb853170c9e5f5430eb8143cdb54a56c\*.tmp files -> C:\Windows\SoftwareDistribution\Download\cb853170c9e5f5430eb8143cdb54a56c\*.tmp -> ]
[2 C:\Windows\SoftwareDistribution\Download\cd5970c2cb418941bd224bb8de890ece\*.tmp files -> C:\Windows\SoftwareDistribution\Download\cd5970c2cb418941bd224bb8de890ece\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\ce8c612188db578e087c8d75d4b7d462\*.tmp files -> C:\Windows\SoftwareDistribution\Download\ce8c612188db578e087c8d75d4b7d462\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\d1d37700424e32d7dd4df619271c8df5\*.tmp files -> C:\Windows\SoftwareDistribution\Download\d1d37700424e32d7dd4df619271c8df5\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\d55a14789bec06b41b5bf4303a9e3241\*.tmp files -> C:\Windows\SoftwareDistribution\Download\d55a14789bec06b41b5bf4303a9e3241\*.tmp -> ]
[2 C:\Windows\SoftwareDistribution\Download\d5a980104adf24536551b79d7b168d60\*.tmp files -> C:\Windows\SoftwareDistribution\Download\d5a980104adf24536551b79d7b168d60\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\d5fe7302ac697cc17862dbd1e4ec4ded\*.tmp files -> C:\Windows\SoftwareDistribution\Download\d5fe7302ac697cc17862dbd1e4ec4ded\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\d645c162342ca0b408fdfe724d6e15b0\*.tmp files -> C:\Windows\SoftwareDistribution\Download\d645c162342ca0b408fdfe724d6e15b0\*.tmp -> ]
[2 C:\Windows\SoftwareDistribution\Download\d6ff317798affe13d00ca44eb93c96d0\*.tmp files -> C:\Windows\SoftwareDistribution\Download\d6ff317798affe13d00ca44eb93c96d0\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\d70c0cfc38c005c7ba5e90cae10b6fc8\*.tmp files -> C:\Windows\SoftwareDistribution\Download\d70c0cfc38c005c7ba5e90cae10b6fc8\*.tmp -> ]
[2 C:\Windows\SoftwareDistribution\Download\d8c68badd7342cedbe21fa7b2c7fb391\*.tmp files -> C:\Windows\SoftwareDistribution\Download\d8c68badd7342cedbe21fa7b2c7fb391\*.tmp -> ]
[2 C:\Windows\SoftwareDistribution\Download\dafa120431e23611322be67aaf32a1c9\*.tmp files -> C:\Windows\SoftwareDistribution\Download\dafa120431e23611322be67aaf32a1c9\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\dedb0e931c1338c5e605dbd9edfadd4f\*.tmp files -> C:\Windows\SoftwareDistribution\Download\dedb0e931c1338c5e605dbd9edfadd4f\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\e030863d1d53835df3d8d9730f4db89a\*.tmp files -> C:\Windows\SoftwareDistribution\Download\e030863d1d53835df3d8d9730f4db89a\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\e120c55096939684be84e0ceada07419\*.tmp files -> C:\Windows\SoftwareDistribution\Download\e120c55096939684be84e0ceada07419\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\e432dae6d19f6530a566a006bd0ed3cd\*.tmp files -> C:\Windows\SoftwareDistribution\Download\e432dae6d19f6530a566a006bd0ed3cd\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\e69a06dab2acd66221b4b032edcd8883\*.tmp files -> C:\Windows\SoftwareDistribution\Download\e69a06dab2acd66221b4b032edcd8883\*.tmp -> ]
[2 C:\Windows\SoftwareDistribution\Download\e6a217e3c6117de0f80e50195bfb86de\*.tmp files -> C:\Windows\SoftwareDistribution\Download\e6a217e3c6117de0f80e50195bfb86de\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\e7e88d54d3c02ef669fe1baa5352ce24\*.tmp files -> C:\Windows\SoftwareDistribution\Download\e7e88d54d3c02ef669fe1baa5352ce24\*.tmp -> ]
[2 C:\Windows\SoftwareDistribution\Download\e7ef275139311ab72fe89d97818333a2\*.tmp files -> C:\Windows\SoftwareDistribution\Download\e7ef275139311ab72fe89d97818333a2\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\e8de596cbd323ae62d9ddd1a3e59b2d4\*.tmp files -> C:\Windows\SoftwareDistribution\Download\e8de596cbd323ae62d9ddd1a3e59b2d4\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\ec47078f3e239352b1aa18b849ca7d0b\*.tmp files -> C:\Windows\SoftwareDistribution\Download\ec47078f3e239352b1aa18b849ca7d0b\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\ece4dba0e091883db28d2711324ac3f7\*.tmp files -> C:\Windows\SoftwareDistribution\Download\ece4dba0e091883db28d2711324ac3f7\*.tmp -> ]
[2 C:\Windows\SoftwareDistribution\Download\eebbca6ef08c09a8e682d9df3641d623\*.tmp files -> C:\Windows\SoftwareDistribution\Download\eebbca6ef08c09a8e682d9df3641d623\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\eec4a6393e352ad9b957ffffb3108750\*.tmp files -> C:\Windows\SoftwareDistribution\Download\eec4a6393e352ad9b957ffffb3108750\*.tmp -> ]
[2 C:\Windows\SoftwareDistribution\Download\f1a859fbe05767c0ea6289cc631f1210\*.tmp files -> C:\Windows\SoftwareDistribution\Download\f1a859fbe05767c0ea6289cc631f1210\*.tmp -> ]
[2 C:\Windows\SoftwareDistribution\Download\f302b73b0c0feb053815b7348b7d2178\*.tmp files -> C:\Windows\SoftwareDistribution\Download\f302b73b0c0feb053815b7348b7d2178\*.tmp -> ]
[2 C:\Windows\SoftwareDistribution\Download\f429b301db44a908762e50ecb3baac12\*.tmp files -> C:\Windows\SoftwareDistribution\Download\f429b301db44a908762e50ecb3baac12\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\f539fccc437a47dbd2590935cd4f2672\*.tmp files -> C:\Windows\SoftwareDistribution\Download\f539fccc437a47dbd2590935cd4f2672\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\f5e8bd4a529c7016d8aca70084481201\*.tmp files -> C:\Windows\SoftwareDistribution\Download\f5e8bd4a529c7016d8aca70084481201\*.tmp -> ]
[2 C:\Windows\SoftwareDistribution\Download\f6c00a51b9b4d9e96a68eecdb6c4c235\*.tmp files -> C:\Windows\SoftwareDistribution\Download\f6c00a51b9b4d9e96a68eecdb6c4c235\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\fb8c04f930b546cf1beac681da8584b1\*.tmp files -> C:\Windows\SoftwareDistribution\Download\fb8c04f930b546cf1beac681da8584b1\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\fe517ae3d4b39824abced35e296a918f\*.tmp files -> C:\Windows\SoftwareDistribution\Download\fe517ae3d4b39824abced35e296a918f\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\fe949a49f0c30491d8f81136cc3166df\*.tmp files -> C:\Windows\SoftwareDistribution\Download\fe949a49f0c30491d8f81136cc3166df\*.tmp -> ]
[10 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
[1 C:\Windows\Temp\_avast_\*.tmp files -> C:\Windows\Temp\_avast_\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2013.12.31 00:41:00 | 000,000,000 | ---D | M] -- C:\Users\Zdenek\AppData\Roaming\Adobe
[2013.12.31 00:30:08 | 000,000,000 | ---D | M] -- C:\Users\Zdenek\AppData\Roaming\AVAST Software
[2013.12.31 12:28:48 | 000,000,000 | ---D | M] -- C:\Users\Zdenek\AppData\Roaming\BSplayer
[2013.12.31 12:26:38 | 000,000,000 | ---D | M] -- C:\Users\Zdenek\AppData\Roaming\BSplayer Pro
[2013.12.31 00:01:39 | 000,000,000 | ---D | M] -- C:\Users\Zdenek\AppData\Roaming\Identities
[2013.12.31 00:41:00 | 000,000,000 | ---D | M] -- C:\Users\Zdenek\AppData\Roaming\Macromedia
[2009.07.14 08:45:14 | 000,000,000 | ---D | M] -- C:\Users\Zdenek\AppData\Roaming\Media Center Programs
[2013.12.31 00:41:00 | 000,000,000 | --SD | M] -- C:\Users\Zdenek\AppData\Roaming\Microsoft
[2013.12.31 00:05:03 | 000,000,000 | ---D | M] -- C:\Users\Zdenek\AppData\Roaming\Mozilla
[2013.12.31 12:33:01 | 000,000,000 | ---D | M] -- C:\Users\Zdenek\AppData\Roaming\Origin
[2013.12.31 12:32:19 | 000,000,000 | ---D | M] -- C:\Users\Zdenek\AppData\Roaming\uTorrent
[2013.12.31 00:12:37 | 000,000,000 | ---D | M] -- C:\Users\Zdenek\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2009.08.11 21:21:26 | 000,087,552 | ---- | M] () -- C:\Users\Zdenek\AppData\Roaming\BSplayer\AC3 Filter\ac3config.exe
[2009.08.11 21:21:30 | 000,090,112 | ---- | M] () -- C:\Users\Zdenek\AppData\Roaming\BSplayer\AC3 Filter\spdif_test.exe
[2010.03.22 14:52:04 | 000,697,690 | ---- | M] () -- C:\Users\Zdenek\AppData\Roaming\BSplayer\AC3 Filter\unins000.exe
[2012.10.11 09:01:20 | 001,175,371 | ---- | M] () -- C:\Users\Zdenek\AppData\Roaming\BSplayer\FFDShow\unins000.exe
[2010.08.14 10:42:54 | 000,113,152 | ---- | M] () -- C:\Users\Zdenek\AppData\Roaming\BSplayer\Haali media splitter\dsmux.exe
[2010.08.14 10:45:10 | 000,358,400 | ---- | M] () -- C:\Users\Zdenek\AppData\Roaming\BSplayer\Haali media splitter\gdsmux.exe
[2010.08.14 10:42:06 | 000,137,728 | ---- | M] () -- C:\Users\Zdenek\AppData\Roaming\BSplayer\Haali media splitter\mkv2vfr.exe
[2010.09.30 15:30:22 | 000,042,305 | ---- | M] () -- C:\Users\Zdenek\AppData\Roaming\BSplayer\Haali media splitter\uninstall.exe
[2013.12.31 00:24:03 | 001,142,864 | ---- | M] (BitTorrent Inc.) -- C:\Users\Zdenek\AppData\Roaming\uTorrent\uTorrent.exe
[2013.12.31 00:24:03 | 001,142,864 | ---- | M] (BitTorrent Inc.) -- C:\Users\Zdenek\AppData\Roaming\uTorrent\updates\3.3.2_30446.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013.12.31 00:38:59 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerApp.exe
[2013.12.31 00:38:59 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerCPLApp.cpl
[2013.12.31 00:26:44 | 000,174,504 | ---- | M] (Oracle Corporation) -- C:\Windows\system32\java.exe
[2013.12.31 00:26:44 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\system32\javaw.exe
[2013.12.31 00:26:44 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\Windows\system32\javaws.exe
[2013.12.30 23:57:50 | 000,068,220 | ---- | M] () -- C:\Windows\system32\license.rtf
[2013.12.31 00:44:09 | 001,553,692 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI
[2013.12.31 00:26:45 | 000,096,168 | ---- | M] (Oracle Corporation) -- C:\Windows\system32\WindowsAccessBridge-32.dll

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.12.31 12:20:45 | 000,000,512 | ---- | M] () MD5=1AAAA1C8FD2871AD3EDD0BF7B0979245 -- C:\PhysicalMBR.bin

< >

< *crack* /s >

< *keygen* /s >

< *AntiWPA* /s >

< *loader* /s >
[2013.11.14 12:56:55 | 001,168,672 | ---- | M] () -- \NVIDIA\DisplayDriver\331.82\Win8_WinVista_Win7_64\International\GFExperience\ExtensionLoader.dll
[2013.12.10 03:13:27 | 001,168,672 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\ExtensionLoader.dll
[2013.07.25 03:43:28 | 000,065,344 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2013.07.25 03:43:30 | 000,067,904 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2013.07.25 03:43:12 | 000,073,024 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2013.07.25 03:43:12 | 000,080,704 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader64.dll
[2013.12.10 03:13:27 | 001,168,672 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.GFExperience.{95C2E090-E03E-40A0-86BB-9049B316CDF6}\ExtensionLoader.dll
[2013.11.14 12:56:55 | 001,168,672 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.GFExperience.{B0B349A0-06B8-454E-809E-F5685F372C7C}\ExtensionLoader.dll
[2011.03.02 12:39:58 | 000,054,784 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2013.12.31 00:38:22 | 000,000,723 | ---- | M] () -- \Users\Zdenek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I9NOY24I\downloaderror[1].js
[2013.12.31 00:38:22 | 000,001,174 | ---- | M] () -- \Users\Zdenek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y1JTC4PM\downloader[1].js
[2013.12.10 03:13:27 | 001,168,672 | ---- | M] () -- \Users\Zdenek\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\10.11.15.0\GFExperience\ExtensionLoader.dll
[2011.02.05 14:09:50 | 000,005,799 | ---- | M] () -- \Windows\SoftwareDistribution\Download\c20a9125d57fc9edbd48bd80e0026711\amd64_microsoft-windows-e..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_9c05f879842e1792.manifest
[2011.02.05 14:05:03 | 000,005,799 | ---- | M] () -- \Windows\SoftwareDistribution\Download\c20a9125d57fc9edbd48bd80e0026711\amd64_microsoft-windows-e..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_9c6455949d6c2720.manifest
[2011.02.05 18:34:40 | 000,005,799 | ---- | M] () -- \Windows\SoftwareDistribution\Download\c20a9125d57fc9edbd48bd80e0026711\amd64_microsoft-windows-e..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_9deb553581556a27.manifest
[2011.02.05 14:10:12 | 000,005,799 | ---- | M] () -- \Windows\SoftwareDistribution\Download\c20a9125d57fc9edbd48bd80e0026711\amd64_microsoft-windows-e..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_9e73f1b69a73f09a.manifest
[2 \Windows\SoftwareDistribution\Download\c20a9125d57fc9edbd48bd80e0026711\*.tmp files -> \Windows\SoftwareDistribution\Download\c20a9125d57fc9edbd48bd80e0026711\*.tmp -> ]
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 02:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 02:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.26 19:40:31 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.26 19:40:31 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2009.07.26 19:40:31 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2009.07.26 19:40:31 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2009.07.26 19:40:31 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2009.07.14 06:37:37 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2009.07.14 06:37:37 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.efi.mui_35ee487d
[2009.07.14 06:37:37 | 000,033,344 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.exe.mui_3bc5b827
[2009.07.14 06:37:37 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.efi.mui_f412814e
[2009.07.14 06:37:37 | 000,029,760 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.exe.mui_ff8b5358
[2009.07.14 03:58:45 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2009.07.14 03:58:45 | 000,641,088 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef_winload.efi_75834aa0
[2009.07.14 03:58:45 | 000,604,192 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef_winload.exe_75835076
[2009.07.14 03:58:45 | 000,557,136 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef_winresume.efi_85cd069f
[2009.07.14 03:58:45 | 000,518,352 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef_winresume.exe_85cd1215
[2009.07.14 03:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009.07.26 19:38:16 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 03:44:20 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2009.07.14 03:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011.02.05 14:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.02.05 14:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2011.02.05 18:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 14:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 03:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll

< *minodlogin* /s >
[2010.09.15 03:33:58 | 000,125,952 | ---- | M] () -- \Program Files (x86)\ESET\MiNODLogin\MiNODLogin.exe
[2010.09.15 03:34:10 | 000,151,354 | ---- | M] () -- \Program Files (x86)\ESET\MiNODLogin\MiNODLogin.jar
[2010.09.15 03:34:02 | 000,053,248 | ---- | M] () -- \Program Files (x86)\ESET\MiNODLogin\MiNODLoginLib.dll
[2013.12.31 00:14:35 | 000,038,876 | ---- | M] () -- \Windows\Prefetch\MINODLOGIN 3.9.3.2.EXE-B6972A7C.pf
[2013.12.31 00:16:01 | 000,149,128 | ---- | M] () -- \Windows\Prefetch\MINODLOGIN.EXE-CA099E52.pf
[2013.12.31 00:17:10 | 000,022,872 | ---- | M] () -- \Windows\Prefetch\MINODLOGINUNINST.EXE-68D8C37F.pf
Nahoru
zdenek_s
Návštěvník
Návštěvník
Příspěvky: 47
Registrován: 30 pro 2013 23:16

Re: Preventivní kontrola

#4 Příspěvek od zdenek_s »

< *tnod* /s >
[2013.12.31 00:16:54 | 000,030,970 | ---- | M] () -- \Windows\Prefetch\TNODUP SETUP.EXE-2DF4684F.pf
[2013.12.31 00:18:31 | 000,038,104 | ---- | M] () -- \Windows\Prefetch\TNODUP.EXE-CBACA704.pf

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2009.06.10 22:13:54 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2009.07.26 19:39:39 | 000,090,112 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2009.06.10 21:30:43 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2009.07.26 19:39:39 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2009.07.26 19:39:28 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2009.07.26 19:39:39 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2009.06.10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2009.07.14 05:56:20 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\39e53f507d9cbc5c10a2f47c4b0d09dd\System.Runtime.Serialization.ni.dll
[2009.07.14 05:55:32 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\d57d865568209a71d63739fa448ed6df\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2009.07.14 05:59:40 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\12aaff696a0c54773664b4c5407deaa2\System.Runtime.Serialization.ni.dll
[2009.07.14 05:57:59 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\d0c6d3aadce1e38bbcb06905e132a503\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.12.31 00:53:05 | 000,310,272 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\d0ff3383438d688a0118d0fa19ed1dc4\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.12.31 00:53:18 | 002,625,024 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\e9f8a45b1063d6c6a62718c88a5623d1\System.Runtime.Serialization.ni.dll
[2013.12.31 00:43:27 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.12.31 00:41:37 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.12.31 00:43:27 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2013.12.31 00:41:36 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2009.07.26 19:39:30 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 22:14:06 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2010.06.15 02:33:16 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 02:33:16 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.06.10 21:40:06 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2009.07.26 19:39:27 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2009.06.10 21:30:46 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2010.06.15 02:48:20 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 02:48:20 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2012.10.06 21:21:19 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\8547cc4e6ec292f00de0f5c6bc2efe16\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.17136_ar-sa_da88077b472a2e15.manifest
[2012.10.06 21:23:12 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\8547cc4e6ec292f00de0f5c6bc2efe16\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.17136_da-dk_624b45bba15a625c.manifest
[2012.10.06 18:58:29 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\8547cc4e6ec292f00de0f5c6bc2efe16\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.17136_de-de_6290266ba1262012.manifest
[2012.10.06 21:26:12 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\8547cc4e6ec292f00de0f5c6bc2efe16\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.17136_el-gr_8f75741bbf791474.manifest
[2012.10.06 21:21:09 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\8547cc4e6ec292f00de0f5c6bc2efe16\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.17136_es-es_8f71a269bf7ae778.manifest
[2012.10.06 21:25:26 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\8547cc4e6ec292f00de0f5c6bc2efe16\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.17136_fi-fi_bd3e9597dd22b01e.manifest
[2012.10.06 19:22:01 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\8547cc4e6ec292f00de0f5c6bc2efe16\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.17136_fr-fr_bce648e5dd638fa6.manifest
[2012.10.06 21:29:10 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\8547cc4e6ec292f00de0f5c6bc2efe16\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.17136_he-il_17efd446191e56a8.manifest
[2012.10.06 21:45:43 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\8547cc4e6ec292f00de0f5c6bc2efe16\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.17136_hu-hu_179e87b41958ea6a.manifest
[2012.10.06 21:43:45 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\8547cc4e6ec292f00de0f5c6bc2efe16\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.17136_it-it_45132e3037419298.manifest
[2012.10.06 20:09:21 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\8547cc4e6ec292f00de0f5c6bc2efe16\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.17136_ja-jp_72963f3c55221ed5.manifest
[2012.10.06 20:08:31 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\8547cc4e6ec292f00de0f5c6bc2efe16\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.17136_ko-kr_9ff97a4a731596ef.manifest
[2012.10.06 21:26:16 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\8547cc4e6ec292f00de0f5c6bc2efe16\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.17136_nb-no_284d6adaccd89213.manifest
[2012.10.06 21:40:36 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\8547cc4e6ec292f00de0f5c6bc2efe16\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.17136_nl-nl_2877dd82ccb73ba6.manifest
[2012.10.06 21:46:10 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\8547cc4e6ec292f00de0f5c6bc2efe16\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.17136_pl-pl_834d8b370896f692.manifest
[2012.10.06 21:24:57 | 000,001,635 | ---- | M] () -- \Windows\SoftwareDistribution\Download\8547cc4e6ec292f00de0f5c6bc2efe16\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.17136_pt-br_8314936b08c090ce.manifest
[2012.10.06 21:40:29 | 000,001,632 | ---- | M] () -- \Windows\SoftwareDistribution\Download\8547cc4e6ec292f00de0f5c6bc2efe16\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.17136_pt-pt_82ff0e2708d0a0d2.manifest
[2012.10.06 21:34:25 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\8547cc4e6ec292f00de0f5c6bc2efe16\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.17136_ru-ru_ddcaec3944b79106.manifest
[2012.10.06 21:49:44 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\8547cc4e6ec292f00de0f5c6bc2efe16\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.17136_sv-se_0be3c21d6224c8c3.manifest
[2012.10.06 21:49:51 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\8547cc4e6ec292f00de0f5c6bc2efe16\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.17136_tr-tr_38be08d38081ac1a.manifest
[2012.10.06 20:22:18 | 000,001,638 | ---- | M] () -- \Windows\SoftwareDistribution\Download\8547cc4e6ec292f00de0f5c6bc2efe16\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.17136_zh-cn_496023123409b133.manifest
[2012.10.06 20:08:05 | 000,001,638 | ---- | M] () -- \Windows\SoftwareDistribution\Download\8547cc4e6ec292f00de0f5c6bc2efe16\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.17136_zh-tw_48fef40c34527c43.manifest
[2012.10.06 22:30:46 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\8547cc4e6ec292f00de0f5c6bc2efe16\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.21337_ar-sa_c3ba49cf60d1a80d.manifest
[2012.10.06 22:30:50 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\8547cc4e6ec292f00de0f5c6bc2efe16\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.21337_da-dk_4b7d880fbb01dc54.manifest
[2012.10.06 19:17:45 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\8547cc4e6ec292f00de0f5c6bc2efe16\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.21337_de-de_4bc268bfbacd9a0a.manifest
[2012.10.06 22:30:50 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\8547cc4e6ec292f00de0f5c6bc2efe16\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.21337_el-gr_78a7b66fd9208e6c.manifest
[2012.10.06 22:28:38 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\8547cc4e6ec292f00de0f5c6bc2efe16\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.21337_es-es_78a3e4bdd9226170.manifest
[2012.10.06 22:30:47 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\8547cc4e6ec292f00de0f5c6bc2efe16\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.21337_fi-fi_a670d7ebf6ca2a16.manifest
[2012.10.06 19:02:41 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\8547cc4e6ec292f00de0f5c6bc2efe16\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.21337_fr-fr_a6188b39f70b099e.manifest
[2012.10.06 22:30:53 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\8547cc4e6ec292f00de0f5c6bc2efe16\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.21337_he-il_0122169a32c5d0a0.manifest
[2012.10.06 23:17:29 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\8547cc4e6ec292f00de0f5c6bc2efe16\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.21337_hu-hu_00d0ca0833006462.manifest
[2012.10.06 23:13:25 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\8547cc4e6ec292f00de0f5c6bc2efe16\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.21337_it-it_2e45708450e90c90.manifest
[2012.10.06 20:14:51 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\8547cc4e6ec292f00de0f5c6bc2efe16\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.21337_ja-jp_5bc881906ec998cd.manifest
[2012.10.06 20:00:18 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\8547cc4e6ec292f00de0f5c6bc2efe16\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.21337_ko-kr_892bbc9e8cbd10e7.manifest
[2012.10.06 22:29:24 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\8547cc4e6ec292f00de0f5c6bc2efe16\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.21337_nb-no_117fad2ee6800c0b.manifest
[2012.10.06 23:21:44 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\8547cc4e6ec292f00de0f5c6bc2efe16\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.21337_nl-nl_11aa1fd6e65eb59e.manifest
[2012.10.06 23:08:03 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\8547cc4e6ec292f00de0f5c6bc2efe16\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.21337_pl-pl_6c7fcd8b223e708a.manifest
[2012.10.06 22:27:40 | 000,001,635 | ---- | M] () -- \Windows\SoftwareDistribution\Download\8547cc4e6ec292f00de0f5c6bc2efe16\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.21337_pt-br_6c46d5bf22680ac6.manifest
[2012.10.06 23:20:45 | 000,001,632 | ---- | M] () -- \Windows\SoftwareDistribution\Download\8547cc4e6ec292f00de0f5c6bc2efe16\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.21337_pt-pt_6c31507b22781aca.manifest
[2012.10.06 22:32:55 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\8547cc4e6ec292f00de0f5c6bc2efe16\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.21337_ru-ru_c6fd2e8d5e5f0afe.manifest
[2012.10.06 23:09:28 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\8547cc4e6ec292f00de0f5c6bc2efe16\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.21337_sv-se_f51604717bcc42bb.manifest
[2012.10.06 23:05:27 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\8547cc4e6ec292f00de0f5c6bc2efe16\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.21337_tr-tr_21f04b279a292612.manifest
[2012.10.06 20:20:02 | 000,001,638 | ---- | M] () -- \Windows\SoftwareDistribution\Download\8547cc4e6ec292f00de0f5c6bc2efe16\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.21337_zh-cn_329265664db12b2b.manifest
[2012.10.06 20:04:52 | 000,001,638 | ---- | M] () -- \Windows\SoftwareDistribution\Download\8547cc4e6ec292f00de0f5c6bc2efe16\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.21337_zh-tw_323136604df9f63b.manifest
[2 \Windows\SoftwareDistribution\Download\8547cc4e6ec292f00de0f5c6bc2efe16\*.tmp files -> \Windows\SoftwareDistribution\Download\8547cc4e6ec292f00de0f5c6bc2efe16\*.tmp -> ]
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2009.07.26 19:39:19 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 01:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009.06.10 21:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2009.07.14 03:10:04 | 000,005,120 | ---- | M] () -- \Windows\System32\en-US\serialui.dll.mui
[2009.07.26 19:36:24 | 000,005,120 | ---- | M] () -- \Windows\System32\sk-SK\serialui.dll.mui
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2009.07.26 19:39:19 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\cs-CZ\serialui.dll.mui
[2009.07.14 03:10:04 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\en-US\serialui.dll.mui
[2009.07.26 19:36:24 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\sk-SK\serialui.dll.mui
[2009.07.26 19:39:27 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_1c215c9ac50719c5\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2009.07.26 19:39:30 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23\serialui.dll.mui
[2009.07.14 03:26:50 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_en-us_edb61e94e4562781\serialui.dll.mui
[2009.07.26 19:36:23 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_d5f23af62a751552\serialui.dll.mui
[2009.07.14 02:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2009.07.26 19:39:39 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_b96904386c2fe002\System.RunTime.Serialization.Resources.dll
[2009.07.26 19:39:32 | 000,009,728 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_20ab142d65ed6acc\serial.sys.mui
[2009.07.14 03:30:28 | 000,010,240 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_en-us_64015f894ce7c72a\serial.sys.mui
[2009.07.14 01:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009.06.10 21:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.10 21:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2009.06.10 21:30:46 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.16385_none_5943b25a748cb06c\System.Runtime.Serialization.dll
[2009.06.10 21:30:43 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_941abf24c884ab05\System.Runtime.Serialization.dll
[2009.07.14 03:57:21 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2009.07.14 03:57:21 | 000,017,984 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc_kdcom.dll_db5e7744
[2009.07.26 19:40:31 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23_serialui.dll.mui_7d29d2a3
[2009.07.14 06:37:34 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_en-us_edb61e94e4562781_serialui.dll.mui_7d29d2a3
[2009.07.26 19:36:50 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_d5f23af62a751552_serialui.dll.mui_7d29d2a3
[2009.07.14 03:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2009.07.26 19:40:36 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009.07.14 06:37:35 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_en-us_919783112bf8b64b_serialui.dll.mui_7d29d2a3
[2009.07.26 19:36:48 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_79d39f727217a41c_serialui.dll.mui_7d29d2a3
[2009.07.14 03:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009.07.14 03:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2011.02.05 14:10:43 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16757_none_6dccf6b5c641c933.manifest
[2011.02.05 14:05:47 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.20897_none_6e2b53d0df7fd8c1.manifest
[2011.02.05 18:35:45 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011.02.05 14:11:05 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009.07.14 03:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2009.07.14 03:26:23 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.16385_none_5943b25a748cb06c.manifest
[2012.10.06 19:44:48 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.17136_none_593e9c4e749147df.manifest
[2012.10.06 20:00:33 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.21337_none_4270dea28e38c1d7.manifest
[2009.07.14 03:27:09 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_941abf24c884ab05.manifest
[2012.10.06 19:46:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.17136_none_9415a918c8894278.manifest
[2012.10.06 20:01:29 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.21337_none_7d47eb6ce230bc70.manifest
[2009.07.14 02:52:33 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896.manifest
[2012.10.06 19:07:20 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.17136_none_a6a4fe887487d009.manifest
[2012.10.06 19:58:54 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.21337_none_8fd740dc8e2f4a01.manifest
[2009.07.26 19:38:37 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2009.07.14 03:42:40 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_en-us_8f71d563bf7aa3c2.manifest
[2012.10.06 21:42:01 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.17136_cs-cz_3450454183d3f023.manifest
[2012.10.06 19:17:26 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.17136_en-us_8f6cbf57bf7f3b35.manifest
[2012.10.06 23:05:03 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.21337_cs-cz_1d8287959d7b6a1b.manifest
[2012.10.06 19:18:44 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.21337_en-us_789f01abd926b52d.manifest
[2009.07.14 02:51:52 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9.manifest
[2012.10.06 19:11:48 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.17136_none_d6e834229c2ed13c.manifest
[2012.10.06 20:03:01 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.21337_none_c01a7676b5d64b34.manifest
[2009.07.14 02:57:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b.manifest
[2012.10.06 19:09:38 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.17136_none_dbc2dfefdd056b7e.manifest
[2012.10.06 20:00:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.21337_none_c4f52243f6ace576.manifest
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2009.07.26 19:39:28 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 22:14:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896\System.Runtime.Serialization.dll
[2009.07.26 19:39:39 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2009.07.26 19:39:39 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.17136_cs-cz_3450454183d3f023\System.RunTime.Serialization.Resources.dll
[2009.07.26 19:39:39 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.21337_cs-cz_1d8287959d7b6a1b\System.RunTime.Serialization.Resources.dll
[2009.06.10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9\System.Runtime.Serialization.dll
[2009.07.26 19:39:30 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_267606ecf967dbc0\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.07.26 19:39:19 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 03:10:04 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_en-us_919783112bf8b64b\serialui.dll.mui
[2009.07.26 19:36:24 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_79d39f727217a41c\serialui.dll.mui
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2009.07.26 19:39:39 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_5d4a68b4b3d26ecc\System.RunTime.Serialization.Resources.dll
Nahoru
zdenek_s
Návštěvník
Návštěvník
Příspěvky: 47
Registrován: 30 pro 2013 23:16

Re: Preventivní kontrola

#5 Příspěvek od zdenek_s »

EXTRAS

OTL Extras logfile created on: 31.12.2013 12:19:20 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Zdenek\Downloads
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4,00 Gb Total Physical Memory | 2,75 Gb Available Physical Memory | 68,72% Memory free
7,99 Gb Paging File | 6,63 Gb Available in Paging File | 82,97% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 439,36 Gb Total Space | 417,60 Gb Free Space | 95,05% Space Free | Partition Type: NTFS
Drive D: | 492,06 Gb Total Space | 264,15 Gb Free Space | 53,68% Space Free | Partition Type: NTFS

Computer Name: ZDENEK-PC | User Name: Zdenek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[HKEY_USERS\S-1-5-21-3125576463-4268054155-1718322632-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04CDD362-9971-4B7B-BD96-974820B362DF}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{06566C9E-8560-42F8-A371-3F80266FE2C9}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{1BCE33DC-7405-4D32-9BB7-1E6C2CE47547}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1C4BA475-10AC-40B9-A4EB-36D00591DB7C}" = rport=138 | protocol=17 | dir=out | app=system |
"{2BBF5A39-79A1-48BE-97AB-4D8B21167C14}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2FCDFDF9-76AF-4292-8BDC-3F89FB062F24}" = lport=10243 | protocol=6 | dir=in | app=system |
"{31378CA6-31FE-4E95-B667-E81FE47F535D}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{37E13E3E-359D-4D41-864B-1E3AB0F5DF5F}" = lport=137 | protocol=17 | dir=in | app=system |
"{3DBE3BFB-2EF0-4308-BC28-3C12311E8495}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{3FAE941A-2AE9-4FEF-8381-7449619672E6}" = rport=137 | protocol=17 | dir=out | app=system |
"{43BF5748-39BA-42FB-85B3-604AB0020C18}" = lport=138 | protocol=17 | dir=in | app=system |
"{521D16E7-6472-448F-9C53-D1185E6EC5A1}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{567A6DE8-0052-4F53-8466-11F6DB772D9D}" = lport=445 | protocol=6 | dir=in | app=system |
"{68EE4A97-D536-4A16-B3FE-7AA04CEC4F3D}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{71AA43B6-B7E1-4F0B-948F-89832B4D80A3}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{750DD3B0-0EB3-41DE-9F73-F7551E6B8FAA}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{7726F272-1E65-4723-821A-41279277849B}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{86585758-2EF1-406D-9229-2DF9D85CA7C2}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{92FC3730-53AF-4516-A105-6BC3D1A1BB44}" = lport=2869 | protocol=6 | dir=in | app=system |
"{9407D074-7DE8-44EA-8E3D-2F604E25D533}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9C690F26-300A-4FD4-8A77-B108BFFBB065}" = rport=445 | protocol=6 | dir=out | app=system |
"{A076E841-3876-4903-97D1-59CBB4DBA900}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A24E54E4-2E67-463E-A0E2-C38136C182CB}" = rport=139 | protocol=6 | dir=out | app=system |
"{B114164F-784D-47B6-9E6F-05CEE27C391F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B35F9088-9AF1-4503-BFB4-10E3123108C4}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{C2860B09-9E36-487A-AC81-68DA106BDEBE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E0D26877-D3F6-46C9-BAF2-ECDCC0DD4A83}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E31BA6A2-2ED7-4AE5-A191-BB3906A5B59E}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{E40C77AB-6898-4A3E-BBE6-9F7ACEEA5F3F}" = rport=10243 | protocol=6 | dir=out | app=system |
"{EB4A6154-FDB1-4697-91D3-5055C1351682}" = lport=139 | protocol=6 | dir=in | app=system |
"{F656B16F-5B11-4550-A36A-50919CDA8FC0}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{261C6F0A-968F-48D8-ADEA-3C5283C4FC41}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{3056A60E-EF7B-4FAD-86BA-5E84EDA222BD}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{3E1CBE83-C9C5-4BED-AEC4-8EA539E33C0A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{43207C0C-5437-4FB8-B56B-DE698AB88B71}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4FA62D7C-872A-4247-8C9C-FBDE87DC2B4F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{50443B20-F3FB-4CF8-9448-69DDE34AB3FF}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{610A77CF-A6F6-4117-81FF-3EF022CBBB06}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{72198B38-1033-4CAE-8B21-BE8AD6786A7B}" = protocol=6 | dir=out | app=system |
"{74D1B9CB-423F-46D9-B6D3-00C9D6554B83}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8A569086-E653-43D6-9ABA-B09220F44496}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{95573FF7-4C94-46B1-944F-308ADC0B9A22}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{AFB0D0F6-3810-4F11-8DC8-BBC8CD4361F8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B78D6059-291A-4087-8279-134473454F75}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{C1D81B0C-52CC-4EC6-A61A-FACEEDF53B49}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{C9C6F106-C0C4-4DD2-966A-C9A39867821B}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D2B9AE98-A12D-4064-BD30-5FA65A5B516D}" = protocol=6 | dir=in | app=c:\users\zdenek\appdata\roaming\utorrent\utorrent.exe |
"{E2FF8A2A-6372-4B4A-9021-85D61D5B0D6B}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E3415EEB-97FD-4F2E-A21C-E443A1EC44B8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E4D2D264-1422-413E-A716-A31B1604F418}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{EC50E857-E319-408A-88F6-B9A293E6F100}" = protocol=17 | dir=in | app=c:\users\zdenek\appdata\roaming\utorrent\utorrent.exe |
"{F25DFB23-5BFB-42F1-AC73-A18D62DDDC2C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{A324DC11-FF02-3CE8-9D6F-67EBC006D970}" = Microsoft .NET Framework 4 Extended CSY Language Pack
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 331.82
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 331.82
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 331.82
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.8.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Ovladač řídící jednotky 3D Vision 331.82
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.13.0725
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 10.11.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamC" = GeForce Experience NvStream Client Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovladač HD audia 1.3.26.4
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 10.11.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.19
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended CSY Language Pack" = Microsoft .NET Framework 4 Extended CSY Language Pack
"WinRAR archiver" = WinRAR 4.00 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 21
"{26A24AE4-039D-4CA4-87B4-2F83217045FF}" = Java 7 Update 45
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}" = NVIDIA PhysX
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avast" = avast! Free Antivirus
"BSPlayerf" = BS.Player FREE
"Mozilla Firefox 26.0 (x86 cs)" = Mozilla Firefox 26.0 (x86 cs)
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Origin" = Origin

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3125576463-4268054155-1718322632-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 30.12.2013 19:39:13 | Computer Name = Zdenek-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: iexplore.exe, verze: 8.0.7600.16385, časové
razítko: 0x4a5bc69e Název chybujícího modulu: aswWebRepIE.dll, verze: 9.0.2011.70,
časové razítko: 0x52af2632 Kód výjimky: 0xc0000005 Posun chyby: 0x00015865 ID chybujícího
procesu: 0xac4 Čas spuštění chybující aplikace: 0x01cf05b8571ca073 Cesta k chybující
aplikaci: C:\Program Files (x86)\Internet Explorer\iexplore.exe Cesta k chybujícímu
modulu: C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll ID zprávy: 962f8a81-71ab-11e3-8465-1c6f6521333d

Error - 30.12.2013 19:46:42 | Computer Name = Zdenek-PC | Source = NvStreamSvc | ID = 131073
Description =

Error - 30.12.2013 19:46:42 | Computer Name = Zdenek-PC | Source = NvStreamSvc | ID = 131073
Description =

Error - 30.12.2013 19:50:57 | Computer Name = Zdenek-PC | Source = NvStreamSvc | ID = 131073
Description =

Error - 30.12.2013 19:50:57 | Computer Name = Zdenek-PC | Source = NvStreamSvc | ID = 131073
Description =

Error - 30.12.2013 19:53:01 | Computer Name = Zdenek-PC | Source = NvStreamSvc | ID = 131073
Description =

Error - 30.12.2013 19:53:01 | Computer Name = Zdenek-PC | Source = NvStreamSvc | ID = 131073
Description =

Error - 31.12.2013 7:16:47 | Computer Name = Zdenek-PC | Source = NvStreamSvc | ID = 131073
Description =

Error - 31.12.2013 7:16:47 | Computer Name = Zdenek-PC | Source = NvStreamSvc | ID = 131073
Description =

Error - 31.12.2013 7:28:37 | Computer Name = Zdenek-PC | Source = Windows Installer 3.1 | ID = 921877
Description =

[ System Events ]
Error - 30.12.2013 19:23:08 | Computer Name = Zdenek-PC | Source = Service Control Manager | ID = 7000
Description = Služba fyyzvhlj neuspěla při spuštění v důsledku následující chyby:
%%2


< End of report >
Nahoru
zdenek_s
Návštěvník
Návštěvník
Příspěvky: 47
Registrován: 30 pro 2013 23:16

Re: Preventivní kontrola

#6 Příspěvek od zdenek_s »

Paráda tak hned po ránu Modrá obrazovka a freeze PC :(
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Preventivní kontrola

#7 Příspěvek od Márty84 »

Ale ja v tom prsty nemam, to byl jen sken :)


:???: Jen se zeptam, jak je to s legalitou systemu? Ultimate neni zrovna bezna domaci verze :?:


:arrow: Udelejte !!!kompletni!!! kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
zdenek_s
Návštěvník
Návštěvník
Příspěvky: 47
Registrován: 30 pro 2013 23:16

Re: Preventivní kontrola

#8 Příspěvek od zdenek_s »

Bohužel Ultimate je jediný systém který jsem měl doma .. vlastním produktový klíč pouze k Windovs Home edition ( s kterým jsem Pc koupil) .. a jelikož jsem někde ztratil originální DVD vyřešil jsem to tímto způsobem
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Preventivní kontrola

#9 Příspěvek od Márty84 »

Tak si stahnete (pujcte) verzi windows, ktera tam puvodne byla, nainstalujte a pouzijte vas klic :)
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
zdenek_s
Návštěvník
Návštěvník
Příspěvky: 47
Registrován: 30 pro 2013 23:16

Re: Preventivní kontrola

#10 Příspěvek od zdenek_s »

Já totiž původně předpokládal , že natomto DVD budou všechny verze .. jenže po zformátování už bylo pozdě
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Preventivní kontrola

#11 Příspěvek od Márty84 »

To je pech, ale neni to az takovy problem.
Márty84 píše:Tak si stahnete (pujcte) verzi windows, ktera tam puvodne byla, nainstalujte a pouzijte vas klic :)
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
zdenek_s
Návštěvník
Návštěvník
Příspěvky: 47
Registrován: 30 pro 2013 23:16

Re: Preventivní kontrola

#12 Příspěvek od zdenek_s »

No dobře , jak se k tomu dostanu udělám to , přeci jenom když už ten originální software můžu mít tak proč ne .. jinak zachvíli přidám log z Malwarebytes
Nahoru
zdenek_s
Návštěvník
Návštěvník
Příspěvky: 47
Registrován: 30 pro 2013 23:16

Re: Preventivní kontrola

#13 Příspěvek od zdenek_s »

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2014.01.01.03

Windows 7 x64 NTFS
Internet Explorer 8.0.7600.16385
Zdenek :: ZDENEK-PC [administrátor]

Ochrana: Povolena

1.1.2014 14:21:41
MBAM-log-2014-01-01 (14-47-58).txt

Typ: Kompletní kontrola (C:\|D:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 358046
Uplynulý čas: 25 minut, 54 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 10
C:\Program Files (x86)\ESET\MiNODLogin\MiNODLogin.exe (Riskware.KG) -> Nebyla provedena žádná instrukce.
C:\Users\Zdenek\AppData\Local\Temp\nsn429F.tmp\DTLite.exe (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\Users\Zdenek\Downloads\DTLite-setup.exe (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\Windows\AutoKMS\AutoKMS.exe (Trojan.AutoKMS) -> Nebyla provedena žádná instrukce.
D:\EXSYSTEM\32bit\amtlib.dll (PUP.RiskwareTool.CK) -> Nebyla provedena žádná instrukce.
D:\EXSYSTEM\64bit\amtlib.dll (PUP.RiskwareTool.CK) -> Nebyla provedena žádná instrukce.
D:\EXSYSTEM\Adobe photoshop CS6 13.0 [Extended x86+x64] (2012) PC\Photoshop\Patch\Crack\x64\amtlib.dll (PUP.RiskwareTool.CK) -> Nebyla provedena žádná instrukce.
D:\EXSYSTEM\Adobe photoshop CS6 13.0 [Extended x86+x64] (2012) PC\Photoshop\Patch\Crack\x86\amtlib.dll (PUP.RiskwareTool.CK) -> Nebyla provedena žádná instrukce.
D:\EXSYSTEM\ESET NOD32 Antivirus 4 v4.2.64.12 100 Works Licence 32bit a 64bit CZ\TNODUP a MiNODLogin + Hotfix\MiNODLogin 3.9.3.2\MiNODLogin 3.9.3.2.exe (Riskware.KG) -> Nebyla provedena žádná instrukce.
D:\EXSYSTEM\ESET NOD32 Antivirus 4 v4.2.64.12 100 Works Licence 32bit a 64bit CZ\TNODUP a MiNODLogin + Hotfix\TNODUP\TNODUP Setup.exe (Trojan.Agent.CK) -> Nebyla provedena žádná instrukce.

(konec)
Nahoru
zdenek_s
Návštěvník
Návštěvník
Příspěvky: 47
Registrován: 30 pro 2013 23:16

Re: Preventivní kontrola

#14 Příspěvek od zdenek_s »

Z toho co vídím to našlo jen jako škodlivé různe cracky k programům , zato se velice omlouvám .. všechno to smažu ?
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Preventivní kontrola

#15 Příspěvek od Márty84 »

To jsme si asi neporozumeli :)

Dokud tam bude ten nelegalni OS, nemuzu pokracovat. A ty cracky na antivir a office (i ty dalsi) tomu taky zrovna nepomuzou.


Pravidla fora hovori jasne http://forum.viry.cz/viewtopic.php?f=12&t=115512
Pomáhat NELZE:
2) Pokud stroj uživatele prokazatelně obsahuje nelegální hostitelský čí ochranný software
(operační systém, antivir, firewall, atd.), je nutné navést uživatele k nápravě, např. skrze neplacený software,
a začít řešit, až v době kdy je PC "v pořádku". V případě že uživatel nechce na pravidla přistoupit,
je nutné jej vyzvat ať fórum opustí, a vrátí se až je splní.
:42:
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Zamčeno

Zpět na „Preventivní kontroly logů“