Prosím o kontrolu logu RSITx64

Zpráva

JiriHrabcuk · #16 Příspěvek od **JiriHrabcuk** » 20 led 2014 19:08

RogueKiller V8.8.2 [Jan 17 2014] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 8.1 (6.3.9200 ) 64 bits version
Spuštěno v : Normální režim
Uživatel : Jiri [Práva správce]
Mód : Odebrat -- Datum : 01/20/2014 19:05:40
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 6 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : SUPERAntiSpyware (C:\Users\Jiri\Desktop\SUPERAntiSpyware Pro v5.6.1020 portable\SUPERAntiSpyware Pro v5.6.1020 portable\SUPERAntiSpywarePortable\App\SUPERAntiSpyware\SUPERAntiSpyware.exe [7]) -> VYMAZÁNO
[RUN][SUSP PATH] HKUS\S-1-5-21-3537464858-1279074522-603390182-1001\[...]\Run : SUPERAntiSpyware (C:\Users\Jiri\Desktop\SUPERAntiSpyware Pro v5.6.1020 portable\SUPERAntiSpyware Pro v5.6.1020 portable\SUPERAntiSpywarePortable\App\SUPERAntiSpyware\SUPERAntiSpyware.exe [7]) -> [0x2] Systém nemůže nalézt uvedený soubor.
[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> [0x2] Systém nemůže nalézt uvedený soubor.
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)

¤¤¤ naplánované úlohy : 4 ¤¤¤
[V1][SUSP PATH] SUPERAntiSpyware Scheduled Task 14743812-0433-48cf-9bdc-4ab10ea55497.job : C:\Users\Jiri\Desktop\SUPERAntiSpyware Pro v5.6.1020 portable\SUPERAntiSpyware Pro v5.6.1020 portable\SUPERAntiSpywarePortable\App\SUPERAntiSpyware\SASTask.exe - "C:\Users\Jiri\Desktop\SUPERAntiSpyware Pro v5.6.1020 portable\SUPERAntiSpyware Pro v5.6.1020 portable\SUPERAntiSpywarePortable\App\SUPERAntiSpyware\SUPERAntiSpyware.exe" /TASK:14743812-0433-48cf-9bdc-4ab10ea55497 [7][7] -> VYMAZÁNO
[V2][SUSP PATH] Microsoft System Certificates : C:\Users\Jiri\AppData\Roaming\Microsoft\SystemCertificates\My\Updater\updater.exe [-] -> VYMAZÁNO
[V2][SUSP PATH] Run RoboForm Process : C:\Users\Jiri\AppData\Local\Temp\RoboForm\RoboTaskBarIcon.exe [x] -> VYMAZÁNO
[V2][SUSP PATH] SUPERAntiSpyware Scheduled Task 14743812-0433-48cf-9bdc-4ab10ea55497 : C:\Users\Jiri\Desktop\SUPERAntiSpyware Pro v5.6.1020 portable\SUPERAntiSpyware Pro v5.6.1020 portable\SUPERAntiSpywarePortable\App\SUPERAntiSpyware\SASTask.exe - "C:\Users\Jiri\Desktop\SUPERAntiSpyware Pro v5.6.1020 portable\SUPERAntiSpyware Pro v5.6.1020 portable\SUPERAntiSpywarePortable\App\SUPERAntiSpyware\SUPERAntiSpyware.exe" /TASK:14743812-0433-48cf-9bdc-4ab10ea55497 [7][7] -> VYMAZÁNO

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1 localhost
127.0.0.1 license.superantispyware.com

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) Hitachi HDS723020BLA642 +++++
--- User ---
[MBR] 55089f38d46c24124dae7d5e8b763d4d
[BSP] 7ee1003c3f235d0f06c419c471b4b36c : Empty MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1 | Size: 2097151 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ IDE) SanDisk SDSA5GK-016G-1006 +++++
--- User ---
[MBR] b86e42bf662f067a95d88dcd18cb5083
[BSP] 8b6df3f8fb32e08401b61515d06c0bff : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 2048 | Size: 15270 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_D_01202014_190540.txt >>
RKreport[0]_S_01202014_183254.txt;RKreport[0]_S_01202014_190531.txt

-----------------------------------------

Mockrát děkuji, po restartu PC, to vypadá, že je vše OK !Odborné posouzení nechám na Vás.

RogueKiller V8.8.2 [Jan 17 2014] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 8.1 (6.3.9200 ) 64 bits version
Spuštěno v : Normální režim
Uživatel : Jiri [Práva správce]
Mód : Kontrola -- Datum : 01/20/2014 19:44:21
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1 localhost
127.0.0.1 license.superantispyware.com

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) Hitachi HDS723020BLA642 +++++
--- User ---
[MBR] 55089f38d46c24124dae7d5e8b763d4d
[BSP] 7ee1003c3f235d0f06c419c471b4b36c : Empty MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1 | Size: 2097151 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ IDE) SanDisk SDSA5GK-016G-1006 +++++
--- User ---
[MBR] b86e42bf662f067a95d88dcd18cb5083
[BSP] 8b6df3f8fb32e08401b61515d06c0bff : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 2048 | Size: 15270 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_01202014_194421.txt >>
RKreport[0]_D_01202014_190540.txt;RKreport[0]_S_01202014_183254.txt;RKreport[0]_S_01202014_190531.txt

#17 Příspěvek od **Márty84** » 21 led 2014 04:33

Zkuste znovu MBAM a MBAR

Jestli neco najdou, udelejte ten test s AVPTool

Pokud nic nenajdou, pokracujte ADWCleanerem.

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a program zacne pracovat.
Az skonci, vyplivne na vas log (pokud ne, najdete ho zde C:\AdwCleaner\AdwCleaner[R?].txt ), ten mi sem zkopirujte.

JiriHrabcuk · #18 Příspěvek od **JiriHrabcuk** » 21 led 2014 13:14

AVPTool neje spustit,zobrazí se chybová hláška s následným restartem. 2 pokus v nouzovém režimu se zdařil !

# AdwCleaner v3.017 - Report created 21/01/2014 at 08:10:52
# Updated 12/01/2014 by Xplode
# Operating System : Windows 8.1 (64 bits)
# Username : Jiri - ALIEN8
# Running from : C:\Users\Jiri\Desktop\adwcleaner.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

File Found : C:\Users\Jiri\AppData\Roaming\Mozilla\Firefox\Profiles\d6a99gex.default\searchplugins\ask-web-search.xml
File Found : C:\WINDOWS\System32\roboot64.exe
File Found : C:\WINDOWS\System32\Tasks\AmiUpdXp
Folder Found C:\Program Files (x86)\MyPC Backup
Folder Found C:\ProgramData\Babylon
Folder Found C:\Users\Jiri\AppData\Local\iac
Folder Found C:\Users\Jiri\AppData\Local\SwvUpdater
Folder Found C:\Users\Jiri\AppData\LocalLow\Inbox Toolbar
Folder Found C:\Users\Jiri\AppData\LocalLow\SiteRanker
Folder Found C:\Users\Jiri\AppData\Roaming\Mozilla\Firefox\Profiles\d6a99gex.default\VideoDownloadConverter_4z

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKCU\Software\BI
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}
Key Found : [x64] HKCU\Software\BI
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}
Key Found : HKLM\Software\Babylon
Key Found : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1663C10B-0D55-438D-8496-19A3DBAEC0E4}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A43DE495-3D00-47D4-9D2C-303115707939}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\inbox
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\Software\DataMngr
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dedmngkbaffkenlfdcbganndoghblmap
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\poheodfamflhhhdcmjfeggbgigeefaco
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B6}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2D6F0AC3-0C2E-4E07-8FDA-11268AB51211}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{612AD33D-9824-4E87-8396-92374E91C4BB}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}
Key Found : HKLM\SOFTWARE\MozillaPlugins\@VideoDownloadConverter_ScriptHelper.com/Plugin
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B6}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{612AD33D-9824-4E87-8396-92374E91C4BB}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Found : [x64] HKLM\SOFTWARE\Speedchecker Limited
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [12x3q@3244516.com]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [xz123@ya456.com]
Value Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}]

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16384

-\\ Mozilla Firefox v26.0 (cs)

[ File : C:\Users\Jiri\AppData\Roaming\Mozilla\Firefox\Profiles\d6a99gex.default\prefs.js ]

Line Found : user_pref("browser.newtab.url", "hxxp://search.babylon.com/?babsrc=NT_ss&mntrId=00454C72B9DA4D39&affID=124684&tsp=5017");
Line Found : user_pref("extensions.mywebsearch.prevKwdEnabled", true);
Line Found : user_pref("extensions.toolbar.mindspark._4zMembers_.browser.search.defaultenginename.prev", "Ulož.to");
Line Found : user_pref("extensions.toolbar.mindspark._4zMembers_.browser.search.defaultenginename.savedPrev", "true");
Line Found : user_pref("extensions.toolbar.mindspark._4zMembers_.browser.search.defaultenginename.tb", "Ask Web Search");
Line Found : user_pref("extensions.toolbar.mindspark._4zMembers_.browser.search.selectedEngine.prev", "Ulož.to");
Line Found : user_pref("extensions.toolbar.mindspark._4zMembers_.browser.search.selectedEngine.savedPrev", "true");
Line Found : user_pref("extensions.toolbar.mindspark._4zMembers_.browser.search.selectedEngine.tb", "Ask Web Search");
Line Found : user_pref("extensions.toolbar.mindspark._4zMembers_.lastActivePing", "1389909020450");
Line Found : user_pref("extensions.toolbar.mindspark._4zMembers_.options.keywordEnabled", true);
Line Found : user_pref("extensions.toolbar.mindspark._4zMembers_.options.tabEnabled", true);
Line Found : user_pref("extensions.toolbar.mindspark._4zMembers_.toolbarCollapsed", true);
Line Found : user_pref("extensions.toolbar.mindspark._4zMembers_.weather.location", "10001");
Line Found : user_pref("extensions.toolbar.mindspark.hp.enabled", false);
Line Found : user_pref("extensions.toolbar.mindspark.hp.enabled.guid", "");
Line Found : user_pref("extensions.toolbar.mindspark.lastInstalled", "videodownloadconverter@mindspark.com");
Line Found : user_pref("keyword.URL", "hxxp://search.tb.ask.com/search/GGmain.jhtml?st=kwd&ptb=CE6C00A3-7AC4-4A30-A668-F12B7E822A23&n=780b60d9&ind=2014011609&p2=^HJ^xdm007^S07867^cz&si=CLXbk-bKg7wCFUVf3godiyQALQ&s[...]

-\\ Google Chrome v32.0.1700.76

[ File : C:\Users\Jiri\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [7300 octets] - [21/01/2014 08:10:52]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [7360 octets] ##########

#19 Příspěvek od **Márty84** » 21 led 2014 18:52

No ale nenapsal jste, jestli neco nasli

Znovu ukoncete vsechny programy a spustte AdwCleaner jako spravce.
Tentokrat kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne dalsi log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zase zkopirujte.

JiriHrabcuk · #20 Příspěvek od **JiriHrabcuk** » 21 led 2014 19:31

Omlouvám se, v mbam 1 nález / mbar 0 nález / AVPTool 0 nález

# AdwCleaner v3.017 - Report created 21/01/2014 at 19:18:25
# Updated 12/01/2014 by Xplode
# Operating System : Windows 8.1 (64 bits)
# Username : Jiri - ALIEN8
# Running from : C:\Users\Jiri\Desktop\Nová složka (2)\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Users\Jiri\AppData\Local\iac
Folder Deleted : C:\Users\Jiri\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\Jiri\AppData\LocalLow\Inbox Toolbar
Folder Deleted : C:\Users\Jiri\AppData\LocalLow\SiteRanker
Folder Deleted : C:\Users\Jiri\AppData\Roaming\Mozilla\Firefox\Profiles\d6a99gex.default\VideoDownloadConverter_4z
File Deleted : C:\WINDOWS\System32\roboot64.exe
File Deleted : C:\Users\Jiri\AppData\Roaming\Mozilla\Firefox\Profiles\d6a99gex.default\searchplugins\ask-web-search.xml
File Deleted : C:\WINDOWS\System32\Tasks\AmiUpdXp

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [12x3q@3244516.com]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [xz123@ya456.com]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dedmngkbaffkenlfdcbganndoghblmap
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\poheodfamflhhhdcmjfeggbgigeefaco
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\inbox
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@VideoDownloadConverter_ScriptHelper.com/Plugin
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1663C10B-0D55-438D-8496-19A3DBAEC0E4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A43DE495-3D00-47D4-9D2C-303115707939}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2D6F0AC3-0C2E-4E07-8FDA-11268AB51211}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{612AD33D-9824-4E87-8396-92374E91C4BB}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}]
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B6}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{612AD33D-9824-4E87-8396-92374E91C4BB}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKCU\Software\BI
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\DataMngr
Key Deleted : [x64] HKLM\SOFTWARE\Speedchecker Limited

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16384

-\\ Mozilla Firefox v26.0 (cs)

[ File : C:\Users\Jiri\AppData\Roaming\Mozilla\Firefox\Profiles\d6a99gex.default\prefs.js ]

Line Deleted : user_pref("browser.newtab.url", "hxxp://search.babylon.com/?babsrc=NT_ss&mntrId=00454C72B9DA4D39&affID=124684&tsp=5017");
Line Deleted : user_pref("extensions.mywebsearch.prevKwdEnabled", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.browser.search.defaultenginename.prev", "Ulož.to");
Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.browser.search.defaultenginename.savedPrev", "true");
Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.browser.search.defaultenginename.tb", "Ask Web Search");
Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.browser.search.selectedEngine.prev", "Ulož.to");
Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.browser.search.selectedEngine.savedPrev", "true");
Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.browser.search.selectedEngine.tb", "Ask Web Search");
Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.lastActivePing", "1389909020450");
Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.options.keywordEnabled", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.options.tabEnabled", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.toolbarCollapsed", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.weather.location", "10001");
Line Deleted : user_pref("extensions.toolbar.mindspark.hp.enabled", false);
Line Deleted : user_pref("extensions.toolbar.mindspark.hp.enabled.guid", "");
Line Deleted : user_pref("extensions.toolbar.mindspark.lastInstalled", "videodownloadconverter@mindspark.com");
Line Deleted : user_pref("keyword.URL", "hxxp://search.tb.ask.com/search/GGmain.jhtml?st=kwd&ptb=CE6C00A3-7AC4-4A30-A668-F12B7E822A23&n=780b60d9&ind=2014011609&p2=^HJ^xdm007^S07867^cz&si=CLXbk-bKg7wCFUVf3godiyQALQ&s[...]

-\\ Google Chrome v32.0.1700.76

[ File : C:\Users\Jiri\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [7500 octets] - [21/01/2014 08:10:52]
AdwCleaner[R1].txt - [7576 octets] - [21/01/2014 19:17:52]
AdwCleaner[S0].txt - [7341 octets] - [21/01/2014 19:18:25]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7401 octets] ##########

#21 Příspěvek od **Márty84** » 21 led 2014 20:23

JiriHrabcuk píše:v mbam 1 nález

Zase ten co predtim?

Dejte novy log z RSIT

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

JiriHrabcuk · #22 Příspěvek od **JiriHrabcuk** » 21 led 2014 21:17

RSIT: Nejde spustit, hází mi to tuto chybu: http://img24.eu/v-ekcha5p7.jpg

--------------------------

OTL logfile created on: 21. 1. 2014 22:41:18 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jiri\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16476)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d. M. yyyy

7,94 Gb Total Physical Memory | 5,37 Gb Available Physical Memory | 67,68% Memory free
8,33 Gb Paging File | 5,88 Gb Available in Paging File | 70,62% Paging File free
Paging file location(s): c:\pagefile.sys 400 4096 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 925,27 Gb Total Space | 449,08 Gb Free Space | 48,53% Space Free | Partition Type: NTFS
Drive D: | 11,42 Gb Total Space | 11,28 Gb Free Space | 98,77% Space Free | Partition Type: NTFS
Drive J: | 463,78 Gb Total Space | 258,45 Gb Free Space | 55,73% Space Free | Partition Type: NTFS
Drive K: | 235,76 Gb Total Space | 113,57 Gb Free Space | 48,17% Space Free | Partition Type: NTFS
Drive L: | 224,97 Gb Total Space | 152,46 Gb Free Space | 67,77% Space Free | Partition Type: NTFS

Computer Name: ALIEN8 | User Name: Jiri | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/01/21 20:43:09 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jiri\Desktop\OTL.exe
PRC - [2013/08/29 17:27:28 | 000,414,496 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013/01/22 04:33:02 | 000,294,664 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
PRC - [2013/01/22 04:33:00 | 000,077,576 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
PRC - [2013/01/22 04:32:59 | 000,089,864 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
PRC - [2012/07/18 09:51:00 | 000,364,416 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012/07/18 09:50:08 | 000,276,864 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012/07/18 09:46:54 | 000,128,896 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
PRC - [2012/07/18 09:45:15 | 000,165,760 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe

========== Modules (No Company Name) ==========

========== Services (SafeList) ==========

SRV:64bit: - [2013/11/27 16:36:30 | 003,395,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2013/11/08 04:41:17 | 001,302,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2013/10/22 02:53:47 | 001,584,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2013/10/19 06:37:49 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/10/17 19:53:19 | 000,076,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\inetsrv\w3logsvc.dll -- (w3logsvc)
SRV:64bit: - [2013/10/04 09:10:59 | 000,533,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2013/09/30 05:06:52 | 001,555,456 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013/09/30 05:06:52 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2013/09/30 05:06:52 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2013/09/30 05:06:51 | 000,261,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2013/08/22 13:32:01 | 000,346,872 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2013/08/22 13:32:00 | 000,023,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2013/08/22 13:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2013/08/22 12:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2013/08/22 12:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2013/08/22 12:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2013/08/22 12:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2013/08/22 12:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2013/08/22 11:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2013/08/22 11:04:53 | 000,716,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2013/08/22 11:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2013/08/22 10:59:26 | 000,832,512 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2013/08/22 10:58:42 | 000,280,576 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013/08/22 10:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2013/08/22 10:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2013/08/22 10:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/08/22 10:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/08/22 10:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2013/08/22 10:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2013/08/22 10:40:14 | 000,398,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2013/08/22 10:39:33 | 000,198,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2013/08/22 10:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/08/22 10:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2012/09/19 10:12:18 | 000,321,536 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2012/09/11 23:14:40 | 000,390,672 | ---- | M] () [Auto | Running] -- C:\Program Files\CyberLink\Shared files\RichVideo64.exe -- (RichVideo64)
SRV:64bit: - [2012/04/20 15:16:12 | 000,635,104 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- c:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV:64bit: - [2012/03/30 13:54:10 | 000,079,664 | ---- | M] (Diskeeper Corporation) [Auto | Running] -- C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe -- (ExpressCache)
SRV - [2014/01/21 19:22:07 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/12/20 10:24:29 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/10/17 19:53:20 | 000,475,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2013/10/17 19:53:19 | 000,066,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\inetsrv\w3logsvc.dll -- (w3logsvc)
SRV - [2013/10/17 19:53:19 | 000,062,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2013/09/30 05:06:51 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2013/09/05 10:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/08/29 17:27:28 | 000,414,496 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013/08/22 13:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2013/08/22 04:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013/08/22 03:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2013/01/22 04:33:02 | 000,294,664 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe -- (CyberLink PowerDVD 12 Media Server Service)
SRV - [2013/01/22 04:33:00 | 000,077,576 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe -- (CyberLink PowerDVD 12 Media Server Monitor Service)
SRV - [2013/01/22 04:32:59 | 000,089,864 | ---- | M] (CyberLink Corp.) [Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe -- (CLHNServiceForPowerDVD12)
SRV - [2012/08/15 14:29:52 | 000,085,504 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2012/07/18 09:51:00 | 000,364,416 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/07/18 09:50:08 | 000,276,864 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/07/18 09:46:54 | 000,128,896 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe -- (Intel(R)
SRV - [2012/07/18 09:45:15 | 000,165,760 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2014/01/21 07:36:56 | 000,460,888 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\69027342.sys -- (69027342)
DRV:64bit: - [2013/11/11 03:48:41 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2013/11/09 12:55:11 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2013/11/01 12:39:53 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013/10/31 01:58:59 | 000,372,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2013/10/26 02:54:32 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2013/10/13 03:48:34 | 000,136,536 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2013/10/05 16:25:54 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2013/09/30 05:06:51 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2013/09/30 05:06:50 | 000,467,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2013/09/30 05:06:50 | 000,236,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2013/09/30 04:58:15 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2013/09/30 04:58:11 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2013/09/05 01:46:46 | 000,196,384 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2013/08/22 14:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013/08/22 14:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013/08/22 13:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2013/08/22 13:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013/08/22 13:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/08/22 13:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013/08/22 13:43:48 | 000,146,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2013/08/22 13:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013/08/22 13:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013/08/22 13:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013/08/22 13:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013/08/22 13:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013/08/22 13:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013/08/22 13:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013/08/22 13:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013/08/22 13:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013/08/22 13:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013/08/22 13:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013/08/22 13:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013/08/22 13:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013/08/22 13:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013/08/22 13:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013/08/22 13:43:33 | 000,189,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2013/08/22 13:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013/08/22 13:43:32 | 000,078,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2013/08/22 13:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013/08/22 13:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/08/22 13:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013/08/22 13:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013/08/22 13:41:08 | 000,054,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2013/08/22 13:39:44 | 000,377,696 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2013/08/22 13:39:15 | 000,924,512 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2013/08/22 13:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013/08/22 13:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2013/08/22 13:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013/08/22 13:34:22 | 000,265,056 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2013/08/22 13:34:22 | 000,124,256 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2013/08/22 13:31:28 | 000,034,760 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2013/08/22 12:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2013/08/22 12:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013/08/22 12:39:28 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2013/08/22 12:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013/08/22 12:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013/08/22 12:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013/08/22 12:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013/08/22 12:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/08/22 12:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013/08/22 12:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013/08/22 12:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013/08/22 12:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013/08/22 12:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013/08/22 12:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013/08/22 12:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2013/08/22 12:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/08/22 12:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013/08/22 12:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013/08/22 12:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2013/08/22 12:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013/08/22 12:36:17 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2013/08/22 12:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2013/08/22 12:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2013/08/22 09:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013/08/13 00:25:46 | 000,017,624 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013/08/10 01:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013/07/30 19:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013/07/25 20:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2013/06/18 15:44:59 | 000,129,224 | ---- | M] (Qualcomm Atheros Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C63x64.sys -- (L1C)
DRV:64bit: - [2013/03/25 10:46:36 | 000,031,080 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VirtualAudio.sys -- (WsAudio_Device)
DRV:64bit: - [2013/03/07 00:33:21 | 001,025,808 | ---- | M] (AVAST Software) [File_System | System | Stopped] -- C:\WINDOWS\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2013/03/07 00:33:21 | 000,377,920 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2013/03/07 00:33:21 | 000,178,624 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013/03/07 00:33:21 | 000,070,992 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013/03/07 00:33:21 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013/03/07 00:33:20 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2013/03/07 00:33:20 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012/09/19 10:14:51 | 000,540,160 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2012/09/19 05:30:08 | 000,647,736 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2012/07/18 09:46:20 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012/06/25 11:24:50 | 000,092,536 | ---- | M] (CyberLink) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\CLVirtualDrive.sys -- (CLVirtualDrive)
DRV:64bit: - [2012/03/30 13:54:16 | 000,095,024 | ---- | M] (Diskeeper Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\excsd.sys -- (excsd)
DRV:64bit: - [2012/03/30 13:54:16 | 000,023,344 | ---- | M] (Diskeeper Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\excfs.sys -- (excfs)
DRV:64bit: - [2011/11/03 03:01:00 | 000,056,208 | ---- | M] (Rovi Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/12/30 10:21:26 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt)
DRV - [2014/01/21 22:33:27 | 000,046,768 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5C478B68-C25F-4FFB-9036-322B158BB625}\MpKsla3a5e9ed.sys -- (MpKsla3a5e9ed)
DRV - [2013/01/22 11:36:54 | 000,130,320 | ---- | M] (CyberLink Corp.) [2013/03/18 13:11:22] [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl -- ({73526619-C24F-470B-9BED-53D455FBB5C6})
DRV - [2012/09/10 10:44:43 | 000,083,704 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys -- (ntk_PowerDVD12)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=HPDTDFJS
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... c=HPDTDFJS
IE:64bit: - HKLM\..\SearchScopes\{686C470E-C84E-4A5B-B2CD-5022B1FCAF48}: "URL" = http://www.amazon.co.uk/s/ref=azs_osd_i ... earchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{686C470E-C84E-4A5B-B2CD-5022B1FCAF48}: "URL" = http://www.amazon.co.uk/s/ref=azs_osd_i ... earchTerms}

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-3537464858-1279074522-603390182-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.downha.com/vb/members/downha1398/
IE - HKU\S-1-5-21-3537464858-1279074522-603390182-1001\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3537464858-1279074522-603390182-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... c=HPDTDFJS
IE - HKU\S-1-5-21-3537464858-1279074522-603390182-1001\..\SearchScopes\{686C470E-C84E-4A5B-B2CD-5022B1FCAF48}: "URL" = http://www.amazon.co.uk/s/ref=azs_osd_i ... earchTerms}
IE - HKU\S-1-5-21-3537464858-1279074522-603390182-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Ulož.to"
FF - prefs.js..browser.search.selectedEngine: "Ulož.to"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.14
FF - prefs.js..extensions.enabledAddons: %7B8D150B8F-EFE8-45a3-A4A3-053020F48FAC%7D:6.0.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{CF13FA66-1F4F-426d-BB1B-E07A13BFF2C8}: C:\Program Files (x86)\Aimersoft\Video Converter Ultimate\SVRFirefoxExt\ [2013/12/22 20:21:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{845257EF-A892-484e-8EB0-47F563D75939}: C:\Program Files (x86)\iSkysoft\Video Converter Ultimate\SVRFirefoxExt\ [2013/12/29 11:18:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\siteranker@siteranker.com: C:\Program Files (x86)\SiteRanker\firefox\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{8D150B8F-EFE8-45a3-A4A3-053020F48FAC}: C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRFirefoxExt\ [2014/01/17 14:36:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{CF13FA66-1F4F-426d-BB1B-E07A13BFF2C8}: C:\Program Files (x86)\Aimersoft\Video Converter Ultimate\SVRFirefoxExt\ [2013/12/22 20:21:50 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{845257EF-A892-484e-8EB0-47F563D75939}: C:\Program Files (x86)\iSkysoft\Video Converter Ultimate\SVRFirefoxExt\ [2013/12/29 11:18:50 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{8D150B8F-EFE8-45a3-A4A3-053020F48FAC}: C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRFirefoxExt\ [2014/01/17 14:36:08 | 000,000,000 | ---D | M]

[2013/09/11 18:15:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jiri\AppData\Roaming\mozilla\Extensions
[2014/01/17 14:36:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jiri\AppData\Roaming\mozilla\Firefox\Profiles\d6a99gex.default\extensions
[2014/01/17 14:36:45 | 000,287,587 | ---- | M] () (No name found) -- C:\Users\Jiri\AppData\Roaming\mozilla\firefox\profiles\d6a99gex.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2013/12/20 10:24:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/12/20 10:24:29 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014/01/17 14:36:08 | 000,000,000 | ---D | M] (Wondershare Video Converter Ultimate) -- C:\PROGRAM FILES (X86)\WONDERSHARE\VIDEO CONVERTER ULTIMATE\SVRFIREFOXEXT

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - Extension: iSkysoft Video Converter Ultimate = C:\Users\Jiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlfeafapmnniobpffacckpddijdjgpmj\4.0.0_0\
CHR - Extension: Aimersoft Video Converter Ultimate = C:\Users\Jiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\mapcejffhcbidcjmomhalabpcbaeimcb\5.0.0_0\
CHR - Extension: Pen\u011B\u017Eenka Google = C:\Users\Jiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\

O1 HOSTS File: ([2013/12/06 21:41:11 | 000,000,067 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 license.superantispyware.com
O2 - BHO: (Aimersoft Video Converter Ultimate) - {54F73992-6549-4369-9A0D-84FD310A464A} - C:\Program Files (x86)\Aimersoft\Video Converter Ultimate\SVRIEPlugin.dll (Aimersoft Software Co., Ltd.)
O2 - BHO: (Wondershare Video Converter Ultimate) - {65DEE40A-3E93-4cae-9F98-B8E06DCEE2BF} - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRIEPlugin.dll (Wondershare Software Co., Ltd.)
O2 - BHO: (iSkysoft Video Converter Ultimate) - {C7C3BC26-4F2B-4997-A3CB-163337FE975B} - C:\Program Files (x86)\iSkysoft\Video Converter Ultimate\SVRIEPlugin.dll (iSkysoft Software Co., Ltd.)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [BeatsOSDApp] C:\Program Files\IDT\WDM\Beats64.exe (Hewlett-Packard )
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [Aimersoft Helper Compact.exe] C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe (AimerSoft)
O4 - HKLM..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui File not found
O4 - HKLM..\Run: [BrowserPlugInHelper] C:\Program Files (x86)\Wondershare\Video Converter Ultimate\BrowserPlugInHelper.exe ()
O4 - HKLM..\Run: [CLMLServer_For_P2G8] c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (CyberLink)
O4 - HKLM..\Run: [CLVirtualDrive] c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PowerDVD12Agent] C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PowerDVD12DMREngine] C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe (CyberLink)
O4 - HKLM..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Wondershare)
O4 - HKU\S-1-5-21-3537464858-1279074522-603390182-1001..\Run: [Xvid] C:\Program Files (x86)\XviD\CheckUpdate.exe ()
O4:64bit: - HKLM..\RunOnce: [NCPluginUpdater] c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\NCPluginUpdater.exe (Hewlett-Packard)
O4 - Startup: C:\Users\Jiri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_11322249.lnk = File not found
O4 - Startup: C:\Users\Jiri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_68537660.lnk = File not found
O4 - Startup: C:\Users\Jiri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_69027342.lnk = File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3537464858-1279074522-603390182-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3537464858-1279074522-603390182-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - Reg Error: Value error. File not found
O8:64bit: - Extra context menu item: Od&eslat do aplikace OneNote - Reg Error: Value error. File not found
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - Reg Error: Value error. File not found
O8 - Extra context menu item: Od&eslat do aplikace OneNote - Reg Error: Value error. File not found
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 82.144.128.1 82.144.129.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{590D554F-F359-4963-9830-0295A82B77DA}: DhcpNameServer = 82.144.128.1 82.144.129.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DD790E8A-4069-4381-BF91-DB53DBEC3218}: DhcpNameServer = 82.144.128.1 82.144.129.1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs:64bit: lfsvc - C:\Windows\SysNative\GeofenceMonitorService.dll (Microsoft Corporation)
NetSvcs:64bit: wlidsvc - C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
NetSvcs:64bit: DsmSvc - C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
NetSvcs:64bit: NcaSvc - C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: vidc.XVID - xvidvfw.dll ()
Drivers32: msacm.ac3acm - C:\WINDOWS\SysWow64\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\WINDOWS\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\SysWow64\lameACM.acm (http://www.mp3dev.org/)
Drivers32: vidc.cvid - C:\WINDOWS\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\SysWow64\ff_vfw.dll ()
Drivers32: vidc.x264 - C:\Program Files (x86)\x264vfw\x264vfw.dll ()
Drivers32: vidc.XVID - C:\WINDOWS\SysWow64\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\WINDOWS\SysWow64\yv12vfw.dll (www.helixcommunity.org)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2014/01/21 21:26:08 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2014/01/21 20:43:06 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Jiri\Desktop\OTL.exe
[2014/01/21 17:27:52 | 000,000,000 | ---D | C] -- C:\Users\Jiri\AppData\Local\CrashDumps
[2014/01/21 16:44:00 | 000,000,000 | ---D | C] -- C:\Users\Jiri\Desktop\Nová složka (2)
[2014/01/21 08:10:46 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/01/21 08:08:15 | 000,460,888 | ---- | C] (Kaspersky Lab ZAO) -- C:\WINDOWS\SysNative\drivers\11322249.sys
[2014/01/21 08:03:41 | 000,460,888 | ---- | C] (Kaspersky Lab ZAO) -- C:\WINDOWS\SysNative\drivers\68537660.sys
[2014/01/21 08:00:22 | 000,460,888 | ---- | C] (Kaspersky Lab ZAO) -- C:\WINDOWS\SysNative\drivers\69027342.sys
[2014/01/21 07:45:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
[2014/01/21 07:45:58 | 000,117,464 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2014/01/19 17:32:08 | 000,000,000 | ---D | C] -- C:\Users\Jiri\AppData\Roaming\tiger-k
[2014/01/19 12:49:02 | 000,000,000 | ---D | C] -- C:\Users\Jiri\AppData\Roaming\Malwarebytes
[2014/01/19 12:48:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/01/19 10:21:05 | 000,000,000 | ---D | C] -- C:\rsit
[2014/01/17 23:54:14 | 000,000,000 | ---D | C] -- C:\Users\Jiri\AppData\Roaming\vlc
[2014/01/17 23:54:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2014/01/17 23:53:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2014/01/17 21:30:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\YTD
[2014/01/17 21:29:45 | 000,504,872 | ---- | C] (Igor Pavlov) -- C:\Users\Jiri\Desktop\ytd-1.00.exe
[2014/01/17 15:22:44 | 000,000,000 | RHSD | C] -- C:\Leawo_Video_Cache
[2014/01/17 14:39:38 | 000,000,000 | ---D | C] -- C:\Users\Jiri\Documents\Wondershare Video Converter Ultimate
[2014/01/17 14:39:38 | 000,000,000 | ---D | C] -- C:\Users\Jiri\AppData\Roaming\Wondershare Video Converter Ultimate
[2014/01/17 14:36:16 | 000,000,000 | ---D | C] -- C:\Users\Jiri\AppData\Local\Wondershare
[2014/01/17 14:36:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wondershare
[2014/01/17 14:36:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
[2014/01/17 14:36:03 | 000,031,080 | ---- | C] (Wondershare) -- C:\WINDOWS\SysNative\drivers\VirtualAudio.sys
[2014/01/17 14:35:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Wondershare Video Converter Ultimate
[2014/01/17 14:35:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wondershare
[2014/01/17 13:26:12 | 000,000,000 | ---D | C] -- C:\Program Files\WonderFox Soft
[2014/01/16 14:54:45 | 000,000,000 | ---D | C] -- C:\Users\Jiri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sytexis Software
[2014/01/16 14:54:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sytexis Software
[2014/01/15 09:38:56 | 003,395,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSService.dll
[2014/01/15 09:38:56 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/01/15 09:38:54 | 000,848,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSShared.dll
[2014/01/15 09:38:54 | 000,695,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSShared.dll
[2014/01/15 09:38:54 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/01/15 09:38:53 | 000,206,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSClient.dll
[2014/01/15 09:38:53 | 000,174,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSClient.dll
[2014/01/15 09:38:52 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSCollect.exe
[2014/01/15 09:38:48 | 000,787,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uDWM.dll
[2014/01/12 16:02:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NeroPortable
[2014/01/08 15:17:44 | 000,000,000 | ---D | C] -- C:\Users\Jiri\AppData\Roaming\mkvtoolnix
[2014/01/08 15:16:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MKVtoolnix
[2014/01/08 15:16:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MKVtoolnix
[2014/01/05 15:27:27 | 000,000,000 | ---D | C] -- C:\Users\Jiri\Desktop\Nová složka
[2014/01/03 19:51:38 | 000,000,000 | ---D | C] -- C:\Users\Jiri\AppData\Roaming\Aimersoft Video Converter Ultimate
[2013/12/31 14:30:39 | 000,000,000 | ---D | C] -- C:\Users\Jiri\AppData\Roaming\iSkysoft Video Converter Ultimate
[2013/12/29 11:20:17 | 000,000,000 | ---D | C] -- C:\Users\Jiri\Documents\iSkysoft Video Converter Ultimate
[2013/12/29 11:19:00 | 000,000,000 | ---D | C] -- C:\Users\Jiri\AppData\Local\iSkysoft
[2013/12/29 11:18:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\iSkysoft
[2013/12/29 11:18:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iSkysoft
[2013/12/29 11:18:37 | 000,000,000 | ---D | C] -- C:\ProgramData\iSkysoft Video Converter Ultimate
[2013/12/29 11:18:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iSkysoft
[2013/12/29 10:47:45 | 000,000,000 | ---D | C] -- C:\Users\Jiri\AppData\Roaming\HD Video Converter
[2013/12/29 10:45:06 | 000,000,000 | ---D | C] -- C:\Users\Jiri\AppData\Roaming\GetRightToGo
[2013/12/27 17:23:53 | 000,000,000 | ---D | C] -- C:\Users\Jiri\Desktop\Country
[2013/12/24 19:37:03 | 000,000,000 | ---D | C] -- C:\Users\Jiri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU
[2013/12/24 19:36:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU
[2013/12/24 19:36:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVS4YOU
[2013/12/24 07:36:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Aimersoft
[2013/03/13 08:03:40 | 002,174,976 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Program Files (x86)\Common Files\atimpenc.dll
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Users\Jiri\*.tmp files -> C:\Users\Jiri\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014/01/21 22:41:52 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014/01/21 22:32:13 | 000,000,974 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/01/21 22:04:00 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014/01/21 21:26:26 | 001,934,988 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2014/01/21 21:26:26 | 000,800,964 | ---- | M] () -- C:\WINDOWS\SysNative\perfh005.dat
[2014/01/21 21:26:26 | 000,786,754 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2014/01/21 21:26:26 | 000,183,494 | ---- | M] () -- C:\WINDOWS\SysNative\perfc005.dat
[2014/01/21 21:26:26 | 000,161,014 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2014/01/21 21:13:51 | 000,000,342 | ---- | M] () -- C:\WINDOWS\tasks\HPCeeScheduleForJiri.job
[2014/01/21 21:11:27 | 000,002,207 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/01/21 21:11:21 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/01/21 21:09:50 | 000,000,970 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/01/21 21:09:20 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/01/21 21:09:19 | 2525,081,599 | -HS- | M] () -- C:\hiberfil.sys
[2014/01/21 21:04:38 | 000,935,175 | ---- | M] () -- C:\Users\Jiri\Desktop\RSITx64.exe
[2014/01/21 20:43:09 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jiri\Desktop\OTL.exe
[2014/01/21 08:08:40 | 000,001,053 | ---- | M] () -- C:\Users\Jiri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_11322249.lnk
[2014/01/21 08:04:00 | 000,001,053 | ---- | M] () -- C:\Users\Jiri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_68537660.lnk
[2014/01/21 08:01:04 | 000,001,053 | ---- | M] () -- C:\Users\Jiri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_69027342.lnk
[2014/01/21 07:45:58 | 000,117,464 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2014/01/21 07:36:56 | 000,460,888 | ---- | M] (Kaspersky Lab ZAO) -- C:\WINDOWS\SysNative\drivers\69027342.sys
[2014/01/21 07:36:56 | 000,460,888 | ---- | M] (Kaspersky Lab ZAO) -- C:\WINDOWS\SysNative\drivers\68537660.sys
[2014/01/21 07:36:56 | 000,460,888 | ---- | M] (Kaspersky Lab ZAO) -- C:\WINDOWS\SysNative\drivers\11322249.sys
[2014/01/17 23:59:52 | 000,001,084 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2014/01/17 22:26:36 | 000,000,963 | ---- | M] () -- C:\Users\Jiri\Desktop\YTD.lnk
[2014/01/17 21:29:48 | 000,504,872 | ---- | M] (Igor Pavlov) -- C:\Users\Jiri\Desktop\ytd-1.00.exe
[2014/01/17 14:36:09 | 000,001,478 | ---- | M] () -- C:\Users\Public\Desktop\Wondershare Video Converter Ultimate.lnk
[2014/01/16 20:17:51 | 000,001,795 | ---- | M] () -- C:\Users\Jiri\Desktop\VideoConverterUltimate.exe – zástupce.lnk
[2014/01/13 00:34:20 | 000,000,213 | ---- | M] () -- C:\Users\Jiri\.swfinfo
[2014/01/12 16:23:51 | 000,001,524 | ---- | M] () -- C:\Users\Jiri\Desktop\NeroPortable.exe – zástupce.lnk
[2014/01/11 16:40:40 | 000,005,120 | ---- | M] () -- C:\Users\Jiri\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014/01/08 15:16:40 | 000,001,876 | ---- | M] () -- C:\Users\Public\Desktop\mkvmerge GUI.lnk
[2014/01/06 23:31:05 | 000,693,240 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2014/01/06 23:31:05 | 000,105,464 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2013/12/29 10:47:40 | 000,000,066 | ---- | M] () -- C:\WINDOWS\support.url
[2013/12/24 20:17:41 | 006,391,512 | ---- | M] () -- C:\h264-1.pass
[2013/12/24 19:36:49 | 000,001,255 | ---- | M] () -- C:\Users\Jiri\Desktop\AVS Video Converter.lnk
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Users\Jiri\*.tmp files -> C:\Users\Jiri\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/01/21 22:41:52 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014/01/21 21:04:35 | 000,935,175 | ---- | C] () -- C:\Users\Jiri\Desktop\RSITx64.exe
[2014/01/21 08:08:40 | 000,001,053 | ---- | C] () -- C:\Users\Jiri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_11322249.lnk
[2014/01/21 08:04:00 | 000,001,053 | ---- | C] () -- C:\Users\Jiri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_68537660.lnk
[2014/01/21 08:01:04 | 000,001,053 | ---- | C] () -- C:\Users\Jiri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_69027342.lnk
[2014/01/17 23:54:06 | 000,001,084 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2014/01/17 21:30:26 | 000,000,975 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD.lnk
[2014/01/17 21:30:26 | 000,000,963 | ---- | C] () -- C:\Users\Jiri\Desktop\YTD.lnk
[2014/01/17 14:36:09 | 000,001,478 | ---- | C] () -- C:\Users\Public\Desktop\Wondershare Video Converter Ultimate.lnk
[2014/01/17 14:36:07 | 000,721,263 | ---- | C] () -- C:\WINDOWS\SysWow64\WSCM64.dll
[2014/01/17 14:36:07 | 000,214,528 | ---- | C] () -- C:\WINDOWS\SysWow64\WSCM32.dll
[2014/01/16 20:17:51 | 000,001,795 | ---- | C] () -- C:\Users\Jiri\Desktop\VideoConverterUltimate.exe – zástupce.lnk
[2014/01/15 09:38:52 | 000,138,240 | ---- | C] () -- C:\WINDOWS\SysNative\OEMLicense.dll
[2014/01/15 09:38:52 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2014/01/13 00:34:20 | 000,000,213 | ---- | C] () -- C:\Users\Jiri\.swfinfo
[2014/01/12 16:23:51 | 000,001,524 | ---- | C] () -- C:\Users\Jiri\Desktop\NeroPortable.exe – zástupce.lnk
[2014/01/08 15:16:40 | 000,001,876 | ---- | C] () -- C:\Users\Public\Desktop\mkvmerge GUI.lnk
[2013/12/29 11:18:49 | 000,721,917 | ---- | C] () -- C:\WINDOWS\SysWow64\ISCM64.dll
[2013/12/29 11:18:49 | 000,153,088 | ---- | C] () -- C:\WINDOWS\SysWow64\ISCM32.dll
[2013/12/29 10:47:40 | 000,000,066 | ---- | C] () -- C:\WINDOWS\support.url
[2013/12/24 19:50:32 | 006,391,512 | ---- | C] () -- C:\h264-1.pass
[2013/12/24 19:36:49 | 000,001,255 | ---- | C] () -- C:\Users\Jiri\Desktop\AVS Video Converter.lnk
[2013/12/22 20:21:50 | 000,721,917 | ---- | C] () -- C:\WINDOWS\SysWow64\AiCM64.dll
[2013/12/22 20:21:50 | 000,153,088 | ---- | C] () -- C:\WINDOWS\SysWow64\AiCM32.dll
[2013/10/17 18:59:44 | 001,847,990 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2013/09/24 11:09:18 | 000,028,672 | ---- | C] () -- C:\WINDOWS\SysWow64\AVEQT.dll
[2013/09/24 04:06:40 | 000,234,010 | ---- | C] () -- C:\WINDOWS\SysWow64\poclbm130302GeForce GTX 660gv1w256l4.bin
[2013/09/24 04:06:36 | 000,000,000 | ---- | C] () -- C:\Users\Jiri\regbcm
[2013/09/16 16:15:39 | 000,032,256 | -HS- | C] () -- C:\WINDOWS\SysWow64\AVSredirect.dll
[2013/09/15 23:07:30 | 000,645,632 | ---- | C] () -- C:\WINDOWS\SysWow64\xvidcore.dll
[2013/09/15 23:07:29 | 000,240,640 | ---- | C] () -- C:\WINDOWS\SysWow64\xvidvfw.dll
[2013/09/15 23:06:10 | 000,035,365 | ---- | C] () -- C:\WINDOWS\SysWow64\uninstHelixYUV.exe
[2013/08/22 16:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013/08/22 16:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013/08/22 15:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/08/22 08:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013/08/22 04:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2013/08/22 00:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013/08/22 00:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2013/07/23 11:33:15 | 000,178,688 | ---- | C] () -- C:\WINDOWS\SysWow64\unrar.dll
[2013/07/08 13:41:08 | 000,000,597 | ---- | C] () -- C:\Users\Jiri\AppData\Roaming\AutoGK.ini
[2013/04/05 18:47:57 | 000,074,752 | ---- | C] () -- C:\WINDOWS\SysWow64\ff_vfw.dll
[2013/03/18 14:33:51 | 000,005,120 | ---- | C] () -- C:\Users\Jiri\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/03/08 22:57:27 | 000,007,606 | ---- | C] () -- C:\Users\Jiri\AppData\Local\Resmon.ResmonCfg
[2013/03/01 10:57:16 | 000,000,184 | ---- | C] () -- C:\WINDOWS\AutoKMS.ini
[2012/07/25 21:22:54 | 000,982,240 | ---- | C] () -- C:\WINDOWS\SysWow64\igkrng500.bin
[2012/07/25 21:22:54 | 000,439,308 | ---- | C] () -- C:\WINDOWS\SysWow64\igcompkrng500.bin
[2012/07/25 21:22:54 | 000,092,356 | ---- | C] () -- C:\WINDOWS\SysWow64\igfcg500m.bin
[2012/04/20 14:59:44 | 000,001,536 | ---- | C] () -- C:\WINDOWS\SysWow64\IusEventLog.dll

========== ZeroAccess Check ==========

[2013/10/17 19:25:44 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/11/05 21:21:27 | 021,196,664 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/11/05 19:51:37 | 018,642,504 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 10:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/22 03:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 10:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/10/17 19:05:08 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\IObit
[2013/10/17 19:05:08 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\IObit
[2013/07/30 17:41:29 | 000,000,000 | ---D | M] -- C:\Users\Jiri\AppData\Roaming\4Media
[2014/01/03 19:51:38 | 000,000,000 | ---D | M] -- C:\Users\Jiri\AppData\Roaming\Aimersoft Video Converter Ultimate
[2013/04/25 14:23:01 | 000,000,000 | ---D | M] -- C:\Users\Jiri\AppData\Roaming\Ashampoo
[2014/01/16 22:33:47 | 000,000,000 | ---D | M] -- C:\Users\Jiri\AppData\Roaming\avidemux
[2013/12/03 13:39:53 | 000,000,000 | ---D | M] -- C:\Users\Jiri\AppData\Roaming\dcunningham.net
[2013/07/22 13:24:49 | 000,000,000 | ---D | M] -- C:\Users\Jiri\AppData\Roaming\FameRing
[2013/12/01 12:15:42 | 000,000,000 | ---D | M] -- C:\Users\Jiri\AppData\Roaming\Fighters
[2013/12/29 10:47:07 | 000,000,000 | ---D | M] -- C:\Users\Jiri\AppData\Roaming\GetRightToGo
[2013/12/29 10:49:06 | 000,000,000 | ---D | M] -- C:\Users\Jiri\AppData\Roaming\HD Video Converter
[2013/09/08 21:16:08 | 000,000,000 | ---D | M] -- C:\Users\Jiri\AppData\Roaming\HellShare Upload Manager
[2013/02/28 22:06:28 | 000,000,000 | ---D | M] -- C:\Users\Jiri\AppData\Roaming\IDT
[2013/12/31 14:30:39 | 000,000,000 | ---D | M] -- C:\Users\Jiri\AppData\Roaming\iSkysoft Video Converter Ultimate
[2014/01/17 15:22:44 | 000,000,000 | ---D | M] -- C:\Users\Jiri\AppData\Roaming\Leawo
[2014/01/08 15:17:44 | 000,000,000 | ---D | M] -- C:\Users\Jiri\AppData\Roaming\mkvtoolnix
[2014/01/19 17:32:44 | 000,000,000 | ---D | M] -- C:\Users\Jiri\AppData\Roaming\tiger-k
[2014/01/14 00:47:27 | 000,000,000 | ---D | M] -- C:\Users\Jiri\AppData\Roaming\Ulozto File Manager
[2014/01/09 16:37:55 | 000,000,000 | ---D | M] -- C:\Users\Jiri\AppData\Roaming\uTorrent
[2014/01/21 21:28:24 | 000,000,000 | ---D | M] -- C:\Users\Jiri\AppData\Roaming\VideoReDo-TVSuite4
[2013/03/01 21:24:06 | 000,000,000 | ---D | M] -- C:\Users\Jiri\AppData\Roaming\WebApp
[2014/01/17 14:40:48 | 000,000,000 | ---D | M] -- C:\Users\Jiri\AppData\Roaming\Wondershare Video Converter Ultimate

========== Purity Check ==========

JiriHrabcuk · #23 Příspěvek od **JiriHrabcuk** » 21 led 2014 23:05

========== Custom Scans ==========

< >
[2013/02/28 18:18:39 | 000,000,914 | ---- | C] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[2013/08/22 15:45:54 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2013/09/21 09:18:10 | 000,000,342 | ---- | C] () -- C:\WINDOWS\Tasks\HPCeeScheduleForJiri.job
[2013/10/13 23:22:01 | 000,000,970 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2013/10/13 23:22:02 | 000,000,974 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

< >

< MD5 for: AGP440.SYS >
[2013/08/22 13:43:40 | 000,062,304 | ---- | M] (Microsoft Corporation) MD5=7DFAEBA9AD62D20102B576D5CAC45EC8 -- C:\WINDOWS\SysNative\drivers\AGP440.sys
[2013/08/22 13:43:40 | 000,062,304 | ---- | M] (Microsoft Corporation) MD5=7DFAEBA9AD62D20102B576D5CAC45EC8 -- C:\WINDOWS\SysNative\DriverStore\FileRepository\machine.inf_amd64_1d5376df88365b19\AGP440.sys
[2013/08/22 13:43:40 | 000,062,304 | ---- | M] (Microsoft Corporation) MD5=7DFAEBA9AD62D20102B576D5CAC45EC8 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.3.9600.16384_none_aad14d4692a7dfee\AGP440.sys

< MD5 for: ATAPI.SYS >
[2013/08/22 13:43:41 | 000,026,464 | ---- | M] (Microsoft Corporation) MD5=74B14192CF79A72F7536B27CB8814FBD -- C:\WINDOWS\SysNative\drivers\atapi.sys
[2013/08/22 13:43:41 | 000,026,464 | ---- | M] (Microsoft Corporation) MD5=74B14192CF79A72F7536B27CB8814FBD -- C:\WINDOWS\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_64aa4354da84c2df\atapi.sys
[2013/08/22 13:43:41 | 000,026,464 | ---- | M] (Microsoft Corporation) MD5=74B14192CF79A72F7536B27CB8814FBD -- C:\Windows\WinSxS\amd64_mshdc.inf_31bf3856ad364e35_6.3.9600.16384_none_cdf68824f580d510\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2013/08/22 12:41:41 | 000,891,392 | ---- | M] (Microsoft Corporation) MD5=37D01B8BC15E263F4405367C9A442824 -- C:\WINDOWS\SysNative\autochk.exe
[2013/08/22 12:41:41 | 000,891,392 | ---- | M] (Microsoft Corporation) MD5=37D01B8BC15E263F4405367C9A442824 -- C:\Windows\WinSxS\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.3.9600.16384_none_d2b24d5495b82963\autochk.exe
[2013/08/22 05:13:03 | 000,793,600 | ---- | M] (Microsoft Corporation) MD5=E259644C02551BFAB10B160CF95C8F88 -- C:\Windows\SysWOW64\autochk.exe
[2013/08/22 05:13:03 | 000,793,600 | ---- | M] (Microsoft Corporation) MD5=E259644C02551BFAB10B160CF95C8F88 -- C:\Windows\WinSxS\x86_microsoft-windows-autochk_31bf3856ad364e35_6.3.9600.16384_none_7693b1d0dd5ab82d\autochk.exe

< MD5 for: CDROM.SYS >
[2013/08/22 09:46:35 | 000,164,352 | ---- | M] (Microsoft Corporation) MD5=C6796EA22B513E3457514D92DCDB1A3D -- C:\WINDOWS\SysNative\drivers\cdrom.sys
[2013/08/22 09:46:35 | 000,164,352 | ---- | M] (Microsoft Corporation) MD5=C6796EA22B513E3457514D92DCDB1A3D -- C:\WINDOWS\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_42e9c29f0affc440\cdrom.sys
[2013/08/22 09:46:35 | 000,164,352 | ---- | M] (Microsoft Corporation) MD5=C6796EA22B513E3457514D92DCDB1A3D -- C:\Windows\WinSxS\amd64_cdrom.inf_31bf3856ad364e35_6.3.9600.16384_none_5067bbed77be70be\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2013/08/22 11:01:39 | 000,129,536 | ---- | M] (Microsoft Corporation) MD5=0EFE4B5884A8032617826A4D76F80969 -- C:\WINDOWS\SysNative\cryptsvc.dll
[2013/08/22 11:01:39 | 000,129,536 | ---- | M] (Microsoft Corporation) MD5=0EFE4B5884A8032617826A4D76F80969 -- C:\Windows\WinSxS\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.3.9600.16384_none_66bdf96f6ec6545d\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2012/01/31 13:22:06 | 000,006,952 | ---- | M] () MD5=D9A27F35D231BAC3AD58E922C7644E8B -- C:\Program Files (x86)\CyberLink\PowerDirector10\EventLog.dll

< MD5 for: EXPLORER.EXE >
[2013/10/22 07:03:47 | 002,065,448 | ---- | M] (Microsoft Corporation) MD5=1A0BC9598E4A58FC84570FFF5A108E58 -- C:\Windows\SysWOW64\explorer.exe
[2013/10/22 07:03:47 | 002,065,448 | ---- | M] (Microsoft Corporation) MD5=1A0BC9598E4A58FC84570FFF5A108E58 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16441_none_4ceff22781f6788c\explorer.exe
[2013/11/18 11:55:44 | 000,133,444 | ---- | M] () MD5=3DDF61E1B538A1205612192A61CC2376 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16408_none_42cd898b4d6ef82e\explorer.exe
[2013/10/22 08:55:27 | 002,328,872 | ---- | M] (Microsoft Corporation) MD5=63DC38C3E4564B2405D562855643ABA2 -- C:\Windows\explorer.exe
[2013/10/22 08:55:27 | 002,328,872 | ---- | M] (Microsoft Corporation) MD5=63DC38C3E4564B2405D562855643ABA2 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16441_none_429b47d54d95b691\explorer.exe
[2013/11/18 12:32:21 | 000,127,825 | ---- | M] () MD5=983D8A3EB94B05A199D3744C0F0C475F -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16408_none_4d2233dd81cfba29\explorer.exe

< MD5 for: HAL.DLL >
[2013/09/30 05:06:51 | 000,419,160 | ---- | M] (Microsoft Corporation) MD5=7DEA8CDADD23BBFFC8C47EFE6AF11328 -- C:\WINDOWS\SysNative\hal.dll
[2013/09/30 05:06:51 | 000,419,160 | ---- | M] (Microsoft Corporation) MD5=7DEA8CDADD23BBFFC8C47EFE6AF11328 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.3.9600.16408_none_9c41d51d2d5cc0c4\hal.dll

< MD5 for: IASTORV.SYS >
[2013/08/22 13:43:45 | 000,412,000 | ---- | M] (Intel Corporation) MD5=A2200C3033FA4EF249FC096A7A7D02A2 -- C:\WINDOWS\SysNative\drivers\iaStorV.sys
[2013/08/22 13:43:45 | 000,412,000 | ---- | M] (Intel Corporation) MD5=A2200C3033FA4EF249FC096A7A7D02A2 -- C:\WINDOWS\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_5069105fb236ae4b\iaStorV.sys
[2013/08/22 13:43:45 | 000,412,000 | ---- | M] (Intel Corporation) MD5=A2200C3033FA4EF249FC096A7A7D02A2 -- C:\Windows\WinSxS\amd64_iastorv.inf_31bf3856ad364e35_6.3.9600.16384_none_9fcfb2835bbf0103\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2013/08/22 13:43:45 | 000,021,856 | ---- | M] (Microsoft Corporation) MD5=8AFEEA3955AA43616A60F133B1D25F21 -- C:\WINDOWS\SysNative\drivers\isapnp.sys
[2013/08/22 13:43:45 | 000,021,856 | ---- | M] (Microsoft Corporation) MD5=8AFEEA3955AA43616A60F133B1D25F21 -- C:\WINDOWS\SysNative\DriverStore\FileRepository\machine.inf_amd64_1d5376df88365b19\isapnp.sys
[2013/08/22 13:43:45 | 000,021,856 | ---- | M] (Microsoft Corporation) MD5=8AFEEA3955AA43616A60F133B1D25F21 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.3.9600.16384_none_aad14d4692a7dfee\isapnp.sys

< MD5 for: LSASS.EXE >
[2013/08/22 14:25:35 | 000,045,008 | ---- | M] (Microsoft Corporation) MD5=F6F209DDB94959BA104FC8FC87C53759 -- C:\WINDOWS\SysNative\lsass.exe
[2013/08/22 14:25:35 | 000,045,008 | ---- | M] (Microsoft Corporation) MD5=F6F209DDB94959BA104FC8FC87C53759 -- C:\Windows\WinSxS\amd64_microsoft-windows-lsa-minwin_31bf3856ad364e35_6.3.9600.16408_none_2e8484166600f08e\lsass.exe

< MD5 for: NDIS.SYS >
[2013/11/18 11:56:07 | 000,123,655 | ---- | M] () MD5=17F1BC1A73EECEA6394EFA770B41DDD3 -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.16405_none_4a6b5fcffbc14927\ndis.sys
[2013/09/30 05:06:51 | 001,119,576 | ---- | M] (Microsoft Corporation) MD5=AD9086052A5E5153AF43FE74138A4B27 -- C:\WINDOWS\SysNative\drivers\ndis.sys
[2013/09/30 05:06:51 | 001,119,576 | ---- | M] (Microsoft Corporation) MD5=AD9086052A5E5153AF43FE74138A4B27 -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.16408_none_4a6e60adfbbe952c\ndis.sys

< MD5 for: NETLOGON.DLL >
[2013/08/22 03:49:21 | 000,688,640 | ---- | M] (Microsoft Corporation) MD5=CEBE4E2D2C6F3D6E87201C21B877929C -- C:\Windows\SysWOW64\netlogon.dll
[2013/08/22 03:49:21 | 000,688,640 | ---- | M] (Microsoft Corporation) MD5=CEBE4E2D2C6F3D6E87201C21B877929C -- C:\Windows\WinSxS\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.16384_none_f8cac1a04051b0c6\netlogon.dll
[2013/08/22 10:59:26 | 000,832,512 | ---- | M] (Microsoft Corporation) MD5=E01B8CE6646E055D2B806AE4DD5A1202 -- C:\WINDOWS\SysNative\netlogon.dll
[2013/08/22 10:59:26 | 000,832,512 | ---- | M] (Microsoft Corporation) MD5=E01B8CE6646E055D2B806AE4DD5A1202 -- C:\Windows\WinSxS\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.16384_none_ee76174e0bf0eecb\netlogon.dll

< MD5 for: NVRAID.SYS >
[2013/08/22 13:43:31 | 000,150,368 | ---- | M] (NVIDIA Corporation) MD5=BC6B5942AFF25EBAF62DE43C3807EDF8 -- C:\WINDOWS\SysNative\drivers\nvraid.sys
[2013/08/22 13:43:31 | 000,150,368 | ---- | M] (NVIDIA Corporation) MD5=BC6B5942AFF25EBAF62DE43C3807EDF8 -- C:\WINDOWS\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_7ba65ba4b222e751\nvraid.sys
[2013/08/22 13:43:31 | 000,150,368 | ---- | M] (NVIDIA Corporation) MD5=BC6B5942AFF25EBAF62DE43C3807EDF8 -- C:\Windows\WinSxS\amd64_nvraid.inf_31bf3856ad364e35_6.3.9600.16384_none_2a99233292f5aadb\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2013/08/22 13:43:32 | 000,168,288 | ---- | M] (NVIDIA Corporation) MD5=1F43ABFFAC3D6CA356851D517392966E -- C:\WINDOWS\SysNative\drivers\nvstor.sys
[2013/08/22 13:43:32 | 000,168,288 | ---- | M] (NVIDIA Corporation) MD5=1F43ABFFAC3D6CA356851D517392966E -- C:\WINDOWS\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_7ba65ba4b222e751\nvstor.sys
[2013/08/22 13:43:32 | 000,168,288 | ---- | M] (NVIDIA Corporation) MD5=1F43ABFFAC3D6CA356851D517392966E -- C:\Windows\WinSxS\amd64_nvraid.inf_31bf3856ad364e35_6.3.9600.16384_none_2a99233292f5aadb\nvstor.sys

< MD5 for: SCECLI.DLL >
[2013/08/22 03:48:17 | 000,207,360 | ---- | M] (Microsoft Corporation) MD5=1F142D5BD1C3869C5D902779B6FEC3EF -- C:\Windows\SysWOW64\scecli.dll
[2013/08/22 03:48:17 | 000,207,360 | ---- | M] (Microsoft Corporation) MD5=1F142D5BD1C3869C5D902779B6FEC3EF -- C:\Windows\WinSxS\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.3.9600.16384_none_3320ecb8e1733781\scecli.dll
[2013/08/22 10:55:43 | 000,271,360 | ---- | M] (Microsoft Corporation) MD5=1F1B8D07708E40E54C55B392C78ECCE2 -- C:\WINDOWS\SysNative\scecli.dll
[2013/08/22 10:55:43 | 000,271,360 | ---- | M] (Microsoft Corporation) MD5=1F1B8D07708E40E54C55B392C78ECCE2 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.3.9600.16384_none_28cc4266ad127586\scecli.dll

< MD5 for: SMSS.EXE >
[2013/08/22 14:25:40 | 000,142,576 | ---- | M] (Microsoft Corporation) MD5=89B91AEEE4C0C5D3708C0F177C97B630 -- C:\WINDOWS\SysNative\smss.exe
[2013/08/22 14:25:40 | 000,142,576 | ---- | M] (Microsoft Corporation) MD5=89B91AEEE4C0C5D3708C0F177C97B630 -- C:\Windows\WinSxS\amd64_microsoft-windows-smss-minwin_31bf3856ad364e35_6.3.9600.16384_none_6f1f364dbcc273d3\smss.exe

< MD5 for: SVCHOST.EXE >
[2013/08/22 06:30:58 | 000,031,552 | ---- | M] (Microsoft Corporation) MD5=425E22D9F5C01616AFC92987791B19E9 -- C:\Windows\SysWOW64\svchost.exe
[2013/08/22 06:30:58 | 000,031,552 | ---- | M] (Microsoft Corporation) MD5=425E22D9F5C01616AFC92987791B19E9 -- C:\Windows\WinSxS\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.3.9600.16384_none_4a5b1e2820e75323\svchost.exe
[2013/08/22 13:45:17 | 000,037,768 | ---- | M] (Microsoft Corporation) MD5=E4CA434F251681590D0538BC21C32D2F -- C:\WINDOWS\SysNative\svchost.exe
[2013/08/22 13:45:17 | 000,037,768 | ---- | M] (Microsoft Corporation) MD5=E4CA434F251681590D0538BC21C32D2F -- C:\Windows\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.3.9600.16384_none_a679b9abd944c459\svchost.exe

< MD5 for: TCPIP.SYS >
[2013/10/08 11:13:33 | 002,551,640 | ---- | M] (Microsoft Corporation) MD5=6617F44D2432C529B2249A0498B6B40A -- C:\WINDOWS\SysNative\drivers\tcpip.sys
[2013/10/08 11:13:33 | 002,551,640 | ---- | M] (Microsoft Corporation) MD5=6617F44D2432C529B2249A0498B6B40A -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.16423_none_a41c53813a2d8394\tcpip.sys
[2013/11/18 12:29:54 | 000,250,257 | ---- | M] () MD5=D051052CB1A286833805C2E0F7710F85 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.16408_none_a436f4cb3a18ca65\tcpip.sys

< MD5 for: USERINIT.EXE >
[2013/08/22 11:03:12 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=08C191B2917862BE90C33E31CB6B6D79 -- C:\WINDOWS\SysNative\userinit.exe
[2013/08/22 11:03:12 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=08C191B2917862BE90C33E31CB6B6D79 -- C:\Windows\WinSxS\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.3.9600.16384_none_cce71a20a5a6fe7f\userinit.exe
[2013/08/22 03:54:12 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=41636F77AD6D9A396EA34E4786B96F2B -- C:\Windows\SysWOW64\userinit.exe
[2013/08/22 03:54:12 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=41636F77AD6D9A396EA34E4786B96F2B -- C:\Windows\WinSxS\x86_microsoft-windows-userinit_31bf3856ad364e35_6.3.9600.16384_none_70c87e9ced498d49\userinit.exe

< MD5 for: WINLOGON.EXE >
[2013/08/22 10:55:08 | 000,564,736 | ---- | M] (Microsoft Corporation) MD5=7C94FDA3809015B8F2208D2E1C221F17 -- C:\WINDOWS\SysNative\winlogon.exe
[2013/08/22 10:55:08 | 000,564,736 | ---- | M] (Microsoft Corporation) MD5=7C94FDA3809015B8F2208D2E1C221F17 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.3.9600.16384_none_60816121a8e88269\winlogon.exe

< MD5 for: WS2_32.DLL >
[2013/08/22 06:17:54 | 000,313,488 | ---- | M] (Microsoft Corporation) MD5=428AF7FA03FF09CE1CD373ABFEBAD8A3 -- C:\Windows\SysWOW64\ws2_32.dll
[2013/08/22 06:17:54 | 000,313,488 | ---- | M] (Microsoft Corporation) MD5=428AF7FA03FF09CE1CD373ABFEBAD8A3 -- C:\Windows\WinSxS\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.3.9600.16384_none_87577549e9ef9b02\ws2_32.dll
[2013/08/22 14:25:35 | 000,355,872 | ---- | M] (Microsoft Corporation) MD5=6F997D98C6A30D79C622811FBAB9119E -- C:\WINDOWS\SysNative\ws2_32.dll
[2013/08/22 14:25:35 | 000,355,872 | ---- | M] (Microsoft Corporation) MD5=6F997D98C6A30D79C622811FBAB9119E -- C:\Windows\WinSxS\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.3.9600.16384_none_e37610cda24d0c38\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >
[2007/11/07 08:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2013/07/30 17:41:29 | 000,000,000 | ---D | M] -- C:\Users\Jiri\AppData\Roaming\4Media
[2013/03/09 21:44:49 | 000,000,000 | ---D | M] -- C:\Users\Jiri\AppData\Roaming\Adobe
[2014/01/03 19:51:38 | 000,000,000 | ---D | M] -- C:\Users\Jiri\AppData\Roaming\Aimersoft Video Converter Ultimate
[2013/06/03 21:48:30 | 000,000,000 | ---D | M] -- C:\Users\Jiri\AppData\Roaming\Apple Computer
[2013/04/25 14:23:01 | 000,000,000 | ---D | M] -- C:\Users\Jiri\AppData\Roaming\Ashampoo
[2014/01/16 22:33:47 | 000,000,000 | ---D | M] -- C:\Users\Jiri\AppData\Roaming\avidemux
[2013/04/16 17:17:09 | 000,000,000 | ---D | M] -- C:\Users\Jiri\AppData\Roaming\AVS4YOU
[2013/03/17 18:15:17 | 000,000,000 | ---D | M] -- C:\Users\Jiri\AppData\Roaming\CyberLink
[2013/12/03 13:39:53 | 000,000,000 | ---D | M] -- C:\Users\Jiri\AppData\Roaming\dcunningham.net
[2013/07/22 13:24:49 | 000,000,000 | ---D | M] -- C:\Users\Jiri\AppData\Roaming\FameRing
[2013/12/01 12:15:42 | 000,000,000 | ---D | M] -- C:\Users\Jiri\AppData\Roaming\Fighters
[2013/12/29 10:47:07 | 000,000,000 | ---D | M] -- C:\Users\Jiri\AppData\Roaming\GetRightToGo
[2013/12/29 10:49:06 | 000,000,000 | ---D | M] -- C:\Users\Jiri\AppData\Roaming\HD Video Converter
[2013/09/08 21:16:08 | 000,000,000 | ---D | M] -- C:\Users\Jiri\AppData\Roaming\HellShare Upload Manager
[2013/03/03 16:05:47 | 000,000,000 | ---D | M] -- C:\Users\Jiri\AppData\Roaming\Hewlett-Packard
[2013/10/17 19:17:46 | 000,000,000 | ---D | M] -- C:\Users\Jiri\AppData\Roaming\Identities
[2013/02/28 22:06:28 | 000,000,000 | ---D | M] -- C:\Users\Jiri\AppData\Roaming\IDT
[2013/12/31 14:30:39 | 000,000,000 | ---D | M] -- C:\Users\Jiri\AppData\Roaming\iSkysoft Video Converter Ultimate
[2014/01/17 15:22:44 | 000,000,000 | ---D | M] -- C:\Users\Jiri\AppData\Roaming\Leawo
[2013/02/28 18:18:47 | 000,000,000 | ---D | M] -- C:\Users\Jiri\AppData\Roaming\Macromedia
[2014/01/19 12:49:02 | 000,000,000 | ---D | M] -- C:\Users\Jiri\AppData\Roaming\Malwarebytes
[2014/01/21 19:08:17 | 000,000,000 | ---D | M] -- C:\Users\Jiri\AppData\Roaming\Media Player Classic
[2013/11/06 15:14:54 | 000,000,000 | --SD | M] -- C:\Users\Jiri\AppData\Roaming\Microsoft
[2014/01/08 15:17:44 | 000,000,000 | ---D | M] -- C:\Users\Jiri\AppData\Roaming\mkvtoolnix
[2013/09/11 18:15:30 | 000,000,000 | ---D | M] -- C:\Users\Jiri\AppData\Roaming\Mozilla
[2013/03/02 23:15:55 | 000,000,000 | ---D | M] -- C:\Users\Jiri\AppData\Roaming\NVIDIA
[2014/01/18 17:04:09 | 000,000,000 | ---D | M] -- C:\Users\Jiri\AppData\Roaming\Skype
[2014/01/19 17:32:44 | 000,000,000 | ---D | M] -- C:\Users\Jiri\AppData\Roaming\tiger-k
[2014/01/14 00:47:27 | 000,000,000 | ---D | M] -- C:\Users\Jiri\AppData\Roaming\Ulozto File Manager
[2014/01/09 16:37:55 | 000,000,000 | ---D | M] -- C:\Users\Jiri\AppData\Roaming\uTorrent
[2014/01/21 21:28:24 | 000,000,000 | ---D | M] -- C:\Users\Jiri\AppData\Roaming\VideoReDo-TVSuite4
[2014/01/18 07:40:33 | 000,000,000 | ---D | M] -- C:\Users\Jiri\AppData\Roaming\vlc
[2013/03/01 21:24:06 | 000,000,000 | ---D | M] -- C:\Users\Jiri\AppData\Roaming\WebApp
[2013/02/28 17:39:39 | 000,000,000 | ---D | M] -- C:\Users\Jiri\AppData\Roaming\WinRAR
[2014/01/17 14:40:48 | 000,000,000 | ---D | M] -- C:\Users\Jiri\AppData\Roaming\Wondershare Video Converter Ultimate

< %APPDATA%\*.exe /s >
[2013/07/19 09:43:30 | 017,986,273 | ---- | M] () -- C:\Users\Jiri\AppData\Roaming\FameRing\Smart Cutter\smart.exe
[2013/07/22 13:12:52 | 000,010,134 | R--- | M] () -- C:\Users\Jiri\AppData\Roaming\Microsoft\Installer\{9A9CEF47-6227-4D03-A3E0-55C2B64F61DE}\ARPPRODUCTICON.exe
[2013/07/22 13:12:52 | 000,009,662 | R--- | M] () -- C:\Users\Jiri\AppData\Roaming\Microsoft\Installer\{9A9CEF47-6227-4D03-A3E0-55C2B64F61DE}\NewShortcut11_9A9CEF4762274D03A3E055C2B64F61DE.exe
[2013/07/22 13:12:52 | 000,009,662 | R--- | M] () -- C:\Users\Jiri\AppData\Roaming\Microsoft\Installer\{9A9CEF47-6227-4D03-A3E0-55C2B64F61DE}\NewShortcut1_9A9CEF4762274D03A3E055C2B64F61DE.exe
[2013/07/22 13:24:45 | 000,009,662 | R--- | M] () -- C:\Users\Jiri\AppData\Roaming\Microsoft\Installer\{D497065F-7E29-401E-892A-ADA4CE1EA2F7}\smart.exe
[2013/07/22 13:24:45 | 000,014,534 | R--- | M] () -- C:\Users\Jiri\AppData\Roaming\Microsoft\Installer\{D497065F-7E29-401E-892A-ADA4CE1EA2F7}\SystemFoldermsiexec.exe
[2014/01/20 17:16:07 | 000,640,972 | ---- | M] () -- C:\Users\Jiri\AppData\Roaming\Microsoft\SystemCertificates\My\Updater\SearchIndexer.exe
[2014/01/20 17:16:10 | 000,418,041 | ---- | M] () -- C:\Users\Jiri\AppData\Roaming\Microsoft\SystemCertificates\My\Updater\ssl.exe
[2014/01/06 10:40:44 | 000,319,527 | ---- | M] () -- C:\Users\Jiri\AppData\Roaming\Microsoft\SystemCertificates\My\Updater\updater.exe
[2013/05/03 12:07:29 | 000,802,136 | ---- | M] (BitTorrent Inc.) -- C:\Users\Jiri\AppData\Roaming\uTorrent\uTorrent.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2014/01/21 21:13:18 | 000,000,052 | ---- | M] () -- C:\WINDOWS\system32\DOErrors.log
[2014/01/21 21:11:28 | 000,000,018 | ---- | M] () -- C:\WINDOWS\system32\log.txt

< %SYSTEMDRIVE%\*.exe >
[2007/11/07 08:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Xvid" = C:\Program Files (x86)\XviD\CheckUpdate.exe -- [2011/01/17 20:41:43 | 000,008,192 | ---- | M] ()

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014/01/21 22:41:52 | 000,000,512 | ---- | M] () MD5=55089F38D46C24124DAE7D5E8B763D4D -- C:\PhysicalMBR.bin

< >

< *crack* /s >

< *keygen* /s >

< *AntiWPA* /s >

< *loader* /s >
[2013/05/03 09:05:40 | 000,059,062 | ---- | M] () -- \Program Files (x86)\Aimersoft\Video Converter Ultimate\SVRFirefoxExt\chrome\AMVideoConvertDownloader.jar
[2013/04/23 15:09:04 | 002,070,888 | ---- | M] () -- \Program Files (x86)\Ashampoo\Ashampoo Photo Commander 11\portaluploader.dll
[2013/04/23 15:09:04 | 002,809,704 | ---- | M] () -- \Program Files (x86)\Ashampoo\Ashampoo Photo Commander 11\portaluploader2.dll
[2013/01/15 15:13:12 | 002,070,864 | ---- | M] () -- \Program Files (x86)\Ashampoo\Ashampoo Snap 6\portaluploader.dll
[2013/01/15 15:13:12 | 003,071,824 | ---- | M] () -- \Program Files (x86)\Ashampoo\Ashampoo Snap 6\portaluploader2.dll
[2013/05/30 13:48:02 | 004,372,840 | ---- | M] () -- \Program Files (x86)\Common Files\AVSMedia\MobileUploader\AVSMobileUploader.exe
[2013/05/30 13:44:14 | 000,095,971 | ---- | M] () -- \Program Files (x86)\Common Files\AVSMedia\MobileUploader\AVSMobileUploader.sil
[2013/07/09 18:08:34 | 004,496,744 | ---- | M] () -- \Program Files (x86)\Common Files\AVSMedia\VideoUploader\AVSVideoUploader.exe
[2013/05/29 17:34:00 | 000,046,165 | ---- | M] () -- \Program Files (x86)\Common Files\AVSMedia\VideoUploader\AVSVideoUploader.sil
[2013/05/09 00:43:22 | 000,268,440 | ---- | M] () -- \Program Files (x86)\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2013/05/09 00:43:22 | 000,019,080 | ---- | M] () -- \Program Files (x86)\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2012/07/16 06:06:24 | 000,127,464 | ---- | M] () -- \Program Files (x86)\CyberLink\Media Suite\koan\pyloader.dll
[2012/07/09 02:11:22 | 002,475,832 | ---- | M] () -- \Program Files (x86)\CyberLink\PhotoDirector\Kernel\CES\CES_3DLoaderFBX.dll
[2012/07/09 07:40:48 | 000,127,504 | ---- | M] () -- \Program Files (x86)\CyberLink\PhotoDirector\Koan\pyloader.dll
[2012/07/09 02:11:40 | 000,006,629 | ---- | M] () -- \Program Files (x86)\CyberLink\PhotoDirector\Presentation\UI\Import\ThumbnailLoader.kc
[2012/07/09 02:11:43 | 000,012,172 | ---- | M] () -- \Program Files (x86)\CyberLink\PhotoDirector\System\PyUploader.kc
[2012/07/09 07:40:12 | 000,161,296 | ---- | M] () -- \Program Files (x86)\CyberLink\PhotoDirector\System\_PyUploader.pyd
[2012/07/09 02:11:44 | 000,007,658 | ---- | M] () -- \Program Files (x86)\CyberLink\PhotoDirector\System\Model\SlideShowProduction\ProfileLoader.kc
[2010/12/24 07:00:58 | 000,167,720 | ---- | M] () -- \Program Files (x86)\CyberLink\Power2Go8\runtime\CES\PlugIn\CES_3DLoaderC3S.dll
[2010/12/24 07:00:58 | 002,525,480 | ---- | M] () -- \Program Files (x86)\CyberLink\Power2Go8\runtime\CES\PlugIn\CES_3DLoaderFBX.dll
[2012/07/03 13:02:42 | 000,127,504 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD10\3DPhotoPlayer\Koan\pyloader.dll
[2011/05/05 16:35:06 | 000,010,775 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cox\mm\MediaCtrl\ImageLoader.kc
[2011/05/05 16:35:08 | 000,003,567 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cox\widget\langloader.kc
[2011/05/05 16:35:08 | 000,013,369 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cox\widget\layoutloader.kc
[2012/12/28 09:25:22 | 000,000,034 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD12\ComLoader.ini
[2013/01/22 04:35:06 | 000,126,728 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD12\Common\Koan\pyloader.dll
[2012/06/13 08:41:28 | 000,018,123 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD12\MediaEspresso\subsys\DataCenter\ImageLoader.kc
[2012/11/28 04:04:01 | 000,028,102 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD12\Movie\PK\subsys\PyImpLoader\PyImpLoader.kc
[2013/01/22 04:40:00 | 000,122,632 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD12\Movie\PK\subsys\PyImpLoader\_PyImpLoader.pyd
[2012/09/07 07:38:48 | 000,012,088 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\mm\MediaCtrl\ImageLoader.kc
[2012/06/04 09:04:24 | 000,012,020 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD Cox\mm\MediaCtrl\ImageLoader.kc
[2012/12/28 09:24:43 | 000,022,781 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD12\subsys\DataCenter\ImageLoader.kc
[2012/12/28 09:24:44 | 000,007,947 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD12\subsys\NetService\netThumbLoader.kc
[2012/12/28 09:24:45 | 000,001,566 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD12\subsys\Video\D3D9Loader.kc
[2012/04/09 19:20:34 | 002,533,160 | ---- | M] () -- \Program Files (x86)\CyberLink\Shared files\Plugin\8.0\CES_3DLoaderFBX.dll
[2013/05/14 09:19:24 | 000,063,173 | ---- | M] () -- \Program Files (x86)\iSkysoft\Video Converter Ultimate\SVRFirefoxExt\chrome\ISVideoConvertDownloader.jar
[2012/05/03 19:38:36 | 000,071,528 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2012/05/03 19:39:16 | 000,063,848 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2012/05/21 05:03:06 | 000,083,816 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2012/05/21 05:03:06 | 000,089,448 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader64.dll
[2013/12/19 17:01:16 | 000,057,365 | ---- | M] () -- \Program Files (x86)\Wondershare\Video Converter Ultimate\SVRFirefoxExt\chrome\wsVideoConvertDownloader.jar
[2013/08/29 10:05:32 | 000,046,080 | ---- | M] () -- \Program Files\Avidemux 2.6 - 64bits\libADM_coreImageLoader6.dll
[2013/05/09 00:43:22 | 000,364,168 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2013/05/09 00:43:22 | 000,019,080 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2013/03/06 07:42:29 | 003,325,704 | ---- | M] () -- \Program Files\CyberLink\Shared files\PlugIn\9.0\CES_3DLoaderFBX.dll
[2013/09/30 05:00:08 | 000,000,930 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.BingTravel_3.0.1.202_x64__8wekyb3d8bbwe\js\HtmlFileLoader.js
[2013/09/30 04:58:35 | 000,001,160 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe\modernpeople\appframe\backgroundloader.js
[2013/09/30 04:58:35 | 000,004,996 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe\modernshareanything\sharedataloader.js
[2013/09/30 04:58:35 | 000,002,125 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe\modernsharetarget\sharemaildataloader.js
[2013/09/30 05:00:17 | 000,043,128 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe\Framework\imageLoader.js
[2013/12/18 08:01:32 | 000,054,211 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.ZuneVideo_2.2.338.0_x64__8wekyb3d8bbwe\Framework\imageLoader.js
[2009/12/12 15:11:16 | 000,054,784 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2013/12/17 21:24:46 | 000,001,029 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\Multiupload\Multiupload Batch Uploader.lnk
[2012/12/04 17:00:50 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012/12/04 17:00:50 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2013/10/09 17:07:12 | 000,006,012 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\normal\loader_15fps.gif
[2013/10/09 17:07:12 | 000,021,956 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\normal\loader_30fps.gif
[2012/12/04 17:00:50 | 000,009,772 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\retina\loader@2x.png
[2012/04/09 19:20:34 | 002,533,160 | ---- | M] () -- \SWSETUP\APP\Applications\CyberLink\PowerDirector\10.0.1.1925\src\ShareFiles\Share_x86\Plugin\8.0\CES_3DLoaderFBX.dll
[2013/12/17 21:24:46 | 000,001,029 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\Multiupload\Multiupload Batch Uploader.lnk
[2012/12/04 17:00:50 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012/12/04 17:00:50 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2013/10/09 17:07:12 | 000,006,012 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\normal\loader_15fps.gif
[2013/10/09 17:07:12 | 000,021,956 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\normal\loader_30fps.gif
[2012/12/04 17:00:50 | 000,009,772 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\retina\loader@2x.png
[2014/01/10 18:40:07 | 000,005,953 | ---- | M] () -- \Users\Jiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlfeafapmnniobpffacckpddijdjgpmj\4.0.0_0\wsYoutubeDownloader.js
[2014/01/10 18:40:07 | 000,005,953 | ---- | M] () -- \Users\Jiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\mapcejffhcbidcjmomhalabpcbaeimcb\5.0.0_0\wsYoutubeDownloader.js
[2014/01/21 19:21:45 | 000,001,174 | ---- | M] () -- \Users\Jiri\AppData\Local\Microsoft\Windows\INetCache\IE\9WWQC4Y1\downloader[1].js
[2014/01/21 19:21:45 | 000,000,723 | ---- | M] () -- \Users\Jiri\AppData\Local\Microsoft\Windows\INetCache\IE\M1DYE270\downloaderror[1].js
[2014/01/21 07:37:44 | 000,172,224 | ---- | M] () -- \Users\Jiri\AppData\Local\Temp\2540157\prloader.dll
[1 \Users\Jiri\AppData\Local\Temp\2540157\*.tmp files -> \Users\Jiri\AppData\Local\Temp\2540157\*.tmp -> ]
[2014/01/21 07:37:44 | 000,172,224 | ---- | M] () -- \Users\Jiri\AppData\Local\Temp\6434771\prloader.dll
[1 \Users\Jiri\AppData\Local\Temp\6434771\*.tmp files -> \Users\Jiri\AppData\Local\Temp\6434771\*.tmp -> ]
[2014/01/21 07:37:44 | 000,172,224 | ---- | M] () -- \Users\Jiri\AppData\Local\Temp\8619684\prloader.dll
[1 \Users\Jiri\AppData\Local\Temp\8619684\*.tmp files -> \Users\Jiri\AppData\Local\Temp\8619684\*.tmp -> ]
[2013/12/17 21:24:46 | 000,001,035 | ---- | M] () -- \Users\Jiri\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Multiupload Batch Uploader.lnk
[2013/12/17 21:24:46 | 000,001,011 | ---- | M] () -- \Users\Jiri\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Multiupload Batch Uploader.lnk
[2013/12/24 19:36:59 | 000,001,430 | ---- | M] () -- \Users\Jiri\AppData\Roaming\Microsoft\Windows\SendTo\AVS Mobile Uploader.lnk
[2013/12/24 19:37:02 | 000,001,418 | ---- | M] () -- \Users\Jiri\AppData\Roaming\Microsoft\Windows\SendTo\AVS Video Uploader.lnk
[2013/12/17 21:24:46 | 000,001,011 | ---- | M] () -- \Users\Public\Desktop\Multiupload Batch Uploader.lnk
[2013/10/19 06:42:49 | 000,017,920 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.O29577370#\86595041cdd4a8de0981e371e374962c\Microsoft.Office.InfoPath.CLRLoader.ni.dll
[2013/10/19 06:42:49 | 000,000,696 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.O29577370#\86595041cdd4a8de0981e371e374962c\Microsoft.Office.InfoPath.CLRLoader.ni.dll.aux
[2012/10/01 20:34:40 | 000,019,048 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00005119110000000100000000F01FEC\15.0.4420\FL_VSTOLoaderUI_dll_amd64_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2012/10/01 20:34:40 | 000,019,048 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00005119110000000100000000F01FEC\15.0.4420\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2012/10/01 20:34:40 | 000,364,128 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00005119110000000100000000F01FEC\15.0.4420\VSTOLoader_dll_amd64.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2012/10/01 20:34:40 | 000,268,384 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00005119110000000100000000F01FEC\15.0.4420\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2013/10/17 19:02:42 | 000,015,528 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Office.InfoPath.CLRLoader\v4.0_15.0.0.0__71e9bce111e9429c\Microsoft.Office.InfoPath.CLRLoader.dll
[2013/08/22 05:17:27 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 05:17:25 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 05:17:24 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-2-0.dll
[2013/08/22 05:17:20 | 000,002,560 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-private-l1-1-0.dll
[2013/08/22 05:17:34 | 000,002,560 | -H-- | M] () -- \Windows\System32\api-ms-win-core-stringloader-l1-1-0.dll
[2013/08/22 05:17:33 | 000,002,560 | -H-- | M] () -- \Windows\System32\api-ms-win-core-stringloader-l1-1-1.dll
[2013/08/22 04:55:19 | 000,036,352 | ---- | M] () -- \Windows\System32\dmloader.dll
[2013/08/22 14:25:39 | 000,003,584 | ---- | M] () -- \Windows\System32\downlevel\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 14:25:39 | 000,003,072 | ---- | M] () -- \Windows\System32\downlevel\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 14:25:38 | 000,002,560 | ---- | M] () -- \Windows\System32\downlevel\api-ms-win-core-stringloader-l1-1-1.dll
[2013/08/22 05:17:27 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 05:17:25 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 05:17:24 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-2-0.dll
[2013/08/22 05:17:20 | 000,002,560 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-private-l1-1-0.dll
[2013/08/22 05:17:34 | 000,002,560 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-stringloader-l1-1-0.dll
[2013/08/22 05:17:33 | 000,002,560 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-stringloader-l1-1-1.dll
[2013/08/22 04:55:19 | 000,036,352 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2013/08/22 14:25:39 | 000,003,584 | ---- | M] () -- \Windows\SysWOW64\downlevel\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 14:25:39 | 000,003,072 | ---- | M] () -- \Windows\SysWOW64\downlevel\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 14:25:38 | 000,002,560 | ---- | M] () -- \Windows\SysWOW64\downlevel\api-ms-win-core-stringloader-l1-1-1.dll
[2013/08/22 15:52:34 | 000,592,677 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.3.9600.16384_none_210fb36c397c4e2b\hvloader.efi
[2013/08/22 15:52:33 | 000,536,051 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.3.9600.16384_none_210fb36c397c4e2b\hvloader.exe
[2013/08/22 12:21:30 | 000,046,592 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.3.9600.16384_none_36b27bfc6399d5ce\dmloader.dll
[2013/08/22 14:25:37 | 000,003,584 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_b8233abb5511544f\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 14:25:37 | 000,003,072 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_b8233abb5511544f\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 14:25:36 | 000,002,560 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_b8233abb5511544f\api-ms-win-core-stringloader-l1-1-1.dll
[2013/08/22 12:45:31 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 12:45:33 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 12:45:35 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-libraryloader-l1-2-0.dll
[2013/08/22 12:45:30 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-libraryloader-private-l1-1-0.dll
[2013/08/22 12:45:40 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-stringloader-l1-1-0.dll
[2013/08/22 12:45:44 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-stringloader-l1-1-1.dll
[2013/09/30 04:56:11 | 000,000,463 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.16384_cs-cz_2400ceb4d1008089.manifest
[2013/10/24 06:56:56 | 000,009,588 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.16384_cs-cz_2400ceb4d1008089_winload.efi.mui_35ee487d
[2013/10/24 06:56:57 | 000,009,604 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.16384_cs-cz_2400ceb4d1008089_winload.exe.mui_3bc5b827
[2013/10/24 06:56:57 | 000,007,885 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.16384_cs-cz_2400ceb4d1008089_winresume.efi.mui_f412814e
[2013/10/24 06:56:57 | 000,007,900 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.16384_cs-cz_2400ceb4d1008089_winresume.exe.mui_ff8b5358
[2013/12/23 09:24:03 | 000,000,545 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.16452_none_4c038b5340875d62.manifest
[2013/12/23 10:00:21 | 000,716,508 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.16452_none_4c038b5340875d62_winload.efi_75834aa0
[2013/12/23 10:00:22 | 000,653,334 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.16452_none_4c038b5340875d62_winload.exe_75835076
[2013/12/23 10:00:23 | 000,640,528 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.16452_none_4c038b5340875d62_winresume.efi_85cd069f
[2013/12/23 10:00:24 | 000,581,014 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.16452_none_4c038b5340875d62_winresume.exe_85cd1215
[2013/08/22 16:34:52 | 000,000,596 | ---- | M] () -- \Windows\WinSxS\FileMaps\programdata_microsoft_network_downloader_7fafaef6d33e4371.cdf-ms
[2013/09/30 04:55:13 | 000,000,463 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.16384_cs-cz_2400ceb4d1008089.manifest
[2013/08/22 16:22:38 | 000,000,542 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.16384_none_4be51a3d409de6bc.manifest
[2013/09/30 05:06:25 | 000,000,545 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.16411_none_4c2dcab94067d447.manifest
[2013/09/30 05:08:41 | 000,000,546 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.16415_none_4c31cbe1406439a3.manifest
[2013/12/14 23:26:54 | 000,000,545 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.16452_none_4c038b5340875d62.manifest
[2013/08/22 04:55:19 | 000,036,352 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.3.9600.16384_none_da93e078ab3c6498\dmloader.dll
[2013/08/22 14:25:39 | 000,003,584 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_5c049f379cb3e319\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 14:25:39 | 000,003,072 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_5c049f379cb3e319\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 14:25:38 | 000,002,560 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_5c049f379cb3e319\api-ms-win-core-stringloader-l1-1-1.dll
[2013/08/22 05:17:27 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 05:17:25 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 05:17:24 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-libraryloader-l1-2-0.dll
[2013/08/22 05:17:20 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-libraryloader-private-l1-1-0.dll
[2013/08/22 05:17:34 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-stringloader-l1-1-0.dll
[2013/08/22 05:17:33 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-stringloader-l1-1-1.dll

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >
[2013/03/01 10:57:16 | 000,000,184 | ---- | M] () -- \Windows\AutoKMS.ini
[1 \Windows\*.tmp files -> \Windows\*.tmp -> ]

< *activator* /s >
[2012/12/28 09:24:43 | 000,004,878 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD12\subsys\Activator\Activator.kc
[2012/12/28 09:24:43 | 000,003,886 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD12\subsys\Activator\PyActivator.kc
[2013/01/22 04:33:12 | 000,130,824 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD12\subsys\Activator\_PyActivator.pyd

< *serial* /s >
[2013/09/13 00:53:56 | 000,434,368 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.20913.0\System.Runtime.Serialization.dll
[2013/10/09 06:16:57 | 001,164,288 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.20913.0\System.Runtime.Serialization.ni.dll
[2013/08/03 05:41:46 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2013/09/13 05:01:52 | 000,167,528 | ---- | M] () -- \Program Files\Microsoft Office\Office15\ADDINS\PowerPivot Excel Add-in\Microsoft.AnalysisServices.Excel.BackEnd.XmlSerializers.dll
[2013/09/13 05:01:52 | 000,210,024 | ---- | M] () -- \Program Files\Microsoft Office\Office15\ADDINS\PowerPivot Excel Add-in\Microsoft.AnalysisServices.Excel.Common.FrontEnd.XmlSerializers.dll
[2013/09/13 01:23:44 | 000,434,368 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.20913.0\System.Runtime.Serialization.dll
[2013/10/09 06:17:13 | 001,546,240 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.20913.0\System.Runtime.Serialization.ni.dll
[2013/10/17 19:53:18 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2013/10/17 19:53:19 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2013/08/17 01:06:37 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013/08/17 01:06:31 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013/10/17 19:53:19 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2013/10/17 19:53:19 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013/10/19 07:16:22 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\ca0910c91809d131de87b408f0124a71\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013/10/17 20:10:01 | 002,804,736 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\d5ec652ee752e275276098614a3b07a6\System.Runtime.Serialization.ni.dll
[2013/10/17 20:10:01 | 000,000,980 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\d5ec652ee752e275276098614a3b07a6\System.Runtime.Serialization.ni.dll.aux
[2013/10/17 21:19:58 | 003,530,752 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\95c6994932d6f4c53a879752918675b5\System.Runtime.Serialization.ni.dll
[2013/10/17 21:19:58 | 000,000,980 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\95c6994932d6f4c53a879752918675b5\System.Runtime.Serialization.ni.dll.aux
[2013/08/22 16:32:39 | 000,001,032 | ---- | M] () -- \Windows\Inf\c_multiportserial.inf
[2012/10/01 20:36:32 | 000,166,864 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00005119110000000100000000F01FEC\15.0.4420\AS_Client_BackEnd_XmlSerializers_dll_64.47B66533_5246_4BD8_8040_12B3E5660DA4
[2012/10/01 20:36:32 | 000,209,360 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00005119110000000100000000F01FEC\15.0.4420\AS_Client_Common_FrontEnd_XmlSerializers_dll_64.47B66533_5246_4BD8_8040_12B3E5660DA4
[2013/09/30 04:55:53 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013/08/10 01:55:16 | 000,142,104 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013/08/10 01:55:16 | 000,029,392 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Json\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Json.dll
[2013/08/10 01:55:16 | 000,029,432 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Primitives\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Primitives.dll
[2013/09/30 04:55:53 | 000,113,864 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2013/08/10 01:55:16 | 000,029,896 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Xml\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Xml.dll
[2013/08/10 01:55:16 | 001,060,528 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013/08/10 01:55:49 | 000,045,720 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2013/08/10 01:55:49 | 000,029,848 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.XmlSerializer\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Xml.XmlSerializer.dll
[2013/08/17 01:06:31 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2013/08/17 01:06:37 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013/10/17 19:53:20 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013/08/10 01:55:16 | 001,060,528 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2013/08/10 01:55:16 | 000,142,104 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2013/08/10 01:55:16 | 000,029,392 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Json.dll
[2013/08/10 01:55:16 | 000,029,432 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2013/08/10 01:55:16 | 000,029,896 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2013/08/10 01:55:49 | 000,045,720 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2013/08/10 01:55:49 | 000,029,848 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.XmlSerializer.dll
[2013/09/30 04:55:53 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013/09/30 04:55:53 | 000,113,864 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2013/08/17 01:06:27 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2013/08/17 01:06:37 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2013/10/17 19:53:19 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013/08/10 01:41:27 | 001,060,528 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2013/08/10 01:41:27 | 000,142,104 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2013/08/10 01:41:27 | 000,029,392 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Json.dll
[2013/08/10 01:41:28 | 000,029,432 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2013/08/10 01:41:28 | 000,029,896 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2013/08/10 01:42:08 | 000,045,720 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2013/08/10 01:42:08 | 000,029,848 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.XmlSerializer.dll
[2013/09/30 04:55:52 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013/09/30 04:55:53 | 000,113,864 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2013/08/22 21:12:22 | 000,008,827 | ---- | M] () -- \Windows\servicing\Packages\Microsoft-Windows-Serial-UartClass-package~31bf3856ad364e35~amd64~cs-CZ~6.3.9600.16384.cat
[2013/08/22 20:40:12 | 000,000,781 | ---- | M] () -- \Windows\servicing\Packages\Microsoft-Windows-Serial-UartClass-package~31bf3856ad364e35~amd64~cs-CZ~6.3.9600.16384.mum
[2013/08/22 13:55:01 | 000,008,827 | ---- | M] () -- \Windows\servicing\Packages\Microsoft-Windows-Serial-UartClass-package~31bf3856ad364e35~amd64~~6.3.9600.16384.cat
[2013/08/22 07:47:48 | 000,000,511 | ---- | M] () -- \Windows\servicing\Packages\Microsoft-Windows-Serial-UartClass-package~31bf3856ad364e35~amd64~~6.3.9600.16384.mum
[2013/08/22 04:48:16 | 000,015,872 | ---- | M] () -- \Windows\System32\serialui.dll
[2013/08/22 21:12:22 | 000,008,827 | ---- | M] () -- \Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Serial-UartClass-package~31bf3856ad364e35~amd64~cs-CZ~6.3.9600.16384.cat
[2013/08/22 13:55:01 | 000,008,827 | ---- | M] () -- \Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Serial-UartClass-package~31bf3856ad364e35~amd64~~6.3.9600.16384.cat
[2013/09/30 04:55:44 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2013/09/30 04:55:39 | 000,000,232 | ---- | M] () -- \Windows\System32\DriverStore\en-US\c_multiportserial.inf_loc
[2013/08/22 07:57:38 | 000,001,032 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\c_multiportserial.inf_amd64_7875073d426d59a6\c_multiportserial.inf
[2013/10/17 19:00:24 | 000,004,224 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\c_multiportserial.inf_amd64_7875073d426d59a6\c_multiportserial.PNF
[2013/08/22 12:40:08 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_1be60ad3a61e5531\serial.sys
[2013/08/22 04:48:16 | 000,015,872 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2013/09/30 04:55:44 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\cs-CZ\serialui.dll.mui
[2013/09/30 04:55:39 | 000,000,232 | ---- | M] () -- \Windows\WinSxS\amd64_c_multiportserial.inf.resources_31bf3856ad364e35_6.3.9600.16384_en-us_35eaebe6834354eb\c_multiportserial.inf_loc
[2013/08/22 07:57:38 | 000,001,032 | ---- | M] () -- \Windows\WinSxS\amd64_c_multiportserial.inf_31bf3856ad364e35_6.3.9600.16384_none_91b10a007e43beff\c_multiportserial.inf
[2013/08/17 01:06:37 | 000,011,776 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.3.9600.16384_cs-cz_b0eacafe7f4d1992\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2013/09/30 04:55:44 | 000,005,120 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.3.9600.16384_cs-cz_3f29419cb7a1caf0\serialui.dll.mui
[2013/08/22 12:13:54 | 000,017,920 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.3.9600.16384_none_e5c00198f2a1c32d\serialui.dll
[2013/10/17 19:53:19 | 000,090,112 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.3.9600.16384_cs-cz_4e32729c2675dfcf\System.RunTime.Serialization.Resources.dll
[2013/09/30 04:55:39 | 000,009,728 | ---- | M] () -- \Windows\WinSxS\amd64_msports.inf.resources_31bf3856ad364e35_6.3.9600.16384_cs-cz_b574829120336a99\serial.sys.mui
[2013/08/22 12:40:08 | 000,083,456 | ---- | M] () -- \Windows\WinSxS\amd64_msports.inf_31bf3856ad364e35_6.3.9600.16384_none_e95610bc8c554aa7\serial.sys
[2013/09/30 04:55:53 | 000,113,864 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runti..alization.resources_b03f5f7f11d50a3a_4.0.9600.16384_cs-cz_1da5c476c59b0e5b\System.RunTime.Serialization.resources.dll
[2013/08/10 01:41:27 | 000,142,104 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runti..ion.formatters.soap_b03f5f7f11d50a3a_4.0.9600.16384_none_f73c7de0bb1de286\System.Runtime.Serialization.Formatters.Soap.dll
[2013/08/10 01:41:28 | 000,029,432 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runti..lization.primitives_b03f5f7f11d50a3a_4.0.9600.16384_none_64635c6af076b012\System.Runtime.Serialization.Primitives.dll
[2013/09/30 04:55:52 | 000,027,920 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runti..ters.soap.resources_b03f5f7f11d50a3a_4.0.9600.16384_cs-cz_65f374ee29342685\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013/08/10 01:41:27 | 000,029,392 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runtime.serialization.json_b03f5f7f11d50a3a_4.0.9600.16384_none_031841e9b021a288\System.Runtime.Serialization.Json.dll
[2013/08/10 01:41:28 | 000,029,896 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runtime.serialization.xml_b03f5f7f11d50a3a_4.0.9600.16384_none_ea3019bcd508d7f5\System.Runtime.Serialization.Xml.dll
[2013/08/10 01:41:27 | 001,060,528 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9600.16384_none_afcfdcce0af8e4ba\System.Runtime.Serialization.dll
[2013/08/10 01:42:08 | 000,045,720 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.xml.serialization_b03f5f7f11d50a3a_4.0.9600.16384_none_1f92ce7ac9b9f399\System.Xml.Serialization.dll
[2013/08/10 01:42:08 | 000,029,848 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.xml.xmlserializer_b03f5f7f11d50a3a_4.0.9600.16384_none_0b1c65bd7b1ef04c\System.Xml.XmlSerializer.dll
[2013/08/17 01:06:27 | 000,131,072 | ---- | M] () -- \Windows\WinSxS\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.3.9600.16384_none_f057a9271ce694b1\System.Runtime.Serialization.Formatters.Soap.dll
[2013/10/17 19:53:19 | 000,847,872 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.3.9600.16384_none_9fc99c9c7c4c05c7\System.Runtime.Serialization.dll
[2013/10/17 19:53:18 | 000,847,872 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.16384_none_daa0a966d0440060\System.Runtime.Serialization.dll
[2013/09/30 04:54:42 | 000,000,276 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_c_multiportserial.inf-languagepack_31bf3856ad364e35_6.3.9600.16384_cs-cz_c3036df581d2c4e4.manifest
[2013/09/30 04:54:54 | 000,000,249 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_c_multiportserial.inf.resources_31bf3856ad364e35_6.3.9600.16384_en-us_35eaebe6834354eb.manifest
[2013/08/22 16:20:14 | 000,000,210 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_c_multiportserial.inf_31bf3856ad364e35_6.3.9600.16384_none_91b10a007e43beff.manifest
[2013/08/22 14:25:34 | 000,000,297 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.3.9600.16384_none_0273ed2980a1f589.manifest
[2013/08/22 16:22:11 | 000,001,512 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-serial-classextension_31bf3856ad364e35_6.3.9600.16384_none_26d3123b2d2a9360.manifest
[2013/08/22 16:22:07 | 000,000,110 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.3.9600.16384_none_1d7b32f2da6cfe0c.manifest
[2013/08/22 16:24:27 | 000,000,402 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.runtime.serialization.json_b03f5f7f11d50a3a_4.0.9600.16384_none_031841e9b021a288.manifest
[2013/08/22 16:24:29 | 000,000,401 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.runtime.serialization.xml_b03f5f7f11d50a3a_4.0.9600.16384_none_ea3019bcd508d7f5.manifest
[2013/08/22 16:24:24 | 000,000,420 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9600.16384_none_afcfdcce0af8e4ba.manifest
[2013/08/22 16:24:28 | 000,000,397 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.xml.serialization_b03f5f7f11d50a3a_4.0.9600.16384_none_1f92ce7ac9b9f399.manifest
[2013/08/22 16:24:27 | 000,000,403 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.xml.xmlserializer_b03f5f7f11d50a3a_4.0.9600.16384_none_0b1c65bd7b1ef04c.manifest
[2013/08/22 16:24:13 | 000,000,408 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.3.9600.16384_none_9fc99c9c7c4c05c7.manifest
[2013/08/22 16:24:13 | 000,000,416 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.16384_none_daa0a966d0440060.manifest
[2013/08/22 16:24:29 | 000,000,418 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.json_b03f5f7f11d50a3a_4.0.9600.16384_none_61eedd30ec040245.manifest
[2013/08/22 16:24:24 | 000,000,430 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.primitives_b03f5f7f11d50a3a_4.0.9600.16384_none_dde82ee214ba2d3d.manifest
[2013/08/22 16:24:13 | 000,000,400 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.3.9600.16384_none_ed2ffed67c428df1.manifest
[2013/09/30 04:55:21 | 000,000,448 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9600.16384_cs-cz_25789e4d6d93f144.manifest
[2013/09/30 04:55:20 | 000,000,408 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.3.9600.16384_cs-cz_7adb458f8b8eae0b.manifest
[2013/08/22 16:24:24 | 000,000,419 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.xml_b03f5f7f11d50a3a_4.0.9600.16384_none_0d0d9cf22bac10f4.manifest
[2013/08/22 16:24:27 | 000,000,471 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_4.0.9600.16384_none_c8108d2e85eed25d.manifest
[2013/08/22 16:24:13 | 000,000,422 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.3.9600.16384_none_1d733470a3e98f24.manifest
[2013/08/22 16:24:28 | 000,000,447 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.xml.serialization_b77a5c561934e089_4.0.9600.16384_none_5aaf0d34c0033202.manifest
[2013/08/22 16:24:24 | 000,000,420 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.xml.xmlserializer_b03f5f7f11d50a3a_4.0.9600.16384_none_3cc4c9f9340d8755.manifest
[2013/08/22 16:24:56 | 000,000,411 | ---- | M] () -- \Windows\WinSxS\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.16384_none_224de03de4c02966.manifest
[2013/08/10 01:55:16 | 000,142,104 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_4.0.9600.16384_none_0dbd81c1c9e100df\System.Runtime.Serialization.Formatters.Soap.dll
[2013/08/17 01:06:31 | 000,131,072 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.3.9600.16384_none_63202903e7dbbda6\System.Runtime.Serialization.Formatters.Soap.dll
[2013/09/30 04:55:53 | 000,027,920 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_4.0.9600.16384_cs-cz_c6e6982dc37909d8\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013/08/17 01:06:37 | 000,011,776 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.3.9600.16384_cs-cz_1c493f6fe173c69f\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013/08/10 01:55:16 | 000,029,392 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.json_b03f5f7f11d50a3a_4.0.9600.16384_none_61eedd30ec040245\System.Runtime.Serialization.Json.dll
[2013/08/10 01:55:16 | 000,029,432 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.primitives_b03f5f7f11d50a3a_4.0.9600.16384_none_dde82ee214ba2d3d\System.Runtime.Serialization.Primitives.dll
[2013/10/17 19:53:20 | 000,970,752 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.ref_b77a5c561934e089_6.3.9600.16384_none_ed2ffed67c428df1\System.Runtime.Serialization.dll
[2013/09/30 04:55:53 | 000,113,864 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9600.16384_cs-cz_25789e4d6d93f144\System.RunTime.Serialization.resources.dll
[2013/10/17 19:53:19 | 000,090,112 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.resources_b77a5c561934e089_6.3.9600.16384_cs-cz_7adb458f8b8eae0b\System.RunTime.Serialization.Resources.dll
[2013/08/10 01:55:16 | 000,029,896 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.xml_b03f5f7f11d50a3a_4.0.9600.16384_none_0d0d9cf22bac10f4\System.Runtime.Serialization.Xml.dll
[2013/08/10 01:55:16 | 001,060,528 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_4.0.9600.16384_none_c8108d2e85eed25d\System.Runtime.Serialization.dll
[2013/10/17 19:53:19 | 000,970,752 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_6.3.9600.16384_none_1d733470a3e98f24\System.Runtime.Serialization.dll
[2013/08/10 01:55:49 | 000,045,720 | ---- | M] () -- \Windows\WinSxS\msil_system.xml.serialization_b77a5c561934e089_4.0.9600.16384_none_5aaf0d34c0033202\System.Xml.Serialization.dll
[2013/08/10 01:55:49 | 000,029,848 | ---- | M] () -- \Windows\WinSxS\msil_system.xml.xmlserializer_b03f5f7f11d50a3a_4.0.9600.16384_none_3cc4c9f9340d8755\System.Xml.XmlSerializer.dll
[2013/08/17 01:06:37 | 000,011,776 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.3.9600.16384_cs-cz_54cc2f7ac6efa85c\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013/09/30 04:55:44 | 000,005,120 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.3.9600.16384_cs-cz_e30aa618ff4459ba\serialui.dll.mui
[2013/08/22 04:48:16 | 000,015,872 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.3.9600.16384_none_89a166153a4451f7\serialui.dll
[2013/08/03 05:41:46 | 000,970,752 | ---- | M] () -- \Windows\WinSxS\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.16384_none_224de03de4c02966\System.Runtime.Serialization.dll

< *w7lxe* /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 992 bytes -> C:\Users\Jiri\AppData\Local\CJKqCoadJvTn:UO6c15vRk2HuKDYdlxkae
@Alternate Data Stream - 286 bytes -> C:\ProgramData\TEMP:3440EB47
@Alternate Data Stream - 199 bytes -> C:\Users\Jiri\SkyDrive:ms-properties
@Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:0888F409
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:66633281

< End of report >

JiriHrabcuk · #24 Příspěvek od **JiriHrabcuk** » 21 led 2014 23:06

OTL Extras logfile created on: 21. 1. 2014 22:41:18 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jiri\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16476)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d. M. yyyy

7,94 Gb Total Physical Memory | 5,37 Gb Available Physical Memory | 67,68% Memory free
8,33 Gb Paging File | 5,88 Gb Available in Paging File | 70,62% Paging File free
Paging file location(s): c:\pagefile.sys 400 4096 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 925,27 Gb Total Space | 449,08 Gb Free Space | 48,53% Space Free | Partition Type: NTFS
Drive D: | 11,42 Gb Total Space | 11,28 Gb Free Space | 98,77% Space Free | Partition Type: NTFS
Drive J: | 463,78 Gb Total Space | 258,45 Gb Free Space | 55,73% Space Free | Partition Type: NTFS
Drive K: | 235,76 Gb Total Space | 113,57 Gb Free Space | 48,17% Space Free | Partition Type: NTFS
Drive L: | 224,97 Gb Total Space | 152,46 Gb Free Space | 67,77% Space Free | Partition Type: NTFS

Computer Name: ALIEN8 | User Name: Jiri | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3537464858-1279074522-603390182-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = AC 1C AE C5 46 9F CE 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{2792CBEE-E5BB-47A7-A930-8391C1622092}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2935B195-2F4F-434A-AA90-B4461EAF29E9}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{510BD001-2E76-4B50-84EF-1C36A9305F25}" = lport=2869 | protocol=6 | dir=in | app=system |
"{573E3C06-007B-4614-A261-F1B37FA86CBE}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{785289D9-357F-4E3D-B927-B8E08ACEBA47}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8798F661-4CC2-4F9F-8CC7-43312B1AF507}" = rport=10243 | protocol=6 | dir=out | app=system |
"{90EA0B63-4B0D-4E19-8443-44D3AEC68814}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AB042444-D288-4F88-895B-A60EFD872722}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{B0222C7D-E139-4DC4-98D1-F7BDBBED6390}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BA24EDF4-D2BA-4F69-B25E-21EAEBC232B4}" = lport=10243 | protocol=6 | dir=in | app=system |
"{CF8FB2C5-411F-4E11-8DC2-C8FECD72333E}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office15\outlook.exe |
"{EA830441-5442-4AFF-9C04-6AA7ECA31FB7}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0040ADB3-E8AC-4773-9CA5-66E82D0A5CE0}" = dir=out | name=windows_ie_ac_001 |
"{02A3E85D-FED8-4485-B7AF-B75D45ACA9B0}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{0BB2CA7B-6A68-4F6E-B728-2822241EB61C}" = dir=out | name=@{microsoft.zunevideo_1.1.134.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{0BCB1BCE-AC30-4155-8E55-72FB1D8EE65C}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{125DC8D8-D954-4EA5-B9B6-832B4F9A6ED1}" = dir=out | name=@{microsoft.bingfinance_3.0.1.299_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{14C010DD-9286-445E-ABAA-CCEA6A81A84F}" = dir=out | name=@{microsoft.bingweather_1.7.0.26_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{1ABC7A6D-DCD4-45BC-B44D-E459EFEBBC55}" = protocol=6 | dir=in | app=c:\users\jiri\appdata\roaming\utorrent\utorrent.exe |
"{20E766E5-1B93-4A72-B4A0-31FD397544D2}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.1.335_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{24FD6DC4-4959-46B6-ABA1-72BB934ECBFB}" = dir=out | name=sonicwall mobile connect |
"{28255382-5AB7-4EFE-89CC-C90976B1ABAE}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{2E9022CF-84DF-4A46-82C5-EAB6C5579E2E}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\kernel\dms\clmsserverpdvd12.exe |
"{30B14B58-5EB2-4104-9400-BF8D9995AEA8}" = dir=out | name=windows_ie_ac_001 |
"{3458627B-2C99-4B5B-B690-DBD70AE33E28}" = dir=out | name=juniper networks junos pulse |
"{36678127-9A31-487E-BC58-5383834AB393}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{37FAA6B8-5832-40B9-B6F3-D7AD0C2420EC}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{39A5821E-F92F-4A83-B35E-E3F7F7A399DC}" = dir=out | name=@{microsoft.bingtravel_1.7.0.26_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{3A3ADB26-38C1-4ABE-948C-F6BD76023C0F}" = dir=out | name=f5 vpn |
"{3A42DEA0-A2DC-4D80-80B0-CB15CC7ACF37}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{3E31BBAD-0D3A-4B5A-91E4-ACE25C4B17FF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn |
"{4C150178-0603-4481-95CD-22928CBC3673}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\kernel\dmr\powerdvd12dmrengine.exe |
"{4EA918A2-814B-4C02-AE69-6D7B89D91D78}" = dir=out | name=@{microsoft.bingtravel_3.0.1.202_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{505835D1-5388-454F-A474-C9135CB7B64E}" = dir=in | name=sonicwall mobile connect |
"{50D4B967-3622-4822-9A06-4C8B1087F2D0}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{5587FEAE-1F3E-4B97-9F50-FD969F2B3DD8}" = dir=out | name=@{microsoft.bingfinance_1.7.0.38_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect |
"{56ED1E19-F382-4D19-B2CC-7E5081F942BF}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe |
"{5D37B301-52EE-46DB-889B-242DF7A1EAF1}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect |
"{6169FF91-BA8D-4F20-AB04-E9A9DE14C202}" = dir=out | name=@{microsoft.bingsports_1.8.0.51_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{61CBBE73-DC83-4B6C-B2C4-98D9207F8369}" = dir=out | name=@{microsoft.bingnews_3.0.1.321_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/apptitle} |
"{62B53D97-6F38-47D1-947F-44F2380D6562}" = dir=out | name=@{microsoft.zunemusic_2.2.339.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{66AA68B1-BC3E-40BC-B86D-5A626AD5D206}" = protocol=6 | dir=out | app=system |
"{66F5F83D-F7F0-4D8D-B651-CCE5FC294CB7}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\powerdvd12agent.exe |
"{6B027B76-95B0-419D-82FF-C57F3B3F2D04}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{6F4697C4-BA25-4957-A76C-F33CCC8D7FB8}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\lync.exe |
"{709FB75E-C712-45A1-B234-DCC45667998F}" = dir=in | name=check point vpn |
"{72B69ECD-C1B5-4BF2-A189-AFF3A61C0B40}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{73B67456-ED07-4935-807D-D221C07DF18A}" = dir=out | name=@{12199asparion.asparionclock_3.2.1.46_neutral__f89vgcf3qm37t?ms-resource://12199asparion.asparionclock/resources/sstorename} |
"{74E63C2B-2C44-4F3F-9768-5DDF91B2A136}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\lync.exe |
"{79214BB6-3D43-4E6C-B081-582FC409AE26}" = dir=out | name=kindle |
"{7BD63CF1-6702-4855-9E65-CCD25AD1A1DE}" = dir=in | name=f5 vpn |
"{7DB4C22B-D77B-4A99-9D05-C6E728710868}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{8337A1FD-4957-4580-A350-C90A1DBBDB22}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe |
"{8A285931-C587-4507-B2A5-9FB360EC067F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8A37D2B1-9531-47BC-9EF8-2C239D2FB00B}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector10\pdr10.exe |
"{8CFD7615-69B0-43BA-8C7C-2B475B4CE506}" = dir=in | name=juniper networks junos pulse |
"{8E1C7EE9-AFDA-4020-B3F8-5DE00A71DAB0}" = dir=out | name=@{microsoft.bingweather_3.0.1.203_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{8EBF50E4-7B78-4F10-A429-E3588C92A4F2}" = dir=out | name=hp registration |
"{8F49A9C0-D6AC-4F42-B9FA-6765DCA54197}" = dir=out | name=@{microsoft.bingmaps_2.0.2210.2401_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{94A141BF-A1BE-4AA0-B049-DD484FDE3D33}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\powerdvd12ml.exe |
"{9A65492F-5DC9-4D2F-8F48-ADDCE75BB92F}" = dir=in | name=@{microsoft.reader_6.2.9200.20623_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{9C0F4A13-B37E-4775-90F4-0598B2E42DF2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9D6E446F-BADC-4EC3-8545-011024B43B2D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{A5E7E8BA-F162-42D9-B2FD-EA78506C3130}" = dir=out | name=getting started with windows 8 |
"{ADDB1F22-E32E-4A07-A351-8CBD893CE481}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{B4CEA252-607D-468E-B25D-99E8A43EA2B9}" = dir=out | name=skype |
"{B99C89C5-1A93-48E6-9CBE-D4D4A352E43C}" = dir=out | name=@{microsoft.bingnews_1.7.0.38_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{B9D9F0AC-87CE-48FF-B13F-223FAA1161D4}" = dir=in | name=skype |
"{BFE0EFF0-DA64-4238-8BFF-0B1C6383C02D}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{C1569F1B-57B6-45DD-B86C-4E863FD8728B}" = dir=out | name=windows_ie_ac_001 |
"{C4B46E78-92AE-43A4-932E-030D0BEC172A}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{C626C9EC-E0BE-4AA3-BE6A-C629C2B378A3}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{C7B545EE-C88F-4D6F-9F7D-5268836D57D2}" = dir=out | name=@{microsoft.bingsports_3.0.1.203_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{CAADCAA0-81CC-44F5-AB76-38D7375DF860}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{CB79AFE2-9B7F-4112-989C-E4F1829E234A}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\movie\powerdvd cinema\powerdvdcinema12.exe |
"{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn |
"{D70779A6-A487-4E2D-B371-FD60639CB1CC}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D8E72528-FC5B-4F1F-B337-862A0B60770C}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd10.exe |
"{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn |
"{DD6A454A-ACF1-486E-B9E8-55BE89AF252A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E054FF2B-C549-4A93-8771-AE5F929A1550}" = dir=out | name=@{microsoft.reader_6.2.9200.20623_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{E3BDA215-B71A-42B2-A5EE-2CC5FFBA3D31}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.1.337_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{E445E6C8-CA22-4B76-A9C6-E7B1B3FD0E26}" = dir=out | name=@{microsoft.bingmaps_1.5.1.240_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{E624B80D-07DB-495C-8E6F-9FA33717CAE4}" = protocol=17 | dir=in | app=c:\users\jiri\appdata\roaming\utorrent\utorrent.exe |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{E8851C37-5AB6-49EA-9F3C-F8B648489C31}" = dir=out | name=@{microsoft.zunevideo_2.2.338.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{EA73260C-3A14-4E96-BB70-9B6F91C6C10A}" = dir=out | name=check point vpn |
"{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn |
"{EE77263A-59D9-4AB9-A8E1-6586DC8FD5E2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{F21B1398-2DA7-4C0F-8EFB-87EE914BECCC}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\powerdvd12.exe |
"{F32F1B89-8AC8-4AA5-BA4C-71E414C5FCD8}" = dir=out | name=@{microsoft.zunemusic_1.1.144.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client |
"{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client |
"{F85D996A-FC8A-461B-A1EC-0A266CC2D7EC}" = dir=out | name=@{microsoft.xboxlivegames_1.1.134.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{FCB7EF4D-131B-49C0-8A50-5BDB6061C0A8}" = dir=out | name=norton studio |
"TCP Query User{84647F18-6347-4445-A938-0251958C7940}C:\program files (x86)\leawo\total media converter ultimate\loadingscreen.exe" = protocol=6 | dir=in | app=c:\program files (x86)\leawo\total media converter ultimate\loadingscreen.exe |
"TCP Query User{A726DA43-44F5-4E9E-84DF-DA48CE363063}C:\program files (x86)\iskysoft\video converter ultimate\urlreqservice.exe" = protocol=6 | dir=in | app=c:\program files (x86)\iskysoft\video converter ultimate\urlreqservice.exe |
"TCP Query User{ED6B9A66-5CB5-41FC-9822-CA7E74EDFEEB}C:\program files (x86)\wondershare\video converter ultimate\urlreqservice.exe" = protocol=6 | dir=in | app=c:\program files (x86)\wondershare\video converter ultimate\urlreqservice.exe |
"UDP Query User{767BFF31-F2BD-4202-836C-2013C66A6911}C:\program files (x86)\iskysoft\video converter ultimate\urlreqservice.exe" = protocol=17 | dir=in | app=c:\program files (x86)\iskysoft\video converter ultimate\urlreqservice.exe |
"UDP Query User{A589DF15-F3CC-4A59-B69D-2364F00E856C}C:\program files (x86)\leawo\total media converter ultimate\loadingscreen.exe" = protocol=17 | dir=in | app=c:\program files (x86)\leawo\total media converter ultimate\loadingscreen.exe |
"UDP Query User{DC0C14A9-9EFC-4791-8572-850C67476363}C:\program files (x86)\wondershare\video converter ultimate\urlreqservice.exe" = protocol=17 | dir=in | app=c:\program files (x86)\wondershare\video converter ultimate\urlreqservice.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{12DA3057-6836-4C8B-A44D-A447474E302B}" = O&O SafeErase Professional
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{2599B6F1-92AC-472C-BE60-9F17565E4938}" = PowerDirector
"{2EBEFDA8-F905-4C39-AC1C-D5ABE7B3E0AE}" = ExpressCache
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{551F492A-01B0-4DC4-866F-875EC4EDC0A8}" = CyberLink PowerDirector 11
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 2.5.7
"{6E14E6D6-3175-4E1A-B934-CAB5A86367CD}" = HP Postscript Converter
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90150000-0015-0405-1000-0000000FF1CE}" = Microsoft Access MUI (Czech) 2013
"{90150000-0016-0405-1000-0000000FF1CE}" = Microsoft Excel MUI (Czech) 2013
"{90150000-0018-0405-1000-0000000FF1CE}" = Microsoft PowerPoint MUI (Czech) 2013
"{90150000-0019-0405-1000-0000000FF1CE}" = Microsoft Publisher MUI (Czech) 2013
"{90150000-001A-0405-1000-0000000FF1CE}" = Microsoft Outlook MUI (Czech) 2013
"{90150000-001B-0405-1000-0000000FF1CE}" = Microsoft Word MUI (Czech) 2013
"{90150000-001F-0405-1000-0000000FF1CE}" = Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština
"{90150000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Korrekturhilfen 2013 - Deutsch
"{90150000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - English
"{90150000-001F-041B-1000-0000000FF1CE}" = Nástroje korektúry balíka Microsoft Office 2013 - slovenčina
"{90150000-002C-0405-1000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2013
"{90150000-0044-0405-1000-0000000FF1CE}" = Microsoft InfoPath MUI (Czech) 2013
"{90150000-006E-0405-1000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2013
"{90150000-0090-0405-1000-0000000FF1CE}" = Microsoft DCF MUI (Czech) 2013
"{90150000-00A1-0405-1000-0000000FF1CE}" = Microsoft OneNote MUI (Czech) 2013
"{90150000-00BA-0405-1000-0000000FF1CE}" = Microsoft Groove MUI (Czech) 2013
"{90150000-00C1-0000-1000-0000000FF1CE}" = Microsoft Office 32-bit Components 2013
"{90150000-00C1-0405-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (Czech) 2013
"{90150000-00E1-0405-1000-0000000FF1CE}" = Microsoft Office OSM MUI (Czech) 2013
"{90150000-00E2-0405-1000-0000000FF1CE}" = Microsoft Office OSM UX MUI (Czech) 2013
"{90150000-012B-0405-1000-0000000FF1CE}" = Microsoft Lync MUI (Czech) 2013
"{91150000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2013
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 327.02
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 327.02
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 327.02
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.12.0613
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovladač HD audia 1.3.26.4
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}" = HP Registration Service
"{F17E4000-ED91-11E2-B3BD-F04DA23A5C58}" = MSVCRT Redists
"{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}" = Intel® Trusted Connect Service Client
"CCleaner" = CCleaner
"MediaInfo" = MediaInfo 0.7.64
"NewBlue Art Effects for PowerDirector" = Newblue Art Effects for PowerDirector
"Office15.PROPLUSR" = Microsoft Office Professional Plus 2013
"WinRAR archiver" = WinRAR

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0A11EA01-0F9C-8526-5DF1-0A2FD0FB33D9}_is1" = Ashampoo Photo Commander 11 v.11.0.1
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{11778DA1-0495-4ED9-972F-F9E0B0367CD5}" = Windows Live Writer
"{185F9795-9663-4F13-9EF9-307A282ADB5A}" = ph
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite 10
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2A075BB4-E976-4278-BF3F-E5C6945D84C0}" = bl
"{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3C97EEE1-8B5F-412c-BF85-201CD6AEAB60}_is1" = 4Videosoft HD Converter 5.0.28
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{4862344A-A39C-4897-ACD4-A1BED5163C5A}" = CyberLink PhotoDirector
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.10
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5AF4B3C4-C393-48D7-AC7E-8E7615579548}" = Adobe AIR
"{5E627606-53B9-42D1-97E1-D03F6229E248}" = Windows Live UX Platform Language Pack
"{64467D47-FFE4-4FBC-ABBA-A0DB829A17EB}" = NVIDIA PhysX
"{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.0.0
"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{793FCE60-DE5E-4977-A942-A7B69A45B17D}" = MainConcept DTV Decoder Pro
"{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}" = Windows Live Writer Resources
"{7DD81976-3E78-4e3c-B65C-FB7226879E1B}_is1" = 4Videosoft MP4 Converter 5.0.28
"{8190420D-F4BA-4744-8940-A466F81AF89C}_is1" = Ulož.to File Manager verze 1.6
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A9CEF47-6227-4D03-A3E0-55C2B64F61DE}" = Smart Cutter for DV and DVB
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DEC9DE4-67F5-42A6-8FEA-7ED2F8888F29}_is1" = Multiupload Batch Uploader 1.0
"{9FD45917-95E6-449D-ACC9-01E634A34CBD}_is1" = MPEG Video Wizard DVD 5.0.1.100 (03/2011)
"{A5F041A4-812A-47C2-AD53-8893A81019FB}_is1" = Leawo Total Media Converter Ultimate version 6.0.0.1
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}" = CyberLink PowerDirector 10
"{B2B7B1C8-7C8B-476C-BE2C-049731C55992}" = HP Support Information
"{B46BEA36-0B71-4A4E-AE41-87241643FA0A}" = CyberLink PowerDVD 12
"{BE34ED83-E18B-4aa4-8AB6-BD4E1E1D9314}_is1" = Aiseesoft MP4 Converter Suite 6.2.26
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C92AB6F1-770F-EA32-6CF7-8A0792FA1A4B}_is1" = Ashampoo Snap 6 v.6.0.4
"{CCAC8107-29DE-4a48-92D9-6C7C278B17A4}_is1" = Tipard HD Video Converter 6.1.22
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D23B94EF-3D81-4EC7-B826-EF3D07F8C7AF}_is1" = HellShare Upload Manager verze 2.0.5
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D497065F-7E29-401E-892A-ADA4CE1EA2F7}" = Smart Cutter
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FF27F674-821E-4BA2-985B-DDF539C2CD03}" = HP Support Assistant
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 9.20
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin
"AIDA64 Extreme Edition_is1" = AIDA64 Extreme Edition v2.80
"Aimersoft Video Converter Ultimate_is1" = Aimersoft Video Converter Ultimate(Build 5.5.0.3)
"Aiseesoft HD Video Converter_is1" = Aiseesoft HD Video Converter 6.1.12
"Allok MP3 to AMR Converter_is1" = Allok MP3 to AMR Converter 3.0.2
"AutoGK" = Auto Gordian Knot 2.55
"Avidemux 2.6 - 64bits (64-bit)" = Avidemux 2.6 - 64bits
"AviSynth" = AviSynth 2.5
"AVS4YOU Video Converter 7_is1" = AVS Video Converter 8.5
"Google Chrome" = Google Chrome
"HelixYUVCodecs" = Helix YUV Codecs (remove only)
"InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite 10
"InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}" = CyberLink PhotoDirector
"InstallShield_{551F492A-01B0-4DC4-866F-875EC4EDC0A8}" = CyberLink PowerDirector 11
"InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}" = CyberLink PowerDirector 10
"InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}" = CyberLink PowerDVD 12
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD
"iSkysoft Video Converter Ultimate_is1" = iSkysoft Video Converter Ultimate(Build 4.5.1.0)
"KLiteCodecPack_is1" = K-Lite Codec Pack 9.4.0 (Basic)
"MKVtoolnix" = MKVtoolnix 4.3.0
"Mozilla Firefox 26.0 (x86 cs)" = Mozilla Firefox 26.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Mpeg Video Wizard DVD 5.0" = MPEG Video Wizard DVD 5.0.1.100 (03/2011)
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"StartHPConnectedMusic" = HP Connected Music (Meridian - installer)
"uTorrent" = µTorrent
"VideoReDo4_is1" = VideoReDo TVSuite Version 4.20.6.619
"VLC media player" = VLC media player 2.1.2
"VobSub" = VobSub v2.23 (Remove Only)
"WinLiveSuite" = Windows Live Essentials
"Wondershare Video Converter Ultimate_is1" = Wondershare Video Converter Ultimate(Build 6.7.1.0)
"x264vfw" = x264vfw - H.264/MPEG-4 AVC codec (remove only)
"XviD MPEG4 Video Codec" = XviD MPEG4 Video Codec (remove only)
"Xvid Video Codec 1.3.2" = Xvid Video Codec

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3537464858-1279074522-603390182-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"7f4182272b52fd8f" = CZShare Manager
"HPConnectedMusic" = HP Connected Music (Meridian - player)

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 20. 1. 2014 14:29:22 | Computer Name = Alien8 | Source = Microsoft-Windows-Defrag | ID = 257
Description =

Error - 20. 1. 2014 15:49:23 | Computer Name = Alien8 | Source = Microsoft-Windows-Defrag | ID = 257
Description =

Error - 21. 1. 2014 1:24:45 | Computer Name = Alien8 | Source = Office 2013 Licensing Service | ID = 0
Description =

Error - 21. 1. 2014 3:24:26 | Computer Name = Alien8 | Source = Microsoft-Windows-Defrag | ID = 257
Description =

Error - 21. 1. 2014 7:44:44 | Computer Name = Alien8 | Source = Microsoft-Windows-Defrag | ID = 257
Description =

Error - 21. 1. 2014 10:50:19 | Computer Name = Alien8 | Source = Microsoft-Windows-Defrag | ID = 257
Description =

Error - 21. 1. 2014 12:08:18 | Computer Name = Alien8 | Source = Microsoft-Windows-Defrag | ID = 257
Description =

Error - 21. 1. 2014 12:27:50 | Computer Name = Alien8 | Source = Application Error | ID = 1000
Description = Název chybující aplikace: tiger.exe, verze: 0.0.0.0, časové razítko:
0x50ed317a Název chybujícího modulu: ffbri.dll, verze: 0.0.0.0, časové razítko:
0x50c14d9a Kód výjimky: 0xc0000005 Posun chyby: 0x005f009e ID chybujícího procesu:
0x74c Čas spuštění chybující aplikace: 0x01cf16c5ba4b5952 Cesta k chybující aplikaci:
C:\Program Files (x86)\Leawo\Total Media Converter Ultimate\tiger.exe Cesta k chybujícímu
modulu: C:\Program Files (x86)\Leawo\Total Media Converter Ultimate\ffbri.dll ID
zprávy: f80e25df-82b8-11e3-bf2a-4c72b9da4d39 Úplný název chybujícího balíčku: ID
aplikace související s chybujícím balíčkem:

Error - 21. 1. 2014 12:43:50 | Computer Name = Alien8 | Source = Application Error | ID = 1000
Description = Název chybující aplikace: tiger.exe, verze: 0.0.0.0, časové razítko:
0x50ed317a Název chybujícího modulu: ffbri.dll, verze: 0.0.0.0, časové razítko:
0x50c14d9a Kód výjimky: 0xc0000005 Posun chyby: 0x005f009e ID chybujícího procesu:
0x1714 Čas spuštění chybující aplikace: 0x01cf16c7f62bed5f Cesta k chybující aplikaci:
C:\Program Files (x86)\Leawo\Total Media Converter Ultimate\tiger.exe Cesta k chybujícímu
modulu: C:\Program Files (x86)\Leawo\Total Media Converter Ultimate\ffbri.dll ID
zprávy: 340af2cd-82bb-11e3-bf2a-4c72b9da4d39 Úplný název chybujícího balíčku: ID
aplikace související s chybujícím balíčkem:

Error - 21. 1. 2014 17:23:52 | Computer Name = Alien8 | Source = Microsoft-Windows-Defrag | ID = 257
Description =

< End of report >

#25 Příspěvek od **Márty84** » 22 led 2014 10:22

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne

Znovu spustte OTL jako spravce
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[Purity]
[ClearAllRestorePoints]

:services
gupdate
SkypeUpdate
AdobeFlashPlayerUpdateSvc
gupdatem

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\HPCeeScheduleForJiri.job
C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 14743812-0433-48cf-9bdc-4ab10ea55497.job
C:\Users\Jiri\AppData\Local\Microsoft\Windows\INetCache\IE\M1DYE270\svchost*.exe
C:\Users\Jiri\AppData\Local\Microsoft\Windows\INetCache\IE\9MK4L7ME\jusched*.exe
C:\Users\Jiri\AppData\Roaming\Microsoft\SystemCertificates\My\Updater\jusched.exe
C:\Users\Jiri\AppData\Roaming\Microsoft\SystemCertificates\My\Updater\svchost.exe
C:\Users\Jiri\AppData\Local\Microsoft\Windows\INetCache\IE\FVD1Q2CP\svchost*.exe
C:\Users\Jiri\AppData\Local\Microsoft\Windows\INetCache\IE\M1DYE270\svchost*.exe
C:\Users\Jiri\AppData\Local\Microsoft\Windows\INetCache\IE\9MK4L7ME\svchost*.exe

:otl
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=HPDTDFJS
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
IE:64bit: - HKLM\..\SearchScopes\{686C470E-C84E-4A5B-B2CD-5022B1FCAF48}: "URL" = http://www.amazon.co.uk/s/ref=azs_osd_i ... -keywords={searchTerms}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{686C470E-C84E-4A5B-B2CD-5022B1FCAF48}: "URL" = http://www.amazon.co.uk/s/ref=azs_osd_i ... -keywords={searchTerms}
IE - HKU\S-1-5-21-3537464858-1279074522-603390182-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.downha.com/vb/members/downha1398/
IE - HKU\S-1-5-21-3537464858-1279074522-603390182-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
IE - HKU\S-1-5-21-3537464858-1279074522-603390182-1001\..\SearchScopes\{686C470E-C84E-4A5B-B2CD-5022B1FCAF48}: "URL" = http://www.amazon.co.uk/s/ref=azs_osd_i ... -keywords={searchTerms}
O4 - Startup: C:\Users\Jiri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_11322249.lnk = File not found
O4 - Startup: C:\Users\Jiri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_68537660.lnk = File not found
O4 - Startup: C:\Users\Jiri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_69027342.lnk = File not found
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - Reg Error: Value error. File not found
O8:64bit: - Extra context menu item: Od&eslat do aplikace OneNote - Reg Error: Value error. File not found
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - Reg Error: Value error. File not found
O8 - Extra context menu item: Od&eslat do aplikace OneNote - Reg Error: Value error. File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Users\Jiri\*.tmp files -> C:\Users\Jiri\*.tmp -> ]
[2013/10/17 19:05:08 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\IObit
[2013/10/17 19:05:08 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\IObit
[3 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[2014/01/20 17:16:07 | 000,640,972 | ---- | M] () -- C:\Users\Jiri\AppData\Roaming\Microsoft\SystemCertificates\My\Updater\SearchIndexer.exe
[2014/01/20 17:16:10 | 000,418,041 | ---- | M] () -- C:\Users\Jiri\AppData\Roaming\Microsoft\SystemCertificates\My\Updater\ssl.exe
[2014/01/06 10:40:44 | 000,319,527 | ---- | M] () -- C:\Users\Jiri\AppData\Roaming\Microsoft\SystemCertificates\My\Updater\updater.exe
[2014/01/21 19:21:45 | 000,001,174 | ---- | M] () -- \Users\Jiri\AppData\Local\Microsoft\Windows\INetCache\IE\9WWQC4Y1\downloader[1].js
[2014/01/21 19:21:45 | 000,000,723 | ---- | M] () -- \Users\Jiri\AppData\Local\Microsoft\Windows\INetCache\IE\M1DYE270\downloaderror[1].js
@Alternate Data Stream - 992 bytes -> C:\Users\Jiri\AppData\Local\CJKqCoadJvTn:UO6c15vRk2HuKDYdlxkae
@Alternate Data Stream - 286 bytes -> C:\ProgramData\TEMP:3440EB47
@Alternate Data Stream - 199 bytes -> C:\Users\Jiri\SkyDrive:ms-properties
@Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:0888F409
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:66633281

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{54F73992-6549-4369-9A0D-84FD310A464A}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{65DEE40A-3E93-4cae-9F98-B8E06DCEE2BF}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C7C3BC26-4F2B-4997-A3CB-163337FE975B}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D7E97865-918F-41E4-9CD0-25AB1C574CE8}"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Xvid"=-
"SUPERAntiSpyware"=-
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"CLMLServer_For_P2G8"=-
"PowerDVD12DMREngine"=-
"PowerDVD12Agent"=-
"Aimersoft Helper Compact.exe"=-
"BrowserPlugInHelper"=-
"Wondershare Helper Compact.exe"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=-

Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

JiriHrabcuk · #26 Příspěvek od **JiriHrabcuk** » 22 led 2014 11:55

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 57616 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default.migrated

User: Jiri
->Temp folder emptied: 1110574679 bytes
->Temporary Internet Files folder emptied: 5399578 bytes
->FireFox cache emptied: 47435252 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 1050 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 271872 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 169300 bytes
RecycleBin emptied: 258414 bytes

Total Files Cleaned = 1 110,00 mb

[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Default.migrated

User: Jiri
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb

Restore point Set: OTL Restore Point
========== SERVICES/DRIVERS ==========
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service SkypeUpdate stopped successfully!
Service SkypeUpdate deleted successfully!
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
C:\WINDOWS\tasks\Adobe Flash Player Updater.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\WINDOWS\tasks\HPCeeScheduleForJiri.job moved successfully.
File\Folder C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 14743812-0433-48cf-9bdc-4ab10ea55497.job not found.
File\Folder C:\Users\Jiri\AppData\Local\Microsoft\Windows\INetCache\IE\M1DYE270\svchost*.exe not found.
File\Folder C:\Users\Jiri\AppData\Local\Microsoft\Windows\INetCache\IE\9MK4L7ME\jusched*.exe not found.
File\Folder C:\Users\Jiri\AppData\Roaming\Microsoft\SystemCertificates\My\Updater\jusched.exe not found.
File\Folder C:\Users\Jiri\AppData\Roaming\Microsoft\SystemCertificates\My\Updater\svchost.exe not found.
File\Folder C:\Users\Jiri\AppData\Local\Microsoft\Windows\INetCache\IE\FVD1Q2CP\svchost*.exe not found.
File\Folder C:\Users\Jiri\AppData\Local\Microsoft\Windows\INetCache\IE\M1DYE270\svchost*.exe not found.
File\Folder C:\Users\Jiri\AppData\Local\Microsoft\Windows\INetCache\IE\9MK4L7ME\svchost*.exe not found.
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{686C470E-C84E-4A5B-B2CD-5022B1FCAF48}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{686C470E-C84E-4A5B-B2CD-5022B1FCAF48}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{686C470E-C84E-4A5B-B2CD-5022B1FCAF48}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{686C470E-C84E-4A5B-B2CD-5022B1FCAF48}\ not found.
HKU\S-1-5-21-3537464858-1279074522-603390182-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-3537464858-1279074522-603390182-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-3537464858-1279074522-603390182-1001\Software\Microsoft\Internet Explorer\SearchScopes\{686C470E-C84E-4A5B-B2CD-5022B1FCAF48}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{686C470E-C84E-4A5B-B2CD-5022B1FCAF48}\ not found.
C:\Users\Jiri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_11322249.lnk moved successfully.
C:\Users\Jiri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_68537660.lnk moved successfully.
C:\Users\Jiri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_69027342.lnk moved successfully.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xportovat do aplikace Microsoft Excel\ deleted successfully.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Od&eslat do aplikace OneNote\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xportovat do aplikace Microsoft Excel\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Od&eslat do aplikace OneNote\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
File/Folder C:\WINDOWS\*.tmp not found.
File/Folder C:\Users\Jiri\*.tmp not found.
C:\Users\Default\AppData\Roaming\IObit\Advanced SystemCare V6 folder moved successfully.
C:\Users\Default\AppData\Roaming\IObit folder moved successfully.
Folder C:\Users\Default User\AppData\Roaming\IObit\ not found.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP57E8.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP960D.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB694.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAPCAFF.tmp folder deleted successfully.
C:\Users\Jiri\AppData\Roaming\Microsoft\SystemCertificates\My\Updater\SearchIndexer.exe moved successfully.
C:\Users\Jiri\AppData\Roaming\Microsoft\SystemCertificates\My\Updater\ssl.exe moved successfully.
C:\Users\Jiri\AppData\Roaming\Microsoft\SystemCertificates\My\Updater\updater.exe moved successfully.
File \Users\Jiri\AppData\Local\Microsoft\Windows\INetCache\IE\9WWQC4Y1\downloader[1].js not found.
File \Users\Jiri\AppData\Local\Microsoft\Windows\INetCache\IE\M1DYE270\downloaderror[1].js not found.
ADS C:\Users\Jiri\AppData\Local\CJKqCoadJvTn:UO6c15vRk2HuKDYdlxkae deleted successfully.
ADS C:\ProgramData\TEMP:3440EB47 deleted successfully.
Unable to delete ADS C:\Users\Jiri\SkyDrive:ms-properties .
ADS C:\ProgramData\TEMP:0888F409 deleted successfully.
ADS C:\ProgramData\TEMP:66633281 deleted successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{54F73992-6549-4369-9A0D-84FD310A464A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{54F73992-6549-4369-9A0D-84FD310A464A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{65DEE40A-3E93-4cae-9F98-B8E06DCEE2BF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{65DEE40A-3E93-4cae-9F98-B8E06DCEE2BF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C7C3BC26-4F2B-4997-A3CB-163337FE975B}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C7C3BC26-4F2B-4997-A3CB-163337FE975B}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Xvid deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\SUPERAntiSpyware not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\CLMLServer_For_P2G8 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\PowerDVD12DMREngine deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\PowerDVD12Agent deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Aimersoft Helper Compact.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\BrowserPlugInHelper deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Wondershare Helper Compact.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}\ not found.

OTL by OldTimer - Version 3.2.69.0 log created on 01222014_115221

Files\Folders moved on Reboot...
C:\Users\Jiri\AppData\Local\Microsoft\Windows\INetCache\counters.dat moved successfully.
File move failed. C:\WINDOWS\temp\CLDigitalHome\CLMS_AGENT_LOG1.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

#27 Příspěvek od **Márty84** » 22 led 2014 12:09

Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

vyosek píše: T-Cleaner http://tharifas.sweb.cz/T-Cleaner.exe
Stahnete a spustte

Pro potvrzeni volby mackejte A, Enter

Po pouziti utilitu smazte

Antiviry mohou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.
Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.

Stahnete TFC http://oldtimer.geekstogo.com/TFC.exe , ulozte a spustte
Kliknete na START a pote OK - Po uklidu dojde k restartu pc.
Po pouziti muzete programek smazat

Stahnete Ccleaner http://www.stahuj.centrum.cz/utility_a_ ... /ccleaner/ a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!

Defragmentujte disk(y)
Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.

Pak napiste, jak je na tom pc.

JiriHrabcuk · #28 Příspěvek od **JiriHrabcuk** » 22 led 2014 12:39

Vypdá, že je vše OK, na ploše mě zůstaly 2 složky /Tento počítač a druhá s mím jménem / smazat-ponechat ?

DĚKUJI ZA POMOC A HLAVNĚ ZA TRPĚLIVOST !

#29 Příspěvek od **Márty84** » 22 led 2014 12:51

JiriHrabcuk píše:na ploše mě zůstaly 2 složky /Tento počítač a druhá s mím jménem / smazat-ponechat ?

Urcite nemazat! Kliknete na plochu pravym mysidlem a levym na napis Prizpusobit
Pak levym na napis Zmenit ikony plochy a tam ty dve ikony muzete odstranit (pokud to je teda ono).

Jeste odinstalujte MBAM, pokud jeste v pc je.

Nemate zac!

Muzem to tedy uzavrit?

JiriHrabcuk · #30 Příspěvek od **JiriHrabcuk** » 22 led 2014 13:12

Ano můžem a ještě jednou dík!

VIRY.CZ

Prosím o kontrolu logu RSITx64

Re: Prosím o kontrolu logu RSITx64

Re: Prosím o kontrolu logu RSITx64

Re: Prosím o kontrolu logu RSITx64

Re: Prosím o kontrolu logu RSITx64

Re: Prosím o kontrolu logu RSITx64

Re: Prosím o kontrolu logu RSITx64

Re: Prosím o kontrolu logu RSITx64

Re: Prosím o kontrolu logu RSITx64

Re: Prosím o kontrolu logu RSITx64

Re: Prosím o kontrolu logu RSITx64

Re: Prosím o kontrolu logu RSITx64

Re: Prosím o kontrolu logu RSITx64

Re: Prosím o kontrolu logu RSITx64

Re: Prosím o kontrolu logu RSITx64

Re: Prosím o kontrolu logu RSITx64