preventivni

Zpráva

bontik · #16 Příspěvek od **bontik** » 25 led 2014 14:47

jeste mi to napsalo po restartovani pc zapnete rizeni uzivatelskych uctu...mam restartovat?

#17 Příspěvek od **Márty84** » 25 led 2014 14:56

bontik píše:jeste mi to napsalo po restartovani pc zapnete rizeni uzivatelskych uctu...mam restartovat?

Muzete, ale nemusite, zalezi na vas, to nespecha.

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

bontik · #18 Příspěvek od **bontik** » 25 led 2014 16:02

OTL logfile created on: 25.1.2014 15:02:35 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Petr\Downloads\programy
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,37 Gb Total Physical Memory | 1,59 Gb Available Physical Memory | 47,19% Memory free
6,75 Gb Paging File | 4,81 Gb Available in Paging File | 71,26% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111,59 Gb Total Space | 27,43 Gb Free Space | 24,58% Space Free | Partition Type: NTFS
Drive D: | 231,30 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive E: | 5,21 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive F: | 243,88 Mb Total Space | 1,95 Mb Free Space | 0,80% Space Free | Partition Type: FAT

Computer Name: UZIVATEL-PC | User Name: Petr | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014.01.25 15:00:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Petr\Downloads\programy\OTL.exe
PRC - [2013.12.21 06:52:44 | 003,764,024 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013.12.21 06:52:43 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013.12.18 19:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.07.29 18:33:22 | 000,879,456 | ---- | M] (Opera Software) -- C:\Program Files (x86)\Opera\opera.exe
PRC - [2013.02.27 19:18:59 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2009.11.11 14:00:54 | 000,076,856 | ---- | M] ( Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe

========== Modules (No Company Name) ==========

MOD - [2013.12.21 06:53:12 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2013.12.11 20:34:48 | 016,242,056 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll
MOD - [2013.07.29 18:33:51 | 000,312,832 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstoggdec.dll
MOD - [2013.07.29 18:33:51 | 000,101,888 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstwebmdec.dll
MOD - [2013.07.29 18:33:51 | 000,073,728 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstwavparse.dll
MOD - [2013.07.29 18:33:51 | 000,057,344 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstautodetect.dll
MOD - [2013.07.29 18:33:51 | 000,038,912 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstwaveform.dll
MOD - [2013.07.29 18:33:50 | 000,158,208 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstffmpegcolorspace.dll
MOD - [2013.07.29 18:33:50 | 000,096,256 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstcoreplugins.dll
MOD - [2013.07.29 18:33:50 | 000,067,072 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstdirectsound.dll
MOD - [2013.07.29 18:33:50 | 000,062,976 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstdecodebin2.dll
MOD - [2013.07.29 18:33:49 | 000,835,584 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\gstreamer.dll
MOD - [2013.07.29 18:33:49 | 000,094,208 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstaudioresample.dll
MOD - [2013.07.29 18:33:49 | 000,093,696 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstaudioconvert.dll

========== Services (SafeList) ==========

SRV:64bit: - [2013.12.21 06:52:43 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2013.11.26 10:18:09 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013.05.27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2011.05.13 18:58:10 | 000,030,520 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2008.12.11 07:08:52 | 004,297,728 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe -- (NVIDIA Performance Driver Service)
SRV:64bit: - [2007.02.06 06:45:30 | 000,080,384 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\AEADISRV.EXE -- (AEADIFilters)
SRV - [2013.12.18 19:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.12.11 20:34:49 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.09.05 10:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.02.27 19:18:59 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007.05.31 16:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 16:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2013.12.23 21:08:11 | 000,079,672 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\aswstm.sys -- (aswStm)
DRV:64bit: - [2013.12.21 06:53:26 | 001,034,464 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2013.12.21 06:53:26 | 000,422,216 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2013.12.21 06:53:26 | 000,207,904 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013.12.21 06:53:26 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013.12.21 06:53:25 | 000,078,648 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2013.12.21 06:53:24 | 000,092,544 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013.12.19 14:11:27 | 000,064,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2013.03.03 07:50:16 | 000,303,616 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2013.03.03 07:50:16 | 000,035,328 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2013.02.26 16:40:31 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2013.02.12 05:12:06 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.05.13 18:58:16 | 000,030,008 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2011.05.13 18:57:58 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 04:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010.11.21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2009.08.05 22:29:00 | 000,716,800 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATSwpWDF.sys -- (ATSwpWDF)
DRV:64bit: - [2009.07.20 10:35:50 | 000,059,008 | ---- | M] (RICOH Company, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rismcx64.sys -- (rismcx64)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 00:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2009.06.25 09:04:20 | 000,067,584 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rimmpx64.sys -- (rimmptsk)
DRV:64bit: - [2009.06.19 15:44:56 | 000,319,488 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tifm21.sys -- (tifm21)
DRV:64bit: - [2009.06.10 22:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009.06.10 22:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009.06.10 22:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009.06.10 22:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009.06.10 21:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009.06.10 21:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64)
DRV:64bit: - [2009.06.10 21:35:20 | 000,278,016 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\e1e6032e.sys -- (e1express)
DRV:64bit: - [2009.06.10 21:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.04.29 07:48:32 | 000,018,432 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV:64bit: - [2009.04.20 08:40:34 | 000,011,264 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CPQBttn64.sys -- (HBtnKey)
DRV:64bit: - [2008.04.24 17:25:48 | 000,402,432 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ADIHdAud.sys -- (ADIHdAudAddService)
DRV:64bit: - [2007.05.09 12:27:00 | 000,137,472 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\gtipci21.sys -- (GTIPCI21)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-2968677098-578229195-219959863-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-2968677098-578229195-219959863-1003\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2968677098-578229195-219959863-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE10SR
IE - HKU\S-1-5-21-2968677098-578229195-219959863-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.40.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.40.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

[2012.10.01 20:33:44 | 000,034,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll

========== Chrome ==========

CHR - Extension: No name found = C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: No name found = C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: No name found = C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: No name found = C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\8.0.1483_1\
CHR - Extension: No name found = C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_1\
CHR - Extension: No name found = C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2014.01.25 14:22:52 | 000,000,741 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {26B19FA4-E8A1-4A1B-A163-1A1E46F830DD} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [NvMediaCenter] C:\Windows\SysNative\NvMcTray.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [nwiz] C:\Windows\SysNative\nwiz.exe ()
O4:64bit: - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdcBase.exe (Microsoft Corporation)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [NtVdmSrv] C:\Windows\inf\ntvdm.vbe File not found
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2968677098-578229195-219959863-1003..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-2968677098-578229195-219959863-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-2968677098-578229195-219959863-1003\..Trusted Domains: localhost ([]http in Internet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.40.2)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.40.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{193A2D5A-FF08-47AB-8D1A-28039522DD5D}: DhcpNameServer = 10.0.0.138
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\osf - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2002.04.10 08:23:14 | 000,000,065 | R--- | M] () - D:\Autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2008.03.27 00:59:25 | 000,131,720 | R--- | M] () - E:\autorun.exe -- [ UDF ]
O32 - AutoRun File - [2008.02.22 17:08:27 | 000,058,601 | R--- | M] () - E:\autorun.ico -- [ UDF ]
O32 - AutoRun File - [2008.02.22 17:08:27 | 000,000,047 | R--- | M] () - E:\autorun.inf -- [ UDF ]
O32 - AutoRun File - [2008.02.22 17:08:44 | 000,000,382 | R--- | M] () - E:\autorun.ini -- [ UDF ]
O33 - MountPoints2\{8c55bb0e-1f7a-11e2-8486-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{8c55bb0e-1f7a-11e2-8486-806e6f6e6963}\Shell\AutoRun\command - "" = D:\_Autorun\Autorun.exe -- [1999.02.11 16:49:08 | 000,036,864 | R--- | M] (New World Computing)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.ac3acm - C:\Windows\SysWow64\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Windows\SysWow64\lameACM.acm (http://www.mp3dev.org/)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\SysWow64\ff_vfw.dll ()
Drivers32: VIDC.XVID - C:\Windows\SysWow64\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\Windows\SysWow64\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2014.01.25 14:05:27 | 000,000,000 | ---D | C] -- C:\Users\Petr\Desktop\RK_Quarantine
[2014.01.25 13:16:30 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014.01.24 17:53:47 | 000,000,000 | ---D | C] -- C:\Users\Petr\AppData\Roaming\Malwarebytes
[2014.01.24 17:50:56 | 000,000,000 | ---D | C] -- C:\Users\Petr\AppData\Roaming\ProcessLasso
[2014.01.24 17:25:36 | 000,000,000 | ---D | C] -- C:\ProgramData\ProcessLasso
[2014.01.24 17:24:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Process Lasso
[2014.01.24 17:24:43 | 000,000,000 | ---D | C] -- C:\Program Files\Process Lasso
[2014.01.24 17:07:23 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014.01.24 17:07:23 | 000,000,000 | ---D | C] -- C:\rsit
[2014.01.22 19:05:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Amazon
[2014.01.22 18:47:27 | 000,000,000 | ---D | C] -- C:\ProgramData\CheckPoint
[2014.01.15 16:08:44 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2014.01.15 16:08:44 | 000,007,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2014.01.15 16:08:41 | 000,376,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2014.01.05 17:18:20 | 000,312,744 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2014.01.05 17:18:15 | 000,189,352 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2014.01.05 17:18:15 | 000,189,352 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2014.01.05 17:18:15 | 000,108,968 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2014.01.04 18:14:56 | 000,000,000 | ---D | C] -- C:\Program Files\Defraggler
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Petr\Desktop\*.tmp files -> C:\Users\Petr\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014.01.25 15:07:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014.01.25 15:05:01 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.01.25 14:13:10 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014.01.25 13:59:39 | 000,028,944 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.01.25 13:59:39 | 000,028,944 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.01.25 13:52:39 | 000,000,944 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014.01.25 13:51:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.01.25 13:51:41 | 2717,458,432 | -HS- | M] () -- C:\hiberfil.sys
[2014.01.25 09:22:20 | 001,576,554 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014.01.25 09:22:20 | 000,666,444 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2014.01.25 09:22:20 | 000,652,148 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014.01.25 09:22:20 | 000,140,108 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2014.01.25 09:22:20 | 000,121,080 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014.01.24 23:23:50 | 000,006,478 | ---- | M] () -- C:\Users\Petr\Desktop\proces.CSV
[2014.01.24 17:06:58 | 000,832,273 | ---- | M] () -- C:\Users\Petr\Desktop\RSITx64.exe
[2014.01.22 22:30:30 | 000,180,672 | ---- | M] () -- C:\Users\Petr\Desktop\plna_moc_3.pdf
[2014.01.18 21:40:34 | 000,060,209 | ---- | M] () -- C:\Users\Petr\Desktop\japanese-bondage-instructions.jpg
[2014.01.16 21:17:32 | 000,002,190 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014.01.16 06:26:35 | 000,466,208 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014.01.14 21:21:24 | 000,001,973 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014.01.08 16:04:43 | 000,439,648 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswndisflt.sys
[2014.01.05 17:18:11 | 000,108,968 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2014.01.05 17:18:10 | 000,312,744 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2014.01.05 17:18:10 | 000,189,352 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2014.01.05 17:18:09 | 000,189,352 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2014.01.04 18:15:16 | 000,001,731 | ---- | M] () -- C:\Users\Public\Desktop\Defraggler.lnk
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Petr\Desktop\*.tmp files -> C:\Users\Petr\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014.01.25 15:05:01 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.01.24 23:23:50 | 000,006,478 | ---- | C] () -- C:\Users\Petr\Desktop\proces.CSV
[2014.01.24 17:06:58 | 000,832,273 | ---- | C] () -- C:\Users\Petr\Desktop\RSITx64.exe
[2014.01.22 22:30:30 | 000,180,672 | ---- | C] () -- C:\Users\Petr\Desktop\plna_moc_3.pdf
[2014.01.18 21:40:34 | 000,060,209 | ---- | C] () -- C:\Users\Petr\Desktop\japanese-bondage-instructions.jpg
[2014.01.09 11:51:53 | 000,001,973 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014.01.04 18:15:16 | 000,001,731 | ---- | C] () -- C:\Users\Public\Desktop\Defraggler.lnk
[2013.03.24 12:34:51 | 000,000,017 | ---- | C] () -- C:\Users\Petr\AppData\Local\resmon.resmoncfg
[2013.01.07 20:01:38 | 000,000,512 | ---- | C] () -- C:\Users\Petr\AppData\Local\SRDownloader.err
[2013.01.07 19:57:47 | 000,001,120 | ---- | C] () -- C:\Users\Petr\AppData\Local\SRDownloader.nast
[2012.12.02 19:54:57 | 000,281,688 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.12.02 19:54:40 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012.12.02 17:32:25 | 000,000,293 | ---- | C] () -- C:\Windows\game.ini
[2012.12.01 11:44:15 | 001,503,232 | ---- | C] () -- C:\Windows\SysWow64\nView.dll
[2012.12.01 11:44:15 | 001,101,824 | ---- | C] () -- C:\Windows\SysWow64\nvwimg.dll
[2012.11.29 20:29:29 | 000,012,978 | ---- | C] () -- C:\Users\Petr\AppData\Roaming\nvModes.001
[2012.11.29 11:48:20 | 000,012,978 | ---- | C] () -- C:\Users\Petr\AppData\Roaming\nvModes.dat
[2012.05.04 14:56:10 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2012.05.04 14:56:10 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2012.05.04 14:56:10 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012.05.04 14:56:09 | 000,079,360 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2012.05.04 12:26:04 | 001,555,776 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

========== ZeroAccess Check ==========

[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.07.26 03:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.07.26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013.12.24 00:26:38 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\AVAST Software
[2013.02.26 16:58:49 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\DAEMON Tools Lite
[2013.12.02 19:28:30 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Dropbox
[2013.01.09 00:09:47 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\GARMIN
[2013.02.16 14:13:29 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\GeoGet
[2013.06.03 21:18:00 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\GHISLER
[2013.08.18 08:21:19 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Jpeg Resampler
[2012.12.06 14:58:22 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\OpenOffice.org
[2012.11.30 16:30:20 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Opera
[2014.01.24 17:50:56 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\ProcessLasso
[2013.12.30 10:39:10 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Seznam.cz
[2013.12.02 17:57:07 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\uTorrent
[2012.12.19 16:30:59 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Wargaming.net
[2013.12.23 20:58:08 | 000,000,000 | ---D | M] -- C:\Users\uživatel\AppData\Roaming\AVAST Software
[2013.10.03 20:08:43 | 000,000,000 | ---D | M] -- C:\Users\uživatel\AppData\Roaming\DAEMON Tools Lite
[2012.10.26 16:01:49 | 000,000,000 | ---D | M] -- C:\Users\uživatel\AppData\Roaming\GHISLER
[2012.12.09 11:31:08 | 000,000,000 | ---D | M] -- C:\Users\uživatel\AppData\Roaming\Opera
[2014.01.24 17:24:44 | 000,000,000 | ---D | M] -- C:\Users\uživatel\AppData\Roaming\ProcessLasso
[2014.01.16 16:05:43 | 000,000,000 | ---D | M] -- C:\Users\uživatel\AppData\Roaming\Seznam.cz

========== Purity Check ==========

========== Custom Scans ==========

< >
[2009.07.14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 06:08:49 | 000,032,542 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2013.03.20 16:47:26 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.11.27 05:57:08 | 000,000,944 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.11.27 05:57:10 | 000,000,948 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

< >

< MD5 for: AGP440.SYS >
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.21 04:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.21 04:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010.11.21 04:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.21 04:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2010.11.21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2012.06.02 05:52:32 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=063DD65889D21035311463337BD268E7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_788c7cc71232cc19\cryptsvc.dll
[2010.11.21 04:24:16 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2013.05.10 05:49:59 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=33ADF6E0853AB39EA1723BE82842C1D3 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_77d7a417f9359661\cryptsvc.dll
[2013.05.13 05:45:55 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=3897DFF247D9ED0006190349DE264E14 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_77d8a461f934afb8\cryptsvc.dll
[2013.07.09 15:47:30 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=434CCE8E7150CD1324C5FAA088D1D061 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_d45f6e88cac8f85b\cryptsvc.dll
[2013.10.05 03:25:30 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=509D31797A4B8A3D6ED78A330B19A919 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22473_none_d46d4138cabe2596\cryptsvc.dll
[2013.07.09 06:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=6B400F211BEE880A37A1ED0368776BF4 -- C:\Windows\SysNative\cryptsvc.dll
[2013.07.09 06:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=6B400F211BEE880A37A1ED0368776BF4 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_d431528fb165f7bc\cryptsvc.dll
[2013.07.09 14:57:37 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=6DB499DEFCC827317C5371164A7CDB27 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_7840d305126b8725\cryptsvc.dll
[2013.07.09 05:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\SysWOW64\cryptsvc.dll
[2013.07.09 05:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_7812b70bf9088686\cryptsvc.dll
[2012.06.04 08:52:35 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=7E7D2DACF65D750D466F36BD3D09AE20 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_d4ab184aca903d4f\cryptsvc.dll
[2013.05.10 06:49:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=7FDC4626B01106A8EF328C88C7C0DEE3 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_d3f63f9bb1930797\cryptsvc.dll
[2013.05.11 06:18:23 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=8122252F0A4ACFA92FA0C1D50D18493B -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_d4a24ea4ca968363\cryptsvc.dll
[2012.06.02 05:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=96C0E38905CFD788313BE8E11DAE3F2F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_77ddc9e5f93000db\cryptsvc.dll
[2012.06.02 06:41:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=9C01375BE382E834CC26D1B7EAF2C4FE -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_d3fc6569b18d7211\cryptsvc.dll
[2010.11.21 04:24:32 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
[2013.05.11 05:59:05 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=AC04D05309BB2C418D0D80B9FB014642 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_7883b3211239122d\cryptsvc.dll
[2013.05.10 06:18:53 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=CA13C4F92BEE66DB48E58AB3223DDF6E -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_d4a14e5aca976a0c\cryptsvc.dll
[2013.05.13 06:51:01 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=D8129C49798CBBFB2E4351D4B7B8EF9C -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_d3f73fe5b19220ee\cryptsvc.dll
[2013.05.10 06:06:21 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=E122AA1C9A3CC46FF9DDDE46E5EB0C58 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_7882b2d71239f8d6\cryptsvc.dll
[2013.10.05 02:52:03 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=F2D9242C3BBD1C36467FCAE1AE01733F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22473_none_784ea5b51260b460\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.21 04:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.21 04:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: HAL.DLL >
[2010.11.21 04:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.21 04:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: IASTORV.SYS >
[2010.11.21 04:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.21 04:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 07:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\drivers\isapnp.sys
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\isapnp.sys
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\isapnp.sys

< MD5 for: LSASS.EXE >
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe
[2011.11.17 07:20:34 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0A10B74FBB437FF9A23F1D5DE4446A83 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_04c1204e8cb39c3f\lsass.exe
[2013.09.25 02:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=4D71227301DD8D09097B9E4CC6527E5A -- C:\Windows\SysNative\lsass.exe
[2013.09.25 02:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=4D71227301DD8D09097B9E4CC6527E5A -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18270_none_042b9307739f26ed\lsass.exe
[2012.06.04 08:51:10 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=79C908CAA6F43021EB05F4C733A927D1 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_04f609a88c8c279c\lsass.exe
[2011.11.17 07:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_0466c45b7371f20d\lsass.exe
[2011.11.17 07:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_044756c773895c5e\lsass.exe
[2013.09.25 02:08:17 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=F021DAFB1F87616FCEBA159C2ED7042F -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22465_none_04c503168cb026a0\lsass.exe

< MD5 for: NDIS.SYS >
[2012.08.22 19:06:07 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=5E74508FCB5820B29EEAFE24E6035BCF -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_06232d534c0a8d67\ndis.sys
[2012.08.22 19:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\SysNative\drivers\ndis.sys
[2012.08.22 19:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_05dc9a6832ba428a\ndis.sys
[2010.11.21 04:23:55 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys

< MD5 for: NETLOGON.DLL >
[2010.11.21 04:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.21 04:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.21 04:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.21 04:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll

< MD5 for: NVRAID.SYS >
[2011.03.11 07:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\drivers\nvraid.sys
[2011.03.11 07:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvraid.sys
[2011.03.11 07:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvraid.sys
[2010.11.21 04:23:47 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvraid.sys
[2010.11.21 04:23:47 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvraid.sys
[2011.03.11 07:19:21 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=666CA16F17914C1CD3616CF16DE0A6EA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2011.03.11 07:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.21 04:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.21 04:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

< MD5 for: SCECLI.DLL >
[2010.11.21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SMSS.EXE >
[2009.07.14 02:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe
[2013.03.19 03:57:17 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=498E2A20E145199709CD100CDBA8603D -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22280_none_0a9a7b3b492b4d05\smss.exe
[2013.08.29 02:04:30 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=B2B31D4C79EFD883097FA24D02E79C12 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22436_none_0ad6905f48fd53a8\smss.exe
[2013.08.02 06:06:34 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=CB5DA3E44456D1084BCD87F5B1B3152B -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22411_none_0ae72ec548f19d13\smss.exe
[2013.07.08 03:50:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=E65601CF4BC0CF3718AFBE56A9AD846F -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22379_none_0aae4fa7491b124a\smss.exe
[2013.03.19 04:06:33 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0371DE302FFFF8F086661611BE60848 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18113_none_0a5f8ec22fd235a9\smss.exe
[2013.08.02 01:59:09 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0970A4BC8395659C22BF53D0FADF16F -- C:\Windows\SysNative\smss.exe
[2013.08.02 01:59:09 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0970A4BC8395659C22BF53D0FADF16F -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18229_none_0a5ac2782fd4e6cb\smss.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2012.10.03 18:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2013.05.08 07:14:42 | 001,900,392 | ---- | M] (Microsoft Corporation) MD5=3E94650745D4DAB67E161F5F32CEA597 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22319_none_11d29984961f0be0\tcpip.sys
[2013.09.08 03:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\SysNative\drivers\tcpip.sys
[2013.09.08 03:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_1118bb977d265d27\tcpip.sys
[2010.11.21 04:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2013.09.07 03:27:48 | 001,896,896 | ---- | M] (Microsoft Corporation) MD5=75F9106B74585D38C8FF6BB5CAD262D7 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_11ad2a34963bde27\tcpip.sys
[2012.08.22 19:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2012.03.30 11:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2013.05.08 07:39:01 | 001,910,632 | ---- | M] (Microsoft Corporation) MD5=9849EA3843A2ADBDD1497E97A85D8CAE -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18148_none_11278ac57d1aa96b\tcpip.sys
[2012.03.30 12:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2013.07.06 06:20:38 | 001,900,992 | ---- | M] (Microsoft Corporation) MD5=B27F13153343BC37A27EAE01634D94E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_1190b9b296509a2f\tcpip.sys
[2013.01.03 07:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2013.01.04 06:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys
[2012.10.03 18:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2013.07.06 07:03:53 | 001,910,208 | ---- | M] (Microsoft Corporation) MD5=DB74544B75566C974815E79A62433F29 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_114dcae97cfeb81b\tcpip.sys
[2013.11.26 12:34:34 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=F55B41AA6114568AC558ADBABDA85620 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22525_none_11c3cc3c962abcc3\tcpip.sys
[2012.08.22 19:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys

bontik · #19 Příspěvek od **bontik** » 25 led 2014 16:03

< MD5 for: USERINIT.EXE >
[2010.11.21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

< MD5 for: WS2_32.DLL >
[2010.11.21 04:24:28 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\SysNative\ws2_32.dll
[2010.11.21 04:24:28 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[2010.11.21 04:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SysWOW64\ws2_32.dll
[2010.11.21 04:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[4 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[7 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\3b26bc37575f07983b0fb2f4f0babdfc\*.tmp files -> C:\Windows\SoftwareDistribution\Download\3b26bc37575f07983b0fb2f4f0babdfc\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\ae5723efc251d9249233ffe24e20334a\*.tmp files -> C:\Windows\SoftwareDistribution\Download\ae5723efc251d9249233ffe24e20334a\*.tmp -> ]
[52 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
[1 C:\Windows\Temp\_avast_\*.tmp files -> C:\Windows\Temp\_avast_\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2012.12.01 09:20:03 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Adobe
[2013.12.24 00:26:38 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\AVAST Software
[2013.02.26 16:58:49 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\DAEMON Tools Lite
[2013.12.02 19:28:30 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Dropbox
[2013.01.09 00:09:47 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\GARMIN
[2013.02.16 14:13:29 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\GeoGet
[2013.06.03 21:18:00 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\GHISLER
[2010.11.21 03:51:08 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Identities
[2013.08.18 08:21:19 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Jpeg Resampler
[2012.11.29 11:53:54 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Macromedia
[2014.01.24 17:53:47 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Malwarebytes
[2013.07.03 08:31:36 | 000,000,000 | --SD | M] -- C:\Users\Petr\AppData\Roaming\Microsoft
[2012.12.06 14:58:22 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\OpenOffice.org
[2012.11.30 16:30:20 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Opera
[2014.01.24 17:50:56 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\ProcessLasso
[2013.12.30 10:39:10 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Seznam.cz
[2013.11.05 23:58:32 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Skype
[2013.12.02 17:57:07 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\uTorrent
[2012.12.19 16:30:59 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Wargaming.net
[2012.12.01 10:36:27 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2012.09.12 21:51:40 | 000,724,480 | ---- | M] () -- C:\Users\Petr\AppData\Roaming\GeoGet\script\geojarry\geojarryw.exe
[2012.01.29 20:10:38 | 008,059,771 | ---- | M] () -- C:\Users\Petr\AppData\Roaming\GeoGet\script\GgStat\GgStat.exe
[2013.08.15 09:29:32 | 000,888,152 | ---- | M] (BitTorrent Inc.) -- C:\Users\Petr\AppData\Roaming\uTorrent\uTorrent.exe
[2013.08.15 09:29:32 | 000,888,152 | ---- | M] (BitTorrent Inc.) -- C:\Users\Petr\AppData\Roaming\uTorrent\updates\3.3.1_30017.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"DAEMON Tools Lite" = "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun -- [2013.01.08 09:41:08 | 003,674,320 | ---- | M] (DT Soft Ltd)

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014.01.25 15:05:01 | 000,000,512 | ---- | M] () MD5=251EBCA694059EAF21568B0FB408BF9A -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2010.02.21 01:22:00 | 000,000,386 | ---- | M] () -- \Users\Petr\AppData\Roaming\GeoGet\offline\sysimg\WM\Cracker_Barrel_Restaurants.gif
[2013.11.04 20:37:26 | 000,000,856 | ---- | M] () -- \Users\Petr\AppData\Roaming\Microsoft\Windows\Recent\Assassin's-Creed-1-CZ-Dabing-+-Crack.lnk
[2000.09.01 02:47:12 | 001,173,558 | ---- | M] () -- \Users\Petr\Downloads\AoE\Age Of Empires 2 CZ!!!!\crack.zip
[2013.03.03 17:13:54 | 217,069,323 | ---- | M] () -- \Users\Petr\Downloads\Hry\Assassin's-Creed-1-CZ-Dabing-+-Crack.iso

< *keygen* /s >
[2014.01.24 16:43:01 | 000,001,435 | ---- | M] () -- \Users\uživatel\AppData\Local\Opera\Opera\temporary_downloads\[kickass.to]extended.task.manager.v1.987.inc.keygen.rogue.torrent

< *AntiWPA* /s >

< *loader* /s >
[2013.09.30 20:25:55 | 000,007,498 | ---- | M] () -- \lcc\lib\dynloader.lib
[2012.10.01 20:47:24 | 000,268,384 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2012.10.01 20:47:24 | 000,019,048 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2008.02.25 07:05:22 | 000,856,064 | ---- | M] () -- \Program Files (x86)\The KMPlayer\ImLoader.dll
[2010.03.15 10:28:24 | 000,045,056 | ---- | M] () -- \Program Files (x86)\WinRAR\RarExtLoader.exe
[2012.10.01 20:47:24 | 000,364,128 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2012.10.01 20:47:24 | 000,019,048 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2013.09.25 19:49:02 | 000,000,948 | ---- | M] () -- \Program Files\Java\jdk1.7.0_40\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-loaders.xml
[2013.09.25 19:49:03 | 000,000,411 | ---- | M] () -- \Program Files\Java\jdk1.7.0_40\lib\visualvm\platform\config\Modules\org-openide-loaders.xml
[2013.09.25 19:49:11 | 001,183,660 | ---- | M] () -- \Program Files\Java\jdk1.7.0_40\lib\visualvm\platform\modules\org-openide-loaders.jar
[2013.09.25 19:49:10 | 000,006,274 | ---- | M] () -- \Program Files\Java\jdk1.7.0_40\lib\visualvm\platform\modules\locale\org-openide-loaders_ja.jar
[2013.09.25 19:49:10 | 000,005,853 | ---- | M] () -- \Program Files\Java\jdk1.7.0_40\lib\visualvm\platform\modules\locale\org-openide-loaders_zh_CN.jar
[2013.09.25 19:49:12 | 000,000,457 | ---- | M] () -- \Program Files\Java\jdk1.7.0_40\lib\visualvm\platform\update_tracking\org-openide-loaders.xml
[2013.10.09 17:07:12 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2013.10.09 17:07:12 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2013.10.09 17:07:12 | 000,006,012 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\normal\loader_15fps.gif
[2013.10.09 17:07:12 | 000,021,956 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\normal\loader_30fps.gif
[2013.10.09 17:07:12 | 000,009,772 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\retina\loader@2x.png
[2013.10.09 17:07:12 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2013.10.09 17:07:12 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2013.10.09 17:07:12 | 000,006,012 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\normal\loader_15fps.gif
[2013.10.09 17:07:12 | 000,021,956 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\normal\loader_30fps.gif
[2013.10.09 17:07:12 | 000,009,772 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\retina\loader@2x.png
[2013.01.07 20:02:59 | 000,000,512 | ---- | M] () -- \Users\Petr\AppData\Local\SRDownloader.err
[2013.01.07 20:17:13 | 000,001,120 | ---- | M] () -- \Users\Petr\AppData\Local\SRDownloader.nast
[2013.11.27 05:53:11 | 000,000,723 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\755SJPDZ\downloaderror[1].js
[2013.08.15 11:35:40 | 000,002,712 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\755SJPDZ\loader-profile[1].gif
[2013.08.15 12:32:58 | 000,002,971 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\755SJPDZ\loader[1].gif
[2013.08.10 09:35:27 | 000,004,136 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\755SJPDZ\loader[1].js
[2013.08.10 09:35:50 | 000,004,136 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\755SJPDZ\loader[2].js
[2013.08.15 11:06:27 | 000,004,136 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\755SJPDZ\loader[3].js
[2013.08.15 11:25:25 | 000,004,136 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\755SJPDZ\loader[4].js
[2013.08.15 11:26:03 | 000,004,136 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\755SJPDZ\loader[5].js
[2013.08.15 12:54:26 | 000,004,136 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\755SJPDZ\loader[6].js
[2013.08.15 11:36:27 | 000,001,686 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BKBVRVMI\gamepreloader[1].swf
[2013.08.10 09:35:27 | 000,001,849 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BKBVRVMI\loader-white-bg[1].gif
[2013.08.10 09:35:27 | 000,002,110 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BKBVRVMI\loader[1].gif
[2013.08.15 11:25:37 | 000,004,136 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BKBVRVMI\loader[1].js
[2013.08.10 09:37:40 | 000,004,136 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BKBVRVMI\loader[2].js
[2013.08.15 11:33:04 | 000,004,136 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BKBVRVMI\loader[3].js
[2013.08.15 11:35:34 | 000,004,814 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O6UCHC6F\loader[1].gif
[2013.08.15 11:06:54 | 000,004,136 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O6UCHC6F\loader[1].js
[2013.08.15 11:26:00 | 000,004,136 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O6UCHC6F\loader[2].js
[2013.08.15 11:35:27 | 000,004,136 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O6UCHC6F\loader[3].js
[2013.08.15 11:34:10 | 000,004,136 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O6UCHC6F\loader[4].js
[2013.08.15 11:34:39 | 000,004,136 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O6UCHC6F\loader[5].js
[2013.08.16 12:43:34 | 000,004,136 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O6UCHC6F\loader[6].js
[2013.08.16 12:44:05 | 000,004,136 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O6UCHC6F\loader[7].js
[2013.11.27 05:53:11 | 000,001,174 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ORF8F66K\downloader[1].js
[2013.08.15 11:35:42 | 000,001,686 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ORF8F66K\gamepreloader[1].swf
[2013.08.10 09:38:04 | 000,004,136 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ORF8F66K\loader[1].js
[2013.08.15 11:33:42 | 000,004,136 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ORF8F66K\loader[2].js
[2013.08.10 09:38:26 | 000,004,136 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ORF8F66K\loader[3].js
[2013.08.10 10:06:58 | 000,004,136 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ORF8F66K\loader[4].js
[2013.08.15 11:34:34 | 000,004,136 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ORF8F66K\loader[5].js
[2013.08.15 11:34:36 | 000,004,136 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ORF8F66K\loader[6].js
[2013.08.15 11:35:02 | 000,004,136 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ORF8F66K\loader[7].js
[2013.08.15 12:31:49 | 000,004,136 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ORF8F66K\loader[8].js
[2012.12.01 08:14:05 | 000,009,427 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0KLEZ1VF\ajax-loader[1].gif
[2012.11.30 16:05:09 | 000,038,428 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0KLEZ1VF\jsloader-0174b04f5809-jquery.qtip[1].js
[2012.11.30 16:05:06 | 000,023,617 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0KLEZ1VF\jsloader-406f44846bc2[1].js
[2012.12.01 13:11:54 | 000,001,849 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0KLEZ1VF\loader-white-bg[1].gif
[2012.11.30 16:27:28 | 000,000,905 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0KLEZ1VF\TooltipLoader[1].css
[2012.11.30 16:05:06 | 000,178,860 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\3NGW390D\cssloader-dab45fb39ec9-global[1].css
[2012.11.30 16:05:08 | 000,002,026 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\3NGW390D\jsloader-f991e03f8bc8-poll[1].js
[2012.12.01 09:47:29 | 000,008,235 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\3NGW390D\truck-loader[1].jpg
[2012.11.29 22:15:06 | 000,002,545 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\D9LNE9WH\ajax-loader-downloading[1].gif
[2012.11.30 16:05:06 | 000,005,688 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\D9LNE9WH\cssloader-4d589096059b-jquery.fancybox-1.3.0[1].css
[2012.11.30 16:05:09 | 000,006,102 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\D9LNE9WH\jsloader-0b1de2c8cdea-xgemius[1].js
[2012.11.30 16:13:02 | 000,004,256 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\D9LNE9WH\jsloader-11e684db0bff[1].js
[2012.11.30 16:05:06 | 000,091,884 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\D9LNE9WH\jsloader-9daf2c409054[1].js
[2012.12.01 13:11:54 | 000,002,110 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\D9LNE9WH\loader[1].gif
[2012.11.30 16:27:28 | 000,014,290 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\D9LNE9WH\TooltipLoader[1].js
[2012.11.30 16:05:05 | 000,041,730 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TUVQBW4P\cssloader-7494ff156594-global_print[1].css
[2012.11.30 16:05:06 | 000,002,388 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TUVQBW4P\jsloader-c19e0180f07b-iinfobar[1].js
[2012.12.01 08:32:21 | 000,000,433 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TUVQBW4P\loader-vflff1Mjj[1].gif
[2012.12.01 13:20:13 | 000,004,011 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TUVQBW4P\loader[2].js
[2013.01.07 19:54:58 | 000,905,728 | ---- | M] () -- \Users\Petr\Downloads\programy\SRDownloader.exe
[2014.01.22 19:06:29 | 000,000,476 | ---- | M] () -- \Users\uživatel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2UAWKFAS\ajax-loader-orange._V372210624_[1].png
[2013.10.03 12:01:01 | 000,162,384 | ---- | M] () -- \Users\uživatel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2UAWKFAS\prealoader_bg[1].jpg
[2013.10.03 12:01:01 | 000,141,370 | ---- | M] () -- \Users\uživatel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2UAWKFAS\preloader[1].swf
[2013.10.03 12:01:56 | 000,092,241 | ---- | M] () -- \Users\uživatel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\760I1OV5\ExternalPreloader_04_10_2011[1].swf
[2013.10.30 13:30:42 | 000,000,673 | ---- | M] () -- \Users\uživatel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9SEDVIJQ\loader[1].gif
[2013.09.23 16:47:48 | 000,000,273 | ---- | M] () -- \Users\uživatel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L4JC1NMX\ajax-loader-advert[1].png
[2013.10.30 15:24:40 | 000,008,599 | ---- | M] () -- \Users\uživatel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OLTJVVW6\loader[1].js
[2013.10.03 12:01:14 | 000,006,768 | ---- | M] () -- \Users\uživatel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OXVLZTS7\mlf.loadertip[1].xml
[2012.09.13 14:45:58 | 000,058,424 | ---- | M] () -- \Users\uživatel\AppData\Roaming\Seznam.cz\bin\libfoxloader.dll
[2012.08.07 13:39:12 | 000,000,165 | ---- | M] () -- \Users\uživatel\AppData\Roaming\Seznam.cz\conf\szndesktop.d\libfoxloader.conf
[2012.08.13 18:05:28 | 000,000,235 | ---- | M] () -- \Users\uživatel\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_0_0.install.bat
[2012.08.13 18:05:26 | 000,000,130 | ---- | M] () -- \Users\uživatel\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_0_0.uninstall.bat
[2013.07.13 09:21:53 | 000,015,872 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Office.In#\d4bd2ef91a3d1c57dc3bf8a58abff1c4\Microsoft.Office.InfoPath.CLRLoader.ni.dll
[2013.03.16 18:28:28 | 000,015,528 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Office.InfoPath.CLRLoader\v4.0_15.0.0.0__71e9bce111e9429c\Microsoft.Office.Infopath.CLRLoader.dll
[2014.01.25 15:01:16 | 000,063,602 | ---- | M] () -- \Windows\Prefetch\RAREXTLOADER.EXE-8405D981.pf
[2013.08.02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2013.08.02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 02:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 02:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:38:32 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_68c05c919281774d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:38:48 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 03:12:19 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_68d20a7192733a4d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:09:47 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_6907efc6abd0db81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:32:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.08 06:11:20 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22379_none_692597a0abb965cc\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 07:20:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_695e76beab8ff095\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.29 03:18:31 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_694dd858ab9ba72a\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.04.12 09:34:35 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2011.04.12 09:34:35 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2011.04.12 09:34:35 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2011.04.12 09:34:35 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2011.04.12 09:34:35 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2012.11.29 22:21:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2012.11.29 22:21:42 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2012.11.29 22:21:42 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2012.11.29 22:21:42 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2012.11.29 22:21:42 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 03:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2011.04.12 09:33:23 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2010.11.21 04:16:35 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 18:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 14:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 03:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:32:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.08 05:59:24 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22379_none_0d06fc1cf35bf496\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 06:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.29 02:54:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_0d2f3cd4f33e35f4\api-ms-win-core-libraryloader-l1-1-0.dll

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2012.10.01 20:32:44 | 000,166,864 | ---- | M] () -- \Program Files (x86)\Microsoft Office\Office15\ADDINS\PowerPivot Excel Add-in\Microsoft.AnalysisServices.Excel.BackEnd.XmlSerializers.dll
[2012.10.01 20:32:44 | 000,209,360 | ---- | M] () -- \Program Files (x86)\Microsoft Office\Office15\ADDINS\PowerPivot Excel Add-in\Microsoft.AnalysisServices.Excel.Common.FrontEnd.XmlSerializers.dll
[2012.10.05 11:53:23 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2011.04.12 09:34:17 | 000,090,112 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2013.09.28 21:01:23 | 000,302,020 | ---- | M] () -- \Program Files\Eclipse\eclipse\plugins\org.apache.xml.serializer_2.7.1.v201005080400.jar
[2013.09.25 19:48:21 | 000,015,752 | ---- | M] () -- \Program Files\Java\jdk1.7.0_40\bin\serialver.exe
[2012.10.05 11:52:37 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2011.04.12 09:34:17 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2011.04.12 09:34:11 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.13 03:02:06 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2012.10.05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.08.15 07:33:41 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\d462f459c4353e2c628e6def1430aed7\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.08.15 07:51:40 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\e043ad64456256a8ee5b934e227d9782\System.Runtime.Serialization.ni.dll
[2013.08.15 07:30:21 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\845e04461d3d879b24c5b0d30947050a\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.08.15 07:56:10 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\dbfc784cc4bde7b16fb471e14563569d\System.Runtime.Serialization.ni.dll
[2013.10.10 21:50:36 | 002,659,328 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\10519c5a16fab95707f40b55941647b5\System.Runtime.Serialization.ni.dll
[2013.08.15 07:24:15 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\ad3522eafb95969623aeef7c389246bd\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.10.10 21:54:08 | 000,009,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\cda839ea462e123d42cb6d0883cf0f4d\System.Xml.Serialization.ni.dll
[2013.10.10 22:17:53 | 003,425,792 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\4d6c50c63ff4757f8825b82fb18eae3d\System.Runtime.Serialization.ni.dll
[2013.08.15 07:13:32 | 003,414,016 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\b00c987c6d13ba24a30b471ae12a23d5\System.Runtime.Serialization.ni.dll
[2013.08.15 07:15:35 | 000,376,832 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\cd2da26160fba6400b0353e558e35da6\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.07.13 11:09:47 | 000,010,240 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.Serializ#\252726355005e3388101a3f1dfa1c727\System.Xml.Serialization.ni.dll
[2010.03.18 12:16:28 | 001,026,936 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\DFC90B5F2B0FFA63D84FD16F6BF37C4B\4.0.30319\System.Runtime.Serialization.dll.amd64
[2010.03.18 12:16:28 | 001,026,936 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\DFC90B5F2B0FFA63D84FD16F6BF37C4B\4.0.30319\System.Runtime.Serialization.dll.x86
[2013.10.10 20:44:16 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.10.10 20:44:15 | 001,039,040 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.10.10 20:44:21 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.12 09:34:11 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.10.05 11:53:24 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013.09.11 05:06:54 | 001,039,040 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 12:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.06 16:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2009.06.10 21:40:06 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.12 09:34:10 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2012.10.05 11:52:38 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013.09.11 05:06:54 | 001,039,040 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 12:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.06 16:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2011.04.12 09:34:07 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 01:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009.06.10 21:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2011.04.12 09:34:07 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\cs-CZ\serialui.dll.mui
[2011.04.12 09:34:10 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_1e527062c1f59d5f\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2011.04.12 09:34:12 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23\serialui.dll.mui
[2009.07.14 02:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2011.04.12 09:34:17 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_bb9a1800691e639c\System.RunTime.Serialization.Resources.dll
[2011.04.12 09:34:13 | 000,009,728 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_20ab142d65ed6acc\serial.sys.mui
[2009.07.14 01:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009.06.10 21:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.10 21:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2010.11.21 04:24:53 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722\System.Runtime.Serialization.dll
[2012.10.05 11:52:38 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b\System.Runtime.Serialization.dll
[2012.10.05 11:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53\System.Runtime.Serialization.dll
[2010.11.21 04:24:53 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb\System.Runtime.Serialization.dll
[2012.10.05 11:52:37 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4\System.Runtime.Serialization.dll
[2012.10.05 11:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec\System.Runtime.Serialization.dll
[2012.11.29 22:21:42 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2012.11.29 22:21:42 | 000,017,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8_kdcom.dll_db5e7744
[2011.04.12 09:34:36 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23_serialui.dll.mui_7d29d2a3
[2009.07.14 03:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2011.04.12 09:34:35 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009.07.14 03:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009.07.14 03:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2011.02.05 18:35:45 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011.02.05 14:11:05 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009.07.14 03:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2010.11.21 04:17:50 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722.manifest
[2012.10.05 19:18:30 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b.manifest
[2012.10.05 19:10:31 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53.manifest
[2010.11.21 04:17:50 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb.manifest
[2012.10.05 19:19:07 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4.manifest
[2012.10.05 19:11:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec.manifest
[2010.11.21 04:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2012.10.05 18:15:39 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285.manifest
[2012.10.05 18:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d.manifest
[2011.04.12 09:33:41 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2012.10.05 21:12:17 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f.manifest
[2012.10.05 20:59:28 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797.manifest
[2010.11.21 04:17:50 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2012.10.05 18:15:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8.manifest
[2012.10.05 18:17:15 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0.manifest
[2010.11.21 04:18:20 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2012.10.05 18:19:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa.manifest
[2012.10.05 18:22:10 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2.manifest
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.12 09:34:11 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.21 04:24:53 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2012.10.05 11:53:24 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285\System.Runtime.Serialization.dll
[2012.10.05 11:56:07 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d\System.Runtime.Serialization.dll
[2011.04.12 09:34:17 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2010.11.13 03:02:06 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f\System.RunTime.Serialization.Resources.dll
[2010.11.13 03:37:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797\System.RunTime.Serialization.Resources.dll
[2010.11.21 04:24:53 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2012.10.05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8\System.Runtime.Serialization.dll
[2012.10.05 11:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0\System.Runtime.Serialization.dll
[2011.04.12 09:34:11 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_28a71ab4f6565f5a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2011.04.12 09:34:07 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2011.04.12 09:34:17 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2010.11.21 04:25:11 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2012.10.05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa\System.Runtime.Serialization.dll
[2012.10.05 11:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2\System.Runtime.Serialization.dll

< *w7lxe* /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 6392 bytes -> C:\Windows\PLA\System\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh

< End of report >

bontik · #20 Příspěvek od **bontik** » 25 led 2014 16:04

OTL Extras logfile created on: 25.1.2014 15:02:35 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Petr\Downloads\programy
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,37 Gb Total Physical Memory | 1,59 Gb Available Physical Memory | 47,19% Memory free
6,75 Gb Paging File | 4,81 Gb Available in Paging File | 71,26% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111,59 Gb Total Space | 27,43 Gb Free Space | 24,58% Space Free | Partition Type: NTFS
Drive D: | 231,30 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive E: | 5,21 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive F: | 243,88 Mb Total Space | 1,95 Mb Free Space | 0,80% Space Free | Partition Type: FAT

Computer Name: UZIVATEL-PC | User Name: Petr | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04CBEB39-D50B-4287-8013-2C1032066A89}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{0A11F59A-BE7E-45D2-AED8-6527E24B923E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{157CAA72-D9DF-465D-904E-ACFE69F9A109}" = rport=445 | protocol=6 | dir=out | app=system |
"{174BFB7F-AED8-48C3-994F-AEB9862E3B1D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{195BFA65-D9F0-4F44-9B14-301A196E9017}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{1FFDFBAD-EDBB-4FDC-955C-E3E77BCC28A9}" = lport=2869 | protocol=6 | dir=in | app=system |
"{2D5F5954-FB56-467E-976D-6DB319011695}" = rport=137 | protocol=17 | dir=out | app=system |
"{428D88B6-C29B-4CDC-9CFB-89812A158D5D}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{42CE4663-9214-4FBC-B30B-E01E0395330E}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{42F81A08-B593-45C3-98C9-2022A7A5545A}" = rport=139 | protocol=6 | dir=out | app=system |
"{4B0486A7-F7F0-4EF1-A5C6-6960FA39526A}" = rport=138 | protocol=17 | dir=out | app=system |
"{518ECDD7-1558-4E55-9F14-5E3B3CE8DB3F}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{522DFB05-DE49-4325-B670-04BB8569EA1A}" = lport=10243 | protocol=6 | dir=in | app=system |
"{52CE16CA-DEDF-443B-AEA4-297DB99A3492}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{5651CB35-FEFD-41F8-B028-8EF137E6B2C7}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5782D5C6-FAEF-4CDC-9A68-ACB12600DD2F}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{596E1794-08CE-4EB3-BE12-A551E82D3E63}" = lport=137 | protocol=17 | dir=in | app=system |
"{72481082-9B8B-4C8C-8E62-C87601D6A9E9}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{813C5ACD-B258-4540-9683-958A206A47D1}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office15\outlook.exe |
"{885A0184-7D0B-4665-9CAF-0DEDA540C9EC}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{91CE7C4B-B6B7-4AD0-AD5B-8DD6D9B2EF54}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9343C9FA-A859-4B73-A140-BBAA55C6CC2B}" = lport=138 | protocol=17 | dir=in | app=system |
"{B2461945-E54C-49E3-860B-0D121B688701}" = rport=10243 | protocol=6 | dir=out | app=system |
"{C5607317-FABD-4F3D-BF80-3752998E2383}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D2EF149E-F535-46A1-9FA4-663438943491}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D48309F9-8566-465E-8082-3949A56DAE61}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{DE654088-B22F-456F-91DF-72E7E558A499}" = lport=139 | protocol=6 | dir=in | app=system |
"{E6221C09-E9A7-44C6-9C8F-DF32E294A7C5}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{ECAC2343-ECA8-464E-9155-97BDF7DEB7FE}" = lport=445 | protocol=6 | dir=in | app=system |
"{F71EAB4C-CA97-41A0-8F5F-344E190EB230}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0049BD4A-2701-471B-BF85-C430A99076F0}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{0D85DC98-0D1E-43CF-A579-3BE3E6B6FFED}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{1B2FD798-5D0F-407C-B24A-6FB287FFD7B6}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{22486119-0878-45DB-BE9E-8AA14F0DECB9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2A313618-93BB-4C5A-A576-652C3F935B48}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office15\lync.exe |
"{2BAF2527-28E5-4C86-940C-87A11FDB0E66}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2C2329FE-24E1-46C1-9CCE-99A2C60EA192}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{33201BA3-754F-4F97-911B-7116F0666C67}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3696B6E5-4019-47E3-8849-C976DB846A6C}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{37B91A44-AB9E-4145-8513-5771835E70CF}" = protocol=6 | dir=in | app=c:\users\petr\appdata\local\temp\kmsnano\qemu-system-i386.exe |
"{38F9A2B7-8879-4002-BEE8-4C9535B708BA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{3C2C119A-F8F0-4CBF-A7E1-75CEEB8005C4}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{46DE028A-B8D9-4B60-B830-1F7CD4F60CA1}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{4ACA0576-200C-48B9-9020-2F8A5E5E13CC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{4EF7054B-EC7C-4764-A9E8-861D192473F3}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{5F809EF2-3F7F-4D12-AB98-15BE08AFF5FE}" = protocol=17 | dir=in | app=c:\users\petr\appdata\local\temp\kmsnano\qemu-system-i386.exe |
"{61F78849-5DD0-4C68-9017-3C84AC2A02CE}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office15\ucmapi.exe |
"{6747D537-BDD5-47CB-BC60-3F327D103E67}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{74FF1D15-2DC2-4D6D-B0E0-2842C9BCC334}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{83AE8171-BA4F-45C0-81DC-342264AF098B}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{8AA8AEAB-616A-4AAF-90EE-163A071B4B2E}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office15\lync.exe |
"{8F9B84FE-8C5B-44C8-9A37-2FA9D01FD600}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{90FB763E-8D52-4208-9A21-FBBD2E4EE5F9}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{9810D747-D51C-4C60-B0BF-E3DF7DAAC742}" = protocol=6 | dir=in | app=c:\users\petr\appdata\roaming\utorrent\utorrent.exe |
"{9CD608EB-00E1-44E6-9823-11BCA30B6691}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{A502B3F7-36A6-4984-B9CC-2D98D5139FE2}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B182F611-8DF1-4340-BA79-81330FE292DD}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C3D2E297-9348-40A0-9EBD-053CFA07FD25}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office15\ucmapi.exe |
"{DA68E847-C409-401E-B634-3597951814AB}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{DE05CE2E-7BF9-4CD1-8CF2-80688F552D79}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{DF88058D-BB36-4511-8CDB-01D82C8CF5DF}" = protocol=6 | dir=out | app=system |
"{E4F632C6-A892-4E67-8C00-8ACAE1680AD7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E60FA35C-D8AC-4A07-A61B-3F1DE4C267A8}" = protocol=17 | dir=in | app=c:\users\petr\appdata\roaming\utorrent\utorrent.exe |
"{EA4BDC0E-176C-4649-A7A2-2BC7BC1EDF6B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F70AD1E5-FA41-4A86-BF26-ED3E023D4BF7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{08BDFFCE-13D7-419E-A202-FF3D753F44A9}C:\users\petr\downloads\aoe\age of empires 2 cz!!!!\empires2.exe" = protocol=6 | dir=in | app=c:\users\petr\downloads\aoe\age of empires 2 cz!!!!\empires2.exe |
"TCP Query User{16815240-1F04-43F9-8F43-B29BC94D3878}C:\users\petr\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\petr\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{4229E661-F171-407F-9A37-92EA814DC25A}C:\hry\far cry 3\bin\farcry3.exe" = protocol=6 | dir=in | app=c:\hry\far cry 3\bin\farcry3.exe |
"TCP Query User{430B046F-28BA-4E1B-B460-26CE20964109}C:\windows\system32\javaw.exe" = protocol=6 | dir=in | app=c:\windows\system32\javaw.exe |
"TCP Query User{50DCE268-E263-48EC-93D8-B32F83AD269D}C:\games\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"TCP Query User{5766FA4D-AB8C-43A2-A512-740D80ED8F5D}C:\games\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"TCP Query User{662B4890-71EB-4E90-B399-EFE959B7A386}C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty 2\cod2mp_s.exe |
"TCP Query User{C07A165A-1A49-467C-A692-A2B496BB82A2}C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty 2\cod2mp_s.exe |
"UDP Query User{0D4C1F30-3B2C-44A6-8104-011A4C8BDC00}C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty 2\cod2mp_s.exe |
"UDP Query User{1C395E79-FE5A-4025-80D4-635A40D053BE}C:\users\petr\downloads\aoe\age of empires 2 cz!!!!\empires2.exe" = protocol=17 | dir=in | app=c:\users\petr\downloads\aoe\age of empires 2 cz!!!!\empires2.exe |
"UDP Query User{1E90B602-CF80-4BE9-8B22-9F3E36A0E056}C:\hry\far cry 3\bin\farcry3.exe" = protocol=17 | dir=in | app=c:\hry\far cry 3\bin\farcry3.exe |
"UDP Query User{8E275EE0-CF22-4EEA-8B76-A5475A3B85F9}C:\games\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"UDP Query User{9035FDC0-7C5B-465B-9F05-BA9EF959A41F}C:\users\petr\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\petr\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{D0662CAA-9B07-40D7-A418-C59849615C7D}C:\games\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"UDP Query User{F5A61A34-0462-4958-83E3-DAC6817C0BFC}C:\windows\system32\javaw.exe" = protocol=17 | dir=in | app=c:\windows\system32\javaw.exe |
"UDP Query User{FFDEF975-6570-4AC2-83BB-F03E2EEA3630}C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty 2\cod2mp_s.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{26A24AE4-039D-4CA4-87B4-2F86417045FF}" = Java 7 Update 45 (64-bit)
"{4C0A8D65-4286-4B58-87FE-18AD24289285}" = NVIDIA Performance Drivers
"{52E5D8A7-B129-4A29-AD4B-EBB749DCC3A3}_is1" = GamePark klient 2.0.9.0
"{64A3A4F4-B792-11D6-A78A-00B0D0170400}" = Java SE Development Kit 7 Update 40 (64-bit)
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90150000-002A-0000-1000-0000000FF1CE}" = Microsoft Office 64-bit Components 2013
"{90150000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2013
"{90150000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2013
"{90150000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2013
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Defraggler" = Defraggler
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"NVIDIA Drivers" = NVIDIA Drivers
"nView Desktop Manager" = NVIDIA nView Desktop Manager

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0BAA95A7-4303-11D6-851F-00C0CA129740}" = Heroes of Might and Magic® II
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{26A24AE4-039D-4CA4-87B4-2F83217040FF}" = Java 7 Update 40
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.10
"{767B964C-D9B4-422D-802B-F7ACBE2D310A}" = TIPCI
"{90150000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2013
"{90150000-0015-0405-0000-0000000FF1CE}" = Microsoft Access MUI (Czech) 2013
"{90150000-0015-0409-0000-0000000FF1CE}" = Microsoft Access MUI (English) 2013
"{90150000-0016-0405-0000-0000000FF1CE}" = Microsoft Excel MUI (Czech) 2013
"{90150000-0016-0409-0000-0000000FF1CE}" = Microsoft Excel MUI (English) 2013
"{90150000-0017-0405-0000-0000000FF1CE}" = Microsoft SharePoint Designer MUI (Czech) 2013
"{90150000-0018-0405-0000-0000000FF1CE}" = Microsoft PowerPoint MUI (Czech) 2013
"{90150000-0018-0409-0000-0000000FF1CE}" = Microsoft PowerPoint MUI (English) 2013
"{90150000-0019-0405-0000-0000000FF1CE}" = Microsoft Publisher MUI (Czech) 2013
"{90150000-0019-0409-0000-0000000FF1CE}" = Microsoft Publisher MUI (English) 2013
"{90150000-001A-0405-0000-0000000FF1CE}" = Microsoft Outlook MUI (Czech) 2013
"{90150000-001A-0409-0000-0000000FF1CE}" = Microsoft Outlook MUI (English) 2013
"{90150000-001B-0405-0000-0000000FF1CE}" = Microsoft Word MUI (Czech) 2013
"{90150000-001B-0409-0000-0000000FF1CE}" = Microsoft Word MUI (English) 2013
"{90150000-001F-0405-0000-0000000FF1CE}" = Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština
"{90150000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Korrekturhilfen 2013 - Deutsch
"{90150000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - English
"{90150000-001F-040C-0000-0000000FF1CE}" = Outils de vérification linguistique 2013 de Microsoft Office - Français
"{90150000-001F-041B-0000-0000000FF1CE}" = Nástroje korektúry balíka Microsoft Office 2013 - slovenčina
"{90150000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - Español
"{90150000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2013
"{90150000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2013
"{90150000-0044-0405-0000-0000000FF1CE}" = Microsoft InfoPath MUI (Czech) 2013
"{90150000-0044-0409-0000-0000000FF1CE}" = Microsoft InfoPath MUI (English) 2013
"{90150000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2013
"{90150000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2013
"{90150000-0090-0405-0000-0000000FF1CE}" = Microsoft DCF MUI (Czech) 2013
"{90150000-0090-0409-0000-0000000FF1CE}" = Microsoft DCF MUI (English) 2013
"{90150000-00A1-0405-0000-0000000FF1CE}" = Microsoft OneNote MUI (Czech) 2013
"{90150000-00A1-0409-0000-0000000FF1CE}" = Microsoft OneNote MUI (English) 2013
"{90150000-00BA-0405-0000-0000000FF1CE}" = Microsoft Groove MUI (Czech) 2013
"{90150000-00BA-0409-0000-0000000FF1CE}" = Microsoft Groove MUI (English) 2013
"{90150000-00E1-0405-0000-0000000FF1CE}" = Microsoft Office OSM MUI (Czech) 2013
"{90150000-00E1-0409-0000-0000000FF1CE}" = Microsoft Office OSM MUI (English) 2013
"{90150000-00E2-0405-0000-0000000FF1CE}" = Microsoft Office OSM UX MUI (Czech) 2013
"{90150000-00E2-0409-0000-0000000FF1CE}" = Microsoft Office OSM UX MUI (English) 2013
"{90150000-0100-0405-0000-0000000FF1CE}" = Microsoft Office O MUI (Czech) 2013
"{90150000-0101-0405-0000-0000000FF1CE}" = Microsoft X MUI (Czech) 2013
"{90150000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2013
"{90150000-0117-0409-0000-0000000FF1CE}" = Microsoft Access Setup Metadata MUI (English) 2013
"{90150000-012B-0405-0000-0000000FF1CE}" = Microsoft Lync MUI (Czech) 2013
"{90150000-012B-0409-0000-0000000FF1CE}" = Microsoft Lync MUI (English) 2013
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.9) - Czech
"{AFBAB9A0-DDE8-49AE-8C17-A01B61BEE64B}" = Garmin MapSource
"{B54B8CD3-E12B-4C29-AF5A-2101E2FF5F53}" = TIPCI
"{C13E90B0-4E1C-11DB-6784-0152EAA218BE}" = Call of Duty(R) 2 Patch 1.3
"{C405734B-E2AD-DC87-5FFE-1D69C6759361}_is1" = Aktivator Microsoft Office Professional Plus 2013 (32-64bit) version for Windows
"{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"{ED45BEA5-3E7F-423F-80AE-9D9E5809959A}" = TOPO Czech PRO 2012
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F1D7AC58-554A-4A58-B784-B61558B1449A}" = QLBCASL
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE v.6.80
"avast" = avast! Free Antivirus
"CzechRep_by_Dave_Luv" = CzechRep_by_Dave_Luv
"DAEMON Tools Lite" = DAEMON Tools Lite
"Google Chrome" = Google Chrome
"HijackThis" = HijackThis 2.0.2
"InstallShield_{0BAA95A7-4303-11D6-851F-00C0CA129740}" = Heroes of Might and Magic® II
"InstallShield_{767B964C-D9B4-422D-802B-F7ACBE2D310A}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"InstallShield_{B54B8CD3-E12B-4C29-AF5A-2101E2FF5F53}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 8.4.0
"Office15.OMUI.cs-cz" = Microsoft Office Language Pack 2013 - Czech/čeština
"Office15.PROPLUS" = Microsoft Office Professional Plus 2013
"OpenTTD" = OpenTTD 1.2.3
"Opera 12.16.1860" = Opera 12.16
"ProcessLasso" = Process Lasso
"The KMPlayer" = The KMPlayer (remove only)
"Totalcmd" = Total Commander (Remove or Repair)
"WinRAR archiver" = WinRAR

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2968677098-578229195-219959863-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 3.1.2014 16:24:23 | Computer Name = uživatel-PC | Source = WinMgmt | ID = 10
Description =

Error - 5.1.2014 11:28:48 | Computer Name = uživatel-PC | Source = WinMgmt | ID = 10
Description =

Error - 8.1.2014 13:24:19 | Computer Name = uživatel-PC | Source = WinMgmt | ID = 10
Description =

Error - 8.1.2014 14:05:25 | Computer Name = uživatel-PC | Source = WinMgmt | ID = 10
Description =

Error - 10.1.2014 11:15:03 | Computer Name = uživatel-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Služba Šifrování selhala při volání OnIdentity() v objektu System
Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary aswKbd. System
Error: Systém nemůže nalézt uvedený soubor. .

Error - 10.1.2014 11:15:03 | Computer Name = uživatel-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Služba Šifrování selhala při volání OnIdentity() v objektu System
Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary Avast! Firewall
Driver. System Error: Systém nemůže nalézt uvedený soubor. .

Error - 12.1.2014 11:06:53 | Computer Name = uživatel-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Služba Šifrování selhala při volání OnIdentity() v objektu System
Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary aswKbd. System
Error: Systém nemůže nalézt uvedený soubor. .

Error - 12.1.2014 11:06:53 | Computer Name = uživatel-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Služba Šifrování selhala při volání OnIdentity() v objektu System
Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary Avast! Firewall
Driver. System Error: Systém nemůže nalézt uvedený soubor. .

Error - 14.1.2014 1:08:25 | Computer Name = uživatel-PC | Source = WinMgmt | ID = 10
Description =

Error - 14.1.2014 16:18:34 | Computer Name = uživatel-PC | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 1.10.2013 11:29:25 | Computer Name = uživatel-PC | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby CertPropSvc bylo dosaženo časového
limitu (30000 ms).

Error - 1.10.2013 11:29:37 | Computer Name = uživatel-PC | Source = DCOM | ID = 10010
Description =

Error - 1.10.2013 11:33:12 | Computer Name = uživatel-PC | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (17:31:30, ?1.?10.?2013) bylo neočekávané.

Error - 1.10.2013 11:36:18 | Computer Name = uživatel-PC | Source = Service Control Manager | ID = 7000
Description = Služba atksgt neuspěla při spuštění v důsledku následující chyby:
%%577

Error - 1.10.2013 11:36:18 | Computer Name = uživatel-PC | Source = Service Control Manager | ID = 7000
Description = Služba lirsgt neuspěla při spuštění v důsledku následující chyby:
%%577

Error - 1.10.2013 11:37:31 | Computer Name = uživatel-PC | Source = WMPNetworkSvc | ID = 866321
Description =

Error - 1.10.2013 11:37:31 | Computer Name = uživatel-PC | Source = WMPNetworkSvc | ID = 866317
Description =

Error - 1.10.2013 11:37:31 | Computer Name = uživatel-PC | Source = WMPNetworkSvc | ID = 866321
Description =

Error - 1.10.2013 11:37:31 | Computer Name = uživatel-PC | Source = WMPNetworkSvc | ID = 866317
Description =

Error - 3.10.2013 12:28:55 | Computer Name = uživatel-PC | Source = volsnap | ID = 393252
Description = Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného
uživatelem se nepodařilo zvětšit úložiště stínové kopie.

< End of report >

#21 Příspěvek od **Márty84** » 25 led 2014 16:26

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne

Znovu spustte OTL jako spravce
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[Purity]
[CreateRestorePoint]

:services
AdobeARMservice
gupdate
SkypeUpdate
AdobeFlashPlayerUpdateSvc
gupdatem

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

:otl
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-2968677098-578229195-219959863-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
O2 - BHO: (no name) - {26B19FA4-E8A1-4A1B-A163-1A1E46F830DD} - No CLSID value found.
O4 - HKLM..\Run: [NtVdmSrv] C:\Windows\inf\ntvdm.vbe File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O15 - HKU\S-1-5-21-2968677098-578229195-219959863-1003\..Trusted Domains: localhost ([]http in Internet)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Petr\Desktop\*.tmp files -> C:\Users\Petr\Desktop\*.tmp -> ]
[2013.12.30 10:39:10 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Seznam.cz
[2014.01.16 16:05:43 | 000,000,000 | ---D | M] -- C:\Users\uživatel\AppData\Roaming\Seznam.cz
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[4 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[7 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\3b26bc37575f07983b0fb2f4f0babdfc\*.tmp files -> C:\Windows\SoftwareDistribution\Download\3b26bc37575f07983b0fb2f4f0babdfc\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\ae5723efc251d9249233ffe24e20334a\*.tmp files -> C:\Windows\SoftwareDistribution\Download\ae5723efc251d9249233ffe24e20334a\*.tmp -> ]
[52 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
@Alternate Data Stream - 6392 bytes -> C:\Windows\PLA\System\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=-
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=-

Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

bontik · #22 Příspěvek od **bontik** » 25 led 2014 16:37

Avast vubec nereaguje..

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes

User: Petr
->Temp folder emptied: 981030556 bytes
->Temporary Internet Files folder emptied: 493637314 bytes
->Java cache emptied: 242167 bytes
->Google Chrome cache emptied: 11640515 bytes
->Opera cache emptied: 70098647 bytes
->Flash cache emptied: 29600 bytes

User: Public

User: uživatel
->Temp folder emptied: 226327869 bytes
->Temporary Internet Files folder emptied: 315593476 bytes
->Java cache emptied: 786 bytes
->Google Chrome cache emptied: 10089061 bytes
->Opera cache emptied: 74185858 bytes
->Flash cache emptied: 65424 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 16696 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 519758330 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 36116438 bytes
RecycleBin emptied: 34019090 bytes

Total Files Cleaned = 2 644,00 mb

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Petr
->Flash cache emptied: 0 bytes

User: Public

User: uživatel
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

Restore point Set: OTL Restore Point
========== SERVICES/DRIVERS ==========
Service AdobeARMservice stopped successfully!
Service AdobeARMservice deleted successfully!
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service SkypeUpdate stopped successfully!
Service SkypeUpdate deleted successfully!
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
C:\Windows\tasks\Adobe Flash Player Updater.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-2968677098-578229195-219959863-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NtVdmSrv deleted successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry key HKEY_USERS\S-1-5-21-2968677098-578229195-219959863-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\localhost\ deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
C:\Users\Petr\Desktop\~WRL2540.tmp deleted successfully.
C:\Users\Petr\AppData\Roaming\Seznam.cz\~~erase-567841564-18536-47813.$$$ folder moved successfully.
C:\Users\Petr\AppData\Roaming\Seznam.cz folder moved successfully.
C:\Users\uživatel\AppData\Roaming\Seznam.cz\uninstall folder moved successfully.
C:\Users\uživatel\AppData\Roaming\Seznam.cz\data\ffinstall\data\modules\JAK folder moved successfully.
C:\Users\uživatel\AppData\Roaming\Seznam.cz\data\ffinstall\data\modules\components\subclasses\email folder moved successfully.
C:\Users\uživatel\AppData\Roaming\Seznam.cz\data\ffinstall\data\modules\components\subclasses folder moved successfully.
C:\Users\uživatel\AppData\Roaming\Seznam.cz\data\ffinstall\data\modules\components folder moved successfully.
C:\Users\uživatel\AppData\Roaming\Seznam.cz\data\ffinstall\data\modules\classes folder moved successfully.
C:\Users\uživatel\AppData\Roaming\Seznam.cz\data\ffinstall\data\modules folder moved successfully.
C:\Users\uživatel\AppData\Roaming\Seznam.cz\data\ffinstall\data\chrome folder moved successfully.
C:\Users\uživatel\AppData\Roaming\Seznam.cz\data\ffinstall\data folder moved successfully.
C:\Users\uživatel\AppData\Roaming\Seznam.cz\data\ffinstall folder moved successfully.
C:\Users\uživatel\AppData\Roaming\Seznam.cz\data\chrome folder moved successfully.
C:\Users\uživatel\AppData\Roaming\Seznam.cz\data folder moved successfully.
C:\Users\uživatel\AppData\Roaming\Seznam.cz\conf\szndesktop.d folder moved successfully.
C:\Users\uživatel\AppData\Roaming\Seznam.cz\conf\libfoxcub folder moved successfully.
C:\Users\uživatel\AppData\Roaming\Seznam.cz\conf folder moved successfully.
C:\Users\uživatel\AppData\Roaming\Seznam.cz\bin folder moved successfully.
C:\Users\uživatel\AppData\Roaming\Seznam.cz folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2384.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8441.tmp\Microsoft.Build.Tasks.v3.5.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8441.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPF881.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP235.tmp\System.Data.Services.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP235.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP3E68.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP4D55.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP6B8E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPC87C.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder deleted successfully.
C:\Windows\SoftwareDistribution\Download\3b26bc37575f07983b0fb2f4f0babdfc\BITDF14.tmp deleted successfully.
C:\Windows\SoftwareDistribution\Download\ae5723efc251d9249233ffe24e20334a\BITD5CD.tmp deleted successfully.
ADS C:\Windows\PLA\System\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh deleted successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.

OTL by OldTimer - Version 3.2.69.0 log created on 01252014_162902

Files\Folders moved on Reboot...
C:\Users\Petr\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

bontik · #23 Příspěvek od **bontik** » 25 led 2014 17:17

Jak to tady tak studuju narazil jsem na program returnil

http://technet.idnes.cz/vime-jak-z-wind ... ftware_dvr

co si o tom myslite?

A jeste zajimave je ze AVAST mi blokuje stranku chip.cz pry je tm trojan..

#24 Příspěvek od **Márty84** » 25 led 2014 18:20

bontik píše:Jak to tady tak studuju narazil jsem na program returnil
co si o tom myslite?

Nemam s nim zadne zkusenosti, takze nebudu hodnotit.

bontik píše:A jeste zajimave je ze AVAST mi blokuje stranku chip.cz pry je tm trojan..

Ano, mi taky. Na stranku samotnou ale pusti. S tim ale nic nenadelam

Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

vyosek píše: T-Cleaner http://tharifas.sweb.cz/T-Cleaner.exe
Stahnete a spustte

Pro potvrzeni volby mackejte A, Enter

Po pouziti utilitu smazte

Antiviry mohou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.
Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.

Stahnete TFC http://oldtimer.geekstogo.com/TFC.exe , ulozte a spustte
Kliknete na START a pote OK - Po uklidu dojde k restartu pc.
Po pouziti muzete programek smazat

Stahnete Ccleaner http://www.stahuj.centrum.cz/utility_a_ ... /ccleaner/ a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!

Defragmentujte disk(y)
Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.

Pak napiste, jak je na tom pc.

bontik · #25 Příspěvek od **bontik** » 25 led 2014 21:55

Ahoj tak vsechno jede jak maa jeste pres noc dam ten defragler ale delal jsem defragmentaci asi pred mesicem tak by to melo byt ok..dekuji mnohokrate

#26 Příspěvek od **Márty84** » 25 led 2014 22:46

Zalezi cim jste ji delal. Ta systemova za moc nestoji. Pokud jste pouzil nejaky specializovany program, mela by to byt rychlovka

Nemate zac!

Mejte se a treba zase nekdy

VIRY.CZ

preventivni

Re: preventivni

Re: preventivni

Re: preventivni

Re: preventivni

Re: preventivni

Re: preventivni

Re: preventivni

Re: preventivni

Re: preventivni

Re: preventivni

Re: preventivni