Preventivka

[Márty84]

Seznam software odinstalujte, pokud to nepouzivate.


Znovu spustte RogueKiller jako spravce (pokud jste ho jeste nezavrel/a, rovnou kliknete na napis Smazat)
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Smazat.
Pak kliknete na napis Zprava a objevi se log. Ten mi sem vlozte.
Pak kliknete na napis Oprava Host a Zprava.
Objevi se dalsi log. I ten mi sem vlozte.

[Juric]

RogueKiller V8.8.7 [Feb 11 2014] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Jirik [Práva správce]
Mód : Odebrat -- Datum : 02/14/2014 10:31:00
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 11 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.autoupdate ("C:\Users\Jirik\AppData\Roaming\Seznam.cz\szninstall.exe" -c [7]) -> VYMAZÁNO
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.szndesktop ("C:\Users\Jirik\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [7]) -> VYMAZÁNO
[RUN][SUSP PATH] HKUS\S-1-5-21-129278174-98504208-4226844520-1001\[...]\Run : cz.seznam.software.autoupdate ("C:\Users\Jirik\AppData\Roaming\Seznam.cz\szninstall.exe" -c [7]) -> [0x2] Systém nemůže nalézt uvedený soubor.
[RUN][SUSP PATH] HKUS\S-1-5-21-129278174-98504208-4226844520-1001\[...]\Run : cz.seznam.software.szndesktop ("C:\Users\Jirik\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [7]) -> [0x2] Systém nemůže nalézt uvedený soubor.
[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NAHRAZENO (2)
[HJ POL][PUM] HKLM\[...]\System : EnableLUA (0) -> NAHRAZENO (1)
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> NAHRAZENO (2)
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> NAHRAZENO (1)
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyDocs (0) -> NAHRAZENO (1)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) Hitachi HTS547575A9E384 +++++
--- User ---
[MBR] 19ef737ae41538091dda1058c7d4dc08
[BSP] cad6eae1582d2adebec2280422cd15c1 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 18432 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 37750784 | Size: 100 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 37955584 | Size: 696870 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_D_02142014_103100.txt >>
RKreport[0]_S_02132014_235210.txt;RKreport[0]_S_02142014_103055.txt





RogueKiller V8.8.7 [Feb 11 2014] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Jirik [Práva správce]
Mód : Oprava HOSTS -- Datum : 02/14/2014 10:31:07
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost


Dokončeno : << RKreport[0]_H_02142014_103107.txt >>
RKreport[0]_D_02142014_103100.txt;RKreport[0]_S_02132014_235210.txt;RKreport[0]_S_02142014_103055.txt

[Márty84]

Dejte novy log z RSIT

[Juric]

Logfile of random's system information tool 1.09 (written by random/random)
Run by Jirik at 2014-02-14 16:07:49
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 84 GB (12%) free of 697 GB
Total RAM: 8044 MB (68% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:07:52, on 14.2.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files (x86)\Steam\steam.exe
C:\Users\Jirik\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jirik\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jirik\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jirik\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jirik\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Jirik.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [Dolby Advanced Audio v2] "C:\Dolby PCEE4\pcee4.exe" -autostart
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [FixMyRegistry] C:\Program Files (x86)\SmartTweak\FixMyRegistry\FixMyRegistry.exe /ot /as /ss
O4 - HKCU\..\Run: [Google Update] "C:\Users\Jirik\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O4 - Global Startup: Secunia PSI Tray.lnk = C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe
O23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12509 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\system32\WLANExt.exe 3396368
\??\C:\Windows\system32\conhost.exe "-15803502799274531031871692098-1111401949-11744431781039551571-1231375049-290069335
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\Launch Manager\LMutilps32.exe" --system-level-mutex="Local\{B904A927-FE6B-48fd-8C83-6B807BED1F9C}" --enable-wmi-window
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Secunia\PSI\PSIA.exe" --start-service
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Secunia\PSI\sua.exe" --start-service
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\system32\svchost.exe -k WindowsMobile
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"taskhost.exe"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
C:\Windows\Explorer.EXE
"C:\Windows\system32\Dwm.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe"
C:\Windows\system32\igfxext.exe -Embedding
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Windows\WindowsMobile\wmdc.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files (x86)\uTorrent\uTorrent.exe"
"C:\Program Files (x86)\Secunia\PSI\psi_tray.exe"
"C:\Dolby PCEE4\pcee4.exe" -autostart
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Launch Manager\LManager.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "2005900810-1662530071-129140985812553680582919508619701841301032556920-766658994
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
"C:\Program Files (x86)\Launch Manager\LMworker.exe"
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Steam\steam.exe" "steam://rungameid/440"
"C:\Users\Jirik\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\Jirik\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="5568.0.903996116\1857170012" --disable-image-transport-surface --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,5,13,23 --disable-accelerated-video-decode --reduce-gpu-sandbox --gpu-vendor-id=0x8086 --gpu-device-id=0x0106 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2418 --ignored=" --type=renderer " /prefetch:822062411
"C:\Users\Jirik\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/DeferBackgroundExtensionCreation/RateLimited/EmbeddedSearch/Group8 pct:10h stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/OmniboxBundledExperimentV1/StandardR2/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-1-Percent/group_75/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --extension-process --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --enable-software-compositing --channel="5568.2.1743070910\537274444" /prefetch:673131151
"C:\Users\Jirik\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/DeferBackgroundExtensionCreation/RateLimited/EmbeddedSearch/Group8 pct:10h stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ManagedModeLaunch/Active/OmniboxBundledExperimentV1/StandardR2/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-1-Percent/group_75/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --enable-software-compositing --channel="5568.4.387787577\1470395746" /prefetch:673131151
C:\Windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding
"C:\Users\Jirik\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/DeferBackgroundExtensionCreation/RateLimited/EmbeddedSearch/Group8 pct:10h stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ManagedModeLaunch/Active/OmniboxBundledExperimentV1/StandardR2/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-1-Percent/group_75/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --enable-software-compositing --channel="5568.5.151478715\1262907697" /prefetch:673131151
"C:\Users\Jirik\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-129278174-98504208-4226844520-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-129278174-98504208-4226844520-1001UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-02-02 553384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-02-02 1390368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-02-02 210856]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-02-02 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-03-31 64672]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-02-02 1143168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-02-02 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-02-02 1390368]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-02-02 1143168]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-06-21 167704]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-06-21 392472]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-06-21 416024]
"Power Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2011-08-02 1831016]
"Nvtmru"=C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [2013-10-18 1028384]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-09-18 11786344]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2013-12-10 1100248]
"Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 660360]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2013-12-10 2279712]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=C:\Program Files (x86)\uTorrent\uTorrent.exe [2013-04-24 399736]
"FixMyRegistry"=C:\Program Files (x86)\SmartTweak\FixMyRegistry\FixMyRegistry.exe /ot /as /ss []
"Google Update"=C:\Users\Jirik\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-30 116648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnTBMon]
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AthBtTray]
C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2011-03-31 657056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AtherosBtStack]
C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2011-03-31 790176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BackupManagerTray]
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [2011-04-24 297280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-03-12 153136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DW7]
C:\Program Files (x86)\The Weather Channel\The Weather Channel App\TWCApp.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ETDCtrl]
C:\Program Files\Elantech\ETDCtrl.exe [2011-04-05 2589992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Jirik\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-30 116648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NUSB3MON]
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2012-11-24 113288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Start WingMan Profiler]
C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2010-06-15 190536]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TNOD UP]
C:\Program Files (x86)\ESET\MiNODLogin\TNod User & Password Finder\TNODUP.exe /i []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Program Files (x86)\uTorrent\uTorrent.exe [2013-04-24 399736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2011-03-07 89456]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Actualizar la licencia de ESET.lnk]
C:\PROGRA~2\ESET\MINODL~1\launcher.exe -d 10000 []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Dolby Advanced Audio v2"=C:\Dolby PCEE4\pcee4.exe [2011-06-01 506712]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2011-07-01 1103440]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-02 3767096]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Secunia PSI Tray.lnk - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-06-10 389632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HideSCAHealth"=1
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave3"=wdmaud.drv
"mixer3"=wdmaud.drv
"midi3"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.ac3filter"=ac3filter64.acm
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2014-02-13 12:02:18 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-02-13 12:02:18 ----A---- C:\Windows\system32\vbscript.dll
2014-02-13 12:01:09 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-02-13 12:01:09 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-02-13 12:01:09 ----A---- C:\Windows\system32\msrating.dll
2014-02-13 12:01:08 ----A---- C:\Windows\system32\ieui.dll
2014-02-13 12:01:07 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2014-02-13 12:01:07 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-02-13 12:01:07 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-02-13 12:01:07 ----A---- C:\Windows\system32\iesysprep.dll
2014-02-13 12:01:07 ----A---- C:\Windows\system32\iesetup.dll
2014-02-13 12:01:07 ----A---- C:\Windows\system32\iernonce.dll
2014-02-13 12:01:07 ----A---- C:\Windows\system32\ie4uinit.exe
2014-02-13 12:01:06 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-02-13 12:01:06 ----A---- C:\Windows\system32\iertutil.dll
2014-02-13 12:01:04 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-02-13 12:01:04 ----A---- C:\Windows\system32\msfeeds.dll
2014-02-13 12:01:03 ----A---- C:\Windows\SYSWOW64\jscript.dll
2014-02-13 12:01:03 ----A---- C:\Windows\system32\jscript9.dll
2014-02-13 12:01:03 ----A---- C:\Windows\system32\jscript.dll
2014-02-13 12:01:02 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-02-13 12:01:02 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-02-13 12:01:01 ----A---- C:\Windows\system32\urlmon.dll
2014-02-13 12:01:00 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-02-13 12:01:00 ----A---- C:\Windows\system32\jsproxy.dll
2014-02-13 12:00:59 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-02-13 12:00:59 ----A---- C:\Windows\system32\wininet.dll
2014-02-13 12:00:58 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-02-13 12:00:57 ----A---- C:\Windows\system32\ieframe.dll
2014-02-13 12:00:55 ----A---- C:\Windows\system32\mshtml.dll
2014-02-13 12:00:53 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-02-12 14:52:46 ----A---- C:\Windows\system32\msxml3.dll
2014-02-12 14:52:45 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2014-02-12 14:52:45 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-02-12 14:52:45 ----A---- C:\Windows\system32\msxml3r.dll
2014-02-12 14:52:34 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp_isv.exe
2014-02-12 14:52:34 ----A---- C:\Windows\SYSWOW64\RMActivate_isv.exe
2014-02-12 14:52:34 ----A---- C:\Windows\SYSWOW64\RMActivate.exe
2014-02-12 14:52:34 ----A---- C:\Windows\system32\RMActivate_isv.exe
2014-02-12 14:52:34 ----A---- C:\Windows\system32\RMActivate.exe
2014-02-12 14:52:33 ----A---- C:\Windows\SYSWOW64\secproc_isv.dll
2014-02-12 14:52:33 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp.exe
2014-02-12 14:52:33 ----A---- C:\Windows\system32\secproc_isv.dll
2014-02-12 14:52:33 ----A---- C:\Windows\system32\secproc.dll
2014-02-12 14:52:33 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-12 14:52:33 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2014-02-12 14:52:33 ----A---- C:\Windows\system32\msdrm.dll
2014-02-12 14:52:32 ----A---- C:\Windows\SYSWOW64\secproc_ssp_isv.dll
2014-02-12 14:52:32 ----A---- C:\Windows\SYSWOW64\secproc_ssp.dll
2014-02-12 14:52:32 ----A---- C:\Windows\SYSWOW64\secproc.dll
2014-02-12 14:52:32 ----A---- C:\Windows\SYSWOW64\msdrm.dll
2014-02-12 14:52:32 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2014-02-12 14:52:32 ----A---- C:\Windows\system32\secproc_ssp.dll
2014-02-12 14:52:14 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2014-02-12 14:52:14 ----A---- C:\Windows\system32\d3d10warp.dll
2014-02-12 14:52:13 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2014-02-12 14:52:13 ----A---- C:\Windows\system32\d2d1.dll
2014-02-09 06:33:32 ----D---- C:\Users\Jirik\AppData\Roaming\Mozilla
2014-02-07 22:51:11 ----D---- C:\Program Files (x86)\Seznam.cz
2014-02-07 22:50:48 ----D---- C:\Users\Jirik\AppData\Roaming\Seznam.cz
2014-02-07 22:50:39 ----D---- C:\Program Files (x86)\SmartTweak
2014-02-07 22:50:28 ----D---- C:\Program Files (x86)\XeMu360
2014-02-07 21:47:26 ----D---- C:\Windows\SYSWOW64\NV
2014-02-07 21:47:26 ----D---- C:\Windows\system32\NV
2014-02-07 21:47:16 ----D---- C:\ProgramData\NVIDIA
2014-02-07 19:09:23 ----A---- C:\Windows\system32\nvvsvc.exe
2014-02-07 19:09:23 ----A---- C:\Windows\system32\nvsvcr.dll
2014-02-07 19:09:23 ----A---- C:\Windows\system32\nvsvc64.dll
2014-02-07 19:09:23 ----A---- C:\Windows\system32\nvshext.dll
2014-02-07 19:09:23 ----A---- C:\Windows\system32\nvmctray.dll
2014-02-07 19:09:23 ----A---- C:\Windows\system32\nvcpl.dll
2014-02-07 19:09:23 ----A---- C:\Windows\system32\nv3dappshextr.dll
2014-02-07 19:09:23 ----A---- C:\Windows\system32\nv3dappshext.dll
2014-02-07 19:08:21 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2014-02-07 19:08:21 ----A---- C:\Windows\system32\OpenCL.dll
2014-02-07 18:57:54 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2014-02-07 18:57:54 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2014-02-07 18:57:54 ----A---- C:\Windows\system32\nvwgf2umx.dll
2014-02-07 18:57:54 ----A---- C:\Windows\system32\nvumdshimx.dll
2014-02-07 18:57:53 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2014-02-07 18:57:53 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2014-02-07 18:57:53 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2014-02-07 18:57:53 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2014-02-07 18:57:53 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2014-02-07 18:57:53 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2014-02-07 18:57:53 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2014-02-07 18:57:53 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2014-02-07 18:57:53 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2014-02-07 18:57:53 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2014-02-07 18:57:53 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2014-02-07 18:57:53 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2014-02-07 18:57:53 ----A---- C:\Windows\system32\nvopencl.dll
2014-02-07 18:57:53 ----A---- C:\Windows\system32\nvoglv64.dll
2014-02-07 18:57:53 ----A---- C:\Windows\system32\nvoglshim64.dll
2014-02-07 18:57:53 ----A---- C:\Windows\system32\nvinitx.dll
2014-02-07 18:57:53 ----A---- C:\Windows\system32\NvIFR64.dll
2014-02-07 18:57:53 ----A---- C:\Windows\system32\NvFBC64.dll
2014-02-07 18:57:53 ----A---- C:\Windows\system32\nvdispgenco6433221.dll
2014-02-07 18:57:53 ----A---- C:\Windows\system32\nvdispco6433221.dll
2014-02-07 18:57:53 ----A---- C:\Windows\system32\nvd3dumx.dll
2014-02-07 18:57:53 ----A---- C:\Windows\system32\nvcuvid.dll
2014-02-07 18:57:53 ----A---- C:\Windows\system32\nvcuvenc.dll
2014-02-07 18:57:53 ----A---- C:\Windows\system32\nvcuda.dll
2014-02-07 18:57:53 ----A---- C:\Windows\system32\nvcompiler.dll
2014-02-07 18:57:53 ----A---- C:\Windows\system32\nvapi64.dll
2014-02-07 18:57:53 ----A---- C:\Windows\system32\drivers\nvpciflt.sys
2014-02-07 18:57:53 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2014-02-05 13:34:45 ----D---- C:\Program Files\Ekahau
2014-02-02 18:54:53 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-02 18:54:53 ----A---- C:\Windows\system32\drivers\mbam.sys
2014-02-02 17:25:00 ----D---- C:\AdwCleaner
2014-02-02 17:00:20 ----D---- C:\Users\Jirik\AppData\Roaming\AVAST Software
2014-02-02 16:59:35 ----A---- C:\Windows\system32\drivers\aswStm.sys
2014-02-02 16:59:33 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2014-02-02 16:59:33 ----A---- C:\Windows\system32\drivers\aswSP.sys
2014-02-02 16:59:33 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2014-02-02 16:59:33 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2014-02-02 16:59:33 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2014-02-02 16:59:33 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2014-02-02 16:59:31 ----A---- C:\Windows\system32\aswBoot.exe
2014-02-02 16:59:29 ----A---- C:\Windows\avastSS.scr
2014-02-02 16:56:54 ----D---- C:\Program Files\AVAST Software
2014-02-02 16:56:24 ----D---- C:\ProgramData\AVAST Software
2014-02-02 13:56:20 ----D---- C:\Program Files\trend micro
2014-02-02 13:56:19 ----D---- C:\rsit
2014-02-02 13:51:27 ----D---- C:\Program Files (x86)\MSXML 4.0
2014-02-02 13:50:49 ----A---- C:\Windows\SYSWOW64\javaws.exe
2014-02-02 13:50:43 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2014-02-02 13:50:43 ----A---- C:\Windows\SYSWOW64\javaw.exe
2014-02-02 13:50:43 ----A---- C:\Windows\SYSWOW64\java.exe
2014-02-02 13:50:32 ----D---- C:\Program Files (x86)\Java
2014-02-02 13:48:56 ----A---- C:\Windows\system32\javaws.exe
2014-02-02 13:48:50 ----A---- C:\Windows\system32\WindowsAccessBridge-64.dll
2014-02-02 13:48:50 ----A---- C:\Windows\system32\javaw.exe
2014-02-02 13:48:50 ----A---- C:\Windows\system32\java.exe
2014-02-02 13:48:40 ----D---- C:\Program Files\Java
2014-02-02 13:45:19 ----D---- C:\Program Files\Wireshark
2014-02-02 13:40:56 ----D---- C:\Program Files (x86)\Secunia
2014-01-15 03:32:29 ----A---- C:\Windows\system32\drivers\usbport.sys
2014-01-15 03:32:29 ----A---- C:\Windows\system32\drivers\usbehci.sys
2014-01-15 03:32:28 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2014-01-15 03:32:28 ----A---- C:\Windows\system32\drivers\usbohci.sys
2014-01-15 03:32:28 ----A---- C:\Windows\system32\drivers\usbhub.sys
2014-01-15 03:32:28 ----A---- C:\Windows\system32\drivers\usbd.sys
2014-01-15 03:32:28 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2014-01-15 03:32:27 ----A---- C:\Windows\system32\win32k.sys
2014-01-15 03:32:26 ----A---- C:\Windows\system32\drivers\netio.sys

======List of files/folders modified in the last 1 month======

2014-02-14 16:07:52 ----D---- C:\Windows\Prefetch
2014-02-14 16:07:46 ----D---- C:\Users\Jirik\AppData\Roaming\uTorrent
2014-02-14 10:30:52 ----D---- C:\Windows\system32\drivers
2014-02-14 04:41:16 ----D---- C:\Windows\system32\config
2014-02-14 03:38:09 ----D---- C:\Windows\Temp
2014-02-14 00:42:19 ----D---- C:\Program Files (x86)\Steam
2014-02-13 13:03:34 ----D---- C:\Windows\rescache
2014-02-13 12:40:18 ----D---- C:\Windows\Microsoft.NET
2014-02-13 12:34:57 ----SHD---- C:\Windows\Installer
2014-02-13 12:32:35 ----RSD---- C:\Windows\assembly
2014-02-13 12:16:41 ----A---- C:\Windows\SYSWOW64\log.txt
2014-02-13 12:14:37 ----D---- C:\Windows\winsxs
2014-02-13 12:12:36 ----D---- C:\Windows\SysWOW64
2014-02-13 12:12:36 ----AD---- C:\Windows\System32
2014-02-13 12:12:31 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-02-13 12:12:30 ----D---- C:\Windows\system32\cs-CZ
2014-02-13 12:12:28 ----D---- C:\Program Files (x86)\Internet Explorer
2014-02-13 12:12:22 ----D---- C:\Program Files\Internet Explorer
2014-02-13 12:03:58 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2014-02-13 12:03:45 ----D---- C:\Windows\inf
2014-02-13 12:03:43 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-02-13 12:02:56 ----D---- C:\Windows\system32\catroot
2014-02-13 12:01:32 ----D---- C:\Windows\system32\catroot2
2014-02-13 12:00:20 ----SHD---- C:\System Volume Information
2014-02-13 07:59:22 ----D---- C:\Users\Jirik\AppData\Roaming\vlc
2014-02-11 13:33:01 ----D---- C:\Program Files (x86)
2014-02-07 22:40:47 ----D---- C:\Users\Jirik\AppData\Roaming\dvdcss
2014-02-07 21:47:16 ----HD---- C:\ProgramData
2014-02-07 20:53:05 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-02-07 19:09:48 ----D---- C:\temp
2014-02-07 19:09:17 ----D---- C:\Windows\Help
2014-02-07 19:09:17 ----D---- C:\Program Files\NVIDIA Corporation
2014-02-07 19:07:59 ----D---- C:\ProgramData\NVIDIA Corporation
2014-02-07 19:07:44 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2014-02-07 19:07:30 ----D---- C:\Windows\system32\DriverStore
2014-02-05 13:34:45 ----RD---- C:\Program Files
2014-02-02 17:19:32 ----D---- C:\Windows
2014-02-02 16:59:46 ----D---- C:\Windows\system32\Tasks
2014-02-02 13:52:19 ----D---- C:\Windows\SYSWOW64\Adobe
2014-02-02 13:50:30 ----D---- C:\Program Files (x86)\Common Files
2014-02-01 08:21:59 ----D---- C:\Windows\Minidump
2014-01-30 00:27:56 ----SD---- C:\Users\Jirik\AppData\Roaming\Microsoft
2014-01-17 17:53:06 ----RD---- C:\Users
2014-01-17 17:52:41 ----D---- C:\Games
2014-01-17 17:43:44 ----D---- C:\Program Files (x86)\Empire Interactive
2014-01-17 17:43:24 ----D---- C:\Program Files (x86)\Electronic Arts
2014-01-15 12:04:19 ----D---- C:\ProgramData\Microsoft Help
2014-01-15 12:03:35 ----D---- C:\Windows\system32\MRT
2014-01-15 12:00:38 ----A---- C:\Windows\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-02-02 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-02-02 207904]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2011-04-26 557848]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2013-12-19 32544]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R1 appdrv01;Application Driver (01); C:\Windows\System32\Drivers\appdrv01.sys [2013-01-15 2687592]
R1 aswRdr;aswRdr; \??\C:\Windows\system32\drivers\aswRdr2.sys [2014-02-02 92544]
R1 aswSnx;aswSnx; \??\C:\Windows\system32\drivers\aswSnx.sys [2014-02-02 1038072]
R1 aswSP;aswSP; \??\C:\Windows\system32\drivers\aswSP.sys [2014-02-02 421704]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-01-13 283064]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2010-12-16 40816]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\system32\drivers\HWiNFO64A.SYS [2013-12-28 31648]
R1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VBoxDrv.sys [2012-10-26 237400]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [2012-10-26 119640]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2014-02-02 78648]
R2 EkaProt6;Ekahau User Protocol Driver for NDIS 6; C:\Windows\system32\DRIVERS\ekaprot6.sys [2012-03-23 27288]
R2 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2010-06-25 35344]
R2 RMCAST;@%SystemRoot%\system32\wshrm.dll,-102; C:\Windows\system32\DRIVERS\RMCAST.sys [2010-11-21 146432]
R3 aswStm;aswStm; \??\C:\Windows\system32\drivers\aswStm.sys [2014-02-02 80184]
R3 b57xdbd;Broadcom xD Picture Bus Driver Service; C:\Windows\system32\DRIVERS\b57xdbd.sys [2011-01-21 67624]
R3 b57xdmp;Broadcom xD Picture vstorp client drv; C:\Windows\system32\DRIVERS\b57xdmp.sys [2011-01-21 19496]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2011-06-08 4729408]
R3 bScsiMSa;bScsiMSa; C:\Windows\system32\DRIVERS\bScsiMSa.sys [2011-05-16 51240]
R3 bScsiSDa;bScsiSDa; C:\Windows\system32\DRIVERS\bScsiSDa.sys [2011-05-06 86056]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2011-03-31 29344]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2011-04-05 142632]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-06-10 12230912]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-09-18 2819560]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2011-05-10 425000]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 25928]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2011-09-20 18432]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2013-12-05 39200]
R3 PSI;PSI; C:\Windows\system32\DRIVERS\psi_mf_amd64.sys [2013-12-06 18456]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2011-09-20 17408]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys [2012-10-26 146264]
R3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2011-01-15 36352]
R3 vncmirror;vncmirror; C:\Windows\system32\DRIVERS\vncmirror.sys [2013-03-04 4608]
S3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2011-03-31 36000]
S3 ATHDFU;Atheros Valkyrie USB BootROM; C:\Windows\System32\Drivers\AthDfu.sys [2011-03-31 51872]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2011-03-31 259232]
S3 btath_avdt;Atheros Bluetooth AVDT Service; C:\Windows\system32\drivers\btath_avdt.sys [2011-03-31 109216]
S3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2011-03-31 166048]
S3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2011-03-31 59040]
S3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2011-03-31 283296]
S3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2011-03-31 287392]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-09-21 80384]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2013-01-19 14448]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2013-01-19 27760]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2013-01-16 33344]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2012-10-26 131416]
S3 VBoxUSB;VirtualBox USB; C:\Windows\System32\Drivers\VBoxUSB.sys [2012-10-26 105816]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-18 65432]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2011-03-31 75936]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-02-02 50344]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2011-07-01 353360]
R2 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2011-08-02 872552]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-04-30 13592]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-02-01 326168]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2011-04-24 256832]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2013-12-10 1494304]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-12-10 15129376]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-12-19 922912]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-09-11 76888]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 Secunia PSI Agent;Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [2013-12-06 1229528]
R2 Secunia Update Agent;Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [2013-12-06 662232]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-24 116648]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-11-02 1431888]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-02-03 655624]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-24 116648]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-01-15 774144]
S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2007-03-12 271920]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files (x86)\WinPcap\rpcapd.exe [2010-06-25 117264]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-07-10 559016]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-12-08 1255736]
S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-07 257928]
S4 appdrvrem01;Application Driver Auto Removal Service (01); C:\Windows\System32\appdrvrem01.exe [2013-01-15 538000]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
S4 vncserver;VNC Server; C:\Program Files\RealVNC\VNC Server\vncserver.exe [2013-03-04 4774208]

-----------------EOF-----------------

[Márty84]

Jeste jeden sken a budem mazat.


Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

[Juric]

Vyskočila chyba, že nelze vytvořit cmd.bat na Plochu

[Márty84]

Obcas se to stane, ze OTL tuhle chybku vyhodi

Spustte ho podle stejneho navodu jeste jednou, ale s timto upravenym skriptem

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

[Juric]

OTL logfile created on: 14.2.2014 17:43:45 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jirik\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16798)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

7,86 Gb Total Physical Memory | 4,54 Gb Available Physical Memory | 57,85% Memory free
15,71 Gb Paging File | 12,35 Gb Available in Paging File | 78,61% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 680,54 Gb Total Space | 85,51 Gb Free Space | 12,57% Space Free | Partition Type: NTFS

Computer Name: JIRIK-PC | User Name: Jirik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014.02.14 16:36:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jirik\Desktop\OTL.exe
PRC - [2014.02.11 06:45:53 | 001,824,000 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2014.02.02 16:59:28 | 003,767,096 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014.02.02 16:59:28 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013.12.18 10:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.12.10 03:15:27 | 002,279,712 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2013.12.10 03:14:56 | 001,494,304 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2013.12.06 15:47:20 | 001,229,528 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\psia.exe
PRC - [2013.12.06 15:47:20 | 000,662,232 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\sua.exe
PRC - [2013.12.06 15:47:18 | 000,565,464 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
PRC - [2013.10.18 02:35:01 | 001,028,384 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
PRC - [2013.09.11 15:57:30 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2013.04.24 15:08:56 | 000,399,736 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
PRC - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013.04.04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2011.07.01 03:51:14 | 000,418,896 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMutilps32.exe
PRC - [2011.07.01 03:51:14 | 000,343,632 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe
PRC - [2011.07.01 03:51:12 | 001,103,440 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2011.07.01 03:51:12 | 000,353,360 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe
PRC - [2011.04.30 08:32:54 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011.04.24 02:29:20 | 000,256,832 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
PRC - [2011.02.01 22:24:42 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011.02.01 22:24:40 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe


========== Modules (No Company Name) ==========

MOD - [2014.02.02 16:59:28 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2014.02.02 00:42:37 | 013,616,456 | ---- | M] () -- C:\Users\Jirik\AppData\Local\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll
MOD - [2014.02.02 00:42:37 | 000,399,688 | ---- | M] () -- C:\Users\Jirik\AppData\Local\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll
MOD - [2014.02.02 00:42:35 | 004,055,368 | ---- | M] () -- C:\Users\Jirik\AppData\Local\Google\Chrome\Application\32.0.1700.107\pdf.dll
MOD - [2014.02.02 00:41:45 | 000,715,592 | ---- | M] () -- C:\Users\Jirik\AppData\Local\Google\Chrome\Application\32.0.1700.107\libglesv2.dll
MOD - [2014.02.02 00:41:45 | 000,100,168 | ---- | M] () -- C:\Users\Jirik\AppData\Local\Google\Chrome\Application\32.0.1700.107\libegl.dll
MOD - [2014.02.02 00:41:43 | 001,634,632 | ---- | M] () -- C:\Users\Jirik\AppData\Local\Google\Chrome\Application\32.0.1700.107\ffmpegsumo.dll
MOD - [2014.01.27 20:02:52 | 001,138,088 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2014.01.11 00:33:44 | 020,625,832 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2014.01.11 00:33:42 | 000,717,312 | ---- | M] () -- C:\Program Files (x86)\Steam\SDL2.dll
MOD - [2013.12.19 21:33:31 | 000,013,088 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll
MOD - [2013.12.12 23:19:40 | 000,142,848 | ---- | M] () -- C:\Program Files (x86)\Steam\libavresample-1.dll
MOD - [2013.11.05 02:12:06 | 000,890,592 | ---- | M] () -- C:\Program Files (x86)\Steam\libavutil-52.dll
MOD - [2013.06.15 00:49:12 | 001,100,800 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2013.06.15 00:49:12 | 000,192,000 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2013.06.15 00:49:12 | 000,124,416 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll


========== Services (SafeList) ==========

SRV:64bit: - [2014.02.02 16:59:28 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2013.12.10 03:14:39 | 015,129,376 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2013.05.27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013.03.04 12:31:38 | 004,774,208 | ---- | M] (RealVNC Ltd) [Disabled | Stopped] -- C:\Program Files\RealVNC\VNC Server\vncserver.exe -- (vncserver)
SRV:64bit: - [2013.01.15 01:31:21 | 000,538,000 | ---- | M] (Protection Technology) [Disabled | Stopped] -- C:\Windows\SysNative\appdrvrem01.exe -- (appdrvrem01)
SRV:64bit: - [2012.11.02 01:17:44 | 001,431,888 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2011.08.02 20:59:46 | 000,872,552 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
SRV:64bit: - [2010.09.23 02:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2014.02.07 20:53:05 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.12.18 10:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.12.10 03:14:56 | 001,494,304 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2013.12.06 15:47:20 | 001,229,528 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\psia.exe -- (Secunia PSI Agent)
SRV - [2013.12.06 15:47:20 | 000,662,232 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2013.09.11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013.09.11 15:57:30 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2013.07.10 02:56:22 | 000,559,016 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013.02.04 17:43:22 | 000,155,824 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2012.07.13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.02.03 04:14:20 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011.07.01 03:51:12 | 000,353,360 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2011.04.30 08:32:54 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2011.04.24 02:29:20 | 000,256,832 | ---- | M] (NTI Corporation) [Auto | Running] -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2011.03.31 14:36:44 | 000,075,936 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2011.02.01 22:24:42 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011.02.01 22:24:40 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010.06.25 18:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007.05.31 17:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 17:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2014.02.02 16:59:29 | 001,038,072 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2014.02.02 16:59:29 | 000,421,704 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2014.02.02 16:59:29 | 000,207,904 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2014.02.02 16:59:29 | 000,092,544 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2014.02.02 16:59:29 | 000,080,184 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm)
DRV:64bit: - [2014.02.02 16:59:29 | 000,078,648 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2014.02.02 16:59:29 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2014.01.13 14:59:53 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2013.12.28 14:57:18 | 000,031,648 | ---- | M] (REALiX(tm)) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\HWiNFO64A.SYS -- (HWiNFO32)
DRV:64bit: - [2013.12.19 21:33:31 | 000,032,544 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2013.12.06 15:47:12 | 000,018,456 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\psi_mf_amd64.sys -- (PSI)
DRV:64bit: - [2013.12.05 09:42:30 | 000,039,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2013.04.04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2013.03.04 11:55:00 | 000,004,608 | ---- | M] (RealVNC Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vncmirror.sys -- (vncmirror)
DRV:64bit: - [2013.01.19 11:24:17 | 000,027,760 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggsemc.sys -- (ggsemc)
DRV:64bit: - [2013.01.19 11:24:17 | 000,014,448 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggflt.sys -- (ggflt)
DRV:64bit: - [2013.01.16 03:12:33 | 000,033,344 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2013.01.15 01:31:21 | 002,687,592 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\appdrv01.sys -- (appdrv01)
DRV:64bit: - [2012.10.26 19:00:50 | 000,131,416 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV:64bit: - [2012.08.23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 15:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012.08.23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.03.23 12:54:38 | 000,027,288 | ---- | M] (Ekahau Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\ekaprot6.sys -- (EkaProt6)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.09.20 11:02:55 | 000,018,432 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2011.09.20 11:02:55 | 000,017,408 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2011.07.14 06:35:47 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.07.14 06:35:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.06.10 19:16:10 | 012,230,912 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011.06.08 17:36:14 | 004,729,408 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2011.05.16 23:57:32 | 000,051,240 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bScsiMSa.sys -- (bScsiMSa)
DRV:64bit: - [2011.05.10 04:42:16 | 000,425,000 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
DRV:64bit: - [2011.05.06 19:11:12 | 000,086,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bScsiSDa.sys -- (bScsiSDa)
DRV:64bit: - [2011.04.26 19:07:36 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011.04.05 12:26:26 | 000,142,632 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2011.03.31 14:36:58 | 000,287,392 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2011.03.31 14:36:58 | 000,283,296 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2011.03.31 14:36:58 | 000,059,040 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2011.03.31 14:36:56 | 000,259,232 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2011.03.31 14:36:56 | 000,166,048 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2011.03.31 14:36:56 | 000,109,216 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_avdt.sys -- (btath_avdt)
DRV:64bit: - [2011.03.31 14:36:56 | 000,051,872 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AthDfu.sys -- (ATHDFU)
DRV:64bit: - [2011.03.31 14:36:56 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2011.03.31 14:36:56 | 000,029,344 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2011.01.21 03:15:30 | 000,019,496 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\b57xdmp.sys -- (b57xdmp)
DRV:64bit: - [2011.01.21 03:15:28 | 000,067,624 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\b57xdbd.sys -- (b57xdbd)
DRV:64bit: - [2011.01.15 17:21:04 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:64bit: - [2010.12.16 23:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2010.11.21 04:24:15 | 000,146,432 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rmcast.sys -- (RMCAST)
DRV:64bit: - [2010.11.21 04:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010.11.21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.10.20 01:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010.10.15 09:28:18 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010.06.25 18:07:26 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:64bit: - [2010.04.28 00:57:20 | 000,016,200 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmVirHid.sys -- (WmVirHid)
DRV:64bit: - [2010.04.28 00:57:12 | 000,026,440 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmBEnum.sys -- (WmBEnum)
DRV:64bit: - [2010.04.27 22:03:12 | 000,077,512 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmXlCore.sys -- (WmXlCore)
DRV:64bit: - [2010.04.27 22:02:42 | 000,043,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmFilter.sys -- (WmFilter)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.04.08 14:28:46 | 000,068,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-129278174-98504208-4226844520-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
IE - HKU\S-1-5-21-129278174-98504208-4226844520-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
IE - HKU\S-1-5-21-129278174-98504208-4226844520-1001\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-129278174-98504208-4226844520-1001\..\SearchScopes\{8F51A8E3-9BB4-4C92-A8E2-3960956C8DFC}: "URL" = http://start.funmoods.com/results.php?f ... earchTerms}
IE - HKU\S-1-5-21-129278174-98504208-4226844520-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_44.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1209149.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.138.0: C:\Program Files (x86)\Battlelog Web Plugins\1.138.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.3: C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.7: C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Jirik\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Jirik\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Jirik\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Jirik\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Jirik\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

[2012.10.04 23:40:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Jirik\AppData\Local\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Jirik\AppData\Local\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Jirik\AppData\Local\Google\Chrome\Application\32.0.1700.107\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll
CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.149\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U25 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll
CHR - plugin: Java Deployment Toolkit 7.0.250.17 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - Extension: YouTube = C:\Users\Jirik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\Jirik\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: AdBlock = C:\Users\Jirik\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.18_0\
CHR - Extension: Pen\u011B\u017Eenka Google = C:\Users\Jirik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\
CHR - Extension: Gmail = C:\Users\Jirik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: YouTube = C:\Users\Jirik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\Jirik\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: AdBlock = C:\Users\Jirik\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.18_0\
CHR - Extension: Pen\u011B\u017Eenka Google = C:\Users\Jirik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\
CHR - Extension: Gmail = C:\Users\Jirik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2014.02.14 10:31:06 | 000,000,741 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Nvtmru] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Power Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Dolby Advanced Audio v2] C:\Dolby PCEE4\pcee4.exe (Dolby Laboratories Inc.)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [seznam-listicka-distribuce] C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe ()
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-129278174-98504208-4226844520-1001..\Run: [FixMyRegistry] C:\Program Files (x86)\SmartTweak\FixMyRegistry\FixMyRegistry.exe /ot /as /ss File not found
O4 - HKU\S-1-5-21-129278174-98504208-4226844520-1001..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-129278174-98504208-4226844520-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O7 - HKU\S-1-5-21-129278174-98504208-4226844520-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 77.242.95.7 81.200.55.34
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8526F4D3-1BDF-4DBC-B259-393D4E07986D}: DhcpNameServer = 77.242.95.7 81.200.55.34
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{3a1dfa3a-7ac1-11e2-8e2a-dc0ea152fc65}\Shell - "" = AutoRun
O33 - MountPoints2\{3a1dfa3a-7ac1-11e2-8e2a-dc0ea152fc65}\Shell\AutoRun\command - "" = G:\autorun.exe
O33 - MountPoints2\{a2ec036f-6220-11e2-9af6-dc0ea152fc65}\Shell - "" = AutoRun
O33 - MountPoints2\{a2ec036f-6220-11e2-9af6-dc0ea152fc65}\Shell\AutoRun\command - "" = E:\Startme.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point


Drivers32:64bit: msacm.ac3filter - ac3filter64.acm ()
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.ac3filter - C:\Windows\SysWow64\ac3filter.acm ()
Drivers32: msacm.l3acm - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FMVC - C:\Windows\SysWow64\fmcodec.DLL (Fox Magic Software)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2014.02.14 16:36:34 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Jirik\Desktop\OTL.exe
[2014.02.13 23:49:51 | 000,000,000 | ---D | C] -- C:\Users\Jirik\Desktop\RK_Quarantine
[2014.02.13 12:02:18 | 000,600,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014.02.13 12:01:09 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014.02.13 12:01:09 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014.02.13 12:01:09 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014.02.13 12:01:08 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014.02.13 12:01:07 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2014.02.13 12:01:07 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2014.02.13 12:01:07 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014.02.13 12:01:07 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014.02.13 12:01:07 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014.02.13 12:01:07 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014.02.13 12:01:07 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014.02.13 12:01:04 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014.02.13 12:01:03 | 003,960,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014.02.13 12:01:03 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2014.02.13 12:01:03 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2014.02.12 14:52:45 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2014.02.12 14:52:45 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2014.02.12 14:52:34 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe
[2014.02.12 14:52:34 | 000,626,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe
[2014.02.12 14:52:34 | 000,594,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe
[2014.02.12 14:52:34 | 000,572,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe
[2014.02.12 14:52:34 | 000,508,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
[2014.02.12 14:52:33 | 000,553,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe
[2014.02.12 14:52:33 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe
[2014.02.12 14:52:33 | 000,528,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdrm.dll
[2014.02.12 14:52:33 | 000,510,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe
[2014.02.12 14:52:33 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll
[2014.02.12 14:52:33 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll
[2014.02.12 14:52:33 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll
[2014.02.12 14:52:32 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll
[2014.02.12 14:52:32 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll
[2014.02.12 14:52:32 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll
[2014.02.12 14:52:32 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll
[2014.02.12 14:52:32 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll
[2014.02.12 14:52:14 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2014.02.12 14:52:13 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2014.02.09 06:33:32 | 000,000,000 | ---D | C] -- C:\Users\Jirik\AppData\Roaming\Mozilla
[2014.02.07 22:51:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Seznam.cz
[2014.02.07 22:50:48 | 000,000,000 | ---D | C] -- C:\Users\Jirik\AppData\Roaming\Seznam.cz
[2014.02.07 22:50:39 | 000,000,000 | ---D | C] -- C:\Users\Jirik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartTweak Software
[2014.02.07 22:50:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SmartTweak
[2014.02.07 22:50:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\XeMu360
[2014.02.07 21:47:26 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\NV
[2014.02.07 21:47:26 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\NV
[2014.02.07 21:47:16 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2014.02.07 19:09:23 | 006,671,648 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2014.02.07 19:09:23 | 003,490,080 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2014.02.07 19:09:23 | 002,559,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2014.02.07 19:09:23 | 001,065,248 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nv3dappshext.dll
[2014.02.07 19:09:23 | 000,386,336 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2014.02.07 19:09:23 | 000,067,072 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nv3dappshextr.dll
[2014.02.07 19:09:23 | 000,063,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2014.02.07 19:08:21 | 000,061,216 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2014.02.07 19:08:21 | 000,053,024 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2014.02.07 18:57:54 | 018,310,112 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2014.02.07 18:57:54 | 015,877,216 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2014.02.07 18:57:54 | 001,436,528 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2014.02.07 18:57:54 | 001,242,400 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2014.02.07 18:57:53 | 030,372,640 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2014.02.07 18:57:53 | 025,257,248 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2014.02.07 18:57:53 | 022,960,416 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2014.02.07 18:57:53 | 018,222,008 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2014.02.07 18:57:53 | 017,560,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2014.02.07 18:57:53 | 015,230,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2014.02.07 18:57:53 | 011,605,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2014.02.07 18:57:53 | 011,554,264 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2014.02.07 18:57:53 | 009,700,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2014.02.07 18:57:53 | 009,657,464 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2014.02.07 18:57:53 | 003,132,704 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2014.02.07 18:57:53 | 003,125,024 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2014.02.07 18:57:53 | 003,071,656 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2014.02.07 18:57:53 | 002,947,872 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2014.02.07 18:57:53 | 002,747,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2014.02.07 18:57:53 | 002,698,272 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2014.02.07 18:57:53 | 001,884,448 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6433221.dll
[2014.02.07 18:57:53 | 001,511,712 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6433221.dll
[2014.02.07 18:57:53 | 000,882,464 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2014.02.07 18:57:53 | 000,879,392 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2014.02.07 18:57:53 | 000,852,768 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2014.02.07 18:57:53 | 000,847,648 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2014.02.07 18:57:53 | 000,317,472 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2014.02.07 18:57:53 | 000,266,984 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2014.02.07 18:57:53 | 000,168,616 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2014.02.07 18:57:53 | 000,141,336 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2014.02.07 18:57:53 | 000,032,544 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvpciflt.sys
[2014.02.05 13:35:45 | 000,000,000 | ---D | C] -- C:\Users\Jirik\Ekahau Site Survey
[2014.02.05 13:35:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ekahau
[2014.02.05 13:34:45 | 000,000,000 | ---D | C] -- C:\Program Files\Ekahau
[2014.02.02 18:54:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2014.02.02 18:54:53 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014.02.02 18:54:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2014.02.02 17:25:00 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014.02.02 17:00:20 | 000,000,000 | ---D | C] -- C:\Users\Jirik\AppData\Roaming\AVAST Software
[2014.02.02 17:00:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
[2014.02.02 16:59:35 | 000,080,184 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys
[2014.02.02 16:59:33 | 001,038,072 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2014.02.02 16:59:33 | 000,421,704 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2014.02.02 16:59:33 | 000,092,544 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2014.02.02 16:59:33 | 000,078,648 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2014.02.02 16:59:31 | 000,334,136 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2014.02.02 16:59:29 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2014.02.02 16:56:54 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2014.02.02 16:56:24 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2014.02.02 13:56:20 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014.02.02 13:56:19 | 000,000,000 | ---D | C] -- C:\rsit
[2014.02.02 13:51:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2014.02.02 13:50:49 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014.02.02 13:50:43 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014.02.02 13:50:43 | 000,174,504 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2014.02.02 13:50:43 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014.02.02 13:50:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2014.02.02 13:48:56 | 000,312,744 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2014.02.02 13:48:50 | 000,189,352 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2014.02.02 13:48:50 | 000,189,352 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2014.02.02 13:48:50 | 000,108,968 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2014.02.02 13:48:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014.02.02 13:48:40 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2014.02.02 13:45:19 | 000,000,000 | ---D | C] -- C:\Program Files\Wireshark
[2014.02.02 13:41:02 | 000,000,000 | ---D | C] -- C:\Users\Jirik\AppData\Local\Secunia PSI
[2014.02.02 13:40:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Secunia
[2013.04.28 00:34:12 | 000,040,448 | ---- | C] (Ulrich Buchgraber) -- C:\Users\Jirik\Lua4Net.dll
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014.02.14 17:45:33 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.02.14 17:37:00 | 000,000,962 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-129278174-98504208-4226844520-1001UA.job
[2014.02.14 17:20:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014.02.14 17:00:03 | 000,000,950 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014.02.14 16:36:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jirik\Desktop\OTL.exe
[2014.02.14 13:37:00 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-129278174-98504208-4226844520-1001Core.job
[2014.02.13 23:49:09 | 003,813,376 | ---- | M] () -- C:\Users\Jirik\Desktop\RogueKiller.exe
[2014.02.13 23:14:26 | 000,000,946 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014.02.13 12:37:03 | 000,016,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.02.13 12:37:03 | 000,016,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.02.13 12:14:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.02.13 12:13:57 | 2030,981,119 | -HS- | M] () -- C:\hiberfil.sys
[2014.02.13 12:03:58 | 001,568,728 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014.02.13 12:03:58 | 000,672,370 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2014.02.13 12:03:58 | 000,657,368 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014.02.13 12:03:58 | 000,142,934 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2014.02.13 12:03:58 | 000,123,180 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014.02.13 12:03:43 | 001,568,728 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014.02.07 23:17:37 | 000,001,220 | ---- | M] () -- C:\Users\Jirik\Desktop\SpeedUpMyComputer.lnk
[2014.02.07 20:53:05 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014.02.07 20:53:04 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014.02.07 15:50:51 | 000,141,667 | ---- | M] () -- C:\Users\Jirik\Desktop\lr_28_z_1_.jpg
[2014.02.02 18:54:57 | 000,001,069 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014.02.02 17:24:48 | 001,166,132 | ---- | M] () -- C:\Users\Jirik\Desktop\adwcleaner.exe
[2014.02.02 17:00:15 | 000,001,970 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014.02.02 16:59:29 | 001,038,072 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2014.02.02 16:59:29 | 000,421,704 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2014.02.02 16:59:29 | 000,334,136 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2014.02.02 16:59:29 | 000,207,904 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2014.02.02 16:59:29 | 000,092,544 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2014.02.02 16:59:29 | 000,080,184 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys
[2014.02.02 16:59:29 | 000,078,648 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2014.02.02 16:59:29 | 000,065,776 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2014.02.02 16:59:29 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2014.02.02 13:50:38 | 000,096,168 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014.02.02 13:50:35 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014.02.02 13:50:35 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014.02.02 13:50:34 | 000,174,504 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2014.02.02 13:48:46 | 000,108,968 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2014.02.02 13:48:44 | 000,312,744 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2014.02.02 13:48:43 | 000,189,352 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2014.02.02 13:48:43 | 000,189,352 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2014.02.02 13:40:57 | 000,001,066 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2014.02.01 10:20:10 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014.02.01 10:18:47 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014.02.01 10:18:42 | 000,603,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014.02.01 10:18:25 | 003,960,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014.02.01 10:18:25 | 000,855,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2014.02.01 10:18:21 | 000,526,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014.02.01 10:18:21 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2014.02.01 10:18:21 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014.02.01 10:18:20 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014.02.01 08:57:39 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014.02.01 08:57:20 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2014.02.01 08:57:16 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014.02.01 08:57:16 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2014.02.01 08:57:16 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014.02.01 08:57:16 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014.02.01 08:21:56 | 1311,866,724 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2014.02.01 01:52:06 | 000,007,597 | ---- | M] () -- C:\Users\Jirik\AppData\Local\Resmon.ResmonCfg
[2014.01.19 18:39:48 | 000,065,206 | ---- | M] () -- C:\Users\Jirik\Desktop\3679aaaae5c8976dd9f8768ce0a645d2b0495301dcf146f529160673066892aa.jpg
[2014.01.18 03:06:00 | 000,753,220 | ---- | M] () -- C:\Users\Jirik\Desktop\0912dp_01+3_0l_v6_diesel_engine+side_angle.jpg
[2014.01.18 03:02:49 | 000,163,802 | ---- | M] () -- C:\Users\Jirik\Desktop\2011-Super-Duty-diesel-engine1-1024x910.jpg
[2014.01.17 17:57:44 | 000,820,474 | ---- | M] () -- C:\Users\Jirik\Desktop\DSC_0199.jpg
[2014.01.17 17:57:34 | 000,817,246 | ---- | M] () -- C:\Users\Jirik\Desktop\DSC_0198.jpg
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014.02.14 16:41:24 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.02.13 23:49:07 | 003,813,376 | ---- | C] () -- C:\Users\Jirik\Desktop\RogueKiller.exe
[2014.02.07 23:17:37 | 000,001,220 | ---- | C] () -- C:\Users\Jirik\Desktop\SpeedUpMyComputer.lnk
[2014.02.07 19:09:23 | 003,539,040 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin
[2014.02.07 18:57:53 | 000,023,754 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2014.02.07 15:50:50 | 000,141,667 | ---- | C] () -- C:\Users\Jirik\Desktop\lr_28_z_1_.jpg
[2014.02.02 18:54:57 | 000,001,069 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014.02.02 17:24:46 | 001,166,132 | ---- | C] () -- C:\Users\Jirik\Desktop\adwcleaner.exe
[2014.02.02 17:00:15 | 000,001,970 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014.02.02 16:59:33 | 000,207,904 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2014.02.02 16:59:33 | 000,065,776 | ---- | C] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2014.02.02 13:45:41 | 000,001,595 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark.lnk
[2014.02.02 13:40:57 | 000,001,066 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2014.02.02 13:40:57 | 000,001,029 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
[2014.02.01 08:21:56 | 1311,866,724 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2014.01.19 18:39:48 | 000,065,206 | ---- | C] () -- C:\Users\Jirik\Desktop\3679aaaae5c8976dd9f8768ce0a645d2b0495301dcf146f529160673066892aa.jpg
[2014.01.18 03:06:00 | 000,753,220 | ---- | C] () -- C:\Users\Jirik\Desktop\0912dp_01+3_0l_v6_diesel_engine+side_angle.jpg
[2014.01.18 03:02:49 | 000,163,802 | ---- | C] () -- C:\Users\Jirik\Desktop\2011-Super-Duty-diesel-engine1-1024x910.jpg
[2014.01.17 18:02:05 | 000,820,474 | ---- | C] () -- C:\Users\Jirik\Desktop\DSC_0199.jpg
[2014.01.17 18:02:05 | 000,817,246 | ---- | C] () -- C:\Users\Jirik\Desktop\DSC_0198.jpg
[2013.12.28 22:39:27 | 000,007,597 | ---- | C] () -- C:\Users\Jirik\AppData\Local\Resmon.ResmonCfg
[2013.12.28 22:23:41 | 918,552,576 | ---- | C] () -- C:\Users\Jirik\ubuntu-gnome-13.10-desktop-i386.iso
[2013.12.03 18:22:53 | 000,000,178 | ---- | C] () -- C:\Users\Jirik\dialogysClip.prf
[2013.12.03 18:22:53 | 000,000,069 | ---- | C] () -- C:\Program Files (x86)\dialogysclip.bat
[2013.12.03 18:22:48 | 000,000,616 | ---- | C] () -- C:\Users\Jirik\dialogysMPFuser.prf
[2013.12.03 18:22:31 | 000,000,126 | ---- | C] () -- C:\Users\Jirik\dialogysInstall.prf
[2013.12.03 18:22:02 | 000,176,055 | ---- | C] () -- C:\Program Files (x86)\UninstScript.EXE
[2013.12.03 18:22:02 | 000,001,809 | ---- | C] () -- C:\Program Files (x86)\DialogysUninstWPS.bat
[2013.09.11 15:57:53 | 000,290,184 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013.09.11 15:57:30 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013.04.29 11:41:15 | 000,043,066 | ---- | C] () -- C:\Users\Jirik\energy-report.html
[2013.04.28 00:34:12 | 000,619,008 | ---- | C] () -- C:\Users\Jirik\ScriptHookDotNet.asi
[2013.04.28 00:34:12 | 000,336,384 | ---- | C] () -- C:\Users\Jirik\ScriptHook.dll
[2013.04.28 00:34:12 | 000,200,319 | ---- | C] () -- C:\Users\Jirik\liblua51.dll
[2013.04.28 00:34:12 | 000,190,464 | ---- | C] () -- C:\Users\Jirik\AdvancedHook.dll
[2013.04.28 00:34:12 | 000,091,648 | ---- | C] () -- C:\Users\Jirik\dsound.dll
[2013.04.25 13:29:10 | 000,000,048 | ---- | C] () -- C:\Windows\SysWow64\pi_rec.dat2
[2013.01.10 04:13:53 | 000,020,448 | ---- | C] () -- C:\Users\Jirik\AppData\Roaming\UserTile.png
[2012.12.21 10:25:04 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2012.12.05 18:11:55 | 000,001,241 | ---- | C] () -- C:\Users\Jirik\AppData\Local\recently-used.xbel
[2012.11.02 01:18:00 | 000,000,153 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2012.10.15 13:10:00 | 001,568,728 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.10.02 23:04:05 | 000,594,396 | ---- | C] () -- C:\ProgramData\svcnet2.inc
[2012.10.02 23:03:33 | 000,000,012 | ---- | C] () -- C:\ProgramData\svcnet2.cfg
[2012.09.20 00:26:36 | 000,001,096 | ---- | C] () -- C:\Users\Jirik\AppData\Local\SRDownloader.nast
[2012.09.11 06:27:30 | 000,000,058 | ---- | C] () -- C:\Windows\nfsc_patch.ini

[Juric]

========== ZeroAccess Check ==========

[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.07.26 03:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.07.26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013.09.30 16:36:49 | 000,000,000 | ---D | M] -- C:\Users\Jirik\AppData\Roaming\AC3Filter
[2013.08.05 21:43:41 | 000,000,000 | ---D | M] -- C:\Users\Jirik\AppData\Roaming\Autodesk
[2014.02.02 17:00:20 | 000,000,000 | ---D | M] -- C:\Users\Jirik\AppData\Roaming\AVAST Software
[2014.01.08 20:59:25 | 000,000,000 | ---D | M] -- C:\Users\Jirik\AppData\Roaming\Bitcoin
[2013.04.24 13:40:43 | 000,000,000 | ---D | M] -- C:\Users\Jirik\AppData\Roaming\BitTorrent
[2014.01.13 15:01:42 | 000,000,000 | ---D | M] -- C:\Users\Jirik\AppData\Roaming\DAEMON Tools Lite
[2012.09.09 11:20:15 | 000,000,000 | ---D | M] -- C:\Users\Jirik\AppData\Roaming\ESET
[2012.12.21 04:50:51 | 000,000,000 | ---D | M] -- C:\Users\Jirik\AppData\Roaming\GHISLER
[2012.09.11 20:16:36 | 000,000,000 | ---D | M] -- C:\Users\Jirik\AppData\Roaming\Leadertech
[2013.02.27 20:42:02 | 000,000,000 | ---D | M] -- C:\Users\Jirik\AppData\Roaming\LolClient
[2013.03.25 10:05:42 | 000,000,000 | ---D | M] -- C:\Users\Jirik\AppData\Roaming\Milestone
[2013.09.18 14:59:56 | 000,000,000 | ---D | M] -- C:\Users\Jirik\AppData\Roaming\Mirillis
[2012.10.26 20:33:40 | 000,000,000 | ---D | M] -- C:\Users\Jirik\AppData\Roaming\Need for Speed World
[2013.04.28 20:18:23 | 000,000,000 | ---D | M] -- C:\Users\Jirik\AppData\Roaming\New Technology Studio
[2013.12.26 20:39:11 | 000,000,000 | ---D | M] -- C:\Users\Jirik\AppData\Roaming\openvr
[2013.04.20 13:15:02 | 000,000,000 | ---D | M] -- C:\Users\Jirik\AppData\Roaming\Opera
[2013.09.11 02:54:09 | 000,000,000 | ---D | M] -- C:\Users\Jirik\AppData\Roaming\Origin
[2013.01.10 04:13:53 | 000,000,000 | ---D | M] -- C:\Users\Jirik\AppData\Roaming\PeerNetworking
[2012.09.09 14:10:52 | 000,000,000 | ---D | M] -- C:\Users\Jirik\AppData\Roaming\Screensaver
[2014.02.13 23:19:31 | 000,000,000 | ---D | M] -- C:\Users\Jirik\AppData\Roaming\Seznam.cz
[2013.07.18 11:02:57 | 000,000,000 | ---D | M] -- C:\Users\Jirik\AppData\Roaming\SketchUp
[2013.01.26 15:28:49 | 000,000,000 | ---D | M] -- C:\Users\Jirik\AppData\Roaming\TuneUp Software
[2012.09.11 21:17:18 | 000,000,000 | ---D | M] -- C:\Users\Jirik\AppData\Roaming\Ubisoft
[2014.02.14 17:51:29 | 000,000,000 | ---D | M] -- C:\Users\Jirik\AppData\Roaming\uTorrent
[2013.01.12 17:37:41 | 000,000,000 | ---D | M] -- C:\Users\Jirik\AppData\Roaming\Wargaming.net
[2012.12.06 23:15:03 | 000,000,000 | ---D | M] -- C:\Users\Jirik\AppData\Roaming\Wireshark
[2012.12.04 16:29:26 | 000,000,000 | ---D | M] -- C:\Users\Jirik\AppData\Roaming\Xilisoft

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009.07.14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 06:08:49 | 000,032,602 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.09.09 09:24:04 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012.11.24 17:55:56 | 000,000,946 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012.11.24 17:55:57 | 000,000,950 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012.11.30 20:52:35 | 000,000,910 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-129278174-98504208-4226844520-1001Core.job
[2012.11.30 20:52:35 | 000,000,962 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-129278174-98504208-4226844520-1001UA.job

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.21 04:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.21 04:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010.11.21 04:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.21 04:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2010.11.21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011.07.14 06:30:29 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011.07.14 06:30:29 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.07.14 06:30:29 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.07.14 06:30:29 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.21 04:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.07.14 06:30:29 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.07.14 06:30:29 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.21 04:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: HAL.DLL >
[2010.11.21 04:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.21 04:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: SCECLI.DLL >
[2010.11.21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2012.10.03 18:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2013.05.08 07:14:42 | 001,900,392 | ---- | M] (Microsoft Corporation) MD5=3E94650745D4DAB67E161F5F32CEA597 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22319_none_11d29984961f0be0\tcpip.sys
[2013.09.08 03:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\SysNative\drivers\tcpip.sys
[2013.09.08 03:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_1118bb977d265d27\tcpip.sys
[2010.11.21 04:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2013.09.07 03:27:48 | 001,896,896 | ---- | M] (Microsoft Corporation) MD5=75F9106B74585D38C8FF6BB5CAD262D7 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_11ad2a34963bde27\tcpip.sys
[2012.08.22 19:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2013.05.08 07:39:01 | 001,910,632 | ---- | M] (Microsoft Corporation) MD5=9849EA3843A2ADBDD1497E97A85D8CAE -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18148_none_11278ac57d1aa96b\tcpip.sys
[2013.07.06 06:20:38 | 001,900,992 | ---- | M] (Microsoft Corporation) MD5=B27F13153343BC37A27EAE01634D94E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_1190b9b296509a2f\tcpip.sys
[2013.01.03 07:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2013.01.04 06:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys
[2012.10.03 18:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2013.07.06 07:03:53 | 001,910,208 | ---- | M] (Microsoft Corporation) MD5=DB74544B75566C974815E79A62433F29 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_114dcae97cfeb81b\tcpip.sys
[2013.11.26 12:34:34 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=F55B41AA6114568AC558ADBABDA85620 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22525_none_11c3cc3c962abcc3\tcpip.sys
[2012.08.22 19:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

< >

< %systemroot%*.* /U /s >
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[6 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[10 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[2 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[2 C:\Windows\SoftwareDistribution\Download\af2315a5ae55ccc55a336160ee218772\*.tmp files -> C:\Windows\SoftwareDistribution\Download\af2315a5ae55ccc55a336160ee218772\*.tmp -> ]
[14 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >
[2007.11.07 08:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2013.09.30 16:36:49 | 000,000,000 | ---D | M] -- C:\Users\Jirik\AppData\Roaming\AC3Filter
[2012.09.09 12:34:57 | 000,000,000 | ---D | M] -- C:\Users\Jirik\AppData\Roaming\Adobe
[2013.12.08 01:04:11 | 000,000,000 | ---D | M] -- C:\Users\Jirik\AppData\Roaming\Ahead
[2012.09.15 20:06:37 | 000,000,000 | ---D | M] -- C:\Users\Jirik\AppData\Roaming\Atheros
[2013.08.05 21:43:41 | 000,000,000 | ---D | M] -- C:\Users\Jirik\AppData\Roaming\Autodesk
[2014.02.02 17:00:20 | 000,000,000 | ---D | M] -- C:\Users\Jirik\AppData\Roaming\AVAST Software
[2014.01.08 20:59:25 | 000,000,000 | ---D | M] -- C:\Users\Jirik\AppData\Roaming\Bitcoin
[2013.04.24 13:40:43 | 000,000,000 | ---D | M] -- C:\Users\Jirik\AppData\Roaming\BitTorrent
[2012.09.09 23:00:52 | 000,000,000 | ---D | M] -- C:\Users\Jirik\AppData\Roaming\CyberLink
[2014.01.13 15:01:42 | 000,000,000 | ---D | M] -- C:\Users\Jirik\AppData\Roaming\DAEMON Tools Lite
[2014.02.07 22:40:47 | 000,000,000 | ---D | M] -- C:\Users\Jirik\AppData\Roaming\dvdcss
[2012.09.09 11:20:15 | 000,000,000 | ---D | M] -- C:\Users\Jirik\AppData\Roaming\ESET
[2012.12.21 04:50:51 | 000,000,000 | ---D | M] -- C:\Users\Jirik\AppData\Roaming\GHISLER
[2013.09.18 18:51:20 | 000,000,000 | ---D | M] -- C:\Users\Jirik\AppData\Roaming\GRETECH
[2013.01.16 03:22:35 | 000,000,000 | ---D | M] -- C:\Users\Jirik\AppData\Roaming\Hamachi
[2012.09.09 14:10:33 | 000,000,000 | ---D | M] -- C:\Users\Jirik\AppData\Roaming\Identities
[2012.09.11 20:58:18 | 000,000,000 | ---D | M] -- C:\Users\Jirik\AppData\Roaming\InstallShield
[2012.09.11 00:27:31 | 000,000,000 | ---D | M] -- C:\Users\Jirik\AppData\Roaming\Intel Corporation
[2012.09.11 20:16:36 | 000,000,000 | ---D | M] -- C:\Users\Jirik\AppData\Roaming\Leadertech
[2013.02.27 20:42:02 | 000,000,000 | ---D | M] -- C:\Users\Jirik\AppData\Roaming\LolClient
[2011.10.14 04:54:56 | 000,000,000 | ---D | M] -- C:\Users\Jirik\AppData\Roaming\Macromedia
[2013.09.08 08:43:41 | 000,000,000 | ---D | M] -- C:\Users\Jirik\AppData\Roaming\Malwarebytes
[2010.11.21 08:16:41 | 000,000,000 | ---D | M] -- C:\Users\Jirik\AppData\Roaming\Media Center Programs
[2013.09.18 15:14:47 | 000,000,000 | ---D | M] -- C:\Users\Jirik\AppData\Roaming\Media Player Classic
[2014.01.30 00:27:56 | 000,000,000 | --SD | M] -- C:\Users\Jirik\AppData\Roaming\Microsoft
[2013.03.25 10:05:42 | 000,000,000 | ---D | M] -- C:\Users\Jirik\AppData\Roaming\Milestone
[2013.09.18 14:59:56 | 000,000,000 | ---D | M] -- C:\Users\Jirik\AppData\Roaming\Mirillis
[2014.02.09 06:33:32 | 000,000,000 | ---D | M] -- C:\Users\Jirik\AppData\Roaming\Mozilla
[2012.10.26 20:33:40 | 000,000,000 | ---D | M] -- C:\Users\Jirik\AppData\Roaming\Need for Speed World
[2013.04.28 20:18:23 | 000,000,000 | ---D | M] -- C:\Users\Jirik\AppData\Roaming\New Technology Studio
[2013.12.26 20:39:11 | 000,000,000 | ---D | M] -- C:\Users\Jirik\AppData\Roaming\openvr
[2013.04.20 13:15:02 | 000,000,000 | ---D | M] -- C:\Users\Jirik\AppData\Roaming\Opera
[2013.09.11 02:54:09 | 000,000,000 | ---D | M] -- C:\Users\Jirik\AppData\Roaming\Origin
[2013.01.10 04:13:53 | 000,000,000 | ---D | M] -- C:\Users\Jirik\AppData\Roaming\PeerNetworking
[2012.09.09 14:10:52 | 000,000,000 | ---D | M] -- C:\Users\Jirik\AppData\Roaming\Screensaver
[2012.12.17 16:51:20 | 000,000,000 | RH-D | M] -- C:\Users\Jirik\AppData\Roaming\SecuROM
[2014.02.13 23:19:31 | 000,000,000 | ---D | M] -- C:\Users\Jirik\AppData\Roaming\Seznam.cz
[2013.07.18 11:02:57 | 000,000,000 | ---D | M] -- C:\Users\Jirik\AppData\Roaming\SketchUp
[2013.06.28 02:03:12 | 000,000,000 | ---D | M] -- C:\Users\Jirik\AppData\Roaming\Skype
[2013.01.26 15:28:49 | 000,000,000 | ---D | M] -- C:\Users\Jirik\AppData\Roaming\TuneUp Software
[2012.09.11 21:17:18 | 000,000,000 | ---D | M] -- C:\Users\Jirik\AppData\Roaming\Ubisoft
[2014.02.14 17:54:04 | 000,000,000 | ---D | M] -- C:\Users\Jirik\AppData\Roaming\uTorrent
[2014.02.13 07:59:22 | 000,000,000 | ---D | M] -- C:\Users\Jirik\AppData\Roaming\vlc
[2013.01.12 17:37:41 | 000,000,000 | ---D | M] -- C:\Users\Jirik\AppData\Roaming\Wargaming.net
[2013.08.06 17:29:22 | 000,000,000 | ---D | M] -- C:\Users\Jirik\AppData\Roaming\Winamp
[2013.02.09 17:13:14 | 000,000,000 | ---D | M] -- C:\Users\Jirik\AppData\Roaming\WinRAR
[2012.12.06 23:15:03 | 000,000,000 | ---D | M] -- C:\Users\Jirik\AppData\Roaming\Wireshark
[2012.12.04 16:29:26 | 000,000,000 | ---D | M] -- C:\Users\Jirik\AppData\Roaming\Xilisoft

< %APPDATA%\*.exe /s >
[2011.10.14 04:54:15 | 000,053,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\Jirik\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2013.09.18 14:59:44 | 000,087,182 | R--- | M] () -- C:\Users\Jirik\AppData\Roaming\Microsoft\Installer\{58B269E7-5D66-4425-89C8-7EA0FDCD70C2}\_1E02B3D8732010A792DC8B.exe
[2013.09.18 14:59:43 | 000,287,934 | R--- | M] () -- C:\Users\Jirik\AppData\Roaming\Microsoft\Installer\{58B269E7-5D66-4425-89C8-7EA0FDCD70C2}\_21F3885A18D238E15AAE81.exe
[2013.09.18 14:59:44 | 000,009,662 | R--- | M] () -- C:\Users\Jirik\AppData\Roaming\Microsoft\Installer\{58B269E7-5D66-4425-89C8-7EA0FDCD70C2}\_246B7FAFA01C01007FB902.exe
[2013.09.18 14:59:44 | 000,287,934 | R--- | M] () -- C:\Users\Jirik\AppData\Roaming\Microsoft\Installer\{58B269E7-5D66-4425-89C8-7EA0FDCD70C2}\_415493353D745EEA216D94.exe
[2013.09.18 14:59:43 | 000,287,934 | R--- | M] () -- C:\Users\Jirik\AppData\Roaming\Microsoft\Installer\{58B269E7-5D66-4425-89C8-7EA0FDCD70C2}\_6FEFF9B68218417F98F549.exe
[2013.09.18 14:59:44 | 000,287,934 | R--- | M] () -- C:\Users\Jirik\AppData\Roaming\Microsoft\Installer\{58B269E7-5D66-4425-89C8-7EA0FDCD70C2}\_806048DC66200FE6D24FF3.exe
[2013.09.18 14:59:44 | 000,287,934 | R--- | M] () -- C:\Users\Jirik\AppData\Roaming\Microsoft\Installer\{58B269E7-5D66-4425-89C8-7EA0FDCD70C2}\_85972F4A73DF7EADFBAFC2.exe
[2013.09.18 14:59:44 | 000,287,934 | R--- | M] () -- C:\Users\Jirik\AppData\Roaming\Microsoft\Installer\{58B269E7-5D66-4425-89C8-7EA0FDCD70C2}\_934312A2105DE40686D86A.exe
[2013.09.18 14:59:44 | 000,287,934 | R--- | M] () -- C:\Users\Jirik\AppData\Roaming\Microsoft\Installer\{58B269E7-5D66-4425-89C8-7EA0FDCD70C2}\_A753214149FB4F8721C1CB.exe
[2013.09.18 14:59:44 | 000,287,934 | R--- | M] () -- C:\Users\Jirik\AppData\Roaming\Microsoft\Installer\{58B269E7-5D66-4425-89C8-7EA0FDCD70C2}\_A7A1F24988209FFD6FF84A.exe
[2013.09.18 14:59:44 | 000,287,934 | R--- | M] () -- C:\Users\Jirik\AppData\Roaming\Microsoft\Installer\{58B269E7-5D66-4425-89C8-7EA0FDCD70C2}\_C7EFEC170C2E3BE8B9D183.exe
[2013.09.18 14:59:44 | 000,087,182 | R--- | M] () -- C:\Users\Jirik\AppData\Roaming\Microsoft\Installer\{58B269E7-5D66-4425-89C8-7EA0FDCD70C2}\_CD4379F87D44764E06955C.exe
[2013.09.18 14:59:44 | 000,287,934 | R--- | M] () -- C:\Users\Jirik\AppData\Roaming\Microsoft\Installer\{58B269E7-5D66-4425-89C8-7EA0FDCD70C2}\_CF15DB293FB3ABD44856FB.exe
[2013.09.18 14:59:44 | 000,087,182 | R--- | M] () -- C:\Users\Jirik\AppData\Roaming\Microsoft\Installer\{58B269E7-5D66-4425-89C8-7EA0FDCD70C2}\_D4C7A5EF0F1F16C57632A3.exe
[2013.09.18 14:59:44 | 000,287,934 | R--- | M] () -- C:\Users\Jirik\AppData\Roaming\Microsoft\Installer\{58B269E7-5D66-4425-89C8-7EA0FDCD70C2}\_D707CE1C009F1381803C2C.exe
[2013.09.18 14:59:44 | 000,087,182 | R--- | M] () -- C:\Users\Jirik\AppData\Roaming\Microsoft\Installer\{58B269E7-5D66-4425-89C8-7EA0FDCD70C2}\_D85B0F2A1AA7F32C8CDCDF.exe
[2013.09.18 14:59:44 | 000,287,934 | R--- | M] () -- C:\Users\Jirik\AppData\Roaming\Microsoft\Installer\{58B269E7-5D66-4425-89C8-7EA0FDCD70C2}\_FD8B6BA922FF5C34868F02.exe
[2013.02.19 20:51:19 | 000,119,808 | R--- | M] () -- C:\Users\Jirik\AppData\Roaming\Microsoft\Installer\{CCF298AF-9CE1-4B26-B251-486E98A34789}\icons.exe
[2013.05.16 14:25:04 | 001,062,472 | ---- | M] () -- C:\Users\Jirik\AppData\Roaming\Seznam.cz\szninstall.exe
[2013.05.16 14:26:24 | 002,589,256 | ---- | M] () -- C:\Users\Jirik\AppData\Roaming\Seznam.cz\sznsetup.exe
[2013.04.29 11:53:34 | 000,045,560 | ---- | M] () -- C:\Users\Jirik\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
[2013.04.12 09:13:24 | 000,457,208 | ---- | M] () -- C:\Users\Jirik\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
[2013.04.12 09:10:22 | 000,092,664 | ---- | M] () -- C:\Users\Jirik\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe
[2013.04.16 12:52:34 | 000,055,808 | ---- | M] () -- C:\Users\Jirik\AppData\Roaming\Seznam.cz\data\ffinstall\ffkill.exe
[2011.12.19 10:04:28 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Users\Jirik\AppData\Roaming\Seznam.cz\data\ffinstall\reg.exe
[2013.04.16 12:52:36 | 000,077,824 | ---- | M] () -- C:\Users\Jirik\AppData\Roaming\Seznam.cz\data\ffinstall\regctrl.exe
[2013.04.23 12:33:10 | 000,982,864 | ---- | M] (BitTorrent Inc.) -- C:\Users\Jirik\AppData\Roaming\uTorrent\uTorrent.exe
[2013.04.23 12:32:26 | 000,982,864 | ---- | M] (BitTorrent Inc.) -- C:\Users\Jirik\AppData\Roaming\uTorrent\updates\3.3.1_29579.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2014.02.14 17:20:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2014.02.13 23:14:26 | 000,000,946 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2014.02.14 17:00:03 | 000,000,950 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2014.02.14 13:37:00 | 000,000,910 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-129278174-98504208-4226844520-1001Core.job
[2014.02.14 17:37:00 | 000,000,962 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-129278174-98504208-4226844520-1001UA.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2014.02.13 12:16:41 | 000,000,000 | ---- | M] () -- C:\Windows\system32\log.txt
[2014.02.13 12:03:58 | 001,568,728 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI

< %SYSTEMDRIVE%\*.exe >
[2007.11.07 08:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe

< >

< *crack* /s >
[2013.09.10 21:20:37 | 000,000,722 | ---- | M] () -- \Mortal\CRACK.COM
[2003.12.05 14:52:40 | 000,000,796 | ---- | M] () -- \Program Files (x86)\Rockstar Games\GTA San Andreas\data\Decision\Craig\crack1.ped
[2012.12.27 19:55:31 | 000,000,796 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Grand Theft Auto San Andreas\data\Decision\Craig\crack1.ped
[2010.07.04 19:46:05 | 000,000,146 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\ConcreteCrack2.vmt
[2010.07.04 19:46:06 | 000,174,944 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\ConcreteCrack2.vtf
[2010.07.04 19:46:06 | 000,000,146 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\ConcreteCrack3.vmt
[2010.07.04 19:46:06 | 000,087,616 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\ConcreteCrack3.vtf
[2010.07.04 19:46:05 | 000,000,153 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete_Large_Crack1.vmt
[2010.07.04 19:46:05 | 000,699,232 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete_Large_Crack1.vtf
[2010.07.04 19:46:05 | 000,000,153 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete_Large_Crack2.vmt
[2010.07.04 19:46:05 | 000,349,760 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete_Large_Crack2.vtf
[2010.07.04 19:46:05 | 000,000,153 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete_Large_Crack3.vmt
[2010.07.04 19:46:06 | 000,349,760 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete_Large_Crack3.vtf
[2010.07.04 19:46:05 | 000,000,153 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete_Large_Crack4.vmt
[2010.07.04 19:46:06 | 000,349,760 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete_Large_Crack4.vtf
[2010.07.04 19:46:06 | 000,000,153 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete_Large_Crack5.vmt
[2010.07.04 19:46:06 | 000,349,760 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete_Large_Crack5.vtf
[2010.07.04 19:46:05 | 000,000,143 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Floorcrack2.vmt
[2010.07.04 19:46:06 | 000,087,616 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Floorcrack2.vtf
[2010.07.04 19:43:24 | 000,000,151 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete\crack_01.vmt
[2010.07.04 19:43:24 | 000,087,588 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete\crack_01.vtf
[2010.07.04 19:43:24 | 000,000,151 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete\crack_03.vmt
[2010.07.04 19:43:24 | 001,398,308 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete\crack_03.vtf
[2010.07.04 19:43:24 | 000,000,150 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete\crack_04.vmt
[2010.07.04 19:43:24 | 000,087,532 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete\crack_04.vtf
[2010.07.04 19:43:24 | 000,000,151 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete\crack_05.vmt
[2010.07.04 19:43:24 | 000,174,908 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete\crack_05.vtf
[2010.07.04 20:50:42 | 000,150,012 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\models\props_powerup\cinephys_wallcrack.dx80.vtx
[2010.07.04 20:50:42 | 000,149,958 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\models\props_powerup\cinephys_wallcrack.dx90.vtx
[2010.07.04 20:50:42 | 000,109,264 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\models\props_powerup\cinephys_wallcrack.mdl
[2010.07.04 20:50:42 | 000,149,443 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\models\props_powerup\cinephys_wallcrack.sw.vtx
[2010.07.04 20:50:42 | 000,658,880 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\models\props_powerup\cinephys_wallcrack.vvd
[2010.07.04 22:09:58 | 001,129,094 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\sound\BMS_scripted\app\wood_crack.wav

< *keygen* /s >

< *AntiWPA* /s >

< *loader* /s >
[2013.05.13 15:52:47 | 000,500,443 | ---- | M] () -- \Flashtool\custom\apps_saved\MT27\MediaUploader.apk
[2013.01.09 19:49:48 | 000,098,883 | ---- | M] () -- \Flashtool\devices\E10\loader.sin
[2013.01.09 19:49:48 | 000,103,949 | ---- | M] () -- \Flashtool\devices\E10\loader_unlocked.sin
[2013.01.09 19:49:48 | 000,098,883 | ---- | M] () -- \Flashtool\devices\E15\loader.sin
[2013.01.09 19:49:48 | 000,103,949 | ---- | M] () -- \Flashtool\devices\E15\loader_unlocked.sin
[2013.01.09 19:49:48 | 000,100,591 | ---- | M] () -- \Flashtool\devices\LT15\loader.sin
[2013.01.09 19:49:48 | 000,100,591 | ---- | M] () -- \Flashtool\devices\LT18\loader.sin
[2013.01.09 19:49:50 | 000,100,712 | ---- | M] () -- \Flashtool\devices\LT22\loader.sin
[2013.01.09 19:49:50 | 000,136,600 | ---- | M] () -- \Flashtool\devices\LT26\loader.sin
[2013.01.09 19:49:50 | 000,136,592 | ---- | M] () -- \Flashtool\devices\LT26W\loader.sin
[2013.01.09 19:49:50 | 000,136,600 | ---- | M] () -- \Flashtool\devices\LT28\loader.sin
[2013.01.09 19:49:50 | 000,077,700 | ---- | M] () -- \Flashtool\devices\LT30\loader.sin
[2013.01.09 19:49:48 | 000,100,591 | ---- | M] () -- \Flashtool\devices\MK16\loader.sin
[2013.01.09 19:49:48 | 000,100,591 | ---- | M] () -- \Flashtool\devices\MT11\loader.sin
[2013.01.09 19:49:48 | 000,100,591 | ---- | M] () -- \Flashtool\devices\MT15\loader.sin
[2013.01.09 19:49:50 | 000,100,712 | ---- | M] () -- \Flashtool\devices\MT27\loader.sin
[2013.01.09 19:49:50 | 000,077,700 | ---- | M] () -- \Flashtool\devices\MT28\loader.sin
[2013.01.09 19:49:48 | 000,100,591 | ---- | M] () -- \Flashtool\devices\R800\loader.sin
[2013.01.09 19:49:48 | 000,100,525 | ---- | M] () -- \Flashtool\devices\R800\loader_unlocked.sin
[2013.01.09 19:49:48 | 000,100,591 | ---- | M] () -- \Flashtool\devices\SK17\loader.sin
[2013.01.09 19:49:48 | 000,100,591 | ---- | M] () -- \Flashtool\devices\ST15\loader.sin
[2013.01.09 19:49:48 | 000,100,591 | ---- | M] () -- \Flashtool\devices\ST17\loader.sin
[2013.01.09 19:49:48 | 000,100,591 | ---- | M] () -- \Flashtool\devices\ST18\loader.sin
[2013.01.09 19:49:50 | 000,106,428 | ---- | M] () -- \Flashtool\devices\ST21\loader.sin
[2013.01.09 19:49:50 | 000,100,712 | ---- | M] () -- \Flashtool\devices\ST25\loader.sin
[2013.01.09 19:49:50 | 000,100,712 | ---- | M] () -- \Flashtool\devices\ST27\loader.sin
[2013.01.09 19:49:48 | 000,098,883 | ---- | M] () -- \Flashtool\devices\U20\loader.sin
[2013.01.09 19:49:48 | 000,103,949 | ---- | M] () -- \Flashtool\devices\U20\loader_unlocked.sin
[2013.01.09 19:49:48 | 000,100,591 | ---- | M] () -- \Flashtool\devices\WT19\loader.sin
[2013.01.09 19:49:50 | 000,087,559 | ---- | M] () -- \Flashtool\devices\X10\loader.sin
[2013.01.09 19:49:50 | 000,087,569 | ---- | M] () -- \Flashtool\devices\X10\loader_unlocked.sin
[2013.12.25 13:43:42 | 000,087,569 | ---- | M] () -- \Flashtool\firmwares\prepared\loader.sin
[2013.05.16 15:41:22 | 001,152,288 | ---- | M] () -- \NVIDIA\DisplayDriver\320.18\Win8_WinVista_Win7_64\International\GFExperience\ExtensionLoader.dll
[2013.05.16 15:41:22 | 001,152,288 | ---- | M] () -- \NVIDIA\DisplayDriver\320.49\Win8_WinVista_Win7_64\International\GFExperience\ExtensionLoader.dll
[2013.05.16 15:41:22 | 001,152,288 | ---- | M] () -- \NVIDIA\DisplayDriver\GeForce320.49Driver\ExtensionLoader.dll
[2013.05.16 15:41:22 | 001,152,288 | ---- | M] () -- \NVIDIA\DisplayDriver\GeForce320.49Driver\GFExperience\ExtensionLoader.dll
[2013.12.10 03:13:27 | 001,168,672 | ---- | M] () -- \NVIDIA\DisplayDriver\GeForce332.21Driver\ExtensionLoader.dll
[2013.12.10 03:15:46 | 001,168,672 | ---- | M] () -- \NVIDIA\DisplayDriver\GeForce332.21Driver\GFExperience\ExtensionLoader.dll
[2013.12.10 03:13:27 | 001,168,672 | ---- | M] () -- \NVIDIA\DisplayDriver\GeForceR331GameReadyDriver\ExtensionLoader.dll
[2013.11.14 12:58:30 | 001,168,672 | ---- | M] () -- \NVIDIA\DisplayDriver\GeForceR331GameReadyDriver\GFExperience\ExtensionLoader.dll
[2011.07.05 00:29:56 | 000,124,200 | ---- | M] () -- \Program Files (x86)\Acer\Acer Crystal Eye Webcam\Koan\pyloader.dll
[2008.02.17 23:02:54 | 000,253,691 | ---- | M] () -- \Program Files (x86)\Audiosurf\engine\Preloader.cgr
[2008.02.17 23:02:44 | 000,000,878 | ---- | M] () -- \Program Files (x86)\Audiosurf\engine\Preloader_config.xml
[2008.02.17 23:02:26 | 000,016,384 | ---- | M] () -- \Program Files (x86)\Audiosurf\engine\channels\FileLoader.dll
[2007.03.12 13:48:46 | 000,177,712 | ---- | M] () -- \Program Files (x86)\Common Files\Ahead\Lib\NeGuideStoreLoader.dll
[2006.10.26 12:40:34 | 000,057,344 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 12:40:34 | 000,005,120 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2010.02.05 23:27:16 | 000,000,015 | ---- | M] () -- \Program Files (x86)\ESET\MiNODLogin\3) TNODUP 1.4.2.1 Final\TNod User & Password Finder\Licenses Downloader.bat
[2010.02.05 23:27:16 | 000,000,015 | ---- | M] () -- \Program Files (x86)\ESET\MiNODLogin\TNod User & Password Finder\Licenses Downloader.bat
[2010.06.01 23:29:14 | 000,367,872 | ---- | M] () -- \Program Files (x86)\NTI\NTI Media Maker 9\LauncherLoader.exe
[2013.12.10 03:13:27 | 001,168,672 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\ExtensionLoader.dll
[2013.07.25 03:43:28 | 000,065,344 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2013.07.25 03:43:30 | 000,067,904 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2013.07.25 03:43:12 | 000,073,024 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2013.07.25 03:43:12 | 000,080,704 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader64.dll
[2013.04.18 09:02:10 | 000,001,702 | ---- | M] () -- \Program Files (x86)\Sony Ericsson\Update Engine\licenses\loaderbinarylegal.txt
[2013.10.23 21:07:40 | 000,007,825 | ---- | M] () -- \Program Files (x86)\Steam\remoteui\static\libs\images\ajax-loader.gif
[2013.04.19 11:17:46 | 000,169,384 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Half-Life\cstrike\models\qloader.mdl
[2013.04.19 11:16:24 | 000,352,548 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Half-Life\valve\models\loader.mdl
[2013.04.19 11:16:35 | 000,012,764 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Half-Life\valve\sound\ambience\loader_hydra1.wav
[2013.04.19 11:16:35 | 000,012,164 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Half-Life\valve\sound\ambience\loader_step1.wav
[2012.09.18 23:54:21 | 000,071,008 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Mafia II\pc\PhysXLoader.dll
[2012.02.06 17:45:23 | 000,000,726 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\models\props_vehicles\loader_body.vmt
[2010.07.04 20:09:08 | 000,699,272 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\models\props_vehicles\loader_body.vtf
[2010.07.04 20:09:08 | 001,398,336 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\models\props_vehicles\loader_body_normal.vtf
[2012.02.06 17:45:23 | 000,000,724 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\models\props_vehicles\loader_leg.vmt
[2010.07.04 20:09:08 | 000,699,272 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\models\props_vehicles\loader_leg.vtf
[2010.07.04 20:09:08 | 001,398,336 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\models\props_vehicles\loader_leg_normal.vtf
[2010.07.04 20:51:41 | 000,178,888 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\models\props_vehicles\loader.dx80.vtx
[2010.07.04 20:51:41 | 000,178,861 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\models\props_vehicles\loader.dx90.vtx
[2010.07.04 20:51:41 | 000,012,873 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\models\props_vehicles\loader.jpg
[2010.07.04 20:51:41 | 000,349,716 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\models\props_vehicles\loader.mdl
[2010.07.04 20:51:41 | 000,269,969 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\models\props_vehicles\loader.phy
[2010.07.04 20:51:41 | 000,178,517 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\models\props_vehicles\loader.sw.vtx
[2010.07.04 20:51:41 | 000,797,056 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\models\props_vehicles\loader.vvd
[2013.12.10 03:13:27 | 001,168,672 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.GFExperience.{D7348563-D578-4A1D-8241-F890084E9CC7}\ExtensionLoader.dll
[2012.06.09 19:19:38 | 000,055,296 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2012.06.18 11:39:40 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012.06.18 11:39:40 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2010.02.05 23:27:16 | 000,000,015 | ---- | M] () -- \Users\3) TNODUP 1.4.2.1 Final\TNod User & Password Finder\Licenses Downloader.bat
[2012.06.18 11:39:40 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012.06.18 11:39:40 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2012.09.20 00:33:44 | 000,001,096 | ---- | M] () -- \Users\Jirik\AppData\Local\SRDownloader.nast
[2014.02.07 22:51:01 | 000,031,516 | ---- | M] () -- \Users\Jirik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H2IRL91Y\cz.seznam.software.libfoxloader-3.1.2-win32[1].zip
[2013.05.28 11:49:40 | 000,001,188 | ---- | M] () -- \Users\Jirik\AppData\Local\New Technology Studio\Apps\OpenIV\Resources\Languages\en_GB\PreloaderWindow.ChangeGameScreen.xml
[2013.05.28 11:49:40 | 000,001,082 | ---- | M] () -- \Users\Jirik\AppData\Local\New Technology Studio\Apps\OpenIV\Resources\Languages\en_GB\PreloaderWindow.UpdateScreen.xml
[2013.05.28 11:49:40 | 000,002,948 | ---- | M] () -- \Users\Jirik\AppData\Local\New Technology Studio\Apps\OpenIV\Resources\Languages\en_GB\PreloaderWindow.WelcomeScreen.xml
[2013.05.28 11:49:40 | 000,001,623 | ---- | M] () -- \Users\Jirik\AppData\Local\New Technology Studio\Apps\OpenIV\Resources\Languages\ru_RU\PreloaderWindow.ChangeGameScreen.xml
[2013.05.28 11:49:40 | 000,001,377 | ---- | M] () -- \Users\Jirik\AppData\Local\New Technology Studio\Apps\OpenIV\Resources\Languages\ru_RU\PreloaderWindow.UpdateScreen.xml
[2013.05.28 11:49:40 | 000,004,511 | ---- | M] () -- \Users\Jirik\AppData\Local\New Technology Studio\Apps\OpenIV\Resources\Languages\ru_RU\PreloaderWindow.WelcomeScreen.xml
[2013.12.10 03:13:27 | 001,168,672 | ---- | M] () -- \Users\Jirik\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\10.11.15.0\GFExperience\ExtensionLoader.dll
[2013.04.15 12:32:10 | 000,060,416 | ---- | M] () -- \Users\Jirik\AppData\Roaming\Seznam.cz\bin\12754libfoxloader-x64.dll
[2013.03.29 12:37:34 | 000,059,384 | ---- | M] () -- \Users\Jirik\AppData\Roaming\Seznam.cz\bin\12754libfoxloader.dll
[2014.02.07 22:51:08 | 000,000,165 | ---- | M] () -- \Users\Jirik\AppData\Roaming\Seznam.cz\conf\szndesktop.d\libfoxloader.conf
[2013.03.25 15:27:20 | 000,000,665 | ---- | M] () -- \Users\Jirik\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_1_2.install.bat
[2013.03.25 15:27:26 | 000,000,117 | ---- | M] () -- \Users\Jirik\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_1_2.uninstall.bat
[2013.03.28 22:05:05 | 000,000,843 | ---- | M] () -- \Users\Jirik\Desktop\BORDEL\CF_DOWNLOADER.lnk
[2010.08.31 17:21:08 | 005,148,105 | ---- | M] () -- \Users\Jirik\Documents\majda\208-freeloaders_the_real_thing-so_much_love_to_give.mp3
[2012.09.10 20:33:31 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2013.08.02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2014.01.29 03:11:28 | 000,012,532 | ---- | M] () -- \Windows\System32\Adobe\Shockwave 12\shockwave_Projector_Loader.dcr
[2013.08.02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2014.01.29 03:11:28 | 000,012,532 | ---- | M] () -- \Windows\SysWOW64\Adobe\Shockwave 12\shockwave_Projector_Loader.dcr
[2009.07.14 02:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 02:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 03:12:19 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_68d20a7192733a4d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 07:20:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_695e76beab8ff095\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.29 03:18:31 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_694dd858ab9ba72a\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.02.03 04:35:46 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2012.02.03 04:35:46 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2012.02.03 04:35:46 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2012.02.03 04:35:46 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2012.02.03 04:35:46 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2011.07.14 06:25:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.07.14 06:25:44 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2011.07.14 06:25:44 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2011.07.14 06:25:44 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2011.07.14 06:25:44 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 03:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2012.02.03 04:31:34 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2010.11.21 04:16:35 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.07.14 06:25:40 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.07.14 06:25:40 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 03:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 06:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.29 02:54:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_0d2f3cd4f33e35f4\api-ms-win-core-libraryloader-l1-1-0.dll

< *minodlogin* /s >
[2012.03.19 16:37:10 | 000,061,015 | ---- | M] () -- \Program Files (x86)\ESET\MiNODLogin\2) MiNODLogin 3.10.0.1\FOTO Návod instalace MiNODLogin\MiNODLogin 001.png
[2012.03.19 16:37:10 | 000,049,589 | ---- | M] () -- \Program Files (x86)\ESET\MiNODLogin\2) MiNODLogin 3.10.0.1\FOTO Návod instalace MiNODLogin\MiNODLogin 002.png
[2012.03.19 16:37:10 | 000,053,443 | ---- | M] () -- \Program Files (x86)\ESET\MiNODLogin\2) MiNODLogin 3.10.0.1\FOTO Návod instalace MiNODLogin\MiNODLogin 003.png
[2012.03.19 16:37:10 | 000,042,735 | ---- | M] () -- \Program Files (x86)\ESET\MiNODLogin\2) MiNODLogin 3.10.0.1\FOTO Návod instalace MiNODLogin\MiNODLogin 004.png
[2012.03.19 16:37:10 | 000,058,826 | ---- | M] () -- \Program Files (x86)\ESET\MiNODLogin\2) MiNODLogin 3.10.0.1\FOTO Návod instalace MiNODLogin\MiNODLogin 005.png
[2012.03.19 15:27:23 | 000,476,320 | ---- | M] () -- \Program Files (x86)\ESET\MiNODLogin\2) MiNODLogin 3.10.0.1\FOTO Návod instalace MiNODLogin\MiNODLogin 006.png

< *tnod* /s >
[2011.09.13 04:01:52 | 000,000,750 | ---- | M] () -- \OEM\Preload\Autorun\APP\clear.fi v1.0\PCinema\Config\CopyRightNoDTS.ini
[2008.02.17 23:02:32 | 000,026,624 | ---- | M] () -- \Program Files (x86)\Audiosurf\engine\channels\XML_SetRootNode.dll
[2012.06.14 22:45:06 | 000,059,915 | ---- | M] () -- \Program Files (x86)\ESET\MiNODLogin\3) TNODUP 1.4.2.1 Final\Foto Návod TNODUP\TNODUP 001.png
[2012.06.14 22:45:46 | 000,046,164 | ---- | M] () -- \Program Files (x86)\ESET\MiNODLogin\3) TNODUP 1.4.2.1 Final\Foto Návod TNODUP\TNODUP 002.png
[2012.06.14 22:49:00 | 000,044,938 | ---- | M] () -- \Program Files (x86)\ESET\MiNODLogin\3) TNODUP 1.4.2.1 Final\Foto Návod TNODUP\TNODUP 003.png
[2012.06.14 22:49:10 | 000,042,704 | ---- | M] () -- \Program Files (x86)\ESET\MiNODLogin\3) TNODUP 1.4.2.1 Final\Foto Návod TNODUP\TNODUP 004.png
[2012.06.14 22:46:00 | 000,059,547 | ---- | M] () -- \Program Files (x86)\ESET\MiNODLogin\3) TNODUP 1.4.2.1 Final\Foto Návod TNODUP\TNODUP 005.png
[2012.03.19 15:26:44 | 000,217,810 | ---- | M] () -- \Program Files (x86)\ESET\MiNODLogin\3) TNODUP 1.4.2.1 Final\Foto Návod TNODUP\TNODUP 008.png
[2011.06.27 17:46:19 | 000,087,803 | ---- | M] () -- \Program Files (x86)\ESET\MiNODLogin\3) TNODUP 1.4.2.1 Final\Foto Návod TNODUP\TNODUP 009.jpg
[2010.04.02 00:08:00 | 000,097,792 | ---- | M] () -- \Program Files (x86)\ESET\MiNODLogin\3) TNODUP 1.4.2.1 Final\TNod User & Password Finder\tnodicons.icl
[2012.06.14 22:45:06 | 000,059,915 | ---- | M] () -- \Users\3) TNODUP 1.4.2.1 Final\Foto Návod TNODUP\TNODUP 001.png
[2012.06.14 22:45:46 | 000,046,164 | ---- | M] () -- \Users\3) TNODUP 1.4.2.1 Final\Foto Návod TNODUP\TNODUP 002.png
[2012.06.14 22:49:00 | 000,044,938 | ---- | M] () -- \Users\3) TNODUP 1.4.2.1 Final\Foto Návod TNODUP\TNODUP 003.png
[2012.06.14 22:49:10 | 000,042,704 | ---- | M] () -- \Users\3) TNODUP 1.4.2.1 Final\Foto Návod TNODUP\TNODUP 004.png
[2012.06.14 22:46:00 | 000,059,547 | ---- | M] () -- \Users\3) TNODUP 1.4.2.1 Final\Foto Návod TNODUP\TNODUP 005.png
[2012.03.19 15:26:44 | 000,217,810 | ---- | M] () -- \Users\3) TNODUP 1.4.2.1 Final\Foto Návod TNODUP\TNODUP 008.png
[2011.06.27 17:46:19 | 000,087,803 | ---- | M] () -- \Users\3) TNODUP 1.4.2.1 Final\Foto Návod TNODUP\TNODUP 009.jpg
[2010.04.02 00:08:00 | 000,097,792 | ---- | M] () -- \Users\3) TNODUP 1.4.2.1 Final\TNod User & Password Finder\tnodicons.icl

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2011.01.30 01:00:00 | 000,046,905 | ---- | M] () -- \Program Files (x86)\Bitcoin\src\serialize.h
[2011.01.30 01:00:00 | 000,001,033 | ---- | M] () -- \Program Files (x86)\Bitcoin\src\test\serialize_tests.cpp
[2011.11.13 20:55:50 | 000,004,232 | ---- | M] () -- \Program Files (x86)\LinuxLive USB Creator\tools\syslinux-modules\v3\serialinfo.c32
[2011.11.13 20:55:56 | 000,004,624 | ---- | M] () -- \Program Files (x86)\LinuxLive USB Creator\tools\syslinux-modules\v4\serialinfo.c32
[2013.09.13 00:53:56 | 000,434,368 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.20913.0\System.Runtime.Serialization.dll
[2013.10.09 11:14:44 | 001,164,288 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.20913.0\System.Runtime.Serialization.ni.dll
[2012.10.05 11:53:23 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2012.02.03 04:35:12 | 000,090,112 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2013.04.18 09:00:08 | 000,049,216 | ---- | M] () -- \Program Files (x86)\Sony Ericsson\Update Engine\plugins\com.serialio_2.13.5.201304180917.jar
[2013.04.18 09:00:14 | 000,006,001 | ---- | M] () -- \Program Files (x86)\Sony Ericsson\Update Engine\plugins\com.sonymobile.cs.serialcommunication_2.13.5.201304180917.jar
[2013.12.26 08:45:05 | 000,712,704 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Team Fortress 2\bin\dmserializers.dll
[2012.09.28 02:13:39 | 000,712,704 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\rufgas\source sdk base 2007\bin\dmserializers.dll
[2010.04.15 02:20:46 | 000,415,592 | ---- | M] () -- \Program Files (x86)\Windows Live\Mesh\System.Runtime.Serialization.dll
[2010.04.15 02:20:46 | 000,141,168 | ---- | M] () -- \Program Files (x86)\Windows Live\Mesh\System.Runtime.Serialization.Json.dll
[2010.04.15 02:20:46 | 000,321,376 | ---- | M] () -- \Program Files (x86)\Windows Live\Mesh\System.Xml.Serialization.dll
[2013.09.13 01:23:44 | 000,434,368 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.20913.0\System.Runtime.Serialization.dll
[2013.10.09 11:15:31 | 001,546,240 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.20913.0\System.Runtime.Serialization.ni.dll
[2012.10.05 11:52:37 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2012.02.03 04:35:12 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2013.10.15 21:03:30 | 000,000,544 | ---- | M] () -- \Users\Jirik\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.sledujuserialy.cz%2Ffavicon.png
[2013.10.15 21:03:30 | 000,000,145 | ---- | M] () -- \Users\Jirik\AppData\Local\Opera\Opera\icons\www.sledujuserialy.cz.idx
[2012.02.03 04:34:58 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.13 03:02:06 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2012.10.05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2014.02.13 12:17:37 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\553e7bfc9cac5e4feaa83d8ee1e187bd\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.08.14 19:02:33 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\d462f459c4353e2c628e6def1430aed7\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.08.14 21:44:42 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\e043ad64456256a8ee5b934e227d9782\System.Runtime.Serialization.ni.dll
[2014.02.13 12:23:58 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\f177ea74036d5fdc6c6b9c967dc877cf\System.Runtime.Serialization.ni.dll
[2014.02.13 12:20:48 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\8653acb87b4a219a84e4ce58df35e62a\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.02.13 12:29:34 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\b73fbf8a2db2192752ad2b13744a393b\System.Runtime.Serialization.ni.dll
[2014.02.13 12:07:01 | 000,309,760 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\abb3fbf787b74b7d2513a8c409b5ef74\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.02.13 12:07:01 | 000,000,580 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\abb3fbf787b74b7d2513a8c409b5ef74\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2014.02.13 12:07:24 | 002,825,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f6d7bb59f318c130d68816a89335d05e\System.Runtime.Serialization.ni.dll
[2014.02.13 12:07:24 | 000,001,308 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f6d7bb59f318c130d68816a89335d05e\System.Runtime.Serialization.ni.dll.aux
[2014.02.13 12:28:19 | 000,026,624 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\94ce7a3b39b335283a0087f9964e9099\System.Xml.Serialization.ni.dll
[2014.02.13 12:28:19 | 000,000,376 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\94ce7a3b39b335283a0087f9964e9099\System.Xml.Serialization.ni.dll.aux
[2014.02.13 12:35:36 | 000,376,832 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\3b1e2119f9cdfbc454bf08eb1ed9f023\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.02.13 12:35:36 | 000,000,580 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\3b1e2119f9cdfbc454bf08eb1ed9f023\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2014.02.13 12:37:15 | 003,640,320 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\7e7ed14f2b9a7e3d94307462aa99f5b9\System.Runtime.Serialization.ni.dll
[2014.02.13 12:37:15 | 000,001,308 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\7e7ed14f2b9a7e3d94307462aa99f5b9\System.Runtime.Serialization.ni.dll.aux
[2014.02.13 12:39:57 | 000,028,672 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.84e525b7#\7c4a5c747f2dcdac0329022b43a7be6b\System.Xml.Serialization.ni.dll
[2014.02.13 12:39:57 | 000,000,376 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.84e525b7#\7c4a5c747f2dcdac0329022b43a7be6b\System.Xml.Serialization.ni.dll.aux
[2013.09.11 22:33:38 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.09.11 22:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.09.11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Json\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Json.dll
[2013.09.11 21:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Primitives\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Primitives.dll
[2013.09.11 22:33:38 | 000,113,864 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2013.09.11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Xml\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Xml.dll
[2013.09.11 22:33:38 | 001,052,320 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.09.11 21:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2013.09.11 21:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.XmlSerializer\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Xml.XmlSerializer.dll
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2012.02.03 04:35:00 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.10.05 11:53:24 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013.09.11 22:33:38 | 001,052,320 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2013.09.11 22:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2013.09.11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Json.dll
[2013.09.11 21:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2013.09.11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2013.09.11 21:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2013.09.11 21:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.XmlSerializer.dll
[2013.09.11 22:33:38 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.09.11 22:33:38 | 000,113,864 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.06.10 21:40:06 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2012.02.03 04:34:55 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2012.10.05 11:52:38 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013.09.11 22:33:38 | 001,052,320 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2013.09.11 22:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2013.09.11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Json.dll
[2013.09.11 21:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2013.09.11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2013.09.11 21:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2013.09.11 21:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.XmlSerializer.dll
[2013.09.11 20:32:16 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.09.11 20:32:16 | 000,113,864 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2012.02.03 04:34:46 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 01:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009.06.10 21:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2012.02.03 04:34:46 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\cs-CZ\serialui.dll.mui
[2012.02.03 04:34:55 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_1e527062c1f59d5f\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2012.02.03 04:35:00 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23\serialui.dll.mui
[2009.07.14 02:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2012.02.03 04:35:12 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_bb9a1800691e639c\System.RunTime.Serialization.Resources.dll
[2012.02.03 04:35:02 | 000,009,728 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_20ab142d65ed6acc\serial.sys.mui
[2009.07.14 01:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009.06.10 21:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.10 21:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2010.11.21 04:24:53 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722\System.Runtime.Serialization.dll
[2012.10.05 11:52:38 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b\System.Runtime.Serialization.dll
[2012.10.05 11:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53\System.Runtime.Serialization.dll
[2010.11.21 04:24:53 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb\System.Runtime.Serialization.dll
[2012.10.05 11:52:37 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4\System.Runtime.Serialization.dll
[2012.10.05 11:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec\System.Runtime.Serialization.dll
[2011.07.14 06:25:44 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011.07.14 06:25:44 | 000,017,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8_kdcom.dll_db5e7744
[2012.02.03 04:35:47 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23_serialui.dll.mui_7d29d2a3
[2009.07.14 03:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2012.02.03 04:35:46 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009.07.14 03:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009.07.14 03:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2011.07.14 06:25:40 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011.07.14 06:25:40 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009.07.14 03:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2010.11.21 04:17:50 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722.manifest
[2012.10.05 19:18:30 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b.manifest
[2012.10.05 19:10:31 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53.manifest
[2010.11.21 04:17:50 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb.manifest
[2012.10.05 19:19:07 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4.manifest
[2012.10.05 19:11:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec.manifest
[2010.11.21 04:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2012.10.05 18:15:39 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285.manifest
[2012.10.05 18:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d.manifest
[2012.02.03 04:33:29 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2012.10.05 21:12:17 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f.manifest
[2012.10.05 20:59:28 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797.manifest
[2010.11.21 04:17:50 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2012.10.05 18:15:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8.manifest
[2012.10.05 18:17:15 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0.manifest
[2010.11.21 04:18:20 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2012.10.05 18:19:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa.manifest
[2012.10.05 18:22:10 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2.manifest
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2012.02.03 04:34:58 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.21 04:24:53 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2012.10.05 11:53:24 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285\System.Runtime.Serialization.dll
[2012.10.05 11:56:07 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d\System.Runtime.Serialization.dll
[2012.02.03 04:35:12 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2010.11.13 03:02:06 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f\System.RunTime.Serialization.Resources.dll
[2010.11.13 03:37:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797\System.RunTime.Serialization.Resources.dll
[2010.11.21 04:24:53 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2012.10.05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8\System.Runtime.Serialization.dll
[2012.10.05 11:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0\System.Runtime.Serialization.dll
[2012.02.03 04:35:00 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_28a71ab4f6565f5a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.02.03 04:34:46 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2012.02.03 04:35:12 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2010.11.21 04:25:11 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2012.10.05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa\System.Runtime.Serialization.dll
[2012.10.05 11:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2\System.Runtime.Serialization.dll

< *w7lxe* /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 12 bytes -> C:\Users\Jirik\Documents:{2C848322-7882-41E2-AFF6-B060B946FEE9}3

< End of report >

[Juric]

OTL Extras logfile created on: 14.2.2014 17:43:45 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jirik\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16798)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

7,86 Gb Total Physical Memory | 4,54 Gb Available Physical Memory | 57,85% Memory free
15,71 Gb Paging File | 12,35 Gb Available in Paging File | 78,61% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 680,54 Gb Total Space | 85,51 Gb Free Space | 12,57% Space Free | Partition Type: NTFS

Computer Name: JIRIK-PC | User Name: Jirik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- Reg Error: Key error.
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- Reg Error: Key error.
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07E91860-88B3-4A5C-9DF5-4FAC97E14746}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{08402E23-BFFF-4B6A-933C-6D90AF94076E}" = rport=138 | protocol=17 | dir=out | app=system |
"{13ECF8BF-50CB-40F9-BE00-CBDFD9103073}" = lport=138 | protocol=17 | dir=in | app=system |
"{1C0DB377-458F-4896-9F73-7697D7B56BD9}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{2098B8C9-170F-456E-8FA1-573EBA67DFC1}" = rport=139 | protocol=6 | dir=out | app=system |
"{2A239E66-1788-4FE7-808F-AA7DF22D1112}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{2EABA496-8190-4649-AC71-24FB2F57A88A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{31E21590-41BA-4704-B7DB-AC56716586DF}" = rport=10243 | protocol=6 | dir=out | app=system |
"{3831DF49-A389-48ED-91C5-00759B57B203}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{385C0341-1874-4A86-B008-24D9BC47EFD1}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{387FC674-8F6F-48F0-BE84-C5E20B4D7B2C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3D0AD0C0-4531-4120-A71E-21A1B444EF64}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{4BF415EF-456A-480B-A73A-E0A3F1765748}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{5693C66D-8BB2-46ED-B808-98B8DC2B60F1}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{5A5AE369-7AC3-444D-955E-E882A7C5AAD9}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{5C2A049D-1BD5-4D71-99BE-33AC6751C5D9}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{616A3650-E4F5-403B-B635-0251E3B3B48E}" = rport=137 | protocol=17 | dir=out | app=system |
"{6D3A7CD6-9833-4C41-B380-4A13EA2861CA}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{6DF198C9-4985-4E77-8C54-64CA31273AF8}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{743B1E4B-4FBB-4A4C-B6CA-9995FB977F32}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{75CD1AE2-B026-4907-8991-832C44243DA0}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{78313854-16B8-4B99-81DD-C90F63CECF6F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{80ABC930-1C4F-4A3E-B4D3-0AB7A8B78F03}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{89D42D34-D9B0-462F-BA82-A1A937D6F3BD}" = lport=2869 | protocol=6 | dir=in | app=system |
"{8C6DCDF1-A023-4A70-9B68-A97FA4C89A71}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{91EDD327-D06B-45FE-B3CE-F50AE9F0DD4D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{92387128-269F-4CA3-AB02-12CD2F6F8D36}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{9750E6BD-6365-4F23-878C-76946A4FC7D9}" = lport=445 | protocol=6 | dir=in | app=system |
"{9A897406-C7D7-4615-9854-73243580C038}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{9A9C8337-712D-4AA8-B86D-2F68036EC65D}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A1E074D7-7B55-4B2E-B834-CFA29CEA9A52}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{ABD549E5-1BEE-40A7-9047-FB1238E547F2}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{B69DE41A-093D-49AE-8E77-CFD181A6572F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B7AA06F6-5219-41EB-832F-828C4112711B}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{B8CDFDC7-42EF-4F22-80D8-DBEF0E755A42}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{BDD61BFD-F3A3-4527-9A12-CA4E75F68D9D}" = rport=445 | protocol=6 | dir=out | app=system |
"{BFDC6FE1-51C6-4316-85AA-AF818651D8A2}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{D3007034-4910-47B8-87BA-0C41113D4517}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{D6A48A76-E384-4274-BDBA-339909926057}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{D6FF975D-682A-4C08-8699-46080834E355}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D73F86F5-98F9-44E5-945F-5F7A51E70299}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DC46201E-D099-42D2-BBB1-21BFACB6BF71}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{EA91964B-80E1-49AC-91DA-D2266FF9BD2B}" = lport=137 | protocol=17 | dir=in | app=system |
"{EBD33000-E78C-4E9B-AE54-F02AAB8BC61F}" = lport=10243 | protocol=6 | dir=in | app=system |
"{F3083EC6-9A18-483D-8A45-12DE31D0D89F}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{F39A6CD9-1650-4151-B290-4B213425494B}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{F700B1D1-D008-436E-8F1B-4D06DF456487}" = lport=139 | protocol=6 | dir=in | app=system |
"{FED2ACBD-79CB-439A-BE21-C33DFA3974CE}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0238B365-25A0-45FE-83CF-AC550EBF71DD}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{032F0348-3440-4073-9C14-6C0C26C4DB14}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto san andreas\gta-sa.exe |
"{07716E81-16AE-4A26-89EC-0E3F80FA8F84}" = protocol=6 | dir=in | app=c:\users\jirik\downloads\crossfire_downloader.exe |
"{097F0E59-74FE-48F6-95BE-2EBA788A54CB}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{0A03E6B8-0E34-4C38-91D7-2BFCBBFC7017}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0EF45BDC-63A7-41AE-B1EB-F02B72F8C74D}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{1509461B-0EBC-4043-B4A8-4DF1A0E50C80}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe |
"{16AEDD82-859C-49AF-816A-F325166735C6}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{16E26907-7E35-45D0-A78A-8215E0D26130}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{1BFA2BF5-784A-4D99-875B-529442E0A426}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\launcheflc.exe |
"{20F7D474-15CC-4C9B-975C-4095F8E8BD99}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{213113BE-88F0-4CF2-8318-90A37B573210}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\rufgas\source sdk base 2007\hl2.exe |
"{2148FB97-1234-4F09-9C51-6FF2F2467046}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{23540EDD-FDB6-4393-B92F-68166800940C}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{267D074D-509F-4A5C-BAAC-1FFF8153CE77}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{276D9C18-6833-40B8-82AF-FA99E04DEC1B}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{333BC1CC-CD91-4A05-906A-189DC192257E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{3550D8AA-8810-4A7C-AF7D-3D53492642A4}" = protocol=17 | dir=out | name=udp odchozí |
"{35FCCE3B-AB84-4533-921D-5EB358EC886D}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{362A9FE0-43E3-49A2-AD37-6CAF258B26B4}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{3916CD8E-A115-4373-8634-6BD9C097D47A}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{3B266814-9496-4271-A0B3-30DF326A4E6D}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{3BA6350F-310B-4139-B0E7-7E65FD40FFC9}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{3CF9BBF8-FBDC-4156-9CEE-8298EC3048CF}" = protocol=6 | dir=in | app=c:\program files (x86)\sony ericsson\update engine\sony ericsson update engine.exe |
"{40B9473E-03D3-40F4-A2FB-BB6F23FA2DAA}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{414F2AE7-F5C6-4B5A-B480-710E1D0B1295}" = protocol=6 | dir=in | app=c:\program files (x86)\sony ericsson\update engine\sony ericsson update engine.exe |
"{42A2276A-A178-427C-A686-7A1124EE3A04}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{45F5B599-F618-41F6-9F29-F01C7490260C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4C22AACC-7B80-4803-AC41-72A91BDF281F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4C49883A-158C-4206-B698-52C8DB151EDB}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{4E8216F5-A4F8-48A5-BBEF-AA28694F0098}" = protocol=6 | dir=in | app=c:\users\jirik\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{5009EB26-8590-46D4-898C-5A27C3832940}" = protocol=6 | dir=out | app=system |
"{5359C34A-224F-4E79-A390-410C44742595}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{58A2440D-372A-4C2A-8FBD-860EA4602EF7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe |
"{5964D48D-D642-4E1D-8492-3F399F567EC3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\launcheflc.exe |
"{5BE3F2C8-70B7-4218-96EF-80976021AAA3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\rufgas\source sdk base 2007\hl2.exe |
"{5D02E779-1F54-4DE7-A45A-E697AB81550C}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{5DCAB1D1-1CAF-4EAD-AD8E-089D6EE30840}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto san andreas\gta-sa.exe |
"{5DEE29E0-712F-4A8D-A173-74B2E6673DA0}" = protocol=17 | dir=in | app=c:\program files (x86)\sony ericsson\update engine\sony ericsson update engine.exe |
"{624C9743-53C7-4BC5-ABA0-4FF155A8E434}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{63DCED58-81ED-48D2-B10C-30A4C0BA3FF4}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{660B551C-5B55-4417-ADA5-FB670E0987DA}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{69D57361-C3E1-4F2A-B03D-CB9B36BB3E60}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{6CC8EAEB-DFC4-48B3-BE06-4AE9F284E4A2}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{6DDFC178-2482-40B2-8B1F-DB624B83392E}" = protocol=17 | dir=in | app=c:\users\jirik\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{70FF4984-D387-4765-828E-9A64F96DC886}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{738AA6BF-6875-43A4-A42A-FFD2C257692D}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{74E143F7-ECD5-41D9-8A66-690DAD75DD26}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{75FFA963-16B9-485B-8390-B07FBA14E0DC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{7B8F1000-DEFA-4ED9-B4AB-8A6140978F59}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{7C6A5326-E576-48BA-95A3-09672F0E37A2}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{7FAFE466-BE33-49B1-8905-B1E8CC46E336}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{8A445247-D324-4772-808B-F09AC204BE71}" = protocol=17 | dir=in | app=c:\users\jirik\downloads\crossfire_downloader.exe |
"{8E070246-19A9-45C5-884F-DD613B72583E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\half-life\hl.exe |
"{98C475E4-3740-4E00-81DC-D709D15631CB}" = protocol=6 | dir=in | app=c:\program files (x86)\dsnet corp\atube catcher 2.0\yct.exe |
"{9E073882-FA75-4B02-888D-81C1279FF9BE}" = protocol=6 | dir=in | app=c:\program files\realvnc\vnc server\vncserver.exe |
"{9E0E9C74-175E-47BF-9B63-07FCB3583A2C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A0076D7F-DEEC-454E-99F7-0A56C8702E0A}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{A046B90C-040B-4BE4-9737-FE8C8FEBB487}" = protocol=17 | dir=in | app=c:\program files (x86)\empire interactive\flatout ultimate carnage\fouc.exe |
"{A9DCAFFF-C752-4967-A6C8-E118D64E596B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{B8122E73-0C62-4E30-825F-E0A9CD8E4CED}" = protocol=17 | dir=in | app=c:\program files\realvnc\vnc server\vncserver.exe |
"{B91312FB-576B-4E2A-8FAB-A7ADD46B6E82}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\half-life\hl.exe |
"{B9C3DBFE-AA95-4CCA-B16B-6888B252B4C5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{BAA75782-29C9-4233-B56F-1A9D6D620949}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{BE062CE6-3A36-4599-BB1F-2DFC49A639DC}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{BE21D89D-2248-4F8D-AF32-9BDBCE2B8299}" = protocol=17 | dir=in | app=c:\program files (x86)\sony ericsson\update engine\sony ericsson update engine.exe |
"{BFAEA912-CCA2-46BD-AE2C-98CF30195AB8}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{C407B10B-9E15-43CD-9CCA-0A77FEFF35EA}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{CCFF01DA-203D-4230-A2A7-88F99D071F53}" = protocol=17 | dir=in | app=c:\program files (x86)\dsnet corp\atube catcher 2.0\yct.exe |
"{CD368FDF-E98E-465A-ADA3-39D2DD18D9AC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CEE56D03-CEDB-4DFC-88D3-20FAB97C8F79}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{D5D107E3-B058-4AC5-BC7F-2E93AEFC3450}" = protocol=6 | dir=out | name=tcp odchozí |
"{DD984DBD-41E5-494A-98E5-F43E96003B55}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{DDB5D306-A0AF-4A6C-ADE0-CC7CA044A840}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{DDC14E27-55D1-4BBB-BB31-412FDC95A960}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\launchgtaiv.exe |
"{DE95CA4D-BCB8-4E06-A316-C4605710831C}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{DED1523C-666A-4285-806E-0901A0DF641F}" = protocol=6 | dir=in | app=c:\program files (x86)\empire interactive\flatout ultimate carnage\fouc.exe |
"{E12BA446-67EC-4368-B33B-DF4F0F906D3F}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{E7F31538-4624-4D4C-B523-868A3417ECAF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E8FFD085-2060-4E89-B116-1B2397D0B6FC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{E9DD87A9-7B48-4AB5-A4CD-7F1845476ECD}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{EB8B3CEE-34C9-4848-804E-918F9ABBA0EC}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\launchgtaiv.exe |
"TCP Query User{10095BBF-F9AC-44AC-BD41-9D2021B4FC8E}C:\program files (x86)\dsnet corp\atube catcher 2.0\yct.exe" = protocol=6 | dir=in | app=c:\program files (x86)\dsnet corp\atube catcher 2.0\yct.exe |
"TCP Query User{27D48E41-3BFD-48A7-AFB5-46CA39D1520B}C:\windows\syswow64\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"TCP Query User{47BF40F1-40D5-4170-BBCE-911F46A48D82}C:\users\jirik\downloads\bulanci.exe" = protocol=6 | dir=in | app=c:\users\jirik\downloads\bulanci.exe |
"TCP Query User{9078CE3C-113E-4842-8396-3B780896381B}C:\program files (x86)\jesim2\cw5run.exe" = protocol=6 | dir=in | app=c:\program files (x86)\jesim2\cw5run.exe |
"TCP Query User{98ADFC01-87E8-4CF4-A53A-18FA24ABD7A0}C:\users\jirik\downloads\lolek\lol\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\users\jirik\downloads\lolek\lol\warcraft iii\war3.exe |
"TCP Query User{9E4F3BE5-27EB-4913-AF20-55EE2975A876}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"TCP Query User{A1F88930-D4E2-4069-B6C3-95C071C627D8}C:\windows\system32\mmc.exe" = protocol=6 | dir=in | app=c:\windows\system32\mmc.exe |
"TCP Query User{A437AB30-9966-4D40-82CB-5A5CACD8AB96}C:\games\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"TCP Query User{A548C481-5AEA-49F4-AE10-2A7C7745D8CF}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"TCP Query User{AB898F5A-CD39-4014-A888-A9AD3D1847E3}C:\program files (x86)\jesim\cw5run.exe" = protocol=6 | dir=in | app=c:\program files (x86)\jesim\cw5run.exe |
"TCP Query User{B2C6DE6C-3AF4-4C0E-B082-290C5C2E909F}C:\program files (x86)\bitcoin\bitcoin-qt.exe" = protocol=6 | dir=in | app=c:\program files (x86)\bitcoin\bitcoin-qt.exe |
"TCP Query User{D7DC3C87-13AD-415D-90D7-87C6F5B459A7}C:\games\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"TCP Query User{D8B2BE02-7211-4ECA-804C-808CE5E6F2B8}C:\users\jirik\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\jirik\appdata\local\google\chrome\application\chrome.exe |
"TCP Query User{E8615A60-47A5-4942-86C4-D0D04388B0E3}C:\program files (x86)\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe |
"UDP Query User{33EFC761-6446-45E2-BF95-763B080489C5}C:\program files (x86)\bitcoin\bitcoin-qt.exe" = protocol=17 | dir=in | app=c:\program files (x86)\bitcoin\bitcoin-qt.exe |
"UDP Query User{3850CDCE-DBB9-4964-8E17-C2632EC62C11}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"UDP Query User{394D6EC3-2DCE-49E2-A379-C6D16AE5CDB6}C:\program files (x86)\jesim2\cw5run.exe" = protocol=17 | dir=in | app=c:\program files (x86)\jesim2\cw5run.exe |
"UDP Query User{5AB4E0E7-F2AB-4BF7-9D79-D0EF99103681}C:\users\jirik\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\jirik\appdata\local\google\chrome\application\chrome.exe |
"UDP Query User{7261A83F-CF78-4B0F-B45A-52C124F4CB0A}C:\program files (x86)\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe |
"UDP Query User{92931174-9C1F-4272-AA40-1CD803FE04B7}C:\users\jirik\downloads\lolek\lol\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\users\jirik\downloads\lolek\lol\warcraft iii\war3.exe |
"UDP Query User{974BD711-52C1-43D4-8439-54E105FC23CC}C:\games\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"UDP Query User{9A7D6062-D292-48C2-BBD6-EB2E08333B99}C:\users\jirik\downloads\bulanci.exe" = protocol=17 | dir=in | app=c:\users\jirik\downloads\bulanci.exe |
"UDP Query User{B32C665E-27C7-483C-8103-9890B19CD7F4}C:\windows\syswow64\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"UDP Query User{CF96DC2D-85FD-4900-BF4B-2EEE2095F825}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"UDP Query User{E0A20D6A-6275-4B15-8B08-618B9318B521}C:\program files (x86)\dsnet corp\atube catcher 2.0\yct.exe" = protocol=17 | dir=in | app=c:\program files (x86)\dsnet corp\atube catcher 2.0\yct.exe |
"UDP Query User{E7F4AFBA-8A0F-48C8-8897-72953E5417DC}C:\program files (x86)\jesim\cw5run.exe" = protocol=17 | dir=in | app=c:\program files (x86)\jesim\cw5run.exe |
"UDP Query User{ED4A7DA9-DFCF-4046-B04C-310E32298C11}C:\windows\system32\mmc.exe" = protocol=17 | dir=in | app=c:\windows\system32\mmc.exe |
"UDP Query User{F10290B1-D21B-4C16-B61A-F947C4C506A4}C:\games\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0919C44F-F18A-4E3B-A737-03685272CE72}" = Windows Live Remote Service Resources
"{1444D2EE-C7AD-44A8-844F-2634B49353D1}" = Logitech Gaming Software 5.10
"{1553D712-B35F-4A82-BC72-D6B11A94BE3E}" = Windows Live Remote Service Resources
"{1685AE50-97ED-485B-80F6-145071EE14B0}" = Windows Live Remote Service Resources
"{17A4FD95-A507-43F1-BC92-D8572AF8340A}" = Windows Live Remote Service Resources
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{19F09425-3C20-4730-9E2A-FC2E17C9F362}" = Windows Live Remote Service Resources
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources
"{1F14EB89-8074-4F3A-AF81-ACD4795FF1A3}" = Dialogys DVD0
"{22AB5CFD-B3DB-414E-9F99-4D024CCF1DA6}" = Windows Live Remote Client Resources
"{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Bluetooth Win7 Suite (64)
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{2426E29F-9E8C-4C0B-97FC-0DB690C1ED98}" = Windows Live Remote Client Resources
"{26A24AE4-039D-4CA4-87B4-2F86417051FF}" = Java 7 Update 51 (64-bit)
"{2C1A6191-9804-4FDC-AB01-6F9183C91A13}" = Windows Live Remote Client Resources
"{2F304EF4-0C31-47F4-8557-0641AAE4197C}" = Windows Live Remote Client Resources
"{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources
"{350FD0E7-175A-4F86-84EF-05B77FCD7161}" = Windows Live Remote Service Resources
"{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources
"{456FB9B5-AFBC-4761-BBDC-BA6BAFBB818F}" = Windows Live Remote Client Resources
"{4710662C-8204-4334-A977-B1AC9E547819}" = Broadcom Card Reader Driver Installer
"{480F28F0-8BCE-404A-A52E-0DBB7D1CE2EF}" = Windows Live Remote Service Resources
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4C2E49C0-9276-4324-841D-774CCCE5DB48}" = Windows Live Remote Client Resources
"{50813B8C-FCBB-3C61-8039-EAAA93029066}" = Microsoft .NET Framework 4.5.1 (CSY)
"{5141AA6E-5FAC-4473-BFFB-BEE69DDC7F2B}" = Windows Live Remote Service Resources
"{5151E2DB-0748-4FD1-86A2-72E2F94F8BE7}" = Windows Live Remote Service Resources
"{57F2BD1C-14A3-4785-8E48-2075B96EB2DF}" = Windows Live Remote Service Resources
"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
"{5F44A3A1-5D24-4708-8776-66B42B174C64}" = Windows Live Remote Client Resources
"{5FCD6EFE-C2E7-4D77-8212-4BA223D8DF8E}" = Windows Live Remote Client Resources
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources
"{61407251-7F7D-4303-810D-226A04D5CFF3}" = Windows Live Remote Service Resources
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Centrum zařízení Windows Mobile
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources
"{6C9D3F1D-DBBE-46F9-96A0-726CC72935AF}" = Windows Live Remote Service Resources
"{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{702A632F-99CE-4E2D-B8F2-BF980E9CF62F}" = Windows Live Remote Client Resources
"{7AEC844D-448A-455E-A34E-E1032196BBCD}" = Windows Live Remote Service Resources
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{825C7D3F-D0B3-49D5-A42B-CBB0FBE85E99}" = Windows Live Remote Client Resources
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{850B8072-2EA7-4EDC-B930-7FE569495E76}" = Windows Live Remote Client Resources
"{867DE0DC-A93F-41EA-9654-A212514FA946}" = Oracle VM VirtualBox 4.2.4
"{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}" = Windows Live Remote Client Resources
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.5.1 (čeština)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97A295A7-8840-4B35-BB61-27A8F4512CA3}" = Windows Live Remote Service Resources
"{9E9C960F-7F47-46D5-A95D-950B354DE2B8}" = Windows Live Remote Service Resources
"{A060182D-CDBE-4AD6-B9B4-860B435D6CBD}" = Windows Live Remote Client Resources
"{A508D5A2-3AC1-4594-A718-A663D6D3CF11}" = Windows Live Remote Service Resources
"{A679FBE4-BA2D-4514-8834-030982C8B31A}" = Windows Live Remote Service Resources
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B0BF8602-EA52-4B0A-A2BD-EDABB0977030}" = Windows Live Remote Client Resources
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 332.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 332.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.8.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus Update 10.11.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.13.0725
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 10.11.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamC" = GeForce Experience NvStream Client Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 10.11.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.19
"{B680A663-1A15-47A5-A07C-7DF9A97558B7}" = Windows Live Remote Client Resources
"{B6F96A16-B6F4-435C-B93B-72E0583722BD}" = Dialogys DVD2 +
"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
"{C504EC13-E122-4939-BD6E-EE5A3BAA5FEC}" = Windows Live Remote Client Resources
"{C91DCB72-F5BB-410D-A91A-314F5D1B4284}" = Broadcom NetLink Controller
"{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources
"{CFF3C688-2198-4BC3-A399-598226949C39}" = Windows Live Remote Client Resources
"{D1C1556C-7FF3-48A3-A5D6-7126F0FAFB66}" = Windows Live Remote Client Resources
"{D3E4F422-7E0F-49C7-8B00-F42490D7A385}" = Windows Live Remote Service Resources
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DBEDAF67-C5A3-4C91-951D-31F3FE63AF3F}" = Windows Live Remote Client Resources
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E552C39C-C70E-464F-9733-8311331BDD90}" = Jazykový balíček modulu plug-in Autodesk Inventor Fusion pro aplikaci AutoCAD 2012
"{EAB3AC1A-68FF-486B-9C6B-E48EBB4B05CC}" = Modul plug-in Autodesk Inventor Fusion pro aplikaci AutoCAD 2012
"{ECC35C52-78E3-4C27-9A3F-BB3A80DB5AFD}" = Dialogys DVD1
"{ED421F97-E1C3-4E78-9F54-A53888215D58}" = Windows Live Remote Client Resources
"{EED515E3-1B52-43C4-BB21-C8C12F4B3A1B}" = Dialogys CD7
"{EFB20CF5-1A6D-41F3-8895-223346CE6291}" = Windows Live Remote Service Resources
"{F6CB2C5F-B2C1-4DF1-BF44-39D0DC06FE6F}" = Windows Live Remote Service Resources
"{FAA3933C-6F0D-4350-B66B-9D7F7031343E}" = Windows Live Remote Service Resources
"{FAD0EC0B-753B-4A97-AD34-32AC1EC8DB69}" = Windows Live Remote Client Resources
"CCleaner" = CCleaner
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.62
"Elantech" = ETDWare PS/2-X64 8.0.6.3_WHQL
"Heatmapper-1.1.4.39795" = Ekahau HeatMapper
"HWiNFO64_is1" = HWiNFO64 Version 4.30
"Modul plug-in Autodesk Inventor Fusion pro aplikaci AutoCAD 2012" = Autodesk Inventor Fusion plug-in for AutoCAD 2012
"RealVNC_is1" = VNC Server 5.0.5
"RealVNCViewer_is1" = VNC Viewer 5.0.5
"Totalcmd64" = Total Commander 64-bit (Remove or Repair)
"VNCMirror_is1" = VNC Mirror Driver 1.8.0
"VNCPrinter_is1" = VNC Printer Driver 1.8.0
"WinRAR archiver" = WinRAR 4.20 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00884F14-05BD-4D8E-90E5-1ABF78948CA4}" = Windows Live Mesh
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Acer Crystal Eye Webcam
"{039480EE-6933-4845-88B8-77FD0C3D059D}" = Windows Live Mesh
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0557BBDA-69D3-4FA4-A93C-A5300F7034B4}" = Windows Live Writer
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common
"{06B05153-97E4-427E-B1A8-E098F6C5E52F}" = Windows Live Essentials
"{073F306D-9851-4969-B828-7B6444D07D55}" = Windows Live Photo Common
"{09922FFE-D153-44AE-8B60-EA3CB8088F93}" = Windows Live UX Platform Language Pack
"{0A4C4B29-5A9D-4910-A13C-B920D5758744}" = بريد Windows Live
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}" = Backup Manager V3
"{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack
"{0C975FCC-A06E-4CB6-8F54-A9B52CF37781}" = Windows Liven sähköposti
"{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail
"{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live
"{10186F1A-6A14-43DF-A404-F0105D09BB07}" = Windows Live Mail
"{110668B7-54C6-47C9-BAC4-1CE77F156AF5}" = Windows Live Mesh
"{11417707-1F72-4279-95A3-01E0B898BBF5}" = Windows Live Mesh
"{11778DA1-0495-4ED9-972F-F9E0B0367CD5}" = Windows Live Writer
"{1203DC60-D9BD-44F9-B372-2B8F227E6094}" = Windows Live Temel Parçalar
"{128133D3-037A-4C62-B1B7-55666A10587A}" = Windows Live UX Platform Language Pack
"{133D9D67-D475-4407-AC3C-D558087B2453}" = Windows Live Movie Maker
"{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources
"{168E7302-890A-4138-9109-A225ACAF7AD1}" = Windows Live Photo Common
"{17835B63-8308-427F-8CF5-D76E0D5FE457}" = Windows Live Essentials
"{17F99FCE-8F03-4439-860A-25C5A5434E18}" = Windows Live Essentials
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1A72337E-D126-4BAF-AC89-E6122DB71866}" = Windows Liven valokuvavalikoima
"{1A82AE99-84D3-486D-BAD6-675982603E14}" = Windows Live Writer
"{1D6C2068-807F-4B76-A0C2-62ED05656593}" = Windows Live Writer
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FC83EAE-74C8-4C72-8400-2D8E40A017DE}" = Windows Live Writer
"{1FD9F07F-7BBF-4C91-B3F0-A23714A3A913}_is1" = RaceRoom Racing Experience Launcher
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{220C7F8C-929D-4F71-9DC7-F7A6823B38E4}" = Windows Live UX Platform Language Pack
"{249EE21B-8EDD-4F36-8A23-E580E9DBE80A}" = Windows Live Mail
"{24DF33E0-F924-4D0D-9B96-11F28F0D602D}" = Windows Live UX Platform Language Pack
"{2511AAD7-82DF-4B97-B0B3-E1B933317010}" = Windows Live Writer Resources
"{259C0ABB-A3B2-4D70-008F-BF7EE491B70B}" = Need for Speed™ Carbon
"{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail
"{25CD4B12-8CC5-433E-B723-C9CB41FA8C5A}" = Windows Live Writer
"{26A24AE4-039D-4CA4-87B4-2F83217051FF}" = Java 7 Update 51
"{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources
"{28B9D2D8-4304-483F-AD71-51890A063A74}" = Windows Live Photo Common
"{29373E24-AC72-424E-8F2A-FB0F9436F21F}" = Windows Live Photo Common
"{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials
"{2BA5FD10-653F-4CAF-9CCD-F685082A1DC1}" = Windows Live Writer
"{2C4E06CC-1F04-4C25-8B3C-93A9049EC42C}" = Windows Live UX Platform Language Pack
"{2C865FB0-051E-4D22-AC62-428E035AEAF0}" = Windows Live Mesh
"{2D3E034E-F76B-410A-A169-55755D2637BB}" = Windows Live Mesh
"{2E50E321-4747-4EB5-9ECB-BBC6C3AC0F31}" = Windows Live Writer Resources
"{3125D9DE-8D7A-4987-95F3-8A42389833D8}" = Windows Live Writer Resources
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{39F95B0B-A0B7-4FA7-BB6C-197DA2546468}" = Windows Live Mesh
"{3B72C1E0-26A1-40F6-8516-D50C651DFB3C}" = Windows Live Essentials
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh
"{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack
"{410DF0AA-882D-450D-9E1B-F5397ACFFA80}" = Windows Live Essentials
"{41101F0C-DBD9-321C-A6B1-E0689B495A4E}" = Google Talk Plugin
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{429DF1A0-3610-4E9E-8ACE-3C8AC1BA8FCA}" = Windows Live Photo Gallery
"{43B43577-2514-4CE0-B14A-7E85C17C0453}" = Windows Live Essentials
"{4444F27C-B1A8-464E-9486-4C37BAB39A09}" = Фотогалерия на Windows Live
"{458F399F-62AC-4747-99F5-499BBF073D29}" = Windows Live Writer Resources
"{4664ED39-C80A-48F7-93CD-EBDCAFAB6CC5}" = Windows Live Writer Resources
"{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh
"{4736B0ED-F6A1-48EC-A1B7-C053027648F1}" = Galeria fotogràfica del Windows Live
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer
"{48F597DD-D397-4CFA-91A0-4C033A0113BD}" = Windows Live Mail
"{4A04DB63-8F81-4EF4-9D09-61A2057EF419}" = Windows Live Essentials
"{4B28D47A-5FF0-45F8-8745-11DC2A1C9D0F}" = Windows Live Writer
"{4C378B16-46B7-4DA1-A2CE-2EE676F74680}" = Windows Live UX Platform Language Pack
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4D141929-141B-4605-95D6-2B8650C1C6DA}" = Windows Live UX Platform Language Pack
"{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth
"{4D83F339-5A5C-4B21-8FD3-5D407B981E72}" = Windows Live Photo Common
"{4F2CE68F-EDBB-4592-BF07-5AC930A51029}" = Nero 7 Ultra Edition
"{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack
"{523DF2BB-3A85-4047-9898-29DC8AEB7E69}" = Windows Live UX Platform Language Pack
"{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}" = Windows Live Writer Resources
"{52793F88-BF4D-4AA6-8696-80E72CE758B1}" = Adobe Flash Player 12 ActiveX
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000D8302}" = Grand Theft Auto IV
"{5495E9A4-501A-4D4C-87C9-E80916CA9478}" = Windows Live UX Platform Language Pack
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{58B269E7-5D66-4425-89C8-7EA0FDCD70C2}" = Splash Lite
"{5C2F5C1B-9732-4F81-8FBF-6711627DC508}" = Windows Live Fotogalleri
"{5CF5B1A5-CBC3-42F0-8533-5A5090665862}" = Windows Live Mesh
"{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker
"{5D2E7BD7-4B6F-4086-BA8A-E88484750624}" = Windows Live Writer Resources
"{5DA7D148-D2D2-4C67-8444-2F0F9BD88A06}" = Windows Live Writer
"{5E627606-53B9-42D1-97E1-D03F6229E248}" = Windows Live UX Platform Language Pack
"{60C3C026-DB53-4DAB-8B97-7C1241F9A847}" = Windows Live Movie Maker
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{625D45F0-5DCB-48BF-8770-C240A84DAAEB}" = Windows Live Mesh
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{63CF7D0C-B6E7-4EE9-8253-816B613CC437}" = Windows Live Mail
"{640798A0-A4FB-4C52-AC72-755134767F1E}" = Windows Live Movie Maker
"{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live
"{644063FA-ABA3-42AC-A8AC-3EDC0706018B}" = Windows Live Mesh
"{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65420DC9-306E-4371-905F-F4DC3B418E52}" = Autodesk Material Library Base Resolution Image Library 2012
"{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail
"{6807427D-8D68-4D30-AF5B-0B38F8F948C8}" = Windows Live Writer Resources
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68A0A7B4-8D4B-45E7-980C-F4AB60368283}" = Staničář 2.2.2.2
"{69C9C672-400A-43A0-B2DE-9DB38C371282}" = Windows Live Writer
"{69CAC24D-B1DC-4B97-A1BE-FE21843108FE}" = Windows Live Writer Resources
"{6A4ABCDC-0A49-4132-944E-01FBCCB3465C}" = Windows Live UX Platform Language Pack
"{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}" = Windows Live Mesh
"{6B556C37-8919-4991-AC34-93D018B9EA49}" = Windows Live Photo Common
"{6CB36609-E3A6-446C-A3C1-C71E311D2B9C}" = Windows Live Movie Maker
"{6D316D67-DA52-4659-9C98-F479963534D6}" = Audiosurf
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{6EF2BE2C-3121-48B7-B7A6-C56046B3A588}" = Windows Live Movie Maker
"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71527C7C-5289-4CB2-88C9-23344C0FF6C1}" = Windows Live Movie Maker
"{71A81378-79D5-40CC-9BDC-380642D1A87F}" = Windows Live Writer
"{71C95134-F6A9-45E7-B7B3-07CA6012BF2A}" = Windows Live Mesh
"{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}" = Windows Live Fotótár
"{7327080F-6673-421F-BBD9-B618F357EEB3}" = Windows Live UX Platform Language Pack
"{734104DE-C2BF-412F-BB97-FCCE1EC94229}" = Windows Live Writer Resources
"{7373E17D-18E0-44A7-AC3A-6A3BFB85D3B3}" = Windows Live Movie Maker
"{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common
"{7465A996-0FCA-4D2D-A52C-F833B0829B5B}" = Windows Live Movie Maker
"{7496FD31-E5CB-4AE4-82D3-31099558BF6A}" = Windows Live Mesh
"{74E8A7F6-575D-42C7-9178-E87D1B3BEFE8}" = Windows Live UX Platform Language Pack
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{77477AEA-5757-47D8-8B33-939F43D82218}" = Windows Live UX Platform Language Pack
"{77F69CA1-E53D-4D77-8BA3-FA07606CC851}" = Фотоальбом Windows Live
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh
"{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live
"{7ADFA72D-2A9F-4DEC-80A5-2FAA27E23F0F}" = Windows Live Photo Common
"{7AF8E500-B349-4A77-8265-9854E9A47925}" = Windows Live Movie Maker
"{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}" = NVIDIA PhysX
"{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}" = Pošta Windows Live
"{7C2A3479-A5A0-412B-B0E6-6D64CBB9B251}" = Windows Live Photo Common
"{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}" = Windows Live Writer Resources
"{7D0DE76C-874E-4BDE-A204-F4240160693E}" = Windows Live Photo Common
"{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials
"{7D926AD2-16D6-42C2-8CA1-AB09E96040BA}" = Windows Live Writer Resources
"{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer
"{7E90B133-FF47-48BB-91B8-36FC5A548FE9}" = Windows Live Writer Resources
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{7FF11E53-C002-4F40-8D68-6BE751E5DD62}" = Windows Live Writer Resources
"{804DE397-F82C-4867-9085-E0AA539A3294}" = Windows Live Writer
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{827D3E4A-0186-48B7-9801-7D1E9DD40C07}" = Windows Live Essentials
"{82803FF3-563F-414F-A403-8D4C167D4120}" = Windows Live Mail
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{84267681-BF16-40B6-9564-27BC57D7D71C}" = Windows Live Photo Common
"{84A411F9-40A5-4CDA-BF46-E09FBB2BC313}" = Windows Live Essentials
"{85373DA7-834E-4850-8AF5-1D99F7526857}" = Windows Live Photo Common
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{861B1145-7762-4794-B40C-3FF0A389DFE6}" = Windows Live Photo Gallery
"{885F1BCD-C344-4758-85BD-09640CF449A5}" = Windows Live Photo Gallery
"{8909CFA8-97BF-4077-AC0F-6925243FFE08}" = Windows Liven asennustyökalu
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8CF5D47D-27B7-49D6-A14F-10550B92749D}" = Windows Live UX Platform Language Pack
"{8CFA9151-6404-409A-AF22-4632D04582FD}" = Assassin's Creed
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}" = Autodesk Material Library 2012
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0405-1000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{924B4D82-1B97-48EB-8F1E-55C4353C22DB}" = Windows Live Mail
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{934168C8-55AC-4593-A138-E64BA8367E6E}" = Adobe Flash Player 12 Plugin
"{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria
"{99BE7F5D-AB52-4404-9E03-4240FFAA7DE9}" = Windows Live Mesh
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DA3F03B-2CEE-4344-838E-117861E61FAF}" = Windows Live Mail
"{9DB90178-B5B0-45BD-B0A7-D40A6A1DF1CA}" = Windows Live Movie Maker
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A0B91308-6666-4249-8FF6-1E11AFD75FE1}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A101F637-2E56-42C0-8E08-F1E9086BFAF3}" = Windows Live Movie Maker
"{A199DB88-E22D-4CE7-90AC-B8BE396D7BF4}" = Windows Live Movie Maker
"{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common
"{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB0B2113-5B96-4B95-8AD1-44613384911F}" = Windows Live Mesh
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{ABD534B7-E951-470E-92C2-CD5AF1735726}" = Windows Live Essentials
"{ABE2F2AA-7ADC-4717-9573-BF3F83C696AC}" = Windows Live Mail
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.9) MUI
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}" = Windows Live Mesh
"{ADE85655-8D1E-4E4B-BF88-5E312FB2C74F}" = Windows Live Mail
"{ADFE4AED-7F8E-4658-8D6E-742B15B9F120}" = Windows Live Photo Common
"{AF01B90A-D25C-4F60-AECD-6EEDF509DC11}" = Windows Live Mesh
"{B0AD205F-60D0-4084-AFB8-34D9A706D9A8}" = Windows Live Essentials
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B2BCA478-EC0F-45EE-A9E9-5EABE87EA72D}" = Windows Live Photo Common
"{B33B61FE-701F-425F-98AB-2B85725CBF68}" = Windows Live Photo Common
"{B3BE54A4-8DFE-4593-8E66-56AB7133B812}" = Windows Live Writer
"{B435433C-110A-4853-843A-7BD1EE59624E}_is1" = PlayerLiteHJ 1.0.5.0.LHJ
"{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials
"{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}" = Почта Windows Live
"{B7B67AA5-12DA-4F01-918D-B1BF66779D8A}" = Windows Live Writer Resources
"{B92C2C6C-F70E-497B-88A7-1FEF9888272B}" = Adobe AIR
"{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}" = Dolby Advanced Audio v2
"{BD4EBDB5-EB14-4120-BB04-BE0A26C7FB3E}" = Windows Live Photo Common
"{BD695C2F-3EA0-4DA4-92D5-154072468721}" = Windows Live Fotoğraf Galerisi
"{BF022D76-9F72-4203-B8FA-6522DC66DFDA}" = Windows Live Movie Maker
"{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}" = Windows Live Mesh
"{C00C2A91-6CB3-483F-80B3-2958E29468F1}" = Συλλογή φωτογραφιών του Windows Live
"{C01FCACE-CC3D-49A2-ADC2-583A49857C58}" = Windows Live Essentials
"{C08D5964-C42F-48EE-A893-2396F9562A7C}" = Windows Live Mesh
"{C1C9D199-B4DD-4895-92DD-9A726A2FE341}" = Windows Live Writer
"{C29FC15D-E84B-4EEC-8505-4DED94414C59}" = Windows Live Writer Resources
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}" = Windows Live Mail
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live
"{CB66242D-12B1-4494-82D2-6F53A7E024A3}" = Galerie foto Windows Live
"{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker
"{CCF298AF-9CE1-4B26-B251-486E98A34789}" = Windows 7 USB/DVD Download Tool
"{CD442136-9115-4236-9C14-278F6A9DCB3F}" = Windows Live Movie Maker
"{CD7CB1E6-267A-408F-877D-B532AD2C882E}" = Windows Live Photo Common
"{CDC39BF2-9697-4959-B893-A2EE05EF6ACB}" = Windows Live Writer
"{CE929F09-3853-4180-BD90-30764BFF7136}" = גלריית התמונות של Windows Live
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF671BFE-6BA3-44E7-98C1-500D9C51D947}" = Windows Live Photo Gallery
"{D07B1FDA-876B-4914-9E9A-309732B6D44F}" = Windows Live Mail
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D299197D-CDEA-41A6-A363-F532DE4114FD}" = Windows Live UX Platform Language Pack
"{D31169F2-CD71-4337-B783-3E53F29F4CAD}" = Windows Live Mail
"{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail
"{D6CBB3B2-F510-483D-AE0D-1CF3F43CF1EE}" = Windows Live Writer Resources
"{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack
"{DA29F644-2420-4448-8128-1331BE588999}" = Windows Live Writer
"{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker
"{DB1208F4-B2FE-44E9-BFE6-8824DBD7891B}" = Windows Live Movie Maker
"{DBAA2B17-D596-4195-A169-BA2166B0D69B}" = Windows Live Mail
"{DCAB6BA7-6533-44BF-9235-E5BF33B7431C}" = Windows Live Writer
"{DDC1E1BD-7615-4186-89E1-F5F43F9B6491}" = Windows Live Movie Maker
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer
"{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials
"{DF71ABBB-B834-41C0-BB58-80B0545D754C}" = Windows Live UX Platform Language Pack
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5377D46-83C5-445A-A1F1-830336B42A10}" = Windows Live Galerija fotografija
"{E55E0C35-AC3C-4683-BA2F-834348577B80}" = Windows Live Writer
"{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}" = Fotogalerija Windows Live
"{E5DD4723-FE0B-436E-A815-DC23CF902A0B}" = Windows Live UX Platform Language Pack
"{E62E0550-C098-43A2-B54B-03FB1E634483}" = Windows Live Writer
"{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources
"{E83DC314-C926-4214-AD58-147691D6FE9F}" = Основные компоненты Windows Live
"{E8524B28-3BBB-4763-AC83-0E83FE31C350}" = Windows Live Writer
"{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live
"{E9D98402-21AB-4E9F-BF6B-47AF36EF7E97}" = Windows Live Writer Resources
"{EA777812-4905-4C08-8F6E-13BDCC734609}" = Windows Live UX Platform Language Pack
"{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EEF99142-3357-402C-B298-DEC303E12D92}" = Windows Live 影像中心
"{EF7EAB13-46FC-49DD-8E3C-AAF8A286C5BB}" = Windows Live 程式集
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.181
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F0F5D89A-197C-495B-827E-3E98B811CD2E}" = Windows Live Photo Common
"{F0F9505B-3ACF-4158-9311-D0285136AA00}" = Windows Live Essentials
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4BEA6C1-AAC3-4810-AAEA-588E26E0F237}" = Windows Live UX Platform Language Pack
"{F52C5BE7-3F57-464E-8A54-908402E43CE8}" = Windows Live Writer Resources
"{F7A46527-DF1F-4B0F-9637-98547E189442}" = Windows Live Galeria de Fotos
"{F7E80BA7-A09D-4DD1-828B-C4A0274D4720}" = Windows Live Mesh
"{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FA6CF94F-DACF-4FE7-959D-55C421B91B17}" = Windows Live Mail
"{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}" = معرض صور Windows Live
"{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FEEF7F78-5876-438B-B554-C4CC426A4302}" = Windows Live Essentials
"{FF105207-8423-4E13-B0B1-50753170B245}" = Windows Live Movie Maker
"{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FF737490-5A2D-4269-9D82-97DB2F7C0B09}" = Windows Live Movie Maker
"AC3Filter_is1" = AC3Filter 2.5b
"Acer Screensaver" = Acer ScreenSaver
"Adobe AIR" = Adobe AIR
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"aTube Catcher" = aTube Catcher
"Avast" = avast! Free Antivirus
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2013-08-01
"DAEMON Tools Lite" = DAEMON Tools Lite
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ESET Online Scanner" = ESET Online Scanner v3
"ESN Sonar-0.70.4" = ESN Sonar
"Flashtool" = Flashtool
"GOM Player" = GOM Player
"Identity Card" = Identity Card
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Acer Crystal Eye Webcam
"InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}" = Acer Backup Manager
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9
"JeSim2006_is1" = JeSim 1.2
"Landi 2003 - jazykový kurz" = Landi 2003 - jazykový kurz
"LinuxLive USB Creator" = LinuxLive USB Creator
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.75.0.1300
"OpenTTD" = OpenTTD 1.3.0
"Opera 12.15.1748" = Opera 12.15
"Origin" = Origin
"Secunia PSI" = Secunia PSI (3.0.0.9016)
"SpeedFan" = SpeedFan (remove only)
"Steam App 10" = Counter-Strike
"Steam App 12210" = Grand Theft Auto IV
"Steam App 12220" = Grand Theft Auto: Episodes from Liberty City
"Steam App 440" = Team Fortress 2
"Steam App 550" = Left 4 Dead 2
"Update Engine" = Sony Ericsson Update Engine
"uTorrent" = µTorrent
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player 2.1.2
"Winamp" = Winamp
"WinLiveSuite" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.2
"Wireshark" = Wireshark 1.8.12 (64-bit)

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-129278174-98504208-4226844520-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Bitcoin" = Bitcoin
"Google Chrome" = Google Chrome
"SeznamInstall" = Seznam Software
"uTorrent" = µTorrent
"Winamp Detect" = Winamp Detector Plug-in

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 10.2.2014 18:42:01 | Computer Name = Jirik-PC | Source = NvStreamSvc | ID = 131073
Description =

Error - 10.2.2014 18:42:01 | Computer Name = Jirik-PC | Source = NvStreamSvc | ID = 131073
Description =

Error - 10.2.2014 20:18:15 | Computer Name = Jirik-PC | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro c:\program files (x86)\ESET\eset
online scanner\ESETSmartInstaller.exe se nezdařilo. Chyba v souboru manifestu nebo
zásad na řádku . Verze součásti požadovaná aplikací je v konfliktu s jinou verzí
součásti, která je již aktivní. Konfliktní součásti: Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Součást
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error - 11.2.2014 22:51:24 | Computer Name = Jirik-PC | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro c:\program files (x86)\ESET\eset
online scanner\ESETSmartInstaller.exe se nezdařilo. Chyba v souboru manifestu nebo
zásad na řádku . Verze součásti požadovaná aplikací je v konfliktu s jinou verzí
součásti, která je již aktivní. Konfliktní součásti: Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Součást
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error - 12.2.2014 21:34:40 | Computer Name = Jirik-PC | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro c:\program files (x86)\ESET\eset
online scanner\ESETSmartInstaller.exe se nezdařilo. Chyba v souboru manifestu nebo
zásad na řádku . Verze součásti požadovaná aplikací je v konfliktu s jinou verzí
součásti, která je již aktivní. Konfliktní součásti: Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Součást
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error - 13.2.2014 7:14:22 | Computer Name = Jirik-PC | Source = NvStreamSvc | ID = 131073
Description =

Error - 13.2.2014 7:14:22 | Computer Name = Jirik-PC | Source = NvStreamSvc | ID = 131073
Description =

Error - 13.2.2014 7:14:22 | Computer Name = Jirik-PC | Source = NvStreamSvc | ID = 131073
Description =

Error - 13.2.2014 7:14:24 | Computer Name = Jirik-PC | Source = WinMgmt | ID = 10
Description =

Error - 13.2.2014 22:36:59 | Computer Name = Jirik-PC | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro c:\program files (x86)\ESET\eset
online scanner\ESETSmartInstaller.exe se nezdařilo. Chyba v souboru manifestu nebo
zásad na řádku . Verze součásti požadovaná aplikací je v konfliktu s jinou verzí
součásti, která je již aktivní. Konfliktní součásti: Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Součást
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

[ System Events ]
Error - 13.2.2014 2:44:26 | Computer Name = Jirik-PC | Source = Disk | ID = 262159
Description = Zařízení \Device\Harddisk1\DR6 ještě není připraveno pro přístup.

Error - 13.2.2014 2:44:26 | Computer Name = Jirik-PC | Source = Disk | ID = 262159
Description = Zařízení \Device\Harddisk1\DR6 ještě není připraveno pro přístup.

Error - 13.2.2014 2:44:26 | Computer Name = Jirik-PC | Source = Disk | ID = 262159
Description = Zařízení \Device\Harddisk1\DR6 ještě není připraveno pro přístup.

Error - 13.2.2014 2:44:26 | Computer Name = Jirik-PC | Source = Disk | ID = 262159
Description = Zařízení \Device\Harddisk1\DR6 ještě není připraveno pro přístup.

Error - 13.2.2014 2:44:26 | Computer Name = Jirik-PC | Source = Disk | ID = 262159
Description = Zařízení \Device\Harddisk1\DR6 ještě není připraveno pro přístup.

Error - 13.2.2014 2:44:26 | Computer Name = Jirik-PC | Source = Disk | ID = 262159
Description = Zařízení \Device\Harddisk1\DR6 ještě není připraveno pro přístup.

Error - 13.2.2014 7:12:44 | Computer Name = Jirik-PC | Source = DCOM | ID = 10010
Description =

Error - 13.2.2014 7:20:10 | Computer Name = Jirik-PC | Source = Service Control Manager | ID = 7022
Description = Služba Windows Search přestala během spouštění reagovat.

Error - 13.2.2014 7:22:15 | Computer Name = Jirik-PC | Source = Service Control Manager | ID = 7022
Description = Služba Intel(R) Management and Security Application User Notification
Service přestala během spouštění reagovat.

Error - 14.2.2014 11:51:39 | Computer Name = Jirik-PC | Source = NETLOGON | ID = 3095
Description = Tento počítač je nakonfigurován jako člen pracovní skupiny, nikoliv
jako člen domény. Přihlašovací služba Netlogon nepotřebuje být spuštěna v této konfiguraci.


< End of report >

[Márty84]

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
Znovu spustte OTL jako spravce
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[Purity]
[CreateRestorePoint]

:services
AdobeARMservice
gupdate
gupdatem
NBService
NMIndexingService

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-129278174-98504208-4226844520-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-129278174-98504208-4226844520-1001UA.job
C:\Program Files (x86)\ESET

:otl
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-129278174-98504208-4226844520-1001\..\SearchScopes\{8F51A8E3-9BB4-4C92-A8E2-3960956C8DFC}: "URL" = http://start.funmoods.com/results.php?f=4&a=ddrnw&q={searchTerms}
IE - HKU\S-1-5-21-129278174-98504208-4226844520-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-129278174-98504208-4226844520-1001..\Run: [FixMyRegistry] C:\Program Files (x86)\SmartTweak\FixMyRegistry\FixMyRegistry.exe /ot /as /ss File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
[2012.09.09 11:20:15 | 000,000,000 | ---D | M] -- C:\Users\Jirik\AppData\Roaming\ESET
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[6 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[10 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[2 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[2 C:\Windows\SoftwareDistribution\Download\af2315a5ae55ccc55a336160ee218772\*.tmp files -> C:\Windows\SoftwareDistribution\Download\af2315a5ae55ccc55a336160ee218772\*.tmp -> ]
[14 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
[2013.09.18 14:59:44 | 000,087,182 | R--- | M] () -- C:\Users\Jirik\AppData\Roaming\Microsoft\Installer\{58B269E7-5D66-4425-89C8-7EA0FDCD70C2}\_1E02B3D8732010A792DC8B.exe
[2013.09.18 14:59:43 | 000,287,934 | R--- | M] () -- C:\Users\Jirik\AppData\Roaming\Microsoft\Installer\{58B269E7-5D66-4425-89C8-7EA0FDCD70C2}\_21F3885A18D238E15AAE81.exe
[2013.09.18 14:59:44 | 000,009,662 | R--- | M] () -- C:\Users\Jirik\AppData\Roaming\Microsoft\Installer\{58B269E7-5D66-4425-89C8-7EA0FDCD70C2}\_246B7FAFA01C01007FB902.exe
[2013.09.18 14:59:44 | 000,287,934 | R--- | M] () -- C:\Users\Jirik\AppData\Roaming\Microsoft\Installer\{58B269E7-5D66-4425-89C8-7EA0FDCD70C2}\_415493353D745EEA216D94.exe
[2013.09.18 14:59:43 | 000,287,934 | R--- | M] () -- C:\Users\Jirik\AppData\Roaming\Microsoft\Installer\{58B269E7-5D66-4425-89C8-7EA0FDCD70C2}\_6FEFF9B68218417F98F549.exe
[2013.09.18 14:59:44 | 000,287,934 | R--- | M] () -- C:\Users\Jirik\AppData\Roaming\Microsoft\Installer\{58B269E7-5D66-4425-89C8-7EA0FDCD70C2}\_806048DC66200FE6D24FF3.exe
[2013.09.18 14:59:44 | 000,287,934 | R--- | M] () -- C:\Users\Jirik\AppData\Roaming\Microsoft\Installer\{58B269E7-5D66-4425-89C8-7EA0FDCD70C2}\_85972F4A73DF7EADFBAFC2.exe
[2013.09.18 14:59:44 | 000,287,934 | R--- | M] () -- C:\Users\Jirik\AppData\Roaming\Microsoft\Installer\{58B269E7-5D66-4425-89C8-7EA0FDCD70C2}\_934312A2105DE40686D86A.exe
[2013.09.18 14:59:44 | 000,287,934 | R--- | M] () -- C:\Users\Jirik\AppData\Roaming\Microsoft\Installer\{58B269E7-5D66-4425-89C8-7EA0FDCD70C2}\_A753214149FB4F8721C1CB.exe
[2013.09.18 14:59:44 | 000,287,934 | R--- | M] () -- C:\Users\Jirik\AppData\Roaming\Microsoft\Installer\{58B269E7-5D66-4425-89C8-7EA0FDCD70C2}\_A7A1F24988209FFD6FF84A.exe
[2013.09.18 14:59:44 | 000,287,934 | R--- | M] () -- C:\Users\Jirik\AppData\Roaming\Microsoft\Installer\{58B269E7-5D66-4425-89C8-7EA0FDCD70C2}\_C7EFEC170C2E3BE8B9D183.exe
[2013.09.18 14:59:44 | 000,087,182 | R--- | M] () -- C:\Users\Jirik\AppData\Roaming\Microsoft\Installer\{58B269E7-5D66-4425-89C8-7EA0FDCD70C2}\_CD4379F87D44764E06955C.exe
[2013.09.18 14:59:44 | 000,287,934 | R--- | M] () -- C:\Users\Jirik\AppData\Roaming\Microsoft\Installer\{58B269E7-5D66-4425-89C8-7EA0FDCD70C2}\_CF15DB293FB3ABD44856FB.exe
[2013.09.18 14:59:44 | 000,087,182 | R--- | M] () -- C:\Users\Jirik\AppData\Roaming\Microsoft\Installer\{58B269E7-5D66-4425-89C8-7EA0FDCD70C2}\_D4C7A5EF0F1F16C57632A3.exe
[2013.09.18 14:59:44 | 000,287,934 | R--- | M] () -- C:\Users\Jirik\AppData\Roaming\Microsoft\Installer\{58B269E7-5D66-4425-89C8-7EA0FDCD70C2}\_D707CE1C009F1381803C2C.exe
[2013.09.18 14:59:44 | 000,087,182 | R--- | M] () -- C:\Users\Jirik\AppData\Roaming\Microsoft\Installer\{58B269E7-5D66-4425-89C8-7EA0FDCD70C2}\_D85B0F2A1AA7F32C8CDCDF.exe
[2013.09.18 14:59:44 | 000,287,934 | R--- | M] () -- C:\Users\Jirik\AppData\Roaming\Microsoft\Installer\{58B269E7-5D66-4425-89C8-7EA0FDCD70C2}\_FD8B6BA922FF5C34868F02.exe
[2010.02.05 23:27:16 | 000,000,015 | ---- | M] () -- \Users\3) TNODUP 1.4.2.1 Final\TNod User & Password Finder\Licenses Downloader.bat
[2012.06.14 22:45:06 | 000,059,915 | ---- | M] () -- \Users\3) TNODUP 1.4.2.1 Final\Foto Návod TNODUP\TNODUP 001.png
[2012.06.14 22:45:46 | 000,046,164 | ---- | M] () -- \Users\3) TNODUP 1.4.2.1 Final\Foto Návod TNODUP\TNODUP 002.png
[2012.06.14 22:49:00 | 000,044,938 | ---- | M] () -- \Users\3) TNODUP 1.4.2.1 Final\Foto Návod TNODUP\TNODUP 003.png
[2012.06.14 22:49:10 | 000,042,704 | ---- | M] () -- \Users\3) TNODUP 1.4.2.1 Final\Foto Návod TNODUP\TNODUP 004.png
[2012.06.14 22:46:00 | 000,059,547 | ---- | M] () -- \Users\3) TNODUP 1.4.2.1 Final\Foto Návod TNODUP\TNODUP 005.png
[2012.03.19 15:26:44 | 000,217,810 | ---- | M] () -- \Users\3) TNODUP 1.4.2.1 Final\Foto Návod TNODUP\TNODUP 008.png
[2011.06.27 17:46:19 | 000,087,803 | ---- | M] () -- \Users\3) TNODUP 1.4.2.1 Final\Foto Návod TNODUP\TNODUP 009.jpg
[2010.04.02 00:08:00 | 000,097,792 | ---- | M] () -- \Users\3) TNODUP 1.4.2.1 Final\TNod User & Password Finder\tnodicons.icl
@Alternate Data Stream - 12 bytes -> C:\Users\Jirik\Documents:{2C848322-7882-41E2-AFF6-B060B946FEE9}3

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=-
"FixMyRegistry"=-
"Google Update"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnTBMon] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DW7] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TNOD UP] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Actualizar la licencia de ESET.lnk] /64
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=-
"seznam-listicka-distribuce"=-

Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

[Juric]

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: 3) TNODUP 1.4.2.1 Final

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 57472 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Fotografie

User: Jirik
->Temp folder emptied: 4933405906 bytes
->Temporary Internet Files folder emptied: 293260072 bytes
->Java cache emptied: 1098637 bytes
->Google Chrome cache emptied: 409397872 bytes
->Opera cache emptied: 1918626 bytes
->Flash cache emptied: 59455 bytes

User: Public

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Flash cache emptied: 56468 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 200704 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 293721972 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 42321524 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 5 699,00 mb


[EMPTYFLASH]

User: 3) TNODUP 1.4.2.1 Final

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Fotografie

User: Jirik
->Flash cache emptied: 0 bytes

User: Public

User: UpdatusUser
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

Restore point Set: OTL Restore Point
========== SERVICES/DRIVERS ==========
Service AdobeARMservice stopped successfully!
Service AdobeARMservice deleted successfully!
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
Service NBService stopped successfully!
Service NBService deleted successfully!
Service NMIndexingService stopped successfully!
Service NMIndexingService deleted successfully!
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
C:\Windows\tasks\Adobe Flash Player Updater.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-129278174-98504208-4226844520-1001Core.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-129278174-98504208-4226844520-1001UA.job moved successfully.
C:\Program Files (x86)\ESET\MiNODLogin\TNod User & Password Finder folder moved successfully.
C:\Program Files (x86)\ESET\MiNODLogin\Bonus (Program na blokování Reklam)\Ad Muncher 4.93 Final\Foto Návod folder moved successfully.
C:\Program Files (x86)\ESET\MiNODLogin\Bonus (Program na blokování Reklam)\Ad Muncher 4.93 Final folder moved successfully.
C:\Program Files (x86)\ESET\MiNODLogin\Bonus (Program na blokování Reklam) folder moved successfully.
C:\Program Files (x86)\ESET\MiNODLogin\3) TNODUP 1.4.2.1 Final\TNod User & Password Finder folder moved successfully.
C:\Program Files (x86)\ESET\MiNODLogin\3) TNODUP 1.4.2.1 Final\Foto Návod TNODUP folder moved successfully.
C:\Program Files (x86)\ESET\MiNODLogin\3) TNODUP 1.4.2.1 Final folder moved successfully.
C:\Program Files (x86)\ESET\MiNODLogin\2) MiNODLogin 3.10.0.1\Návod na blacklist folder moved successfully.
C:\Program Files (x86)\ESET\MiNODLogin\2) MiNODLogin 3.10.0.1\FOTO Návod instalace MiNODLogin folder moved successfully.
C:\Program Files (x86)\ESET\MiNODLogin\2) MiNODLogin 3.10.0.1 folder moved successfully.
C:\Program Files (x86)\ESET\MiNODLogin\1c) Foto Návod na blacklist folder moved successfully.
C:\Program Files (x86)\ESET\MiNODLogin\1b) Herní režim atd. (Foto návod) folder moved successfully.
C:\Program Files (x86)\ESET\MiNODLogin\1a) Foto Návod ESET & NOD32 Stadartní působ folder moved successfully.
C:\Program Files (x86)\ESET\MiNODLogin folder moved successfully.
C:\Program Files (x86)\ESET\ESET Online Scanner\Quarantine folder moved successfully.
C:\Program Files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\temp folder moved successfully.
C:\Program Files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\http_update.eset.com folder moved successfully.
C:\Program Files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles folder moved successfully.
C:\Program Files (x86)\ESET\ESET Online Scanner\Modules\data folder moved successfully.
C:\Program Files (x86)\ESET\ESET Online Scanner\Modules folder moved successfully.
C:\Program Files (x86)\ESET\ESET Online Scanner folder moved successfully.
C:\Program Files (x86)\ESET folder moved successfully.
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-129278174-98504208-4226844520-1001\Software\Microsoft\Internet Explorer\SearchScopes\{8F51A8E3-9BB4-4C92-A8E2-3960956C8DFC}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8F51A8E3-9BB4-4C92-A8E2-3960956C8DFC}\ not found.
HKU\S-1-5-21-129278174-98504208-4226844520-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin\ deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-21-129278174-98504208-4226844520-1001\Software\Microsoft\Windows\CurrentVersion\Run\\FixMyRegistry deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
C:\Users\Jirik\AppData\Roaming\ESET\ESET Smart Security folder moved successfully.
C:\Users\Jirik\AppData\Roaming\ESET folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP26B2.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB09A.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB885.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPD854.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPF0B7.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP2895.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP5C90.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP6B8E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP762D.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPA8EB.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPC0DE.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPEBCD.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPEC82.tmp folder deleted successfully.
C:\Windows\Installer\MSI1389.tmp deleted successfully.
C:\Windows\Installer\MSIC02.tmp deleted successfully.
C:\Windows\SoftwareDistribution\Download\af2315a5ae55ccc55a336160ee218772\$dpx$.tmp\job.xml deleted successfully.
C:\Windows\SoftwareDistribution\Download\af2315a5ae55ccc55a336160ee218772\$dpx$.tmp folder deleted successfully.
C:\Windows\SoftwareDistribution\Download\af2315a5ae55ccc55a336160ee218772\BIT6C10.tmp deleted successfully.
C:\Users\Jirik\AppData\Roaming\Microsoft\Installer\{58B269E7-5D66-4425-89C8-7EA0FDCD70C2}\_1E02B3D8732010A792DC8B.exe moved successfully.
C:\Users\Jirik\AppData\Roaming\Microsoft\Installer\{58B269E7-5D66-4425-89C8-7EA0FDCD70C2}\_21F3885A18D238E15AAE81.exe moved successfully.
C:\Users\Jirik\AppData\Roaming\Microsoft\Installer\{58B269E7-5D66-4425-89C8-7EA0FDCD70C2}\_246B7FAFA01C01007FB902.exe moved successfully.
C:\Users\Jirik\AppData\Roaming\Microsoft\Installer\{58B269E7-5D66-4425-89C8-7EA0FDCD70C2}\_415493353D745EEA216D94.exe moved successfully.
C:\Users\Jirik\AppData\Roaming\Microsoft\Installer\{58B269E7-5D66-4425-89C8-7EA0FDCD70C2}\_6FEFF9B68218417F98F549.exe moved successfully.
C:\Users\Jirik\AppData\Roaming\Microsoft\Installer\{58B269E7-5D66-4425-89C8-7EA0FDCD70C2}\_806048DC66200FE6D24FF3.exe moved successfully.
C:\Users\Jirik\AppData\Roaming\Microsoft\Installer\{58B269E7-5D66-4425-89C8-7EA0FDCD70C2}\_85972F4A73DF7EADFBAFC2.exe moved successfully.
C:\Users\Jirik\AppData\Roaming\Microsoft\Installer\{58B269E7-5D66-4425-89C8-7EA0FDCD70C2}\_934312A2105DE40686D86A.exe moved successfully.
C:\Users\Jirik\AppData\Roaming\Microsoft\Installer\{58B269E7-5D66-4425-89C8-7EA0FDCD70C2}\_A753214149FB4F8721C1CB.exe moved successfully.
C:\Users\Jirik\AppData\Roaming\Microsoft\Installer\{58B269E7-5D66-4425-89C8-7EA0FDCD70C2}\_A7A1F24988209FFD6FF84A.exe moved successfully.
C:\Users\Jirik\AppData\Roaming\Microsoft\Installer\{58B269E7-5D66-4425-89C8-7EA0FDCD70C2}\_C7EFEC170C2E3BE8B9D183.exe moved successfully.
C:\Users\Jirik\AppData\Roaming\Microsoft\Installer\{58B269E7-5D66-4425-89C8-7EA0FDCD70C2}\_CD4379F87D44764E06955C.exe moved successfully.
C:\Users\Jirik\AppData\Roaming\Microsoft\Installer\{58B269E7-5D66-4425-89C8-7EA0FDCD70C2}\_CF15DB293FB3ABD44856FB.exe moved successfully.
C:\Users\Jirik\AppData\Roaming\Microsoft\Installer\{58B269E7-5D66-4425-89C8-7EA0FDCD70C2}\_D4C7A5EF0F1F16C57632A3.exe moved successfully.
C:\Users\Jirik\AppData\Roaming\Microsoft\Installer\{58B269E7-5D66-4425-89C8-7EA0FDCD70C2}\_D707CE1C009F1381803C2C.exe moved successfully.
C:\Users\Jirik\AppData\Roaming\Microsoft\Installer\{58B269E7-5D66-4425-89C8-7EA0FDCD70C2}\_D85B0F2A1AA7F32C8CDCDF.exe moved successfully.
C:\Users\Jirik\AppData\Roaming\Microsoft\Installer\{58B269E7-5D66-4425-89C8-7EA0FDCD70C2}\_FD8B6BA922FF5C34868F02.exe moved successfully.
File move failed. \Users\3) TNODUP 1.4.2.1 Final\TNod User & Password Finder\Licenses Downloader.bat scheduled to be moved on reboot.
File move failed. \Users\3) TNODUP 1.4.2.1 Final\Foto Návod TNODUP\TNODUP 001.png scheduled to be moved on reboot.
File move failed. \Users\3) TNODUP 1.4.2.1 Final\Foto Návod TNODUP\TNODUP 002.png scheduled to be moved on reboot.
File move failed. \Users\3) TNODUP 1.4.2.1 Final\Foto Návod TNODUP\TNODUP 003.png scheduled to be moved on reboot.
File move failed. \Users\3) TNODUP 1.4.2.1 Final\Foto Návod TNODUP\TNODUP 004.png scheduled to be moved on reboot.
File move failed. \Users\3) TNODUP 1.4.2.1 Final\Foto Návod TNODUP\TNODUP 005.png scheduled to be moved on reboot.
File move failed. \Users\3) TNODUP 1.4.2.1 Final\Foto Návod TNODUP\TNODUP 008.png scheduled to be moved on reboot.
File move failed. \Users\3) TNODUP 1.4.2.1 Final\Foto Návod TNODUP\TNODUP 009.jpg scheduled to be moved on reboot.
File move failed. \Users\3) TNODUP 1.4.2.1 Final\TNod User & Password Finder\tnodicons.icl scheduled to be moved on reboot.
Unable to delete ADS C:\Users\Jirik\Documents:{2C848322-7882-41E2-AFF6-B060B946FEE9}3 .
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\uTorrent deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\FixMyRegistry not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnTBMon\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DW7\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TNOD UP\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Actualizar la licencia de ESET.lnk\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\seznam-listicka-distribuce deleted successfully.

OTL by OldTimer - Version 3.2.69.0 log created on 02152014_153452

Files\Folders moved on Reboot...
C:\Users\Jirik\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Jirik\AppData\Local\Temp\MMDUtl.log moved successfully.
C:\Users\Jirik\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
File move failed. C:\Windows\temp\dsiwmis.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\LMutilps32.log scheduled to be moved on reboot.
File move failed. \Users\3) TNODUP 1.4.2.1 Final\TNod User & Password Finder\Licenses Downloader.bat scheduled to be moved on reboot.
File move failed. \Users\3) TNODUP 1.4.2.1 Final\Foto Návod TNODUP\TNODUP 001.png scheduled to be moved on reboot.
File move failed. \Users\3) TNODUP 1.4.2.1 Final\Foto Návod TNODUP\TNODUP 002.png scheduled to be moved on reboot.
File move failed. \Users\3) TNODUP 1.4.2.1 Final\Foto Návod TNODUP\TNODUP 003.png scheduled to be moved on reboot.
File move failed. \Users\3) TNODUP 1.4.2.1 Final\Foto Návod TNODUP\TNODUP 004.png scheduled to be moved on reboot.
File move failed. \Users\3) TNODUP 1.4.2.1 Final\Foto Návod TNODUP\TNODUP 005.png scheduled to be moved on reboot.
File move failed. \Users\3) TNODUP 1.4.2.1 Final\Foto Návod TNODUP\TNODUP 008.png scheduled to be moved on reboot.
File move failed. \Users\3) TNODUP 1.4.2.1 Final\Foto Návod TNODUP\TNODUP 009.jpg scheduled to be moved on reboot.
File move failed. \Users\3) TNODUP 1.4.2.1 Final\TNod User & Password Finder\tnodicons.icl scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

[Márty84]

Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

T-Cleaner http://tharifas.sweb.cz/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry mohou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.
Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.

Stahnete TFC http://oldtimer.geekstogo.com/TFC.exe , ulozte a spustte
Kliknete na START a pote OK - Po uklidu dojde k restartu pc.
Po pouziti muzete programek smazat

Stahnete Ccleaner http://www.piriform.com/ccleaner/download/slim a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!

Defragmentujte disk(y)
Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.




Pak napiste, jak je na tom pc.

[Juric]

K tomu TFC - ukáže mi červeným písmem kolik smazal. S PC ale nejde pracovat, procesor jede 100%, ve správci úloh má TFC 0% využití, žádné OK nevyskočilo, jde jen Exit. I tak TFC stále běží ve správci úloh s nulovým využitím procesoru, ten ale jede stále 100% a ostatní procesy jej nevyužívají. Je to přirozený?

[Márty84]

TFC si obcas s pc nesedne, ale neni tak dulezity. Restartujte pc a pokracujte dalsimi kroky.