Kontrola PC

Zpráva

Gladiator91 · #16 Příspěvek od **Gladiator91** » 23 úno 2014 19:48

ComboFix 14-02-23.01 - Jirka . 02. 2014 19:26:48.1.2 - x64
Microsoft Windows 8 6.2.9200.0.1250.420.1029.18.6099.4653 [GMT 1:00]
Spuštěný z: c:\users\Jirka\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Jirka\AppData\Local\assembly\tmp
c:\users\Jirka\AppData\Roaming\Microsoft\Windows\Recent\Thumbs.db
c:\windows\SysWow64\frapsvid.dll
J:\Autorun.inf
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-01-23 do 2014-02-23 )))))))))))))))))))))))))))))))
.
.
2014-02-23 15:12 . 2014-02-23 16:56 -------- d-----w- C:\AdwCleaner
2014-02-22 15:45 . 2014-02-22 15:45 -------- d-----w- c:\users\Jirka\AppData\Roaming\Malwarebytes
2014-02-22 15:45 . 2014-02-22 15:45 -------- d-----w- c:\programdata\Malwarebytes
2014-02-22 13:08 . 2014-02-22 13:08 -------- d-----w- c:\program files\trend micro
2014-02-22 13:04 . 2014-02-22 13:04 -------- d-----w- C:\rsit
2014-02-22 13:04 . 2014-02-22 13:04 -------- d-----w- c:\program files (x86)\trend micro
2014-02-19 19:47 . 2014-02-19 19:47 255664 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10234.bin
2014-02-19 15:09 . 2014-02-19 15:09 -------- d-----w- c:\users\Jirka\AppData\Local\Installer
2014-02-19 15:07 . 2014-02-22 17:37 -------- d-----w- c:\program files (x86)\ShopperPro
2014-02-17 15:34 . 2014-02-17 15:34 -------- d-----w- c:\program files (x86)\PlayPickle
2014-02-17 15:34 . 2014-02-17 15:34 -------- d-----w- c:\users\Jirka\.android
2014-02-17 15:34 . 2014-02-17 15:35 -------- d-----w- c:\users\Jirka\AppData\Local\cache
2014-02-12 14:37 . 2013-12-04 23:43 1845248 ----a-w- c:\windows\system32\msxml3.dll
2014-02-12 14:37 . 2013-12-04 23:37 1419264 ----a-w- c:\windows\SysWow64\msxml3.dll
2014-02-12 14:35 . 2013-11-01 05:53 2232664 ----a-w- c:\windows\system32\drivers\tcpip.sys
2014-02-12 14:35 . 2013-12-09 00:45 523776 ----a-w- c:\windows\SysWow64\vbscript.dll
2014-02-12 14:35 . 2013-12-08 23:59 600064 ----a-w- c:\windows\system32\vbscript.dll
2014-02-12 14:33 . 2014-02-01 09:18 2648576 ----a-w- c:\windows\system32\iertutil.dll
2014-02-12 14:33 . 2014-02-01 09:18 3960320 ----a-w- c:\windows\system32\jscript9.dll
2014-02-12 14:33 . 2014-02-01 07:57 2877952 ----a-w- c:\windows\SysWow64\jscript9.dll
2014-02-12 14:33 . 2014-02-01 07:57 108032 ----a-w- c:\program files (x86)\Internet Explorer\jsdebuggeride.dll
2014-02-12 14:32 . 2014-01-12 23:30 2238976 ----a-w- c:\windows\system32\d3d10warp.dll
2014-02-12 14:32 . 2013-11-20 00:15 3842560 ----a-w- c:\windows\system32\d2d1.dll
2014-02-12 14:32 . 2013-11-19 23:57 3288576 ----a-w- c:\windows\SysWow64\d2d1.dll
2014-02-12 14:32 . 2014-01-12 23:30 2032640 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2014-02-10 15:07 . 2014-02-10 15:07 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi
2014-02-04 13:56 . 2014-02-04 13:56 46136 ---ha-w- c:\windows\system32\drivers\Hamdrv.sys
2014-02-02 17:45 . 2014-02-02 17:45 -------- d-----w- c:\programdata\Ubisoft
2014-02-02 17:35 . 2014-02-02 17:43 -------- d-----w- c:\program files (x86)\Assassin's Creed Brotherhood
2014-02-01 17:21 . 2014-02-01 17:21 -------- d-----w- c:\programdata\McAfee
2014-02-01 17:19 . 2014-02-01 17:21 -------- d-----w- c:\users\Jirka\AppData\Local\Adobe
2014-01-24 21:27 . 2014-01-24 21:27 -------- d-----w- c:\users\Jirka\AppData\Roaming\openvr
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-30 21:10 . 2013-09-14 07:25 78296 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-01-30 21:10 . 2013-09-14 07:25 694240 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-01-15 19:07 . 2013-03-04 12:17 86054176 ----a-w- c:\windows\system32\MRT.exe
2013-12-21 12:48 . 2013-12-21 12:37 43520 ----a-w- c:\windows\SysWow64\CmdLineExt03.dll
2013-12-10 16:10 . 2013-12-10 16:10 98304 ----a-w- c:\windows\SysWow64\CmdLineExt.dll
2013-12-07 06:37 . 2014-01-15 07:24 688640 ----a-w- c:\windows\system32\WSShared.dll
2013-12-07 06:37 . 2014-01-15 07:24 163840 ----a-w- c:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-12-07 05:15 . 2014-01-15 07:24 562688 ----a-w- c:\windows\SysWow64\WSShared.dll
2013-12-07 05:15 . 2014-01-15 07:24 124928 ----a-w- c:\windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-12-06 08:42 . 2013-05-15 19:20 409832 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-12-06 08:42 . 2013-05-15 19:20 38984 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-12-06 08:42 . 2013-05-15 19:20 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-12-06 08:42 . 2013-05-15 19:20 205320 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-12-06 08:42 . 2013-05-15 19:20 1032416 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-12-06 08:42 . 2013-05-15 19:20 84328 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-12-06 08:42 . 2013-05-15 19:20 334648 ----a-w- c:\windows\system32\aswBoot.exe
2013-12-06 08:42 . 2013-05-15 19:20 92544 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-12-06 08:42 . 2013-05-15 19:19 43152 ----a-w- c:\windows\avastSS.scr
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-03-14 3672640]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-07-04 642728]
"CLMLServer_For_P2G8"="c:\program files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe" [2012-06-08 111120]
"CLVirtualDrive"="c:\program files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" [2012-07-02 491120]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2013-12-06 3568312]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2014-02-04 3813712]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 MgAssistService;MgAssist Service;c:\program files (x86)\Mobogenie\MgAssist.exe;c:\program files (x86)\Mobogenie\MgAssist.exe [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 vmicheartbeat;Služba prezenčního signálu technologie Hyper-V;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 CLVirtualDrive;CLVirtualDrive;c:\windows\system32\DRIVERS\CLVirtualDrive.sys;c:\windows\SYSNATIVE\DRIVERS\CLVirtualDrive.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\System32\drivers\dtsoftbus01.sys;c:\windows\SYSNATIVE\drivers\dtsoftbus01.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys;c:\windows\SYSNATIVE\drivers\aswFsBlk.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
S2 HPConnectedRemote;HP Connected Remote Service;c:\program files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe;c:\program files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW86.sys;c:\windows\SYSNATIVE\drivers\AtihdW86.sys [x]
S3 RTL8168;Realtek 8168 NT Driver;c:\windows\system32\DRIVERS\Rt630x64.sys;c:\windows\SYSNATIVE\DRIVERS\Rt630x64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
apphost REG_MULTI_SZ apphostsvc
iissvcs REG_MULTI_SZ w3svc was
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-02-22 12:54 1150280 ----a-w- c:\program files (x86)\Google\Chrome\Application\33.0.1750.117\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-02-23 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-01 19:51]
.
2014-02-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-03-03 12:15]
.
2014-02-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-03-03 12:15]
.
2014-02-22 c:\windows\Tasks\HPCeeScheduleForJirka.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13 22:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-12-06 08:42 326944 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2014-01-30 14:05 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2014-01-30 14:05 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2014-01-30 14:05 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2014-01-30 14:05 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2014-01-30 14:05 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2014-01-30 14:05 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BeatsOSDApp"="c:\program files\IDT\WDM\beats64.exe" [2012-09-19 37888]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2012-09-19 1425408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"="c:\program files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" [2014-01-28 21720]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com
uLocal Page = c:\windows\system32\blank.htm
mDefault_Search_URL = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.google.com
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.0.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKLM-Run-seznam-listicka-distribuce - c:\program files (x86)\Seznam.cz\distribution\szninstall.exe
BHO-{11111111-1111-1111-1111-110311281150} - c:\program files (x86)\Object Browser\Object Browser-bho64.dll
BHO-{11111111-1111-1111-1111-110311551110} - c:\program files (x86)\iWebar\iWebar-bho64.dll
BHO-{11111111-1111-1111-1111-110411821192} - c:\program files (x86)\Sense\Sense-bho64.dll
BHO-{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} - c:\programdata\ShopperPro\ShopperPro64.dll
WebBrowser-{434D452D-5637-006A-76A7-7A786E7484D7} - (no file)
WebBrowser-{BE8E6C58-482D-4525-B4EC-224EBB8087FF} - (no file)
AddRemove-{FF27F674-821E-4BA2-985B-DDF539C2CD03} - c:\program files (x86)\InstallShield Installation Information\{FF27F674-821E-4BA2-985B-DDF539C2CD03}\setup.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:b5,b7,54,22,a1,9d,30,3d,be,85,45,ae,f5,04,ca,6a,47,cb,17,4e,fe,28,d1,
d8,53,05,71,b8,29,81,49,e5,95,75,90,cf,34,7a,71,50,4b,7e,61,aa,9c,d1,83,87,\
"??"=hex:10,ad,ca,46,49,0a,db,d7,8c,a6,1a,23,cd,b4,bb,1e
.
[HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\Software\SecuROM\License information*]
"datasecu"=hex:5e,fc,34,f8,aa,5a,53,34,8c,3d,d4,a4,b1,10,b5,7a,de,e3,a1,16,16,
bf,a8,29,a1,20,23,85,2e,5f,8f,02,ae,93,65,fa,36,16,a7,88,ae,f5,b8,ad,99,4c,\
"rkeysecu"=hex:ec,5c,d3,48,cb,47,b7,ec,2b,87,1d,89,29,4e,bf,ff
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
Celkový čas: 2014-02-23 19:45:50
ComboFix-quarantined-files.txt 2014-02-23 18:45
.
Před spuštěním: 290 049 007 616 bytes free
Po spuštění: 289 964 707 840 bytes free
.
- - End Of File - - 455512566305B5EE528253816F4537DF
5FB38429D5D77768867C76DCBDB35194

#17 Příspěvek od **Márty84** » 23 úno 2014 19:53

Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

KillAll::

File::
c:\windows\Tasks\Adobe Flash Player Updater.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\HPCeeScheduleForJirka.job

Folder::
c:\program files (x86)\ShopperPro

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-

Regnull::
[HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
[HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\Software\SecuROM\License information*]

RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

Reboot::

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev CFScript a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Pretahntete mysi tento vytvoreny textovy dokument nad ikonu ComboFix a pustte.
ComboFix by se mel spustit a vykonat prikazy.
Az skonci (muze dojit k restartu pc), mel by se objevit novy log, ten mi sem zase zkopirujte.

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace

Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

Gladiator91 · #18 Příspěvek od **Gladiator91** » 23 úno 2014 20:07

ComboFix 14-02-23.01 - Jirka . 02. 2014 19:57:29.2.2 - x64
Microsoft Windows 8 6.2.9200.0.1250.420.1029.18.6099.4359 [GMT 1:00]
Spuštěný z: c:\users\Jirka\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Jirka\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\Adobe Flash Player Updater.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\Tasks\HPCeeScheduleForJirka.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\ShopperPro
c:\windows\Tasks\Adobe Flash Player Updater.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\HPCeeScheduleForJirka.job
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-01-23 do 2014-02-23 )))))))))))))))))))))))))))))))
.
.
2014-02-23 19:00 . 2014-02-23 19:00 -------- d-----w- c:\users\Jirka\AppData\Local\temp
2014-02-23 19:00 . 2014-02-23 19:00 -------- d-----w- c:\users\hedev\AppData\Local\temp
2014-02-23 19:00 . 2014-02-23 19:00 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-02-23 15:12 . 2014-02-23 16:56 -------- d-----w- C:\AdwCleaner
2014-02-22 15:45 . 2014-02-22 15:45 -------- d-----w- c:\users\Jirka\AppData\Roaming\Malwarebytes
2014-02-22 15:45 . 2014-02-22 15:45 -------- d-----w- c:\programdata\Malwarebytes
2014-02-22 13:08 . 2014-02-22 13:08 -------- d-----w- c:\program files\trend micro
2014-02-22 13:04 . 2014-02-22 13:04 -------- d-----w- C:\rsit
2014-02-22 13:04 . 2014-02-22 13:04 -------- d-----w- c:\program files (x86)\trend micro
2014-02-19 19:47 . 2014-02-19 19:47 255664 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10234.bin
2014-02-19 15:09 . 2014-02-19 15:09 -------- d-----w- c:\users\Jirka\AppData\Local\Installer
2014-02-17 15:34 . 2014-02-17 15:34 -------- d-----w- c:\program files (x86)\PlayPickle
2014-02-17 15:34 . 2014-02-17 15:34 -------- d-----w- c:\users\Jirka\.android
2014-02-17 15:34 . 2014-02-17 15:35 -------- d-----w- c:\users\Jirka\AppData\Local\cache
2014-02-12 14:37 . 2013-12-04 23:43 1845248 ----a-w- c:\windows\system32\msxml3.dll
2014-02-12 14:37 . 2013-12-04 23:37 1419264 ----a-w- c:\windows\SysWow64\msxml3.dll
2014-02-12 14:35 . 2013-11-01 05:53 2232664 ----a-w- c:\windows\system32\drivers\tcpip.sys
2014-02-12 14:35 . 2013-12-09 00:45 523776 ----a-w- c:\windows\SysWow64\vbscript.dll
2014-02-12 14:35 . 2013-12-08 23:59 600064 ----a-w- c:\windows\system32\vbscript.dll
2014-02-12 14:33 . 2014-02-01 09:18 2648576 ----a-w- c:\windows\system32\iertutil.dll
2014-02-12 14:33 . 2014-02-01 09:18 3960320 ----a-w- c:\windows\system32\jscript9.dll
2014-02-12 14:33 . 2014-02-01 07:57 2877952 ----a-w- c:\windows\SysWow64\jscript9.dll
2014-02-12 14:33 . 2014-02-01 07:57 108032 ----a-w- c:\program files (x86)\Internet Explorer\jsdebuggeride.dll
2014-02-12 14:32 . 2014-01-12 23:30 2238976 ----a-w- c:\windows\system32\d3d10warp.dll
2014-02-12 14:32 . 2013-11-20 00:15 3842560 ----a-w- c:\windows\system32\d2d1.dll
2014-02-12 14:32 . 2013-11-19 23:57 3288576 ----a-w- c:\windows\SysWow64\d2d1.dll
2014-02-12 14:32 . 2014-01-12 23:30 2032640 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2014-02-10 15:07 . 2014-02-10 15:07 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi
2014-02-04 13:56 . 2014-02-04 13:56 46136 ---ha-w- c:\windows\system32\drivers\Hamdrv.sys
2014-02-02 17:45 . 2014-02-02 17:45 -------- d-----w- c:\programdata\Ubisoft
2014-02-02 17:35 . 2014-02-02 17:43 -------- d-----w- c:\program files (x86)\Assassin's Creed Brotherhood
2014-02-01 17:21 . 2014-02-01 17:21 -------- d-----w- c:\programdata\McAfee
2014-02-01 17:19 . 2014-02-01 17:21 -------- d-----w- c:\users\Jirka\AppData\Local\Adobe
2014-01-24 21:27 . 2014-01-24 21:27 -------- d-----w- c:\users\Jirka\AppData\Roaming\openvr
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-30 21:10 . 2013-09-14 07:25 78296 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-01-30 21:10 . 2013-09-14 07:25 694240 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-01-15 19:07 . 2013-03-04 12:17 86054176 ----a-w- c:\windows\system32\MRT.exe
2013-12-21 12:48 . 2013-12-21 12:37 43520 ----a-w- c:\windows\SysWow64\CmdLineExt03.dll
2013-12-10 16:10 . 2013-12-10 16:10 98304 ----a-w- c:\windows\SysWow64\CmdLineExt.dll
2013-12-07 06:37 . 2014-01-15 07:24 688640 ----a-w- c:\windows\system32\WSShared.dll
2013-12-07 06:37 . 2014-01-15 07:24 163840 ----a-w- c:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-12-07 05:15 . 2014-01-15 07:24 562688 ----a-w- c:\windows\SysWow64\WSShared.dll
2013-12-07 05:15 . 2014-01-15 07:24 124928 ----a-w- c:\windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-12-06 08:42 . 2013-05-15 19:20 409832 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-12-06 08:42 . 2013-05-15 19:20 38984 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-12-06 08:42 . 2013-05-15 19:20 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-12-06 08:42 . 2013-05-15 19:20 205320 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-12-06 08:42 . 2013-05-15 19:20 1032416 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-12-06 08:42 . 2013-05-15 19:20 84328 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-12-06 08:42 . 2013-05-15 19:20 334648 ----a-w- c:\windows\system32\aswBoot.exe
2013-12-06 08:42 . 2013-05-15 19:20 92544 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-12-06 08:42 . 2013-05-15 19:19 43152 ----a-w- c:\windows\avastSS.scr
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-07-04 642728]
"CLMLServer_For_P2G8"="c:\program files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe" [2012-06-08 111120]
"CLVirtualDrive"="c:\program files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" [2012-07-02 491120]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2013-12-06 3568312]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2014-02-04 3813712]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
R2 HPConnectedRemote;HP Connected Remote Service;c:\program files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe;c:\program files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [x]
R2 MgAssistService;MgAssist Service;c:\program files (x86)\Mobogenie\MgAssist.exe;c:\program files (x86)\Mobogenie\MgAssist.exe [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 vmicheartbeat;Služba prezenčního signálu technologie Hyper-V;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 CLVirtualDrive;CLVirtualDrive;c:\windows\system32\DRIVERS\CLVirtualDrive.sys;c:\windows\SYSNATIVE\DRIVERS\CLVirtualDrive.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\System32\drivers\dtsoftbus01.sys;c:\windows\SYSNATIVE\drivers\dtsoftbus01.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys;c:\windows\SYSNATIVE\drivers\aswFsBlk.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW86.sys;c:\windows\SYSNATIVE\drivers\AtihdW86.sys [x]
S3 RTL8168;Realtek 8168 NT Driver;c:\windows\system32\DRIVERS\Rt630x64.sys;c:\windows\SYSNATIVE\DRIVERS\Rt630x64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
apphost REG_MULTI_SZ apphostsvc
iissvcs REG_MULTI_SZ w3svc was
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-02-22 12:54 1150280 ----a-w- c:\program files (x86)\Google\Chrome\Application\33.0.1750.117\Installer\chrmstp.exe
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{11111111-1111-1111-1111-110311281150}]
c:\program files (x86)\Object Browser\Object Browser-bho64.dll [BU]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{11111111-1111-1111-1111-110311551110}]
c:\program files (x86)\iWebar\iWebar-bho64.dll [BU]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{11111111-1111-1111-1111-110411821192}]
c:\program files (x86)\Sense\Sense-bho64.dll [BU]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}]
c:\programdata\ShopperPro\ShopperPro64.dll [BU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-12-06 08:42 326944 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2014-01-30 14:05 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2014-01-30 14:05 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2014-01-30 14:05 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2014-01-30 14:05 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2014-01-30 14:05 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2014-01-30 14:05 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BeatsOSDApp"="c:\program files\IDT\WDM\beats64.exe" [2012-09-19 37888]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2012-09-19 1425408]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com
uLocal Page = c:\windows\system32\blank.htm
mDefault_Search_URL = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.google.com
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.0.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{434D452D-5637-006A-76A7-7A786E7484D7} - (no file)
WebBrowser-{BE8E6C58-482D-4525-B4EC-224EBB8087FF} - (no file)
AddRemove-{FF27F674-821E-4BA2-985B-DDF539C2CD03} - c:\program files (x86)\InstallShield Installation Information\{FF27F674-821E-4BA2-985B-DDF539C2CD03}\setup.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:b5,b7,54,22,a1,9d,30,3d,be,85,45,ae,f5,04,ca,6a,47,cb,17,4e,fe,28,d1,
d8,53,05,71,b8,29,81,49,e5,95,75,90,cf,34,7a,71,50,4b,7e,61,aa,9c,d1,83,87,\
"??"=hex:10,ad,ca,46,49,0a,db,d7,8c,a6,1a,23,cd,b4,bb,1e
.
[HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\Software\SecuROM\License information*]
"datasecu"=hex:5e,fc,34,f8,aa,5a,53,34,8c,3d,d4,a4,b1,10,b5,7a,de,e3,a1,16,16,
bf,a8,29,a1,20,23,85,2e,5f,8f,02,ae,93,65,fa,36,16,a7,88,ae,f5,b8,ad,99,4c,\
"rkeysecu"=hex:ec,5c,d3,48,cb,47,b7,ec,2b,87,1d,89,29,4e,bf,ff
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Celkový čas: 2014-02-23 20:06:40 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-02-23 19:06
ComboFix2.txt 2014-02-23 18:45
.
Před spuštěním: 290 015 531 008 bytes free
Po spuštění: 289 945 595 904 bytes free
.
- - End Of File - - BDD547CF4DEEB421F12D72EE5B112B7A
5FB38429D5D77768867C76DCBDB35194

#19 Příspěvek od **Márty84** » 24 úno 2014 04:17

Nevim jak jste to zvladnul, ale v prvnim logu to tam nebylo a v druhem uz je zas to svinstvo zpet

Dejte novy log z RSIT

Gladiator91 · #20 Příspěvek od **Gladiator91** » 24 úno 2014 08:13

Logfile of random's system information tool 1.09 (written by random/random)
Run by Jirka at 2014-02-24 08:12:18
Microsoft Windows 8
System drive C: has 277 GB (60%) free of 464 GB
Total RAM: 6099 MB (82% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:12:22, on 24. 2. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.16798)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Jirka.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Connected Remote Service (HPConnectedRemote) - Hewlett-Packard - c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MgAssist Service (MgAssistService) - Unknown owner - C:\Program Files (x86)\Mobogenie\MgAssist.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9350 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
"dwm.exe"
C:\windows\system32\svchost.exe -k LocalService
atieclxx
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\windows\Explorer.EXE
C:\windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
taskhostex.exe
C:\windows\system32\svchost.exe -k apphost
"C:\Program Files\Bonjour\mDNSResponder.exe"
"c:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
dashost.exe {8c9de639-ac3c-468c-a61ceec6733fd34e}
"C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE"
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe"
taskeng.exe {D7382841-FE23-49B8-8848-D28BCF3A7B20}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2852.0.871660149\1782053004" --disable-image-transport-surface --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,1,14,27 --gpu-vendor-id=0x1002 --gpu-device-id=0x677b --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=8.981.0.0 --ignored=" --type=renderer " /prefetch:822062411
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\SearchIndexer.exe /Embedding
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\servicing\TrustedInstaller.exe
C:\windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.16683_none_62280e15510f8e79\TiWorker.exe -Embedding
C:\windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\IDT\WDM\Beats64.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 548 552 560 65536 556
"C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group15 pct:1f stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/OmniboxBundledExperimentV1/StandardR2/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_25/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --enable-pinch --renderer-print-preview --enable-software-compositing --channel="2852.4.1579425913\1271239246" /prefetch:673131151
"C:\Users\Jirka\Desktop\RSITx64.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe" /taskrestart
"C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe"
taskhostex.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311281150}]
Object Browser - C:\Program Files (x86)\Object Browser\Object Browser-bho64.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311551110}]
iWebar - C:\Program Files (x86)\iWebar\iWebar-bho64.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411821192}]
Sense - C:\Program Files (x86)\Sense\Sense-bho64.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-12-06 1567016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}]
Shopper Pro - C:\ProgramData\ShopperPro\ShopperPro64.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files (x86)\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll [2003-05-11 50376]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-03-31 461216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-12-06 606544]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-03-31 170912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2012-07-09 351136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-12-06 1567016]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-12-06 606544]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BeatsOSDApp"=C:\Program Files\IDT\WDM\beats64.exe [2012-09-19 37888]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2012-09-19 1425408]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-07-05 642728]
"CLMLServer_For_P2G8"=c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-08 111120]
"CLVirtualDrive"=c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [2012-07-02 491120]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2013-12-06 3568312]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2014-02-04 3813712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicDisplay.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicRender.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BrokerInfrastructure]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DeviceInstall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dxgkrnl.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FsDepends.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LSM]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppInfo]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Base]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BasicDisplay.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BasicRender.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BFE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot file system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\bowser]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BrokerInfrastructure]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Browser]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CryptSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DcomLaunch]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DeviceInstall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dfsc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dhcp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DnsCache]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dot3Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dxgkrnl.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Eaphost]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EFS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EventLog]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\File system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\FsDepends.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HelpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\IKEEXT]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ipnat.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\KeyIso]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanServer]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanWorkstation]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LmHosts]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LSM]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Messenger]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSDrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb10]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb20]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NativeWifiP]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS Wrapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ndiscap]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ndisuio]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOSGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBT]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetDDEGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Netlogon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetMan]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\netprofm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Network]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetworkProvider]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NlaSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Nsi]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nsiproxy.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NTDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PCI Configuration]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PlugPlay]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP_TDI]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PolicyAgent]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Power]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Primary disk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ProfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdbss]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdpencdd.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdsessmgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcEptMapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcSs]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCardSvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCSI Class]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sermouse.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SharedAccess]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SmartcardSimulator]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Streams Drivers]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SWPRV]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\System Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TabletInputService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TBS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Tcpip]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TDI]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TrustedInstaller]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VaultSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VirtualSmartcardReader]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vmms]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgr.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgrx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wcmsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wlansvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{36FC9E60-C465-11CF-8056-444553540000}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E965-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E967-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E969-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96A-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96F-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E972-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E973-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E974-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E975-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E977-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97D-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E980-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"EnableUIADesktopToggle"=0
"EnableCursorSuppression"=1
"ConsentPromptBehaviorUser"=3
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.yuy2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"vidc.yvyu"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"vidc.uyvy"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2014-02-23 20:06:40 ----A---- C:\ComboFix.txt
2014-02-23 20:02:54 ----SHD---- C:\$RECYCLE.BIN
2014-02-23 19:24:43 ----A---- C:\windows\zip.exe
2014-02-23 19:24:43 ----A---- C:\windows\SWXCACLS.exe
2014-02-23 19:24:43 ----A---- C:\windows\SWSC.exe
2014-02-23 19:24:43 ----A---- C:\windows\SWREG.exe
2014-02-23 19:24:43 ----A---- C:\windows\sed.exe
2014-02-23 19:24:43 ----A---- C:\windows\PEV.exe
2014-02-23 19:24:43 ----A---- C:\windows\NIRCMD.exe
2014-02-23 19:24:43 ----A---- C:\windows\MBR.exe
2014-02-23 19:24:43 ----A---- C:\windows\grep.exe
2014-02-23 19:24:33 ----AD---- C:\Qoobox
2014-02-23 19:24:15 ----D---- C:\windows\erdnt
2014-02-23 16:12:54 ----D---- C:\AdwCleaner
2014-02-22 16:45:47 ----D---- C:\Users\Jirka\AppData\Roaming\Malwarebytes
2014-02-22 16:45:29 ----D---- C:\ProgramData\Malwarebytes
2014-02-22 14:08:04 ----D---- C:\Program Files\trend micro
2014-02-22 14:04:51 ----D---- C:\rsit
2014-02-22 14:04:51 ----D---- C:\Program Files (x86)\trend micro
2014-02-17 16:34:37 ----D---- C:\Program Files (x86)\PlayPickle
2014-02-12 15:37:02 ----A---- C:\windows\SYSWOW64\msxml3.dll
2014-02-12 15:37:02 ----A---- C:\windows\system32\msxml3.dll
2014-02-12 15:35:38 ----A---- C:\windows\system32\drivers\tcpip.sys
2014-02-12 15:35:10 ----A---- C:\windows\SYSWOW64\vbscript.dll
2014-02-12 15:35:10 ----A---- C:\windows\system32\vbscript.dll
2014-02-12 15:34:43 ----A---- C:\windows\system32\drivers\hidclass.sys
2014-02-12 15:34:17 ----A---- C:\windows\system32\msdrm.dll
2014-02-12 15:34:16 ----A---- C:\windows\SYSWOW64\msdrm.dll
2014-02-12 15:34:12 ----A---- C:\windows\SYSWOW64\urlmon.dll
2014-02-12 15:34:12 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2014-02-12 15:34:12 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2014-02-12 15:34:12 ----A---- C:\windows\SYSWOW64\iernonce.dll
2014-02-12 15:34:11 ----A---- C:\windows\SYSWOW64\wininet.dll
2014-02-12 15:34:11 ----A---- C:\windows\SYSWOW64\uxtheme.dll
2014-02-12 15:34:11 ----A---- C:\windows\SYSWOW64\UXInit.dll
2014-02-12 15:34:11 ----A---- C:\windows\SYSWOW64\msrating.dll
2014-02-12 15:34:11 ----A---- C:\windows\SYSWOW64\iesysprep.dll
2014-02-12 15:34:11 ----A---- C:\windows\SYSWOW64\iesetup.dll
2014-02-12 15:34:11 ----A---- C:\windows\system32\UXInit.dll
2014-02-12 15:34:11 ----A---- C:\windows\system32\iernonce.dll
2014-02-12 15:34:11 ----A---- C:\windows\system32\ie4uinit.exe
2014-02-12 15:34:10 ----A---- C:\windows\SYSWOW64\ieframe.dll
2014-02-12 15:34:10 ----A---- C:\windows\system32\uxtheme.dll
2014-02-12 15:34:10 ----A---- C:\windows\system32\urlmon.dll
2014-02-12 15:34:10 ----A---- C:\windows\system32\msrating.dll
2014-02-12 15:34:09 ----A---- C:\windows\system32\iesysprep.dll
2014-02-12 15:34:09 ----A---- C:\windows\system32\iesetup.dll
2014-02-12 15:34:08 ----A---- C:\windows\system32\msfeeds.dll
2014-02-12 15:34:08 ----A---- C:\windows\system32\ieframe.dll
2014-02-12 15:34:06 ----A---- C:\windows\system32\wininet.dll
2014-02-12 15:34:06 ----A---- C:\windows\system32\jscript.dll
2014-02-12 15:34:05 ----A---- C:\windows\system32\jsproxy.dll
2014-02-12 15:34:03 ----A---- C:\windows\system32\mshtml.dll
2014-02-12 15:33:54 ----A---- C:\windows\system32\iertutil.dll
2014-02-12 15:33:53 ----A---- C:\windows\SYSWOW64\jscript9.dll
2014-02-12 15:33:53 ----A---- C:\windows\SYSWOW64\jscript.dll
2014-02-12 15:33:53 ----A---- C:\windows\system32\jscript9.dll
2014-02-12 15:33:52 ----A---- C:\windows\SYSWOW64\iertutil.dll
2014-02-12 15:33:48 ----A---- C:\windows\SYSWOW64\mshtml.dll
2014-02-12 15:32:44 ----A---- C:\windows\SYSWOW64\d2d1.dll
2014-02-12 15:32:44 ----A---- C:\windows\system32\d3d10warp.dll
2014-02-12 15:32:44 ----A---- C:\windows\system32\d2d1.dll
2014-02-12 15:32:43 ----A---- C:\windows\SYSWOW64\d3d10warp.dll
2014-02-10 16:07:54 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2014-02-04 14:56:44 ----AH---- C:\windows\system32\drivers\Hamdrv.sys
2014-02-02 18:45:53 ----D---- C:\ProgramData\Ubisoft
2014-02-02 18:35:56 ----D---- C:\Program Files (x86)\Assassin's Creed Brotherhood
2014-02-01 18:21:19 ----D---- C:\ProgramData\McAfee

======List of files/folders modified in the last 1 month======

2014-02-24 08:12:21 ----D---- C:\windows\Prefetch
2014-02-24 08:11:11 ----D---- C:\windows\Temp
2014-02-24 08:08:06 ----D---- C:\windows\system32\sru
2014-02-23 22:04:37 ----D---- C:\ProgramData\PMB Files
2014-02-23 21:16:18 ----D---- C:\Program Files (x86)\Steam
2014-02-23 20:07:41 ----D---- C:\windows\system32\config
2014-02-23 20:06:43 ----D---- C:\windows\system32\Drivers
2014-02-23 20:04:18 ----A---- C:\windows\SYSWOW64\log.txt
2014-02-23 20:02:27 ----D---- C:\windows
2014-02-23 20:02:27 ----A---- C:\windows\system.ini
2014-02-23 20:02:26 ----D---- C:\windows\AUInstallAgent
2014-02-23 20:02:19 ----D---- C:\windows\system32\drivers\etc
2014-02-23 20:02:03 ----D---- C:\windows\SoftwareDistribution
2014-02-23 20:00:15 ----RD---- C:\Program Files (x86)
2014-02-23 20:00:15 ----D---- C:\windows\Tasks
2014-02-23 19:58:56 ----D---- C:\windows\SYSWOW64\drivers
2014-02-23 19:58:56 ----D---- C:\windows\SysWOW64
2014-02-23 19:58:56 ----D---- C:\windows\apppatch
2014-02-23 19:58:55 ----D---- C:\Program Files (x86)\Common Files
2014-02-23 19:25:04 ----SHD---- C:\System Volume Information
2014-02-23 17:56:18 ----D---- C:\ProgramData
2014-02-23 09:22:12 ----D---- C:\windows\Microsoft.NET
2014-02-22 18:38:41 ----D---- C:\Program Files (x86)\Rolimno
2014-02-22 18:37:56 ----D---- C:\windows\system32\Tasks
2014-02-22 18:05:32 ----RD---- C:\windows\System32
2014-02-22 18:05:32 ----D---- C:\windows\Inf
2014-02-22 18:05:32 ----A---- C:\windows\system32\PerfStringBackup.INI
2014-02-22 14:08:04 ----RD---- C:\Program Files
2014-02-22 13:54:22 ----D---- C:\Program Files (x86)\Google
2014-02-22 09:35:13 ----SHD---- C:\windows\Installer
2014-02-22 08:48:40 ----D---- C:\Program Files (x86)\NortonInstaller
2014-02-20 19:22:54 ----D---- C:\Users\Jirka\AppData\Roaming\Seznam.cz
2014-02-20 19:22:47 ----D---- C:\Program Files (x86)\Seznam.cz
2014-02-20 19:22:30 ----D---- C:\ProgramData\Norton
2014-02-17 16:33:04 ----D---- C:\windows\Resources
2014-02-17 15:34:09 ----A---- C:\windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-02-17 15:32:28 ----D---- C:\windows\system32\catroot2
2014-02-14 15:24:22 ----RSD---- C:\windows\assembly
2014-02-13 19:37:46 ----D---- C:\windows\rescache
2014-02-13 18:13:12 ----D---- C:\windows\WinSxS
2014-02-13 17:47:41 ----D---- C:\windows\SYSWOW64\cs-CZ
2014-02-13 17:47:41 ----D---- C:\windows\system32\cs-CZ
2014-02-13 17:47:40 ----D---- C:\Program Files (x86)\Internet Explorer
2014-02-13 17:47:37 ----D---- C:\Program Files\Internet Explorer
2014-02-13 17:47:34 ----D---- C:\windows\system32\DriverStore
2014-02-12 16:15:38 ----D---- C:\windows\CbsTemp
2014-02-11 14:11:36 ----HD---- C:\Program Files\WindowsApps
2014-02-07 19:19:56 ----D---- C:\Users\Jirka\AppData\Roaming\DAEMON Tools Lite
2014-02-07 19:19:47 ----D---- C:\windows\Logs
2014-02-03 22:05:01 ----D---- C:\windows\system32\catroot
2014-02-02 10:10:39 ----D---- C:\Program Files (x86)\Mumble
2014-01-30 22:10:35 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2014-01-29 19:48:32 ----D---- C:\Users\Jirka\AppData\Roaming\.minecraft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ACPI;@acpi.inf,%ACPI.SvcDesc%;Microsoft ACPI Driver; C:\windows\System32\drivers\ACPI.sys [2012-09-20 425192]
R0 acpiex;Microsoft ACPIEx Driver; C:\windows\System32\Drivers\acpiex.sys [2012-07-26 77040]
R0 aswRvrt;avast! Revert; C:\windows\system32\drivers\aswRvrt.sys [2013-12-06 65776]
R0 aswVmm;avast! VM Monitor; C:\windows\system32\drivers\aswVmm.sys [2013-12-06 205320]
R0 CLFS;@%SystemRoot%\system32\drivers\clfs.sys,-100; C:\windows\System32\drivers\CLFS.sys [2012-07-26 361200]
R0 CNG;CNG; C:\windows\System32\Drivers\cng.sys [2012-10-11 562392]
R0 disk;@disk.inf,%disk_ServiceDesc%;Disk Driver; C:\windows\System32\drivers\disk.sys [2013-10-13 100696]
R0 FileInfo;@%SystemRoot%\system32\drivers\fileinfo.sys,-100; C:\windows\System32\drivers\fileinfo.sys [2012-07-26 71920]
R0 FltMgr;@%SystemRoot%\system32\drivers\fltmgr.sys,-10001; C:\windows\system32\drivers\fltmgr.sys [2012-07-26 374512]
R0 fvevol;@%SystemRoot%\system32\drivers\fvevol.sys,-100; C:\windows\System32\DRIVERS\fvevol.sys [2013-08-21 465240]
R0 KSecDD;KSecDD; C:\windows\System32\Drivers\ksecdd.sys [2012-09-20 100072]
R0 KSecPkg;KSecPkg; C:\windows\System32\Drivers\ksecpkg.sys [2012-10-11 172264]
R0 mountmgr;@%SystemRoot%\system32\drivers\mountmgr.sys,-100; C:\windows\System32\drivers\mountmgr.sys [2012-07-26 93936]
R0 msisadrv;msisadrv; C:\windows\System32\drivers\msisadrv.sys [2012-07-26 17136]
R0 Mup;@%systemroot%\system32\drivers\mup.sys,-101; C:\windows\System32\Drivers\mup.sys [2012-07-26 83696]
R0 NDIS;@%SystemRoot%\system32\drivers\ndis.sys,-200; C:\windows\system32\drivers\ndis.sys [2013-06-16 997632]
R0 partmgr;@%SystemRoot%\system32\drivers\partmgr.sys,-100; C:\windows\System32\drivers\partmgr.sys [2013-01-10 91880]
R0 pci;@machine.inf,%pci_svcdesc%;PCI Bus Driver; C:\windows\System32\drivers\pci.sys [2012-07-26 234224]
R0 pcw;Performance Counters for Windows Driver; C:\windows\System32\drivers\pcw.sys [2012-07-26 52464]
R0 pdc;@%SystemRoot%\system32\drivers\pdc.sys,-100; C:\windows\system32\drivers\pdc.sys [2013-03-02 69864]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2012-07-26 217328]
R0 spaceport;@spaceport.inf,%Spaceport_ServiceDesc%;Storage Spaces Driver; C:\windows\System32\drivers\spaceport.sys [2013-10-05 285016]
R0 storahci;@mshdc.inf,%storahci_ServiceDescription%;Microsoft Standard SATA AHCI Driver; C:\windows\System32\drivers\storahci.sys [2013-03-02 77544]
R0 Tcpip;@%SystemRoot%\system32\tcpipcfg.dll,-50003; C:\windows\System32\drivers\tcpip.sys [2013-11-01 2232664]
R0 vdrvroot;@vdrvroot.inf,%vdrvroot_svcdesc%;Microsoft Virtual Drive Enumerator; C:\windows\System32\drivers\vdrvroot.sys [2012-07-26 36080]
R0 volmgr;@volmgr.inf,%volmgr_svcdesc%;Volume Manager Driver; C:\windows\System32\drivers\volmgr.sys [2012-07-26 83184]
R0 volmgrx;@%SystemRoot%\system32\drivers\volmgrx.sys,-100; C:\windows\System32\drivers\volmgrx.sys [2012-07-26 378608]
R0 volsnap;@volume.inf,%VolumeClassName%;Storage volumes; C:\windows\System32\drivers\volsnap.sys [2013-06-01 327936]
R0 Wdf01000;@%SystemRoot%\system32\drivers\Wdf01000.sys,-1000; C:\windows\system32\drivers\Wdf01000.sys [2013-06-22 785624]
R0 WFPLWFS;@%SystemRoot%\System32\drivers\wfplwfs.sys,-6000; C:\windows\system32\DRIVERS\wfplwfs.sys [2013-10-10 96600]
R1 AFD;@%systemroot%\system32\drivers\afd.sys,-1000; C:\windows\system32\drivers\afd.sys [2013-09-04 576512]
R1 aswRdr;aswRdr; \??\C:\windows\system32\drivers\aswRdr2.sys [2013-12-06 92544]
R1 aswSnx;aswSnx; \??\C:\windows\system32\drivers\aswSnx.sys [2013-12-06 1032416]
R1 aswSP;aswSP; \??\C:\windows\system32\drivers\aswSP.sys [2013-12-06 409832]
R1 BasicDisplay;BasicDisplay; C:\windows\System32\drivers\BasicDisplay.sys [2012-07-26 48640]
R1 BasicRender;BasicRender; C:\windows\System32\drivers\BasicRender.sys [2012-07-26 29696]
R1 Beep;Beep; C:\windows\system32\drivers\Beep.sys [2012-07-26 7680]
R1 cdrom;@cdrom.inf,%cdrom_ServiceDesc%;CD-ROM Driver; C:\windows\System32\drivers\cdrom.sys [2012-07-26 174080]
R1 CLVirtualDrive;CLVirtualDrive; C:\windows\system32\DRIVERS\CLVirtualDrive.sys [2012-06-25 92536]
R1 Dfsc;@%systemroot%\system32\wkssvc.dll,-1008; C:\windows\System32\Drivers\dfsc.sys [2012-07-26 118784]
R1 discache;@%systemroot%\system32\drivers\discache.sys,-102; C:\windows\System32\drivers\discache.sys [2012-07-26 50688]
R1 dtsoftbus01;@oem16.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\windows\System32\drivers\dtsoftbus01.sys [2013-03-30 283200]
R1 Msfs;Msfs; C:\windows\system32\drivers\Msfs.sys [2012-07-26 26112]
R1 mssmbios;@mssmbios.inf,%mssmbios_svcdesc%;Microsoft System Management BIOS Driver; C:\windows\System32\drivers\mssmbios.sys [2012-07-26 37616]
R1 NetBIOS;@netnb.inf,%NetBIOS_Desc%;NetBIOS Interface; C:\windows\system32\DRIVERS\netbios.sys [2012-07-26 46080]
R1 NetBT;@%SystemRoot%\system32\drivers\netbt.sys,-2; C:\windows\System32\DRIVERS\netbt.sys [2012-07-26 331776]
R1 Npfs;Npfs; C:\windows\system32\drivers\Npfs.sys [2012-07-26 49152]
R1 npsvctrig;@npsvctrig.inf,%NPSVCTRIG.SvcDisplayName%;Named pipe service trigger provider; C:\windows\System32\drivers\npsvctrig.sys [2012-07-26 23552]
R1 nsiproxy;@%SystemRoot%\system32\drivers\nsiproxy.sys,-2; C:\windows\system32\drivers\nsiproxy.sys [2012-07-26 34304]
R1 Null;Null; C:\windows\system32\drivers\Null.sys [2012-07-26 5632]
R1 Psched;@%SystemRoot%\System32\drivers\pacer.sys,-101; C:\windows\system32\DRIVERS\pacer.sys [2012-07-26 145408]
R1 rdbss;@%systemroot%\system32\wkssvc.dll,-1000; C:\windows\system32\DRIVERS\rdbss.sys [2013-05-04 427520]
R1 tdx;@%SystemRoot%\system32\tcpipcfg.dll,-50004; C:\windows\system32\DRIVERS\tdx.sys [2012-07-26 117248]
R1 Wanarpv6;@%systemroot%\system32\rascfg.dll,-32012; C:\windows\system32\DRIVERS\wanarp.sys [2013-04-09 83456]
R2 aswFsBlk;aswFsBlk; \??\C:\windows\system32\drivers\aswFsBlk.sys [2013-12-06 38984]
R2 aswMonFlt;aswMonFlt; \??\C:\windows\system32\drivers\aswMonFlt.sys [2013-12-06 84328]
R2 lltdio;@%SystemRoot%\system32\lltdres.dll,-6; C:\windows\system32\DRIVERS\lltdio.sys [2012-07-26 60416]
R2 luafv;@%systemroot%\system32\drivers\luafv.sys,-100; C:\windows\system32\drivers\luafv.sys [2012-07-26 134144]
R2 Ndu;@%SystemRoot%\system32\drivers\Ndu.sys,-10001; C:\windows\system32\drivers\Ndu.sys [2012-07-26 97792]
R2 PEAUTH;PEAUTH; C:\windows\system32\drivers\peauth.sys [2013-04-09 805376]
R2 rspndr;@%SystemRoot%\system32\lltdres.dll,-5; C:\windows\system32\DRIVERS\rspndr.sys [2012-07-26 78848]
R2 secdrv;Security Driver; C:\windows\system32\drivers\secdrv.sys [2012-07-26 23040]
R2 tcpipreg;TCP/IP Registry Compatibility; C:\windows\System32\drivers\tcpipreg.sys [2012-07-26 45056]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2012-07-05 10267648]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2012-07-05 368128]
R3 AtiHDAudioService;@oem8.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\windows\system32\drivers\AtihdW86.sys [2012-07-03 98472]
R3 bowser;@%systemroot%\system32\browser.dll,-102; C:\windows\system32\DRIVERS\bowser.sys [2012-07-26 101888]
R3 CompositeBus;@CompositeBus.inf,%CompositeBus.SVCDESC%;Composite Bus Enumerator Driver; C:\windows\System32\drivers\CompositeBus.sys [2012-07-26 36352]
R3 condrv;Console Driver; C:\windows\System32\drivers\condrv.sys [2012-07-26 33792]
R3 DXGKrnl;LDDM Graphics Subsystem; C:\windows\System32\drivers\dxgkrnl.sys [2013-09-19 1455448]
R3 fastfat;FAT12/16/32 File System Driver; C:\windows\system32\drivers\fastfat.sys [2012-07-26 210672]
R3 hamachi;LogMeIn Hamachi Virtual Miniport); C:\windows\system32\DRIVERS\Hamdrv.sys [2014-02-04 46136]
R3 HDAudBus;@hdaudbus.inf,%HDAudBus.SVCDESC%;Microsoft UAA Bus Driver for High Definition Audio; C:\windows\System32\drivers\HDAudBus.sys [2012-09-20 71168]
R3 HidUsb;@input.inf,%HID.SvcDesc%;Microsoft HID Class Driver; C:\windows\System32\drivers\hidusb.sys [2013-05-04 27648]
R3 HTTP;@%SystemRoot%\system32\drivers\http.sys,-1; C:\windows\system32\drivers\HTTP.sys [2013-03-15 861184]
R3 intelppm;@cpu.inf,%IntelPPM.SvcDesc%;Intel Processor Driver; C:\windows\System32\drivers\intelppm.sys [2012-11-06 89088]
R3 kbdclass;@keyboard.inf,%kbdclass.SvcDesc%;Keyboard Class Driver; C:\windows\System32\drivers\kbdclass.sys [2012-07-26 48368]
R3 kbdhid;@keyboard.inf,%KBDHID.SvcDesc%;Keyboard HID Driver; C:\windows\System32\drivers\kbdhid.sys [2012-07-26 29184]
R3 kdnic;@kdnic.inf,%KdNic.Service.DispName%;Microsoft Kernel Debug Network Miniport (NDIS 6.20); C:\windows\system32\DRIVERS\kdnic.sys [2012-07-26 18432]
R3 ksthunk;Kernel Streaming Thunks; C:\windows\system32\drivers\ksthunk.sys [2012-07-26 21376]
R3 MEIx64;@oem6.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\windows\System32\drivers\HECIx64.sys [2012-07-18 62784]
R3 monitor;@monitor.inf,%Monitor.SVCDESC%;Microsoft Monitor Class Function Driver Service; C:\windows\System32\drivers\monitor.sys [2013-03-01 30720]
R3 mouclass;@msmouse.inf,%mouclass.SvcDesc%;Mouse Class Driver; C:\windows\System32\drivers\mouclass.sys [2012-07-26 45808]
R3 mouhid;@msmouse.inf,%MOUHID.SvcDesc%;Mouse HID Driver; C:\windows\System32\drivers\mouhid.sys [2013-03-02 26112]
R3 mpsdrv;@%SystemRoot%\system32\FirewallAPI.dll,-23092; C:\windows\System32\drivers\mpsdrv.sys [2013-10-31 74752]
R3 mrxsmb;@%systemroot%\system32\wkssvc.dll,-1002; C:\windows\system32\DRIVERS\mrxsmb.sys [2013-02-05 370688]
R3 mrxsmb10;@%systemroot%\system32\wkssvc.dll,-1004; C:\windows\system32\DRIVERS\mrxsmb10.sys [2012-07-26 279552]
R3 mrxsmb20;@%systemroot%\system32\wkssvc.dll,-1006; C:\windows\system32\DRIVERS\mrxsmb20.sys [2013-02-05 215552]
R3 NdisTapi;@%systemroot%\system32\rascfg.dll,-32001; C:\windows\system32\DRIVERS\ndistapi.sys [2012-09-20 25088]
R3 NdisWan;@%systemroot%\system32\rascfg.dll,-32002; C:\windows\system32\DRIVERS\ndiswan.sys [2012-07-26 174080]
R3 NDProxy;NDIS Proxy; C:\windows\system32\drivers\NDProxy.sys [2013-04-09 60416]
R3 Ntfs;Ntfs; C:\windows\system32\drivers\Ntfs.sys [2013-02-02 1933544]
R3 PptpMiniport;@%systemroot%\system32\rascfg.dll,-32006; C:\windows\system32\DRIVERS\raspptp.sys [2012-07-26 114176]
R3 RasAgileVpn;@netavpna.inf,%Svc-Mp-AgileVpn-DispName%;WAN Miniport (IKEv2); C:\windows\system32\DRIVERS\AgileVpn.sys [2012-07-26 68608]
R3 Rasl2tp;@%systemroot%\system32\rascfg.dll,-32005; C:\windows\system32\DRIVERS\rasl2tp.sys [2012-07-26 124928]
R3 RasPppoe;@%systemroot%\system32\rascfg.dll,-32007; C:\windows\system32\DRIVERS\raspppoe.sys [2012-07-26 81920]
R3 RasSstp;@%systemroot%\system32\sstpsvc.dll,-202; C:\windows\system32\DRIVERS\rassstp.sys [2012-07-26 92672]
R3 rdpbus;@rdpbus.inf,%rdpbus_svcdesc%;Remote Desktop Device Redirector Bus Driver; C:\windows\System32\drivers\rdpbus.sys [2012-07-26 22528]
R3 RTL8168;@oem9.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\windows\system32\DRIVERS\Rt630x64.sys [2012-06-21 683664]
R3 srv;@%systemroot%\system32\srvsvc.dll,-102; C:\windows\System32\DRIVERS\srv.sys [2012-07-26 416768]
R3 srv2;@%systemroot%\system32\srvsvc.dll,-104; C:\windows\System32\DRIVERS\srv2.sys [2013-04-09 623104]
R3 srvnet;srvnet; C:\windows\System32\DRIVERS\srvnet.sys [2013-04-09 247808]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10301; C:\windows\system32\DRIVERS\stwrt64.sys [2012-09-19 540160]
R3 swenum;@swenum.inf,%SWENUM.SVCDESC%;Software Bus Driver; C:\windows\System32\drivers\swenum.sys [2012-07-26 13680]
R3 TPM;@tpm.inf,%TPM%;TPM; C:\windows\system32\drivers\tpm.sys [2013-08-10 151896]
R3 tunnel;@nettun.inf,%TUNNEL.Service.DisplayName%;Microsoft Tunnel Miniport Adapter Driver; C:\windows\system32\DRIVERS\tunnel.sys [2012-07-26 149504]
R3 UCX01000;USB Controller Extension; C:\windows\System32\drivers\ucx01000.sys [2013-07-02 213336]
R3 umbus;@umbus.inf,%umbus.SVCDESC%;UMBus Enumerator Driver; C:\windows\System32\drivers\umbus.sys [2012-07-26 48128]
R3 usbccgp;@usb.inf,%GenericParent.SvcDesc%;Microsoft USB Generic Parent Driver; C:\windows\System32\drivers\usbccgp.sys [2013-06-29 120832]
R3 usbehci;@usbport.inf,%EHCIMP.SvcDesc%;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\windows\System32\drivers\usbehci.sys [2013-07-01 79192]
R3 usbhub;@usbport.inf,%ROOTHUB.SvcDesc%;Ovladač standardního rozbočovače USB; C:\windows\System32\drivers\usbhub.sys [2013-07-01 623448]
R3 USBHUB3;@usbhub3.inf,%UsbHub3.SVCDESC%;SuperSpeed Hub; C:\windows\System32\drivers\UsbHub3.sys [2013-10-02 447320]
R3 USBSTOR;@usbstor.inf,%USBSTOR.SvcDesc%;USB Mass Storage Driver; C:\windows\System32\drivers\USBSTOR.SYS [2013-06-06 119040]
R3 USBXHCI;@usbxhci.inf,%PCI\CC_0C0330.DeviceDesc%;USB xHCI Compliant Host Controller; C:\windows\System32\drivers\USBXHCI.SYS [2013-07-02 337752]
R4 cdfs;CD/DVD File System Reader; C:\windows\system32\DRIVERS\cdfs.sys [2012-07-26 108544]
S0 3ware;3ware; C:\windows\System32\drivers\3ware.sys [2012-07-26 106736]
S0 adp94xx;adp94xx; C:\windows\System32\drivers\adp94xx.sys [2012-07-26 492272]
S0 adpahci;adpahci; C:\windows\System32\drivers\adpahci.sys [2012-07-26 340720]
S0 adpu320;adpu320; C:\windows\System32\drivers\adpu320.sys [2012-07-26 184048]
S0 agp440;@machine.inf,%agp440_svcdesc%;Intel AGP Bus Filter; C:\windows\System32\drivers\agp440.sys [2012-07-26 63216]
S0 amdsata;amdsata; C:\windows\System32\drivers\amdsata.sys [2012-07-26 76016]
S0 amdsbs;amdsbs; C:\windows\System32\drivers\amdsbs.sys [2012-07-26 258288]
S0 amdxata;amdxata; C:\windows\System32\drivers\amdxata.sys [2012-07-26 26352]
S0 arc;arc; C:\windows\System32\drivers\arc.sys [2012-07-26 104688]
S0 arcsas;@arcsas.inf,%arcsas_ServiceName%;Adaptec SAS/SATA-II RAID Windows Inbox Miniport Driver; C:\windows\System32\drivers\arcsas.sys [2012-07-26 108272]
S0 atapi;@mshdc.inf,%idechannel.DeviceDesc%;IDE Channel; C:\windows\System32\drivers\atapi.sys [2012-07-26 25840]
S0 b06bdrv;@netbvbda.inf,%vbd_srv_desc%;Broadcom NetXtreme II VBD; C:\windows\System32\drivers\bxvbda.sys [2012-09-20 533224]
S0 ebdrv;@netevbda.inf,%vbd_srv_desc%;Broadcom NetXtreme II 10 GigE VBD; C:\windows\System32\drivers\evbda.sys [2012-09-20 3265256]
S0 EhStorClass;@%SystemRoot%\system32\drivers\EhStorClass.sys,-100; C:\windows\System32\drivers\EhStorClass.sys [2012-07-26 81136]
S0 EhStorTcgDrv;@ehstortcgdrv.inf,%EhStorTcgDrv.Desc%;Microsoft driver for storage devices supporting IEEE 1667 and TCG protocols; C:\windows\System32\drivers\EhStorTcgDrv.sys [2012-07-26 113904]
S0 gagp30kx;@agp.inf,%gagp30kx_svcdesc%;Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms; C:\windows\System32\drivers\gagp30kx.sys [2012-07-26 66800]
S0 HpSAMD;HpSAMD; C:\windows\System32\drivers\HpSAMD.sys [2012-07-26 64752]
S0 hwpolicy;@%systemroot%\system32\drivers\hwpolicy.sys,-101; C:\windows\System32\drivers\hwpolicy.sys [2012-07-26 24816]
S0 iaStorV;@iastorv.inf,%*PNP0600.DeviceDesc%;Intel RAID Controller Windows 7; C:\windows\System32\drivers\iaStorV.sys [2012-07-26 411888]
S0 iirsp;iirsp; C:\windows\System32\drivers\iirsp.sys [2012-07-26 45296]
S0 intelide;intelide; C:\windows\System32\drivers\intelide.sys [2012-07-26 18672]
S0 isapnp;isapnp; C:\windows\System32\drivers\isapnp.sys [2012-07-26 22256]
S0 LSI_SAS;LSI_SAS; C:\windows\System32\drivers\lsi_sas.sys [2012-07-26 108784]
S0 LSI_SAS2;LSI_SAS2; C:\windows\System32\drivers\lsi_sas2.sys [2012-07-26 92400]
S0 LSI_SCSI;LSI_SCSI; C:\windows\System32\drivers\lsi_scsi.sys [2012-07-26 116976]
S0 LSI_SSS;LSI_SSS; C:\windows\System32\drivers\lsi_sss.sys [2012-07-26 81136]
S0 megasas;megasas; C:\windows\System32\drivers\megasas.sys [2012-07-26 51952]
S0 MegaSR;MegaSR; C:\windows\System32\drivers\MegaSR.sys [2012-07-26 353008]
S0 mvumis;mvumis; C:\windows\System32\drivers\mvumis.sys [2012-07-26 64240]
S0 nfrd960;nfrd960; C:\windows\System32\drivers\nfrd960.sys [2012-07-26 52464]
S0 nv_agp;@machine.inf,%agpnvidia_svcdesc%;NVIDIA nForce AGP Bus Filter; C:\windows\System32\drivers\nv_agp.sys [2012-07-26 125168]
S0 nvraid;nvraid; C:\windows\System32\drivers\nvraid.sys [2012-07-26 150256]
S0 nvstor;nvstor; C:\windows\System32\drivers\nvstor.sys [2012-07-26 168176]
S0 pciide;pciide; C:\windows\System32\drivers\pciide.sys [2012-07-26 14064]
S0 pcmcia;pcmcia; C:\windows\System32\drivers\pcmcia.sys [2012-07-26 237808]
S0 sbp2port;@sbp2.inf,%sbp2_ServiceDesc%;SBP-2 Transport/Protocol Bus Driver; C:\windows\System32\drivers\sbp2port.sys [2012-07-26 107760]
S0 SiSRaid2;SiSRaid2; C:\windows\System32\drivers\SiSRaid2.sys [2012-07-26 44784]
S0 SiSRaid4;SiSRaid4; C:\windows\System32\drivers\sisraid4.sys [2012-07-26 81648]
S0 stexstor;stexstor; C:\windows\System32\drivers\stexstor.sys [2012-07-26 30960]
S0 storflt;@%SystemRoot%\system32\vmstorfltres.dll,-1000; C:\windows\system32\DRIVERS\vmstorfl.sys [2012-07-26 45160]
S0 storvsc;storvsc; C:\windows\System32\drivers\storvsc.sys [2012-07-26 37992]
S0 uagp35;@agp.inf,%uagp35_svcdesc%;Microsoft AGPv3.5 Filter; C:\windows\System32\drivers\uagp35.sys [2012-07-26 65776]
S0 uliagpkx;@machine.inf,%uliagpkx_svcdesc%;Uli AGP Bus Filter; C:\windows\System32\drivers\uliagpkx.sys [2012-07-26 66800]
S0 viaide;viaide; C:\windows\System32\drivers\viaide.sys [2012-07-26 19184]
S0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\windows\System32\drivers\vmbus.sys [2012-07-26 137832]
S0 vsmraid;vsmraid; C:\windows\System32\drivers\vsmraid.sys [2012-07-26 164080]
S0 VSTXRAID;@vstxraid.inf,%Driver.DeviceDesc%;VIA StorX Storage Controller Windows Driver; C:\windows\System32\drivers\vstxraid.sys [2012-07-26 322800]
S0 Wd;@wd.inf,%WdServiceDisplayName%;Microsoft Watchdog Timer Driver; C:\windows\System32\drivers\wd.sys [2012-07-26 23792]
S1 dam;@%SystemRoot%\system32\drivers\dam.sys,-100; C:\windows\system32\drivers\dam.sys [2013-08-16 58200]
S3 1394ohci;@1394.inf,%PCI\CC_0C0010.DeviceDesc%;1394 OHCI Compliant Host Controller; C:\windows\System32\drivers\1394ohci.sys [2012-07-26 226304]
S3 acpipagr;@acpipagr.inf,%SvcDesc%;ACPI Processor Aggregator Driver; C:\windows\System32\drivers\acpipagr.sys [2012-07-26 10240]
S3 AcpiPmi;@acpipmi.inf,%AcpiPmi.SvcDesc%;ACPI Power Meter Driver; C:\windows\System32\drivers\acpipmi.sys [2012-07-26 12288]
S3 acpitime;@acpitime.inf,%AcpiTime.SvcDesc%;ACPI Wake Alarm Driver; C:\windows\System32\drivers\acpitime.sys [2012-07-26 10752]
S3 AmdK8;@cpu.inf,%AmdK8.SvcDesc%;AMD K8 Processor Driver; C:\windows\System32\drivers\amdk8.sys [2012-11-06 90624]
S3 AmdPPM;@cpu.inf,%AmdPPM.SvcDesc%;AMD Processor Driver; C:\windows\System32\drivers\amdppm.sys [2012-11-06 88064]
S3 AppID;@%systemroot%\system32\appidsvc.dll,-102; C:\windows\system32\drivers\appid.sys [2012-07-26 79360]
S3 AsyncMac;@%systemroot%\system32\rascfg.dll,-32000; C:\windows\system32\DRIVERS\asyncmac.sys [2012-07-26 26624]
S3 BthAvrcpTg;@bthaudhid.inf,%BthAvrcpTg_SvcDesc%;Bluetooth Audio/Video Remote Control HID; C:\windows\System32\drivers\BthAvrcpTg.sys [2013-06-01 37632]
S3 BthEnum;@tdibth.inf,%BthEnum.DisplayName%;Služba Bluetooth Enumerator; C:\windows\system32\DRIVERS\BthEnum.sys [2013-01-09 51712]
S3 BthHFEnum;@bthhfenum.inf,%BthHFEnum.SVCDESC%;Bluetooth Hands-Free Audio and Call Control HID Enumerator; C:\windows\System32\drivers\bthhfenum.sys [2012-07-26 51200]
S3 bthhfhid;@bthaudhid.inf,%BthAudioHFHid.SVCDESC%;Bluetooth Hands-Free Call Control HID; C:\windows\System32\drivers\BthHFHid.sys [2012-11-27 29952]
S3 BTHMODEM;@bthspp.inf,%BthSerial.DisplayName%;Ovladač pro sériovou komunikaci protokolem Bluetooth; C:\windows\System32\drivers\bthmodem.sys [2013-03-01 66048]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Zařízení Bluetooth (síť PAN); C:\windows\system32\DRIVERS\bthpan.sys [2012-07-26 119808]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2013-03-01 1175040]
S3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2013-01-09 74752]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 circlass;@circlass.inf,%circlass.SVCDESC%;Consumer IR Devices; C:\windows\System32\drivers\circlass.sys [2012-07-26 45056]
S3 CmBatt;@cmbatt.inf,%CmBatt.SvcDesc%;Microsoft ACPI Control Method Battery Driver; C:\windows\System32\drivers\CmBatt.sys [2012-07-26 25600]
S3 dmvsc;dmvsc; C:\windows\System32\drivers\dmvsc.sys [2012-07-26 33280]
S3 dot4;@oem14.inf,%Dot4_Name%;MS IEEE-1284.4 Driver; C:\windows\system32\DRIVERS\Dot4.sys [2012-10-19 151968]
S3 Dot4Print;@oem15.inf,%Dot4Print_Name%;Print Class Driver for IEEE-1284.4; C:\windows\System32\drivers\Dot4Prt.sys [2012-10-19 27040]
S3 dot4usb;@oem14.inf,%DOT4USB_NAME%;Dot4USB Filter; C:\windows\system32\DRIVERS\dot4usb.sys [2012-10-19 49056]
S3 drmkaud;@wdmaudio.inf,%drmkaud.SvcDesc%;Microsoft Trusted Audio Drivers; C:\windows\system32\drivers\drmkaud.sys [2012-10-11 5632]
S3 e1iexpress;@net1ic64.inf,%E1IExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\windows\system32\DRIVERS\e1i63x64.sys [2012-06-02 333824]
S3 EagleX64;EagleX64; \??\C:\windows\system32\drivers\EagleX64.sys []
S3 ErrDev;@errdev.inf,%ERRDEV.SvcDesc%;Microsoft Hardware Error Device Driver; C:\windows\System32\drivers\errdev.sys [2012-07-26 10240]
S3 exfat;exFAT File System Driver; C:\windows\system32\drivers\exfat.sys [2012-07-26 194560]
S3 fdc;@fdc.inf,%fdc_ServiceDesc%;Floppy Disk Controller Driver; C:\windows\System32\drivers\fdc.sys [2012-07-26 30720]
S3 Filetrace;@%SystemRoot%\system32\drivers\filetrace.sys,-10001; C:\windows\system32\drivers\filetrace.sys [2012-07-26 34816]
S3 flpydisk;@flpydisk.inf,%floppy_ServiceDesc%;Floppy Disk Driver; C:\windows\System32\drivers\flpydisk.sys [2012-07-26 24576]
S3 FsDepends;@%SystemRoot%\system32\drivers\fsdepends.sys,-10001; C:\windows\System32\drivers\FsDepends.sys [2012-07-26 57584]
S3 FxPPM;@cpu.inf,%FxPPM.SvcDesc%;Power Framework Processor Driver; C:\windows\System32\drivers\fxppm.sys [2012-11-06 22528]
S3 gencounter;@wgencounter.inf,%GenCounter.SVCDESC%;Microsoft Hyper-V Generation Counter; C:\windows\System32\drivers\vmgencounter.sys [2012-07-26 12288]
S3 GPIOClx0101;Microsoft GPIO Class Extension Driver; C:\windows\System32\Drivers\msgpioclx.sys [2013-07-09 120144]
S3 HdAudAddService;@hdaudio.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\HdAudio.sys [2013-06-26 341504]
S3 HidBatt;@hidbatt.inf,%HidBatt.SvcDesc%;HID UPS Battery Driver; C:\windows\System32\drivers\HidBatt.sys [2012-07-26 27136]
S3 HidBth;@hidbth.inf,%HIDBTH.SvcDesc%;Microsoft Bluetooth HID Miniport; C:\windows\System32\drivers\hidbth.sys [2013-04-09 95744]
S3 hidi2c;@hidi2c.inf,%hidi2c.SVCDESC%;Microsoft I2C HID Miniport Driver; C:\windows\System32\drivers\hidi2c.sys [2012-11-20 39936]
S3 HidIr;@hidir.inf,%HIDIR.SvcDesc%;Microsoft Infrared HID Driver; C:\windows\System32\drivers\hidir.sys [2012-07-26 46080]
S3 hyperkbd;hyperkbd; C:\windows\System32\drivers\hyperkbd.sys [2012-07-26 11776]
S3 HyperVideo;HyperVideo; C:\windows\system32\DRIVERS\HyperVideo.sys [2012-07-26 24576]
S3 i8042prt;@msmouse.inf,%i8042prt.SvcDesc%;PS/2 Keyboard and Mouse Port Driver; C:\windows\System32\drivers\i8042prt.sys [2012-07-26 112640]
S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2012-06-02 10627744]
S3 IpFilterDriver;@%systemroot%\system32\rascfg.dll,-32013; C:\windows\system32\DRIVERS\ipfltdrv.sys [2012-07-26 89088]
S3 IPMIDRV;IPMIDRV; C:\windows\System32\drivers\IPMIDrv.sys [2012-07-26 78336]
S3 IPNAT;IP Network Address Translator; C:\windows\System32\drivers\ipnat.sys [2012-07-26 145920]
S3 IRENUM;@%SystemRoot%\system32\drivers\irenum.sys,-100; C:\windows\system32\drivers\irenum.sys [2012-07-26 17920]
S3 iScsiPrt;@iscsi.inf,%iScsiPortName%;iScsiPort Driver; C:\windows\System32\drivers\msiscsi.sys [2012-11-06 277736]
S3 Modem;Modem; C:\windows\system32\drivers\modem.sys [2012-07-26 40448]
S3 MRxDAV;@%systemroot%\system32\webclnt.dll,-104; C:\windows\system32\drivers\mrxdav.sys [2012-07-26 141312]
S3 MsBridge;@%SystemRoot%\system32\bridgeres.dll,-1; C:\windows\system32\DRIVERS\bridge.sys [2012-07-26 129536]
S3 msgpiowin32;@msgpiowin32.inf,%GPIO.SvcDesc%;GPIO Buttons Driver; C:\windows\System32\drivers\msgpiowin32.sys [2013-01-10 28904]
S3 mshidkmdf;@%SystemRoot%\system32\drivers\mshidkmdf.sys,-100; C:\windows\System32\drivers\mshidkmdf.sys [2012-07-26 8704]
S3 mshidumdf;@%SystemRoot%\system32\drivers\mshidumdf.sys,-100; C:\windows\System32\drivers\mshidumdf.sys [2012-07-26 10752]
S3 MSKSSRV;@ksfilter.inf,%MSKSSRV.DeviceDesc%;Microsoft Streaming Service Proxy; C:\windows\system32\drivers\MSKSSRV.sys [2012-07-26 11008]
S3 MsLldp;@C:\Windows\system32\DRIVERS\mslldp.sys,-200; C:\windows\system32\DRIVERS\mslldp.sys [2012-07-26 68608]
S3 MSPCLOCK;@ksfilter.inf,%MSPCLOCK.DeviceDesc%;Microsoft Streaming Clock Proxy; C:\windows\system32\drivers\MSPCLOCK.sys [2012-07-26 7168]
S3 MSPQM;@ksfilter.inf,%MSPQM.DeviceDesc%;Microsoft Streaming Quality Manager Proxy; C:\windows\system32\drivers\MSPQM.sys [2012-07-26 6912]
S3 MsRPC;MsRPC; C:\windows\system32\drivers\MsRPC.sys [2012-07-26 390896]
S3 MSTEE;@ksfilter.inf,%MSTEE.DeviceDesc%;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\windows\system32\drivers\MSTEE.sys [2012-07-26 8192]
S3 MTConfig;@mtconfig.inf,%MTConfig.SVCDESC%;Microsoft Input Configuration Driver; C:\windows\System32\drivers\MTConfig.sys [2012-07-26 14848]
S3 NativeWifiP;@%SystemRoot%\System32\drivers\nwifi.sys,-101; C:\windows\system32\DRIVERS\nwifi.sys [2012-07-26 427520]
S3 NdisCap;@%SystemRoot%\System32\drivers\ndiscap.sys,-5000; C:\windows\system32\DRIVERS\ndiscap.sys [2012-07-26 46592]
S3 NdisImPlatform;@%SystemRoot%\System32\drivers\ndisimplatform.sys,-501; C:\windows\system32\DRIVERS\NdisImPlatform.sys [2012-07-26 126464]
S3 Ndisuio;@ndisuio.inf,%NDISUIO_Desc%;NDIS Usermode I/O Protocol; C:\windows\system32\DRIVERS\ndisuio.sys [2012-07-26 58880]
S3 NDISWANLEGACY;@%systemroot%\system32\rascfg.dll,-32014; C:\windows\system32\DRIVERS\ndiswan.sys [2012-07-26 174080]
S3 Parport;@msports.inf,%Parport.SVCDESC%;Parallel port driver; C:\windows\System32\drivers\parport.sys [2012-07-26 105984]
S3 Processor;@cpu.inf,%Processor.SvcDesc%;Processor Driver; C:\windows\System32\drivers\processr.sys [2012-11-06 87552]
S3 QWAVEdrv;@%SystemRoot%\system32\drivers\qwavedrv.sys,-1; C:\windows\system32\drivers\qwavedrv.sys [2012-07-26 46592]
S3 RasAcd;Remote Access Auto Connection Driver; C:\windows\System32\DRIVERS\rasacd.sys [2012-07-26 16384]
S3 RDPDR;@%SystemRoot%\System32\DRIVERS\rdpdr.sys,-100; C:\windows\System32\drivers\rdpdr.sys [2012-07-26 179712]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [2012-10-12 27880]
S3 RDPWD;RDP Winstation Driver; C:\windows\system32\drivers\RDPWD.sys [2012-07-26 208384]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Zařízení Bluetooth (RFCOMM protokol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2013-03-01 156672]
S3 s3cap;s3cap; C:\windows\System32\drivers\vms3cap.sys [2012-07-26 7168]
S3 scfilter;@%SystemRoot%\System32\drivers\scfilter.sys,-11; C:\windows\System32\DRIVERS\scfilter.sys [2012-07-26 36864]
S3 sdbus;sdbus; C:\windows\System32\drivers\sdbus.sys [2013-06-29 195416]
S3 sdstor;@sdstor.inf,%sdstor_ServiceDesc%;SD Storage Port Driver; C:\windows\System32\drivers\sdstor.sys [2012-10-11 56552]
S3 SerCx;Serial UART Support Library; C:\windows\system32\drivers\SerCx.sys [2012-07-26 62976]
S3 Serenum;@msports.inf,%Serenum.SVCDESC%;Serenum Filter Driver; C:\windows\System32\drivers\serenum.sys [2012-07-26 23040]
S3 Serial;@msports.inf,%Serial.SVCDESC%;Serial port driver; C:\windows\System32\drivers\serial.sys [2012-07-26 76800]
S3 sermouse;@msmouse.inf,%sermouse.SvcDesc%;Serial Mouse Driver; C:\windows\System32\drivers\sermouse.sys [2012-07-26 27136]
S3 sfloppy;@flpydisk.inf,%sfloppy_devdesc%;High-Capacity Floppy Disk Drive; C:\windows\System32\drivers\sfloppy.sys [2012-07-26 16896]
S3 SpbCx;Simple Peripheral Bus Support Library; C:\windows\system32\drivers\SpbCx.sys [2012-07-26 59392]
S3 TCPIP6;@netip6.inf,%MS_TCPIP6.TCPIP6.ServiceDescription%;Microsoft IPv6 Protocol Driver; C:\windows\system32\DRIVERS\tcpip.sys [2013-11-01 2232664]
S3 terminpt;@termmou.inf,%TermInpt.SVCDESC%;Microsoft Remote Desktop Input Driver; C:\windows\System32\drivers\terminpt.sys [2012-07-26 36592]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2012-07-26 57344]
S3 TsUsbGD;@tsgenericusbdriver.inf,%TsUsbGD.DeviceDesc.Generic%;Remote Desktop Generic USB Device; C:\windows\System32\drivers\TsUsbGD.sys [2012-07-26 30208]
S3 UASPStor;@uaspstor.inf,%UASPortName%;USB Attached SCSI (UAS) Driver; C:\windows\System32\drivers\uaspstor.sys [2012-07-26 97008]
S3 UmPass;@umpass.inf,%UmPass.SVCDESC%;Microsoft UMPass Driver; C:\windows\System32\drivers\umpass.sys [2012-07-26 11776]
S3 usbcir;@usbcir.inf,%usbcir.SVCDESC%;eHome Infrared Receiver (USBCIR); C:\windows\System32\drivers\usbcir.sys [2013-07-05 99328]
S3 usbohci;@usbport.inf,%OHCIMP.SvcDesc%;Microsoft USB Open Host Controller Miniport Driver; C:\windows\System32\drivers\usbohci.sys [2012-11-20 27136]
S3 usbprint;@usbprint.inf,%USBPRINT.SvcDesc%;Microsoft USB PRINTER Class; C:\windows\System32\drivers\usbprint.sys [2013-07-01 25600]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\windows\System32\drivers\usbscan.sys [2013-07-01 43008]
S3 usbuhci;@usbport.inf,%UHCIMP.SvcDesc%;Microsoft USB Universal Host Controller Miniport Driver; C:\windows\System32\drivers\usbuhci.sys [2013-06-29 32256]
S3 VerifierExt;@%SystemRoot%\system32\drivers\VerifierExt.sys,-1000; C:\windows\system32\drivers\VerifierExt.sys [2012-07-26 106224]
S3 vhdmp;vhdmp; C:\windows\System32\drivers\vhdmp.sys [2013-03-02 495336]
S3 VMBusHID;VMBusHID; C:\windows\System32\drivers\VMBusHID.sys [2012-07-26 22144]
S3 vpci;@wvpci.inf,%vpci.SVCDESC%;Microsoft Hyper-V Virtual PCI Bus; C:\windows\System32\drivers\vpci.sys [2012-07-26 67824]
S3 vwifibus;@%SystemRoot%\System32\drivers\vwifibus.sys,-257; C:\windows\System32\drivers\vwifibus.sys [2012-07-26 24064]
S3 WacomPen;@hiddigi.inf,%WacomPen.SVCDESC%;Wacom Serial Pen HID Driver; C:\windows\System32\drivers\wacompen.sys [2012-07-26 27008]
S3 Wanarp;@%systemroot%\system32\rascfg.dll,-32011; C:\windows\system32\DRIVERS\wanarp.sys [2013-04-09 83456]
S3 WdBoot;@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-390; C:\windows\system32\drivers\WdBoot.sys [2013-07-02 36288]
S3 WdFilter;@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-330; C:\windows\system32\drivers\WdFilter.sys [2013-07-01 247216]
S3 WIMMount;WIMMount; C:\windows\system32\drivers\wimmount.sys [2012-07-26 33520]
S3 WmiAcpi;@wmiacpi.inf,%WMIMAP.SvcDesc%;Microsoft Windows Management Interface for ACPI; C:\windows\System32\drivers\wmiacpi.sys [2012-07-26 17408]
S4 udfs;udfs; C:\windows\system32\DRIVERS\udfs.sys [2013-06-26 321536]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2012-07-05 239616]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 AudioEndpointBuilder;@%SystemRoot%\system32\AudioEndpointBuilder.dll,-204; C:\windows\System32\svchost.exe [2012-09-20 29696]
R2 Audiosrv;@%SystemRoot%\system32\audiosrv.dll,-200; C:\windows\System32\svchost.exe [2012-09-20 29696]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-12-06 50344]
R2 BFE;@%SystemRoot%\system32\bfe.dll,-1001; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 BITS;@%SystemRoot%\system32\qmgr.dll,-1000; C:\windows\System32\svchost.exe [2012-09-20 29696]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 BrokerInfrastructure;@%windir%\system32\bisrv.dll,-100; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 CryptSvc;@%SystemRoot%\system32\cryptsvc.dll,-1001; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 DcomLaunch;@combase.dll,-5012; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 DeviceAssociationService;@%SystemRoot%\system32\das.dll,-100; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 Dhcp;@%SystemRoot%\system32\dhcpcore.dll,-100; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 Dnscache;@%SystemRoot%\System32\dnsapi.dll,-101; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 DPS;@%systemroot%\system32\dps.dll,-500; C:\windows\System32\svchost.exe [2012-09-20 29696]
R2 EventLog;@%SystemRoot%\system32\wevtsvc.dll,-200; C:\windows\System32\svchost.exe [2012-09-20 29696]
R2 EventSystem;@comres.dll,-2450; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 gpsvc;@gpapi.dll,-112; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 IKEEXT;@%SystemRoot%\system32\ikeext.dll,-501; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 iphlpsvc;@%SystemRoot%\system32\iphlpsvc.dll,-500; C:\windows\System32\svchost.exe [2012-09-20 29696]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-07-18 165760]
R2 LanmanServer;@%systemroot%\system32\srvsvc.dll,-100; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 LanmanWorkstation;@%systemroot%\system32\wkssvc.dll,-100; C:\windows\System32\svchost.exe [2012-09-20 29696]
R2 lmhosts;@%SystemRoot%\system32\lmhsvc.dll,-101; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2014-02-04 377616]
R2 LSM;@%windir%\system32\lsm.dll,-1001; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 MMCSS;@%systemroot%\system32\mmcss.dll,-100; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 MpsSvc;@%SystemRoot%\system32\FirewallAPI.dll,-23090; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 NlaSvc;@%SystemRoot%\System32\nlasvc.dll,-1; C:\windows\System32\svchost.exe [2012-09-20 29696]
R2 nsi;@%SystemRoot%\system32\nsisvc.dll,-200; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 PcaSvc;@%SystemRoot%\system32\pcasvc.dll,-1; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 Power;@%SystemRoot%\system32\umpo.dll,-100; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 ProfSvc;@%systemroot%\system32\profsvc.dll,-300; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 RpcEptMapper;@%windir%\system32\RpcEpMap.dll,-1001; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 RpcSs;@combase.dll,-5010; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 SamSs;@%SystemRoot%\system32\samsrv.dll,-1; C:\windows\system32\lsass.exe [2012-09-20 35840]
R2 SENS;@%SystemRoot%\system32\Sens.dll,-200; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 ShellHWDetection;@%SystemRoot%\System32\shsvcs.dll,-12288; C:\windows\System32\svchost.exe [2012-09-20 29696]
R2 Schedule;@%SystemRoot%\system32\schedsvc.dll,-100; C:\windows\System32\svchost.exe [2012-09-20 29696]
R2 Spooler;@%systemroot%\system32\spoolsv.exe,-1; C:\windows\System32\spoolsv.exe [2012-07-26 769024]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10101; C:\Program Files\IDT\WDM\STacSV64.exe [2012-09-19 321536]
R2 stisvc;@%SystemRoot%\system32\wiaservc.dll,-9; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 SysMain;@%SystemRoot%\system32\sysmain.dll,-1000; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-09-12 5071712]
R2 Themes;@%SystemRoot%\System32\themeservice.dll,-8192; C:\windows\System32\svchost.exe [2012-09-20 29696]
R2 TrkWks;@%SystemRoot%\system32\trkwks.dll,-1; C:\windows\System32\svchost.exe [2012-09-20 29696]
R2 Wcmsvc;@%SystemRoot%\System32\wcmsvc.dll,-4097; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 Winmgmt;@%Systemroot%\system32\wbem\wmisvc.dll,-205; C:\windows\system32\svchost.exe [2012-09-20 29696]
R3 AeLookupSvc;@%SystemRoot%\system32\aelupsvc.dll,-1; C:\windows\system32\svchost.exe [2012-09-20 29696]
R3 Appinfo;@%systemroot%\system32\appinfo.dll,-100; C:\windows\system32\svchost.exe [2012-09-20 29696]
R3 fdPHost;@%systemroot%\system32\fdPHost.dll,-100; C:\windows\system32\svchost.exe [2012-09-20 29696]
R3 FDResPub;@%systemroot%\system32\fdrespub.dll,-100; C:\windows\system32\svchost.exe [2012-09-20 29696]
R3 hidserv;@%SystemRoot%\System32\hidserv.dll,-101; C:\windows\system32\svchost.exe [2012-09-20 29696]
R3 HomeGroupListener;@%SystemRoot%\System32\ListSvc.dll,-100; C:\windows\System32\svchost.exe [2012-09-20 29696]
R3 HomeGroupProvider;@%SystemRoot%\System32\provsvc.dll,-100; C:\windows\System32\svchost.exe [2012-09-20 29696]
R3 NcdAutoSetup;@%SystemRoot%\system32\NcdAutoSetup.dll,-100; C:\windows\System32\svchost.exe [2012-09-20 29696]
R3 Netman;@%SystemRoot%\system32\netman.dll,-109; C:\windows\System32\svchost.exe [2012-09-20 29696]
R3 netprofm;@%SystemRoot%\system32\netprofmsvc.dll,-202; C:\windows\System32\svchost.exe [2012-09-20 29696]
R3 p2pimsvc;@%SystemRoot%\system32\pnrpsvc.dll,-8004; C:\windows\System32\svchost.exe [2012-09-20 29696]
R3 p2psvc;@%SystemRoot%\system32\p2psvc.dll,-8006; C:\windows\System32\svchost.exe [2012-09-20 29696]
R3 PlugPlay;@%SystemRoot%\system32\umpnpmgr.dll,-200; C:\windows\system32\svchost.exe [2012-09-20 29696]
R3 PNRPsvc;@%SystemRoot%\system32\pnrpsvc.dll,-8000; C:\windows\System32\svchost.exe [2012-09-20 29696]
R3 PolicyAgent;@%SystemRoot%\System32\polstore.dll,-5010; C:\windows\system32\svchost.exe [2012-09-20 29696]
R3 RasMan;@%Systemroot%\system32\rasmans.dll,-200; C:\windows\System32\svchost.exe [2012-09-20 29696]
R3 SSDPSRV;@%systemroot%\system32\ssdpsrv.dll,-100; C:\windows\system32\svchost.exe [2012-09-20 29696]
R3 SstpSvc;@%SystemRoot%\system32\sstpsvc.dll,-200; C:\windows\system32\svchost.exe [2012-09-20 29696]
R3 SystemEventsBroker;@%windir%\system32\SystemEventsBrokerServer.dll,-1001; C:\windows\system32\svchost.exe [2012-09-20 29696]
R3 TapiSrv;@%SystemRoot%\system32\tapisrv.dll,-10100; C:\windows\System32\svchost.exe [2012-09-20 29696]
R3 TimeBroker;@%windir%\system32\TimeBrokerServer.dll,-1001; C:\windows\system32\svchost.exe [2012-09-20 29696]
R3 TrustedInstaller;@%SystemRoot%\servicing\TrustedInstaller.exe,-100; C:\windows\servicing\TrustedInstaller.exe [2013-05-15 98304]
R3 WdiServiceHost;@%systemroot%\system32\wdi.dll,-502; C:\windows\System32\svchost.exe [2012-09-20 29696]
R3 WdiSystemHost;@%systemroot%\system32\wdi.dll,-500; C:\windows\System32\svchost.exe [2012-09-20 29696]
R3 WinHttpAutoProxySvc;@%SystemRoot%\system32\winhttp.dll,-100; C:\windows\system32\svchost.exe [2012-09-20 29696]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-03 116648]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2014-02-04 2222416]
S2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2012-08-15 85504]
S2 HPConnectedRemote;HP Connected Remote Service; c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [2012-08-29 35232]
S2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-07-18 128896]
S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-18 276864]
S2 MgAssistService;MgAssist Service; C:\Program Files (x86)\Mobogenie\MgAssist.exe []
S2 SharedAccess;@%SystemRoot%\system32\ipnathlp.dll,-106; C:\windows\System32\svchost.exe [2012-09-20 29696]
S2 sppsvc;@%SystemRoot%\system32\sppsvc.exe,-101; C:\windows\system32\sppsvc.exe [2013-08-16 4917760]
S2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-18 364416]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-20 257928]
S3 ALG;@%SystemRoot%\system32\Alg.exe,-112; C:\windows\System32\alg.exe [2012-07-26 94208]
S3 AllUserInstallAgent;@%SystemRoot%\System32\AUInstallAgent.dll,-101; C:\windows\System32\svchost.exe [2012-09-20 29696]
S3 AppIDSvc;@%systemroot%\system32\appidsvc.dll,-100; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-12 51648]
S3 AxInstSV;@%SystemRoot%\system32\AxInstSV.dll,-103; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 BDESVC;@%SystemRoot%\system32\bdesvc.dll,-100; C:\windows\System32\svchost.exe [2012-09-20 29696]
S3 Browser;@%systemroot%\system32\browser.dll,-100; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 bthserv;@%SystemRoot%\System32\bthserv.dll,-101; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 CertPropSvc;@%SystemRoot%\System32\certprop.dll,-11; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 COMSysApp;@comres.dll,-947; C:\windows\system32\dllhost.exe [2012-07-26 10752]
S3 defragsvc;@%SystemRoot%\system32\defragsvc.dll,-101; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 DeviceInstall;@%SystemRoot%\system32\umpnpmgr.dll,-100; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 dot3svc;@%systemroot%\system32\dot3svc.dll,-1102; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 DsmSvc;@%SystemRoot%\system32\DeviceSetupManager.dll,-1000; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 Eaphost;@%systemroot%\system32\eapsvc.dll,-1; C:\windows\System32\svchost.exe [2012-09-20 29696]
S3 EFS;@%SystemRoot%\system32\efssvc.dll,-100; C:\windows\System32\lsass.exe [2012-09-20 35840]
S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\windows\system32\fxssvc.exe [2012-07-26 669696]
S3 fhsvc;@%systemroot%\system32\fhsvc.dll,-101; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2012-07-26 43616]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-03 116648]
S3 hkmsvc;@%SystemRoot%\system32\kmsvc.dll,-6; C:\windows\System32\svchost.exe [2012-09-20 29696]
S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2012-08-10 1001376]
S3 KeyIso;@keyiso.dll,-100; C:\windows\system32\lsass.exe [2012-09-20 35840]
S3 KtmRm;@comres.dll,-2946; C:\windows\System32\svchost.exe [2012-09-20 29696]
S3 lltdsvc;@%SystemRoot%\system32\lltdres.dll,-1; C:\windows\System32\svchost.exe [2012-09-20 29696]
S3 MSDTC;@comres.dll,-2797; C:\windows\System32\msdtc.exe [2012-07-26 144384]
S3 MSiSCSI;@%SystemRoot%\system32\iscsidsc.dll,-5000; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 msiserver;@%SystemRoot%\system32\msimsg.dll,-27; C:\windows\system32\msiexec.exe [2012-07-26 124416]
S3 napagent;@%SystemRoot%\system32\qagentrt.dll,-6; C:\windows\System32\svchost.exe [2012-09-20 29696]
S3 NcaSvc;@%SystemRoot%\system32\ncasvc.dll,-3009; C:\windows\System32\svchost.exe [2012-09-20 29696]
S3 Netlogon;@%SystemRoot%\System32\netlogon.dll,-102; C:\windows\system32\lsass.exe [2012-09-20 35840]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\windows\SysWow64\perfhost.exe [2012-07-26 20992]
S3 pla;@%systemroot%\system32\pla.dll,-500; C:\windows\System32\svchost.exe [2012-09-20 29696]
S3 PNRPAutoReg;@%SystemRoot%\system32\pnrpauto.dll,-8002; C:\windows\System32\svchost.exe [2012-09-20 29696]
S3 PrintNotify;@C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll,-1; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 QWAVE;@%SystemRoot%\system32\qwave.dll,-1; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 RasAuto;@%Systemroot%\system32\rasauto.dll,-200; C:\windows\System32\svchost.exe [2012-09-20 29696]
S3 RpcLocator;@%systemroot%\system32\Locator.exe,-2; C:\windows\system32\locator.exe [2012-07-26 9728]
S3 SCPolicySvc;@%SystemRoot%\System32\certprop.dll,-13; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 SDRSVC;@%SystemRoot%\system32\sdrsvc.dll,-107; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 seclogon;@%SystemRoot%\system32\seclogon.dll,-7001; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 SensrSvc;@%SystemRoot%\System32\sensrsvc.dll,-1000; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 SessionEnv;@%SystemRoot%\System32\SessEnv.dll,-1026; C:\windows\System32\svchost.exe [2012-09-20 29696]
S3 SNMPTRAP;@%SystemRoot%\system32\snmptrap.exe,-3; C:\windows\System32\snmptrap.exe [2012-07-26 14848]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-02-18 569024]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\windows\System32\svchost.exe [2012-09-20 29696]
S3 svsvc;@%SystemRoot%\system32\svsvc.dll,-101; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 swprv;@%SystemRoot%\System32\swprv.dll,-103; C:\windows\System32\svchost.exe [2012-09-20 29696]
S3 TabletInputService;@%SystemRoot%\system32\TabSvc.dll,-100; C:\windows\System32\svchost.exe [2012-09-20 29696]
S3 TermService;@%SystemRoot%\System32\termsrv.dll,-268; C:\windows\System32\svchost.exe [2012-09-20 29696]
S3 THREADORDER;@%systemroot%\system32\mmcss.dll,-102; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 UI0Detect;@%SystemRoot%\system32\ui0detect.exe,-101; C:\windows\system32\UI0Detect.exe [2012-07-26 40960]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\windows\System32\svchost.exe [2012-09-20 29696]
S3 upnphost;@%systemroot%\system32\upnphost.dll,-213; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 VaultSvc;@%SystemRoot%\system32\vaultsvc.dll,-1003; C:\windows\system32\lsass.exe [2012-09-20 35840]
S3 vds;@%SystemRoot%\system32\vds.exe,-100; C:\windows\System32\vds.exe [2013-06-01 680960]
S3 vmickvpexchange;@%systemroot%\system32\vmicres.dll,-201; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 vmicrdv;@%systemroot%\system32\vmicres.dll,-601; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 vmicshutdown;@%systemroot%\system32\vmicres.dll,-301; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 vmictimesync;@%systemroot%\system32\vmicres.dll,-401; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 vmicvss;@%systemroot%\system32\vmicres.dll,-501; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 vmicheartbeat;@%systemroot%\system32\vmicres.dll,-101; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 VSS;@%systemroot%\system32\vssvc.exe,-102; C:\windows\system32\vssvc.exe [2013-05-04 1483776]
S3 W32Time;@%SystemRoot%\system32\w32time.dll,-200; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\windows\system32\wbengine.exe [2012-07-26 1616896]
S3 WbioSrvc;@%systemroot%\system32\wbiosrvc.dll,-100; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 wcncsvc;@%SystemRoot%\system32\wcncsvc.dll,-3; C:\windows\System32\svchost.exe [2012-09-20 29696]
S3 WcsPlugInService;@%SystemRoot%\system32\WcsPlugInService.dll,-200; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 WebClient;@%systemroot%\system32\webclnt.dll,-100; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 Wecsvc;@%SystemRoot%\system32\wecsvc.dll,-200; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 wercplsupport;@%SystemRoot%\System32\wercplsupport.dll,-101; C:\windows\System32\svchost.exe [2012-09-20 29696]
S3 WerSvc;@%SystemRoot%\System32\wersvc.dll,-100; C:\windows\System32\svchost.exe [2012-09-20 29696]
S3 WiaRpc;@%SystemRoot%\system32\wiarpc.dll,-2; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 WinDefend;@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310; C:\Program Files\Windows Defender\MsMpEng.exe [2013-07-02 16048]
S3 WinRM;@%Systemroot%\system32\wsmsvc.dll,-101; C:\windows\System32\svchost.exe [2012-09-20 29696]
S3 WlanSvc;@%SystemRoot%\System32\wlansvc.dll,-257; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 wlidsvc;@%SystemRoot%\system32\wlidsvc.dll,-100; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 wmiApSrv;@%Systemroot%\system32\wbem\wmiapsrv.exe,-110; C:\windows\system32\wbem\WmiApSrv.exe [2012-07-26 198144]
S4 NetTcpPortSharing;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8201; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-12 139696]
S4 RemoteAccess;@%Systemroot%\system32\mprdim.dll,-200; C:\windows\System32\svchost.exe [2012-09-20 29696]
S4 RemoteRegistry;@regsvc.dll,-1; C:\windows\system32\svchost.exe [2012-09-20 29696]
S4 SCardSvr;@%SystemRoot%\System32\SCardSvr.dll,-1; C:\windows\system32\svchost.exe [2012-09-20 29696]

-----------------EOF-----------------

Tak to fakt nevím, třeba si havěť dělá vlastní backup

budu zde až tak cca kolem 18.hodiny

#21 Příspěvek od **Márty84** » 24 úno 2014 09:29

Jsou to ale jen zbytky, ty smaznem skriptem

Ale nejdrive jeste jeden sken, at to odstranime vsechno.

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

Gladiator91 · #22 Příspěvek od **Gladiator91** » 24 úno 2014 18:58

OTL logfile created on: 24. 2. 2014 18:17:47 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jirka\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16798)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d. M. yyyy

5,96 Gb Total Physical Memory | 4,60 Gb Available Physical Memory | 77,25% Memory free
6,89 Gb Paging File | 5,26 Gb Available in Paging File | 76,23% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 452,79 Gb Total Space | 270,23 Gb Free Space | 59,68% Space Free | Partition Type: NTFS
Drive D: | 11,15 Gb Total Space | 1,31 Gb Free Space | 11,77% Space Free | Partition Type: NTFS
Drive J: | 465,73 Gb Total Space | 386,76 Gb Free Space | 83,04% Space Free | Partition Type: NTFS

Computer Name: PC-OBYVAK | User Name: Jirka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/02/24 18:16:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jirka\Desktop\OTL.exe
PRC - [2014/02/20 02:03:06 | 000,859,464 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014/02/18 23:27:48 | 000,569,024 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2014/02/18 23:27:46 | 001,822,400 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2013/12/06 09:41:52 | 003,568,312 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013/12/06 09:41:52 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/09/12 09:31:23 | 005,071,712 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2012/07/18 09:51:00 | 000,364,416 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012/07/18 09:50:08 | 000,276,864 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012/07/18 09:46:54 | 000,128,896 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
PRC - [2012/07/18 09:45:15 | 000,165,760 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
PRC - [2012/06/08 04:34:06 | 000,111,120 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe

========== Modules (No Company Name) ==========

MOD - [2014/02/20 02:03:05 | 000,394,568 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\ppgooglenaclpluginchrome.dll
MOD - [2014/02/20 02:03:03 | 004,060,488 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\pdf.dll
MOD - [2014/02/20 02:02:59 | 000,716,616 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\libglesv2.dll
MOD - [2014/02/20 02:02:58 | 000,100,168 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\libegl.dll
MOD - [2014/02/20 02:02:56 | 001,647,432 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\ffmpegsumo.dll
MOD - [2014/02/20 02:02:54 | 000,051,016 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\chrome_elf.dll
MOD - [2014/02/18 23:27:48 | 001,135,296 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2014/02/11 03:34:30 | 000,751,616 | ---- | M] () -- C:\Program Files (x86)\Steam\SDL2.dll
MOD - [2014/01/11 00:33:44 | 020,625,832 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2013/12/12 23:19:40 | 000,142,848 | ---- | M] () -- C:\Program Files (x86)\Steam\libavresample-1.dll
MOD - [2013/12/06 09:41:56 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2013/11/05 02:12:06 | 000,890,592 | ---- | M] () -- C:\Program Files (x86)\Steam\libavutil-52.dll
MOD - [2013/06/15 00:49:12 | 001,100,800 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2013/06/15 00:49:12 | 000,192,000 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2013/06/15 00:49:12 | 000,124,416 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll
MOD - [2012/06/08 12:34:06 | 000,016,400 | ---- | M] () -- c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
MOD - [2012/06/08 04:34:06 | 000,627,216 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll

========== Services (SafeList) ==========

SRV:64bit: - [2013/12/06 09:41:52 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2013/08/16 06:39:26 | 002,371,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2013/07/02 01:44:21 | 000,016,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2013/06/24 23:54:45 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2013/06/01 10:19:58 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/05/04 07:58:02 | 000,470,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/05/04 07:57:05 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2013/04/09 05:48:42 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2013/03/02 03:45:07 | 000,171,008 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/03/02 03:45:05 | 000,180,224 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013/01/10 00:23:16 | 001,964,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013/01/10 00:22:35 | 000,438,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2012/11/06 05:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2012/09/20 07:31:18 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2012/09/19 10:12:18 | 000,321,536 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2012/07/26 04:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2012/07/26 04:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2012/07/26 04:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2012/07/26 04:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2012/07/26 04:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2012/07/26 04:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2012/07/26 04:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2012/07/26 04:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2012/07/26 04:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2012/07/26 04:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent)
SRV:64bit: - [2012/07/26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2012/07/26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2012/07/26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2012/07/26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2012/07/26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2012/07/26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2012/07/05 19:17:24 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012/04/20 15:16:12 | 000,635,104 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- c:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV - [2014/02/20 20:51:50 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/02/18 23:27:48 | 000,569,024 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2014/02/04 14:56:50 | 002,222,416 | ---- | M] (LogMeIn Inc.) [Auto | Stopped] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2014/02/04 10:37:32 | 000,377,616 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2013/09/12 09:31:23 | 005,071,712 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2012/11/06 05:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2012/08/29 11:02:16 | 000,035,232 | ---- | M] (Hewlett-Packard) [Auto | Running] -- c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe -- (HPConnectedRemote)
SRV - [2012/08/15 14:29:52 | 000,085,504 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2012/07/26 04:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2012/07/26 04:18:41 | 000,408,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2012/07/26 04:17:52 | 000,060,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2012/07/18 09:51:00 | 000,364,416 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/07/18 09:50:08 | 000,276,864 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/07/18 09:46:54 | 000,128,896 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe -- (Intel(R)
SRV - [2012/07/18 09:45:15 | 000,165,760 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2014/02/04 14:56:44 | 000,046,136 | -H-- | M] (LogMeIn Inc.) [Kernel | On_Demand | Running] -- C:\windows\SysNative\Drivers\Hamdrv.sys -- (hamachi)
DRV:64bit: - [2013/12/06 09:42:02 | 001,032,416 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\windows\SysNative\Drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2013/12/06 09:42:02 | 000,409,832 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\SysNative\Drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2013/12/06 09:42:02 | 000,205,320 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013/12/06 09:42:02 | 000,084,328 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\windows\SysNative\Drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2013/12/06 09:42:02 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013/12/06 09:42:02 | 000,038,984 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\windows\SysNative\Drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2013/12/06 09:42:01 | 000,092,544 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\SysNative\Drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013/10/10 12:53:35 | 000,096,600 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2013/10/05 07:10:20 | 000,285,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\windows\SysNative\Drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2013/10/02 03:50:07 | 000,447,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2013/08/16 06:41:13 | 000,058,200 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\windows\SysNative\Drivers\dam.sys -- (dam)
DRV:64bit: - [2013/08/10 07:30:22 | 000,151,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\windows\SysNative\Drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/07/09 09:04:07 | 000,120,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2013/07/02 02:41:47 | 000,337,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2013/07/02 02:41:47 | 000,213,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2013/07/02 01:44:14 | 000,036,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\Drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2013/07/01 23:08:49 | 000,247,216 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\windows\SysNative\Drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2013/06/29 07:15:54 | 000,195,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\Drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2013/06/01 04:08:57 | 000,037,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/03/30 10:48:27 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\windows\SysNative\Drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2013/03/02 11:57:46 | 000,077,544 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\windows\SysNative\Drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/03/02 11:39:38 | 000,069,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\windows\SysNative\Drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013/01/10 02:53:32 | 000,028,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2012/11/27 04:55:44 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2012/11/20 05:54:31 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\Drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2012/11/06 04:55:44 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\Drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2012/10/12 09:08:01 | 000,027,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/10/11 08:25:48 | 000,056,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\Drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2012/09/20 08:55:27 | 003,265,256 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\windows\SysNative\Drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2012/09/20 08:55:24 | 000,533,224 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2012/09/19 10:14:51 | 000,540,160 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\windows\SysNative\Drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2012/07/26 06:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/07/26 06:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\windows\SysNative\Drivers\condrv.sys -- (condrv)
DRV:64bit: - [2012/07/26 06:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2012/07/26 06:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2012/07/26 06:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\Drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2012/07/26 06:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\windows\SysNative\Drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2012/07/26 06:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\windows\SysNative\Drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2012/07/26 06:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\windows\SysNative\Drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2012/07/26 06:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2012/07/26 06:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2012/07/26 06:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2012/07/26 06:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2012/07/26 06:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2012/07/26 06:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\windows\SysNative\Drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2012/07/26 06:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\windows\SysNative\Drivers\3ware.sys -- (3ware)
DRV:64bit: - [2012/07/26 06:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\windows\SysNative\Drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012/07/26 06:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\windows\SysNative\Drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012/07/26 05:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\windows\SysNative\Drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2012/07/26 05:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\Drivers\vpci.sys -- (vpci)
DRV:64bit: - [2012/07/26 04:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\Drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012/07/26 03:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2012/07/26 03:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2012/07/26 03:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2012/07/26 03:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\windows\SysNative\Drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2012/07/26 03:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\Drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2012/07/26 03:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\windows\SysNative\Drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2012/07/26 03:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\Drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2012/07/26 03:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2012/07/26 03:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2012/07/26 03:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\Drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2012/07/26 03:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2012/07/26 03:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\Drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2012/07/26 03:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\Drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2012/07/26 03:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/07/26 03:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2012/07/26 03:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\Drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2012/07/26 03:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/07/26 03:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2012/07/26 03:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2012/07/26 03:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\Drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2012/07/26 03:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\windows\SysNative\Drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2012/07/18 09:46:20 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\windows\SysNative\Drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012/07/05 20:23:38 | 010,267,648 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\windows\SysNative\Drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012/07/05 18:19:26 | 000,368,128 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\windows\SysNative\Drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012/07/03 19:49:06 | 000,098,472 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\windows\SysNative\Drivers\AtihdW86.sys -- (AtiHDAudioService)
DRV:64bit: - [2012/06/25 11:24:50 | 000,092,536 | ---- | M] (CyberLink) [Kernel | System | Running] -- C:\windows\SysNative\Drivers\CLVirtualDrive.sys -- (CLVirtualDrive)
DRV:64bit: - [2012/06/21 03:38:40 | 000,683,664 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\windows\SysNative\Drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2012/06/02 15:32:26 | 010,627,744 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\Drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012/06/02 15:31:38 | 000,333,824 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\Drivers\e1i63x64.sys -- (e1iexpress)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... c=HPDTDFJS
IE:64bit: - HKLM\..\SearchScopes\{4BDAFDEC-13F7-4508-968A-BD0C441C45B7}: "URL" = http://www.amazon.co.uk/s/ref=azs_osd_i ... earchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{4BDAFDEC-13F7-4508-968A-BD0C441C45B7}: "URL" = http://www.amazon.co.uk/s/ref=azs_osd_i ... earchTerms}

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-3708454727-2438114274-1006808024-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-3708454727-2438114274-1006808024-1001\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3708454727-2438114274-1006808024-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... c=HPDTDFJS
IE - HKU\S-1-5-21-3708454727-2438114274-1006808024-1001\..\SearchScopes\{3151DFA6-4D86-4672-85F2-0BD51A7FFFC3}: "URL" = http://www.search.ask.com/web?p2=%5EB7N ... 6spr%253Da
IE - HKU\S-1-5-21-3708454727-2438114274-1006808024-1001\..\SearchScopes\{4BDAFDEC-13F7-4508-968A-BD0C441C45B7}: "URL" = http://www.amazon.co.uk/s/ref=azs_osd_i ... earchTerms}
IE - HKU\S-1-5-21-3708454727-2438114274-1006808024-1001\..\SearchScopes\{4C1C039E-0DFF-422D-B41F-E05B16999499}: "URL" = http://search.yahoo.com/search?p={searc ... type=10809
IE - HKU\S-1-5-21-3708454727-2438114274-1006808024-1001\..\SearchScopes\{92066D58-4E73-44FE-9CF4-DB282DC68BA3}: "URL" = http://search.ividi.org/?q={searchTerms ... ilt=3&r=93
IE - HKU\S-1-5-21-3708454727-2438114274-1006808024-1001\..\SearchScopes\{CFE35342-AF4B-4503-B73D-11453E0C7781}: "URL" = http://search.findwide.com/serp?guid={7 ... earchTerms}
IE - HKU\S-1-5-21-3708454727-2438114274-1006808024-1001\..\SearchScopes\{F3FAE48F-E9C3-4005-B30B-553493FD9351}: "URL" = http://tv.seznam.cz/hledej?w={searchTer ... arch_12454
IE - HKU\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Jirka\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

[2014/02/23 19:08:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\extensions
[2014/02/20 19:21:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions
[2013/06/30 09:44:04 | 000,239,491 | ---- | M] () (No name found) -- C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\trtv3@trtv.com.xpi
[2013/09/16 18:41:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Error reading preferences file
CHR - Extension: Dokumenty Google = C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Disk Google = C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: VyhledĂˇvĂˇnĂ Google = C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: PenÄ›Ĺľenka Google = C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2014/02/23 20:02:19 | 000,000,027 | ---- | M]) - C:\windows\SysNative\Drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Object Browser) - {11111111-1111-1111-1111-110311281150} - C:\Program Files (x86)\Object Browser\Object Browser-bho64.dll File not found
O2:64bit: - BHO: (iWebar) - {11111111-1111-1111-1111-110311551110} - C:\Program Files (x86)\iWebar\iWebar-bho64.dll File not found
O2:64bit: - BHO: (Sense) - {11111111-1111-1111-1111-110411821192} - C:\Program Files (x86)\Sense\Sense-bho64.dll File not found
O2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Shopper Pro) - {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} - C:\ProgramData\ShopperPro\ShopperPro64.dll File not found
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-3708454727-2438114274-1006808024-1001\..\Toolbar\WebBrowser: (no name) - {434D452D-5637-006A-76A7-7A786E7484D7} - No CLSID value found.
O3 - HKU\S-1-5-21-3708454727-2438114274-1006808024-1001\..\Toolbar\WebBrowser: (no name) - {BE8E6C58-482D-4525-B4EC-224EBB8087FF} - No CLSID value found.
O4:64bit: - HKLM..\Run: [BeatsOSDApp] C:\Program Files\IDT\WDM\Beats64.exe (Hewlett-Packard )
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CLMLServer_For_P2G8] c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (CyberLink)
O4 - HKLM..\Run: [CLVirtualDrive] c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe (CyberLink Corp.)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4:64bit: - HKLM..\RunOnce: [NCPluginUpdater] c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\NCPluginUpdater.exe (Hewlett-Packard)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3708454727-2438114274-1006808024-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3708454727-2438114274-1006808024-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\.DEFAULT\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-19\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-21-3708454727-2438114274-1006808024-1001\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-3708454727-2438114274-1006808024-1001\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-3708454727-2438114274-1006808024-1001\..Trusted Domains: localhost ([]http in Internet)
O15 - HKU\S-1-5-21-3708454727-2438114274-1006808024-1001\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-3708454727-2438114274-1006808024-1001\..Trusted Domains: sony.com ([]* in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AACBA7C0-3E49-4BA4-A867-2D1CBD0CFFA7}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/10/15 04:43:10 | 000,000,000 | ---D | M] - J:\autorun -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs:64bit: wlidsvc - C:\windows\SysNative\wlidsvc.dll (Microsoft Corporation)
NetSvcs:64bit: DsmSvc - C:\windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
NetSvcs:64bit: NcaSvc - C:\windows\SysNative\NcaSvc.dll (Microsoft Corporation)
NetSvcs:64bit: SystemEventsBroker - C:\windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32: msacm.l3acm - C:\windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - frapsvid.dll File not found
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2014/02/24 18:16:49 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Jirka\Desktop\OTL.exe
[2014/02/23 20:06:42 | 000,000,000 | ---D | C] -- C:\Users\Jirka\AppData\Local\temp
[2014/02/23 20:02:54 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2014/02/23 19:24:43 | 000,518,144 | ---- | C] (SteelWerX) -- C:\windows\SWREG.exe
[2014/02/23 19:24:43 | 000,406,528 | ---- | C] (SteelWerX) -- C:\windows\SWSC.exe
[2014/02/23 19:24:43 | 000,212,480 | ---- | C] (SteelWerX) -- C:\windows\SWXCACLS.exe
[2014/02/23 19:24:43 | 000,060,416 | ---- | C] (NirSoft) -- C:\windows\NIRCMD.exe
[2014/02/23 19:24:33 | 000,000,000 | ---D | C] -- C:\Qoobox
[2014/02/23 19:24:15 | 000,000,000 | ---D | C] -- C:\windows\erdnt
[2014/02/23 19:23:01 | 005,184,272 | R--- | C] (Swearware) -- C:\Users\Jirka\Desktop\ComboFix.exe
[2014/02/23 19:08:42 | 000,000,000 | ---D | C] -- C:\Users\Jirka\Desktop\RK_Quarantine
[2014/02/23 16:12:54 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/02/22 16:45:47 | 000,000,000 | ---D | C] -- C:\Users\Jirka\AppData\Roaming\Malwarebytes
[2014/02/22 16:45:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/02/22 14:08:04 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014/02/22 14:04:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\trend micro
[2014/02/22 14:04:51 | 000,000,000 | ---D | C] -- C:\rsit
[2014/02/22 13:54:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014/02/22 09:35:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
[2014/02/19 16:09:02 | 000,000,000 | ---D | C] -- C:\Users\Jirka\AppData\Local\Installer
[2014/02/19 16:07:49 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\ShopperPro
[2014/02/17 16:34:37 | 000,000,000 | ---D | C] -- C:\Users\Jirka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PlayPickle
[2014/02/17 16:34:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayPickle
[2014/02/17 16:34:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PlayPickle
[2014/02/17 16:34:20 | 000,000,000 | ---D | C] -- C:\Users\Jirka\.android
[2014/02/17 16:34:18 | 000,000,000 | ---D | C] -- C:\Users\Jirka\AppData\Local\cache
[2014/02/16 12:42:43 | 000,000,000 | ---D | C] -- C:\Users\Jirka\Desktop\Projekty o konci světa
[2014/02/12 15:35:10 | 000,600,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
[2014/02/12 15:34:43 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\hidclass.sys
[2014/02/12 15:34:17 | 000,583,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msdrm.dll
[2014/02/12 15:34:12 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2014/02/12 15:34:11 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll
[2014/02/12 15:34:11 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesysprep.dll
[2014/02/12 15:34:11 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2014/02/12 15:34:11 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\UXInit.dll
[2014/02/12 15:34:11 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2014/02/12 15:34:11 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\UXInit.dll
[2014/02/12 15:34:11 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2014/02/12 15:34:10 | 000,915,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\uxtheme.dll
[2014/02/12 15:34:10 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll
[2014/02/12 15:34:09 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesysprep.dll
[2014/02/12 15:34:09 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2014/02/12 15:34:08 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2014/02/12 15:34:06 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2014/02/12 15:33:53 | 003,960,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2014/02/12 15:33:53 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2014/02/12 15:32:44 | 003,842,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d2d1.dll
[2014/02/12 15:32:44 | 002,238,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10warp.dll
[2014/02/10 16:07:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2014/02/10 16:07:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
[2014/02/07 13:26:18 | 000,000,000 | ---D | C] -- C:\Users\Jirka\Documents\My Cheat Tables
[2014/02/04 14:56:44 | 000,046,136 | -H-- | C] (LogMeIn Inc.) -- C:\windows\SysNative\drivers\Hamdrv.sys
[2014/02/02 18:45:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Ubisoft
[2014/02/02 18:44:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assassin's Creed Brotherhood
[2014/02/02 18:35:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Assassin's Creed Brotherhood
[2014/02/02 18:32:11 | 000,000,000 | ---D | C] -- C:\Users\Jirka\Desktop\Assassins-Creed-2-Brotherhood-CZ-titulky-ISO
[2014/02/01 18:21:19 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2014/02/01 18:19:56 | 000,000,000 | ---D | C] -- C:\Users\Jirka\AppData\Local\Adobe
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014/02/24 18:19:08 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014/02/24 18:16:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jirka\Desktop\OTL.exe
[2014/02/24 15:13:39 | 000,000,352 | ---- | M] () -- C:\windows\tasks\HPCeeScheduleForJirka.job
[2014/02/24 11:01:08 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2014/02/24 08:12:03 | 000,935,175 | ---- | M] () -- C:\Users\Jirka\Desktop\RSITx64.exe
[2014/02/24 08:09:59 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/02/24 08:09:57 | 821,534,719 | -HS- | M] () -- C:\hiberfil.sys
[2014/02/23 20:02:19 | 000,000,027 | ---- | M] () -- C:\windows\SysNative\drivers\etc\hosts
[2014/02/23 19:23:38 | 005,184,272 | R--- | M] (Swearware) -- C:\Users\Jirka\Desktop\ComboFix.exe
[2014/02/23 19:08:28 | 003,817,984 | ---- | M] () -- C:\Users\Jirka\Desktop\RogueKiller.exe
[2014/02/23 16:14:29 | 001,241,834 | ---- | M] () -- C:\Users\Jirka\Desktop\adwcleaner.exe
[2014/02/22 18:05:32 | 001,713,754 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2014/02/22 18:05:32 | 000,710,754 | ---- | M] () -- C:\windows\SysNative\perfh005.dat
[2014/02/22 18:05:32 | 000,697,824 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2014/02/22 18:05:32 | 000,162,914 | ---- | M] () -- C:\windows\SysNative\perfc005.dat
[2014/02/22 18:05:32 | 000,143,646 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2014/02/22 13:54:28 | 000,002,261 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/02/22 09:56:09 | 000,000,819 | ---- | M] () -- C:\Users\Public\Desktop\Diablo III.lnk
[2014/02/19 20:06:05 | 000,001,828 | ---- | M] () -- C:\Users\Jirka\Documents\cc_20130817_164054.reg
[2014/02/17 23:03:37 | 000,694,240 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2014/02/17 23:03:37 | 000,078,304 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/02/04 14:56:44 | 000,046,136 | -H-- | M] (LogMeIn Inc.) -- C:\windows\SysNative\drivers\Hamdrv.sys
[2014/02/02 18:44:16 | 000,001,134 | ---- | M] () -- C:\Users\Public\Desktop\Assassin's Creed Brotherhood.lnk
[2014/02/01 10:20:10 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2014/02/01 10:19:36 | 000,915,968 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\uxtheme.dll
[2014/02/01 10:19:36 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\UXInit.dll
[2014/02/01 10:18:47 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll
[2014/02/01 10:18:42 | 000,603,136 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2014/02/01 10:18:25 | 003,960,320 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2014/02/01 10:18:25 | 000,855,552 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2014/02/01 10:18:21 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iesysprep.dll
[2014/02/01 10:18:21 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2014/02/01 10:18:20 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2014/02/01 08:58:24 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\UXInit.dll
[2014/02/01 08:57:39 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll
[2014/02/01 08:57:20 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2014/02/01 08:57:16 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iesysprep.dll
[2014/02/01 08:57:16 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2014/02/01 08:57:16 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/02/24 18:19:08 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014/02/24 15:13:09 | 000,000,352 | ---- | C] () -- C:\windows\tasks\HPCeeScheduleForJirka.job
[2014/02/24 08:12:02 | 000,935,175 | ---- | C] () -- C:\Users\Jirka\Desktop\RSITx64.exe
[2014/02/23 19:24:43 | 000,256,000 | ---- | C] () -- C:\windows\PEV.exe
[2014/02/23 19:24:43 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe
[2014/02/23 19:24:43 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe
[2014/02/23 19:24:43 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe
[2014/02/23 19:24:43 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe
[2014/02/23 19:08:26 | 003,817,984 | ---- | C] () -- C:\Users\Jirka\Desktop\RogueKiller.exe
[2014/02/23 16:14:26 | 001,241,834 | ---- | C] () -- C:\Users\Jirka\Desktop\adwcleaner.exe
[2014/02/22 13:54:28 | 000,002,261 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/02/22 09:35:09 | 000,000,819 | ---- | C] () -- C:\Users\Public\Desktop\Diablo III.lnk
[2014/02/12 15:34:43 | 000,385,614 | ---- | C] () -- C:\windows\SysNative\ApnDatabase.xml
[2014/02/02 18:44:16 | 000,001,134 | ---- | C] () -- C:\Users\Public\Desktop\Assassin's Creed Brotherhood.lnk
[2013/12/21 13:37:53 | 000,043,520 | ---- | C] () -- C:\windows\SysWow64\CmdLineExt03.dll
[2013/11/15 17:56:50 | 000,003,584 | ---- | C] () -- C:\Users\Jirka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/09/27 11:35:23 | 000,000,000 | ---- | C] () -- C:\Users\Jirka\regbcm
[2013/09/11 16:52:38 | 000,083,968 | ---- | C] () -- C:\windows\SysWow64\OEMLicense.dll
[2013/07/13 11:01:50 | 000,000,174 | ---- | C] () -- C:\windows\RomeTW.ini
[2013/07/12 12:08:03 | 000,000,270 | RHS- | C] () -- C:\Users\Jirka\ntuser.pol
[2013/03/30 10:51:59 | 000,000,384 | ---- | C] () -- C:\windows\ODBC.INI
[2013/03/03 12:42:03 | 000,000,141 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
[2012/11/12 11:38:45 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin
[2012/08/01 18:09:37 | 000,915,038 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2012/07/26 09:13:10 | 000,215,943 | ---- | C] () -- C:\windows\SysWow64\dssec.dat
[2012/07/26 09:13:09 | 000,000,741 | ---- | C] () -- C:\windows\SysWow64\NOISE.DAT
[2012/07/26 08:21:26 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2012/07/26 02:17:42 | 000,043,520 | ---- | C] () -- C:\windows\SysWow64\BWContextHandler.dll
[2012/07/25 21:37:29 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2012/07/25 21:28:31 | 000,364,544 | ---- | C] () -- C:\windows\SysWow64\msjetoledb40.dll
[2012/07/25 21:22:54 | 000,982,240 | ---- | C] () -- C:\windows\SysWow64\igkrng500.bin
[2012/07/25 21:22:54 | 000,439,308 | ---- | C] () -- C:\windows\SysWow64\igcompkrng500.bin
[2012/07/25 21:22:54 | 000,092,356 | ---- | C] () -- C:\windows\SysWow64\igfcg500m.bin
[2012/07/05 18:34:18 | 000,204,952 | ---- | C] () -- C:\windows\SysWow64\ativvsvl.dat
[2012/07/05 18:34:18 | 000,157,144 | ---- | C] () -- C:\windows\SysWow64\ativvsva.dat
[2012/06/02 15:31:19 | 000,673,088 | ---- | C] () -- C:\windows\SysWow64\mlang.dat
[2012/04/20 14:59:44 | 000,001,536 | ---- | C] () -- C:\windows\SysWow64\IusEventLog.dll

========== ZeroAccess Check ==========

[2012/11/12 11:47:11 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\windows\SysNative\shell32.dll -- [2013/08/02 07:28:20 | 019,758,080 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/08/02 06:08:10 | 017,561,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\windows\SysNative\wbem\fastprox.dll -- [2012/07/26 04:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012/07/26 04:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\windows\SysNative\wbem\wbemess.dll -- [2012/07/26 04:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2014/01/29 19:48:32 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\.minecraft
[2013/12/06 09:51:23 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\AVAST Software
[2013/06/29 17:34:44 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Awesomium
[2014/02/07 19:19:56 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\DAEMON Tools Lite
[2014/01/24 19:21:45 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Firefly Studios
[2013/08/01 11:00:20 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\IDT
[2013/08/21 13:55:32 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Leadertech
[2013/06/15 11:03:42 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\LolClient
[2013/08/05 20:03:58 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Mumble
[2013/12/05 18:25:52 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Notepad++
[2014/01/24 22:27:22 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\openvr
[2013/12/07 18:41:09 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Quadcore Games
[2013/06/15 09:33:16 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Riot Games
[2014/02/20 19:22:54 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Seznam.cz
[2013/08/01 20:56:11 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\SFBot
[2013/05/05 10:45:43 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Unity
[2013/10/12 10:46:49 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Wargaming.net
[2013/03/12 21:58:44 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\WebApp

========== Purity Check ==========

========== Custom Scans ==========

< >
[2012/07/26 08:22:10 | 000,000,006 | -H-- | C] () -- C:\windows\Tasks\SA.DAT
[2014/02/24 15:13:09 | 000,000,352 | ---- | C] () -- C:\windows\Tasks\HPCeeScheduleForJirka.job

< >

< MD5 for: AGP440.SYS >
[2012/07/26 06:00:49 | 000,063,216 | ---- | M] (Microsoft Corporation) MD5=01590377A5AB19E792528C628A2A68F9 -- C:\windows\SysNative\drivers\AGP440.sys
[2012/07/26 06:00:49 | 000,063,216 | ---- | M] (Microsoft Corporation) MD5=01590377A5AB19E792528C628A2A68F9 -- C:\windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_81a4c6c9cc9d86a0\AGP440.sys
[2012/07/26 06:00:49 | 000,063,216 | ---- | M] (Microsoft Corporation) MD5=01590377A5AB19E792528C628A2A68F9 -- C:\windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.2.9200.16384_none_12dc94a048750f71\AGP440.sys

< MD5 for: ATAPI.SYS >
[2012/07/26 06:00:48 | 000,025,840 | ---- | M] (Microsoft Corporation) MD5=A721FF570C2387E383BDDEA9632863C9 -- C:\windows\erdnt\cache64\atapi.sys
[2012/07/26 06:00:48 | 000,025,840 | ---- | M] (Microsoft Corporation) MD5=A721FF570C2387E383BDDEA9632863C9 -- C:\windows\SysNative\drivers\atapi.sys
[2012/07/26 06:00:48 | 000,025,840 | ---- | M] (Microsoft Corporation) MD5=A721FF570C2387E383BDDEA9632863C9 -- C:\windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_69660e2be041f47b\atapi.sys
[2012/07/26 06:00:48 | 000,025,840 | ---- | M] (Microsoft Corporation) MD5=A721FF570C2387E383BDDEA9632863C9 -- C:\windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_b733d17ea1e7f604\atapi.sys
[2012/07/26 06:00:48 | 000,025,840 | ---- | M] (Microsoft Corporation) MD5=A721FF570C2387E383BDDEA9632863C9 -- C:\windows\WinSxS\amd64_mshdc.inf_31bf3856ad364e35_6.2.9200.16384_none_3601cf7eab4e0493\atapi.sys
[2012/07/26 06:00:48 | 000,025,840 | ---- | M] (Microsoft Corporation) MD5=A721FF570C2387E383BDDEA9632863C9 -- C:\windows\WinSxS\amd64_mshdc.inf_31bf3856ad364e35_6.2.9200.16548_none_36311422ab29f479\atapi.sys
[2012/07/26 06:00:48 | 000,025,840 | ---- | M] (Microsoft Corporation) MD5=A721FF570C2387E383BDDEA9632863C9 -- C:\windows\WinSxS\amd64_mshdc.inf_31bf3856ad364e35_6.2.9200.20652_none_36a9df45c455182a\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2013/06/19 18:19:07 | 000,000,619 | ---- | M] () MD5=0093B521508CEA717DEB8D77B0E19AC8 -- C:\windows\WinSxS\x86_microsoft-windows-autochk_31bf3856ad364e35_6.2.9200.20717_none_df774bf9ac0a075d\autochk.exe
[2013/06/18 07:54:21 | 000,000,596 | ---- | M] () MD5=08137E83476490D333404A74F6672606 -- C:\windows\WinSxS\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.2.9200.20717_none_3b95e77d64677893\autochk.exe
[2013/06/18 07:54:20 | 000,040,790 | ---- | M] () MD5=19C5A4BB0CC687A9EDA2253BB59E8C5B -- C:\windows\WinSxS\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.2.9200.16384_none_3abd94ae4b8558e6\autochk.exe
[2013/05/15 03:24:10 | 000,793,088 | ---- | M] (Microsoft Corporation) MD5=61ADD65C9D1E2EAF8BB080A4D6AAB055 -- C:\windows\SysWOW64\autochk.exe
[2013/05/15 03:24:10 | 000,793,088 | ---- | M] (Microsoft Corporation) MD5=61ADD65C9D1E2EAF8BB080A4D6AAB055 -- C:\windows\WinSxS\x86_microsoft-windows-autochk_31bf3856ad364e35_6.2.9200.16612_none_dee8adbc92f0e8e0\autochk.exe
[2013/06/19 18:19:06 | 000,034,714 | ---- | M] () MD5=87FC0C8724A16A7780A507B5BCA6F5A6 -- C:\windows\WinSxS\x86_microsoft-windows-autochk_31bf3856ad364e35_6.2.9200.16384_none_de9ef92a9327e7b0\autochk.exe
[2013/05/15 03:25:59 | 000,888,320 | ---- | M] (Microsoft Corporation) MD5=E47235E8DF26CA48DA189ACFD756329C -- C:\windows\SysNative\autochk.exe
[2013/05/15 03:25:59 | 000,888,320 | ---- | M] (Microsoft Corporation) MD5=E47235E8DF26CA48DA189ACFD756329C -- C:\windows\WinSxS\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.2.9200.16612_none_3b0749404b4e5a16\autochk.exe

< MD5 for: CDROM.SYS >
[2012/07/26 03:26:36 | 000,174,080 | ---- | M] (Microsoft Corporation) MD5=339BFF85D788268752DA8C9644B188EE -- C:\windows\SysNative\drivers\cdrom.sys
[2012/07/26 03:26:36 | 000,174,080 | ---- | M] (Microsoft Corporation) MD5=339BFF85D788268752DA8C9644B188EE -- C:\windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_cf04adb457be1724\cdrom.sys
[2012/07/26 03:26:36 | 000,174,080 | ---- | M] (Microsoft Corporation) MD5=339BFF85D788268752DA8C9644B188EE -- C:\windows\WinSxS\amd64_cdrom.inf_31bf3856ad364e35_6.2.9200.16384_none_b87303472d8ba041\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2013/07/13 07:16:06 | 000,068,096 | ---- | M] (Microsoft Corporation) MD5=5CE2742F063731EC10C1B2EE386A2C08 -- C:\windows\erdnt\cache64\cryptsvc.dll
[2013/07/13 07:16:06 | 000,068,096 | ---- | M] (Microsoft Corporation) MD5=5CE2742F063731EC10C1B2EE386A2C08 -- C:\windows\SysNative\cryptsvc.dll
[2013/07/13 07:16:06 | 000,068,096 | ---- | M] (Microsoft Corporation) MD5=5CE2742F063731EC10C1B2EE386A2C08 -- C:\windows\WinSxS\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.2.9200.16666_none_cee0e6e724817621\cryptsvc.dll
[2013/08/20 07:50:04 | 000,001,071 | ---- | M] () MD5=646E6078080109ED7C8C013DEA9A113A -- C:\windows\WinSxS\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.2.9200.16595_none_cebf74f3249ab376\cryptsvc.dll
[2013/08/20 07:50:05 | 000,010,405 | ---- | M] () MD5=688281EFEAD31F07080AE1B16905EB47 -- C:\windows\WinSxS\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.2.9200.20774_none_cf5db3323da8ff2e\cryptsvc.dll
[2013/06/18 07:56:02 | 000,010,458 | ---- | M] () MD5=86D85C569F2EFF7F37FC48DDF8A6B7FB -- C:\windows\WinSxS\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.2.9200.20699_none_cf4d12e63db4b89c\cryptsvc.dll
[2013/06/18 07:56:02 | 000,010,692 | ---- | M] () MD5=B107534C98AACF9341888FA06D9EA8DE -- C:\windows\WinSxS\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.2.9200.16384_none_cec940c9249383e0\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2012/01/31 13:22:06 | 000,006,952 | ---- | M] () MD5=D9A27F35D231BAC3AD58E922C7644E8B -- C:\Program Files (x86)\CyberLink\PowerDirector10\EventLog.dll

< MD5 for: EXPLORER.EXE >
[2013/06/01 12:34:21 | 002,391,280 | ---- | M] (Microsoft Corporation) MD5=0E8E6463F81C80AFBED533E0F1F8895D -- C:\windows\erdnt\cache86\explorer.exe
[2013/06/01 12:34:21 | 002,391,280 | ---- | M] (Microsoft Corporation) MD5=0E8E6463F81C80AFBED533E0F1F8895D -- C:\windows\explorer.exe
[2013/06/01 12:34:21 | 002,391,280 | ---- | M] (Microsoft Corporation) MD5=0E8E6463F81C80AFBED533E0F1F8895D -- C:\windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16628_none_aac334d9034c59e1\explorer.exe
[2013/07/23 12:57:10 | 000,220,310 | ---- | M] () MD5=42D91DC55DC0EEBFCFCF130612E975FC -- C:\windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16433_none_aab35faf0358fcd1\explorer.exe
[2013/06/18 07:59:47 | 000,003,739 | ---- | M] () MD5=49B0A2AA3E920E7A7E6C6EDDDF11D58C -- C:\windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.20534_none_ab3dfcc41c75b5f2\explorer.exe
[2013/07/23 12:58:06 | 000,191,911 | ---- | M] () MD5=5B88A8DD977AAE34A35A7BBDDD8755DD -- C:\windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16433_none_b5080a0137b9becc\explorer.exe
[2013/07/23 12:58:10 | 000,190,101 | ---- | M] () MD5=8DAD0786662B660F73C24333E0004726 -- C:\windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.20733_none_b591aa9850d758e4\explorer.exe
[2013/06/18 07:59:45 | 000,188,441 | ---- | M] () MD5=8DBE1A63C3DD0986B55F27DB67FF1A4A -- C:\windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16384_none_aa7e4e770380a4b6\explorer.exe
[2013/06/18 09:18:52 | 000,004,958 | ---- | M] () MD5=99ABB28486BA9329B0E20EC056E5AB6E -- C:\windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.20534_none_b592a71650d677ed\explorer.exe
[2013/06/18 09:18:48 | 000,145,657 | ---- | M] () MD5=C5862D6B071D4C35BB88F934A37B2A8E -- C:\windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16384_none_b4d2f8c937e166b1\explorer.exe
[2013/07/23 12:57:12 | 000,217,360 | ---- | M] () MD5=CB756FEEC6A5EDEAB52E6C6E5DE73352 -- C:\windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.20733_none_ab3d00461c7696e9\explorer.exe
[2013/06/01 11:24:46 | 002,106,176 | ---- | M] (Microsoft Corporation) MD5=EAFE46B0292D2BD2467835E2ACF717CC -- C:\windows\SysWOW64\explorer.exe
[2013/06/01 11:24:46 | 002,106,176 | ---- | M] (Microsoft Corporation) MD5=EAFE46B0292D2BD2467835E2ACF717CC -- C:\windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16628_none_b517df2b37ad1bdc\explorer.exe

< MD5 for: HAL.DLL >
[2013/06/18 08:00:22 | 000,002,020 | ---- | M] () MD5=7EE07AB64C1DD973E003E90F5F2D734F -- C:\windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.2.9200.20544_none_04a77869fc6b9a79\hal.dll
[2013/06/18 08:00:22 | 000,001,310 | ---- | M] () MD5=A566BD068732480A92010897C6092167 -- C:\windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.2.9200.20521_none_04ba1763fc5e1692\hal.dll
[2013/06/18 08:00:22 | 000,001,298 | ---- | M] () MD5=AC87C0285E7F93D85D77A25665FC88A8 -- C:\windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.2.9200.16420_none_042f7a4ee3415d71\hal.dll
[2013/06/18 08:00:21 | 000,011,988 | ---- | M] () MD5=E3D594159261195EC76B783C9B9FCEA5 -- C:\windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.2.9200.16384_none_03f29a08e36e6d4c\hal.dll
[2012/10/24 05:54:04 | 000,396,008 | ---- | M] (Microsoft Corporation) MD5=F021625F422966AD31F95CC494F7D188 -- C:\windows\SysNative\hal.dll
[2012/10/24 05:54:04 | 000,396,008 | ---- | M] (Microsoft Corporation) MD5=F021625F422966AD31F95CC494F7D188 -- C:\windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.2.9200.16442_none_041bdb0ae34fc801\hal.dll

< MD5 for: IASTORV.SYS >
[2012/07/26 06:00:52 | 000,411,888 | ---- | M] (Intel Corporation) MD5=5E394EBD26FD68AA9300332C46BEDD62 -- C:\windows\SysNative\drivers\iaStorV.sys
[2012/07/26 06:00:52 | 000,411,888 | ---- | M] (Intel Corporation) MD5=5E394EBD26FD68AA9300332C46BEDD62 -- C:\windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_819876bbe5c3b25f\iaStorV.sys
[2012/07/26 06:00:52 | 000,411,888 | ---- | M] (Intel Corporation) MD5=5E394EBD26FD68AA9300332C46BEDD62 -- C:\windows\WinSxS\amd64_iastorv.inf_31bf3856ad364e35_6.2.9200.16384_none_07daf9dd118c3086\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2012/07/26 06:00:52 | 000,022,256 | ---- | M] (Microsoft Corporation) MD5=D940C5BB9DC92E588533C19ABCC3D2C2 -- C:\windows\SysNative\drivers\isapnp.sys
[2012/07/26 06:00:52 | 000,022,256 | ---- | M] (Microsoft Corporation) MD5=D940C5BB9DC92E588533C19ABCC3D2C2 -- C:\windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_81a4c6c9cc9d86a0\isapnp.sys
[2012/07/26 06:00:52 | 000,022,256 | ---- | M] (Microsoft Corporation) MD5=D940C5BB9DC92E588533C19ABCC3D2C2 -- C:\windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.2.9200.16384_none_12dc94a048750f71\isapnp.sys

< MD5 for: LSASS.EXE >
[2013/06/18 08:35:19 | 000,002,767 | ---- | M] () MD5=084218525CCA5BA318F66DD918BDB575 -- C:\windows\WinSxS\amd64_microsoft-windows-lsa-minwin_31bf3856ad364e35_6.2.9200.16384_none_963549021c129d16\lsass.exe
[2013/06/18 08:35:20 | 000,000,552 | ---- | M] () MD5=1870E58FD49711DC14757B0EA73D2705 -- C:\windows\WinSxS\amd64_microsoft-windows-lsa-minwin_31bf3856ad364e35_6.2.9200.20521_none_96fcc65d3502465c\lsass.exe
[2012/09/20 07:33:39 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=F702AB6181513303AB0FC8D59E52708B -- C:\windows\erdnt\cache64\lsass.exe
[2012/09/20 07:33:39 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=F702AB6181513303AB0FC8D59E52708B -- C:\windows\SysNative\lsass.exe
[2012/09/20 07:33:39 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=F702AB6181513303AB0FC8D59E52708B -- C:\windows\WinSxS\amd64_microsoft-windows-lsa-minwin_31bf3856ad364e35_6.2.9200.16420_none_967229481be58d3b\lsass.exe

< MD5 for: NDIS.SYS >
[2013/07/23 12:57:27 | 000,123,394 | ---- | M] () MD5=08FC73E48423A6CD7EE9F1F2547F807B -- C:\windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.2.9200.20750_none_b2c536b2cad91fc4\ndis.sys
[2013/06/18 08:39:32 | 000,080,917 | ---- | M] () MD5=0D1586CA4A820C6BB3ABEA2C65B9161A -- C:\windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.2.9200.16420_none_b25c05dfb1a331d9\ndis.sys
[2013/07/23 12:57:24 | 000,126,379 | ---- | M] () MD5=1B030C80E1185108857354466C251724 -- C:\windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.2.9200.16518_none_b26eda01b193ddc7\ndis.sys
[2013/06/18 08:39:35 | 000,080,905 | ---- | M] () MD5=26A23E674239B74BF2A46314F862E7F0 -- C:\windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.2.9200.20534_none_b2ded3e6cac552f0\ndis.sys
[2013/06/18 08:39:36 | 000,000,956 | ---- | M] () MD5=62E9D088F86D8E083A9F263C70BEE356 -- C:\windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.2.9200.20623_none_b2e8a56ecabe1acf\ndis.sys
[2013/06/18 08:39:33 | 000,080,907 | ---- | M] () MD5=6BE01B4AD75B58E3B121C8012A4F5488 -- C:\windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.2.9200.16433_none_b25436d1b1a899cf\ndis.sys
[2013/07/23 12:57:26 | 000,123,250 | ---- | M] () MD5=764187E3F64952F1AFA139E7EEE80F35 -- C:\windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.2.9200.20733_none_b2ddd768cac633e7\ndis.sys
[2013/06/18 08:39:34 | 000,080,923 | ---- | M] () MD5=8B33E49EFA50A4BE1BCBEC7203CD4D7D -- C:\windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.2.9200.20521_none_b2e6a2f4cabfeafa\ndis.sys
[2013/06/16 23:41:31 | 000,997,632 | ---- | M] (Microsoft Corporation) MD5=A10E176F3B2BF83EDE7B5C4658C93B66 -- C:\windows\erdnt\cache64\ndis.sys
[2013/06/16 23:41:31 | 000,997,632 | ---- | M] (Microsoft Corporation) MD5=A10E176F3B2BF83EDE7B5C4658C93B66 -- C:\windows\SysNative\drivers\ndis.sys
[2013/06/16 23:41:31 | 000,997,632 | ---- | M] (Microsoft Corporation) MD5=A10E176F3B2BF83EDE7B5C4658C93B66 -- C:\windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.2.9200.16643_none_b2496ab1b1b0b00e\ndis.sys
[2013/06/18 08:39:30 | 000,084,368 | ---- | M] () MD5=B01BE034702E2A05506C4A578B04DD28 -- C:\windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.2.9200.16384_none_b21f2599b1d041b4\ndis.sys
[2013/07/23 12:57:25 | 000,051,156 | ---- | M] () MD5=CEA3BF14E7676CE709841AE0ADB3E14A -- C:\windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.2.9200.16628_none_b2640bfbb19bf6df\ndis.sys

< MD5 for: NETLOGON.DLL >
[2012/07/26 04:19:22 | 000,634,368 | ---- | M] (Microsoft Corporation) MD5=EEF9DA64D7B1DD51FB8AB9EFCC560E3E -- C:\windows\erdnt\cache86\netlogon.dll
[2012/07/26 04:19:22 | 000,634,368 | ---- | M] (Microsoft Corporation) MD5=EEF9DA64D7B1DD51FB8AB9EFCC560E3E -- C:\windows\SysWOW64\netlogon.dll
[2012/07/26 04:19:22 | 000,634,368 | ---- | M] (Microsoft Corporation) MD5=EEF9DA64D7B1DD51FB8AB9EFCC560E3E -- C:\windows\WinSxS\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.2.9200.16384_none_60d608f9f61ee049\netlogon.dll
[2012/07/26 04:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) MD5=FDC70965F0FC9DFEBC919627DED5DDFF -- C:\windows\erdnt\cache64\netlogon.dll
[2012/07/26 04:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) MD5=FDC70965F0FC9DFEBC919627DED5DDFF -- C:\windows\SysNative\netlogon.dll
[2012/07/26 04:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) MD5=FDC70965F0FC9DFEBC919627DED5DDFF -- C:\windows\WinSxS\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.2.9200.16384_none_56815ea7c1be1e4e\netlogon.dll

< MD5 for: NVRAID.SYS >
[2012/07/26 06:00:55 | 000,150,256 | ---- | M] (NVIDIA Corporation) MD5=D6D34118263412D3AAA8348A9572B7F2 -- C:\windows\SysNative\drivers\nvraid.sys
[2012/07/26 06:00:55 | 000,150,256 | ---- | M] (NVIDIA Corporation) MD5=D6D34118263412D3AAA8348A9572B7F2 -- C:\windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_7ba65ba4b222e751\nvraid.sys
[2012/07/26 06:00:55 | 000,150,256 | ---- | M] (NVIDIA Corporation) MD5=D6D34118263412D3AAA8348A9572B7F2 -- C:\windows\WinSxS\amd64_nvraid.inf_31bf3856ad364e35_6.2.9200.16384_none_92a46a8c48c2da5e\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2012/07/26 06:00:55 | 000,168,176 | ---- | M] (NVIDIA Corporation) MD5=27AFC428D1D32ABD04A86763A4EDDEA9 -- C:\windows\SysNative\drivers\nvstor.sys
[2012/07/26 06:00:55 | 000,168,176 | ---- | M] (NVIDIA Corporation) MD5=27AFC428D1D32ABD04A86763A4EDDEA9 -- C:\windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_7ba65ba4b222e751\nvstor.sys
[2012/07/26 06:00:55 | 000,168,176 | ---- | M] (NVIDIA Corporation) MD5=27AFC428D1D32ABD04A86763A4EDDEA9 -- C:\windows\WinSxS\amd64_nvraid.inf_31bf3856ad364e35_6.2.9200.16384_none_92a46a8c48c2da5e\nvstor.sys

< MD5 for: SCECLI.DLL >
[2012/07/26 04:07:07 | 000,224,768 | ---- | M] (Microsoft Corporation) MD5=4F6E1CA672370A9BCAC049CE3AB7F666 -- C:\windows\erdnt\cache64\scecli.dll
[2012/07/26 04:07:07 | 000,224,768 | ---- | M] (Microsoft Corporation) MD5=4F6E1CA672370A9BCAC049CE3AB7F666 -- C:\windows\SysNative\scecli.dll
[2012/07/26 04:07:07 | 000,224,768 | ---- | M] (Microsoft Corporation) MD5=4F6E1CA672370A9BCAC049CE3AB7F666 -- C:\windows\WinSxS\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.2.9200.16384_none_90d789c062dfa509\scecli.dll
[2012/07/26 04:19:52 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=B95DC83FF580DD92F487C2F4D0854B6A -- C:\windows\erdnt\cache86\scecli.dll
[2012/07/26 04:19:52 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=B95DC83FF580DD92F487C2F4D0854B6A -- C:\windows\SysWOW64\scecli.dll
[2012/07/26 04:19:52 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=B95DC83FF580DD92F487C2F4D0854B6A -- C:\windows\WinSxS\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.2.9200.16384_none_9b2c341297406704\scecli.dll

< MD5 for: SMSS.EXE >
[2012/07/26 06:26:45 | 000,132,096 | ---- | M] (Microsoft Corporation) MD5=08F850FEBDBDE7C89017B6B0CA0D1CD2 -- C:\windows\SysNative\smss.exe
[2012/07/26 06:26:45 | 000,132,096 | ---- | M] (Microsoft Corporation) MD5=08F850FEBDBDE7C89017B6B0CA0D1CD2 -- C:\windows\WinSxS\amd64_microsoft-windows-smss-minwin_31bf3856ad364e35_6.2.9200.16384_none_d72a7da7728fa356\smss.exe

< MD5 for: SVCHOST.EXE >
[2013/06/18 08:47:44 | 000,000,609 | ---- | M] () MD5=2B527D82853B6EF502898CEAB5FA6E6C -- C:\windows\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.20521_none_0f4c7e60a8019d22\svchost.exe
[2013/06/22 11:56:12 | 000,000,583 | ---- | M] () MD5=5023FD16134F379F5946887BF4DE4C28 -- C:\windows\WinSxS\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.20521_none_b32de2dcefa42bec\svchost.exe
[2013/06/22 11:56:12 | 000,003,208 | ---- | M] () MD5=8FBCF20DD0FB4D2352721E69E23B0930 -- C:\windows\WinSxS\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.16384_none_b2666581d6b482a6\svchost.exe
[2012/09/20 06:55:26 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=A46DC432F81473F526E3994AA483E366 -- C:\windows\erdnt\cache86\svchost.exe
[2012/09/20 06:55:26 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=A46DC432F81473F526E3994AA483E366 -- C:\windows\SysWOW64\svchost.exe
[2012/09/20 06:55:26 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=A46DC432F81473F526E3994AA483E366 -- C:\windows\WinSxS\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.16420_none_b2a345c7d68772cb\svchost.exe
[2013/06/18 08:47:44 | 000,002,873 | ---- | M] () MD5=DA39CB84207662D614E35AE80175C088 -- C:\windows\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.16384_none_0e8501058f11f3dc\svchost.exe
[2012/09/20 07:33:52 | 000,029,696 | ---- | M] (Microsoft Corporation) MD5=EDE27EACE742EE2888C5DD36400A2EC0 -- C:\windows\erdnt\cache64\svchost.exe
[2012/09/20 07:33:52 | 000,029,696 | ---- | M] (Microsoft Corporation) MD5=EDE27EACE742EE2888C5DD36400A2EC0 -- C:\windows\SysNative\svchost.exe
[2012/09/20 07:33:52 | 000,029,696 | ---- | M] (Microsoft Corporation) MD5=EDE27EACE742EE2888C5DD36400A2EC0 -- C:\windows\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.16420_none_0ec1e14b8ee4e401\svchost.exe

< MD5 for: TCPIP.SYS >
[2013/12/22 10:26:47 | 000,264,299 | ---- | M] () MD5=0EFBF9C5E9BE1D7ECB8714A38FA71E93 -- C:\windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.16548_none_0c16fe5af00666d3\tcpip.sys
[2013/12/22 10:26:56 | 000,239,494 | ---- | M] () MD5=17E7FB59D13D8C8628CF991F3A072511 -- C:\windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.16628_none_0c2ca018eff62c18\tcpip.sys
[2013/12/22 10:26:21 | 000,373,137 | ---- | M] () MD5=2426BE865F32552A0C89992A5145D189 -- C:\windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.16384_none_0be7b9b6f02a76ed\tcpip.sys
[2014/02/19 16:39:56 | 000,223,152 | ---- | M] () MD5=2D20F1A5AFE70181BB6D14283EAFF7A6 -- C:\windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.16679_none_0bf790c6f01dd124\tcpip.sys
[2013/12/22 10:26:36 | 000,370,080 | ---- | M] () MD5=38F72BD30AE038ADF73FB9347F487940 -- C:\windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.16518_none_0c376e1eefee1300\tcpip.sys
[2014/02/19 16:40:05 | 000,359,526 | ---- | M] () MD5=8683A731C1E9C813E5F25B0D9868BAEB -- C:\windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.20867_none_0c89fed009351f76\tcpip.sys
[2013/12/22 10:27:13 | 000,370,088 | ---- | M] () MD5=8FEB185AC4026B9528E474DAB935EC91 -- C:\windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.20623_none_0cb1398c09185008\tcpip.sys
[2013/12/22 10:27:05 | 000,375,206 | ---- | M] () MD5=9FE7E997A05217C1EEAEDE58BE4472A4 -- C:\windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.20521_none_0caf3712091a2033\tcpip.sys
[2013/07/23 12:57:53 | 000,360,561 | ---- | M] () MD5=A8779488694F327C9CA83D9881AA1FDC -- C:\windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.20733_none_0ca66b8609206920\tcpip.sys
[2013/10/22 14:35:01 | 000,358,445 | ---- | M] () MD5=AFF8734E6A689D6CCAF86E6F2872283D -- C:\windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.20787_none_0c745d1209455a31\tcpip.sys
[2013/12/22 10:27:20 | 000,371,879 | ---- | M] () MD5=B816259F1F44AD443A93A6FC7C73ED43 -- C:\windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.20652_none_0c8fc97e09318a84\tcpip.sys
[2014/02/19 16:40:01 | 000,358,692 | ---- | M] () MD5=B8C5772F90899FB813E86C3BEAE50E9A -- C:\windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.20846_none_0c9e9e5e0925ce3d\tcpip.sys
[2014/02/19 16:39:59 | 000,196,098 | ---- | M] () MD5=D9D931098C17AD60494F82AE5AA590AE -- C:\windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.16734_none_0c1dd0eaf001dfd4\tcpip.sys
[2013/11/01 06:53:57 | 002,232,664 | ---- | M] (Microsoft Corporation) MD5=DD4249F03598043DED6FA540EB14898A -- C:\windows\erdnt\cache64\tcpip.sys
[2013/11/01 06:53:57 | 002,232,664 | ---- | M] (Microsoft Corporation) MD5=DD4249F03598043DED6FA540EB14898A -- C:\windows\SysNative\drivers\tcpip.sys
[2013/11/01 06:53:57 | 002,232,664 | ---- | M] (Microsoft Corporation) MD5=DD4249F03598043DED6FA540EB14898A -- C:\windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.16754_none_0c083112f01217b6\tcpip.sys
[2013/12/22 10:26:31 | 000,375,242 | ---- | M] () MD5=EF8911184AE514AEBC79A386B0832DB4 -- C:\windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.16420_none_0c2499fceffd6712\tcpip.sys

Gladiator91 · #23 Příspěvek od **Gladiator91** » 24 úno 2014 18:58

< MD5 for: USERINIT.EXE >
[2012/07/26 04:08:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E925F7BA032920D58DD284B6181A247 -- C:\windows\erdnt\cache64\userinit.exe
[2012/07/26 04:08:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E925F7BA032920D58DD284B6181A247 -- C:\windows\SysNative\userinit.exe
[2012/07/26 04:08:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E925F7BA032920D58DD284B6181A247 -- C:\windows\WinSxS\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.2.9200.16384_none_34f2617a5b742e02\userinit.exe
[2012/07/26 04:21:00 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=9F6289D194A04A09671FEED4B6CB6EF7 -- C:\windows\erdnt\cache86\userinit.exe
[2012/07/26 04:21:00 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=9F6289D194A04A09671FEED4B6CB6EF7 -- C:\windows\SysWOW64\userinit.exe
[2012/07/26 04:21:00 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=9F6289D194A04A09671FEED4B6CB6EF7 -- C:\windows\WinSxS\x86_microsoft-windows-userinit_31bf3856ad364e35_6.2.9200.16384_none_d8d3c5f6a316bccc\userinit.exe

< MD5 for: WINLOGON.EXE >
[2013/06/18 09:05:46 | 000,053,884 | ---- | M] () MD5=0FF95DB9496988571A364A803BB5F9FF -- C:\windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.20521_none_c95425d677a55b32\winlogon.exe
[2013/06/18 09:05:45 | 000,053,889 | ---- | M] () MD5=6EB5EF425077144A4B690881F5FD44A1 -- C:\windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.16384_none_c88ca87b5eb5b1ec\winlogon.exe
[2013/06/18 09:05:45 | 000,053,876 | ---- | M] () MD5=BBE41952C59EAAD5B222ED60B8D2814C -- C:\windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.16420_none_c8c988c15e88a211\winlogon.exe
[2012/10/11 06:46:58 | 000,517,120 | ---- | M] (Microsoft Corporation) MD5=BCF2036A0DD579E47C008C133550283E -- C:\windows\erdnt\cache64\winlogon.exe
[2012/10/11 06:46:58 | 000,517,120 | ---- | M] (Microsoft Corporation) MD5=BCF2036A0DD579E47C008C133550283E -- C:\windows\SysNative\winlogon.exe
[2012/10/11 06:46:58 | 000,517,120 | ---- | M] (Microsoft Corporation) MD5=BCF2036A0DD579E47C008C133550283E -- C:\windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.16433_none_c8c1b9b35e8e0a07\winlogon.exe
[2013/06/18 09:05:46 | 000,001,620 | ---- | M] () MD5=FE2C5A03AC3BC3A93B95D278098685A7 -- C:\windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.20534_none_c94c56c877aac328\winlogon.exe

< MD5 for: WS2_32.DLL >
[2012/07/26 06:26:48 | 000,345,088 | ---- | M] (Microsoft Corporation) MD5=2E5B349ACDA36C20612795754DB93312 -- C:\windows\erdnt\cache64\ws2_32.dll
[2012/07/26 06:26:48 | 000,345,088 | ---- | M] (Microsoft Corporation) MD5=2E5B349ACDA36C20612795754DB93312 -- C:\windows\SysNative\ws2_32.dll
[2012/07/26 06:26:48 | 000,345,088 | ---- | M] (Microsoft Corporation) MD5=2E5B349ACDA36C20612795754DB93312 -- C:\windows\WinSxS\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.2.9200.16384_none_4b815827581a3bbb\ws2_32.dll
[2012/07/26 04:20:38 | 000,310,784 | ---- | M] (Microsoft Corporation) MD5=B3CC9EDFD97F7087013A9A47089DF571 -- C:\windows\erdnt\cache86\ws2_32.dll
[2012/07/26 04:20:38 | 000,310,784 | ---- | M] (Microsoft Corporation) MD5=B3CC9EDFD97F7087013A9A47089DF571 -- C:\windows\SysWOW64\ws2_32.dll
[2012/07/26 04:20:38 | 000,310,784 | ---- | M] (Microsoft Corporation) MD5=B3CC9EDFD97F7087013A9A47089DF571 -- C:\windows\WinSxS\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.2.9200.16384_none_ef62bca39fbcca85\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[2 C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[4 C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[2 C:\windows\Installer\*.tmp files -> C:\windows\Installer\*.tmp -> ]
[2 C:\windows\Panther\*.tmp files -> C:\windows\Panther\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2014/01/29 19:48:32 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\.minecraft
[2013/03/03 12:41:06 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Adobe
[2013/03/03 12:46:33 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\ATI
[2013/12/06 09:51:23 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\AVAST Software
[2013/06/29 17:34:44 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Awesomium
[2013/03/12 21:44:15 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\CyberLink
[2014/02/07 19:19:56 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\DAEMON Tools Lite
[2014/01/24 19:21:45 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Firefly Studios
[2013/03/03 19:02:55 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Hewlett-Packard
[2013/03/04 13:44:08 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Identities
[2013/08/01 11:00:20 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\IDT
[2013/08/21 13:55:32 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Leadertech
[2013/06/15 11:03:42 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\LolClient
[2013/03/14 16:13:38 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Macromedia
[2014/02/22 16:45:47 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Malwarebytes
[2013/11/26 15:50:50 | 000,000,000 | --SD | M] -- C:\Users\Jirka\AppData\Roaming\Microsoft
[2013/08/18 21:09:16 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Mozilla
[2013/08/05 20:03:58 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Mumble
[2013/12/05 18:25:52 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Notepad++
[2014/01/24 22:27:22 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\openvr
[2013/12/07 18:41:09 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Quadcore Games
[2013/06/15 09:33:16 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Riot Games
[2013/08/21 14:02:34 | 000,000,000 | RH-D | M] -- C:\Users\Jirka\AppData\Roaming\SecuROM
[2014/02/20 19:22:54 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Seznam.cz
[2013/08/01 20:56:11 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\SFBot
[2013/05/05 10:45:43 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Unity
[2013/10/12 10:46:49 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Wargaming.net
[2013/03/12 21:58:44 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\WebApp
[2013/08/22 16:00:54 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2012/09/05 17:26:25 | 000,278,561 | ---- | M] () -- C:\Users\Jirka\AppData\Roaming\.minecraft\MCOrigo.exe
[2013/02/05 13:22:04 | 000,695,296 | ---- | M] (AnjoCaido) -- C:\Users\Jirka\AppData\Roaming\.minecraft\MCWarez.exe
[2014/01/29 19:44:55 | 001,109,677 | ---- | M] (TeamExtreme) -- C:\Users\Jirka\AppData\Roaming\.minecraft\minecraft launcher\Minecraft Launcher.exe
[2013/08/24 19:42:02 | 000,069,254 | ---- | M] () -- C:\Users\Jirka\AppData\Roaming\.minecraft\minecraft launcher\Uninstall.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2014/02/24 15:12:58 | 000,000,052 | ---- | M] () -- C:\windows\system32\DOErrors.log
[2014/02/24 08:13:00 | 000,000,018 | ---- | M] () -- C:\windows\system32\log.txt

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014/02/24 18:19:08 | 000,000,512 | ---- | M] () MD5=622278168A3F9B10A75129D446F913B0 -- C:\PhysicalMBR.bin

< >

< *crack* /s >

< *keygen* /s >

< *AntiWPA* /s >

< *loader* /s >
[2013/08/22 11:28:59 | 000,673,792 | ---- | M] () -- \$Windows.~BT\Sources\upgloader.dll
[2 \$Windows.~BT\Sources\*.tmp files -> \$Windows.~BT\Sources\*.tmp -> ]
[2013/08/22 20:26:27 | 000,022,528 | ---- | M] () -- \$Windows.~BT\Sources\cs-cz\upgloader.dll.mui
[2014/02/17 16:34:59 | 000,002,545 | ---- | M] () -- \AdwCleaner\Quarantine\C\Program Files (x86)\Mobogenie\templates\web\images\prettyPhoto\dark_rounded\loader.gif.vir
[2014/02/17 16:34:59 | 000,002,545 | ---- | M] () -- \AdwCleaner\Quarantine\C\Program Files (x86)\Mobogenie\templates\web\images\prettyPhoto\dark_square\loader.gif.vir
[2014/02/17 16:34:59 | 000,006,331 | ---- | M] () -- \AdwCleaner\Quarantine\C\Program Files (x86)\Mobogenie\templates\web\images\prettyPhoto\default\loader.gif.vir
[2014/02/17 16:34:59 | 000,002,545 | ---- | M] () -- \AdwCleaner\Quarantine\C\Program Files (x86)\Mobogenie\templates\web\images\prettyPhoto\facebook\loader.gif.vir
[2014/02/17 16:34:59 | 000,002,545 | ---- | M] () -- \AdwCleaner\Quarantine\C\Program Files (x86)\Mobogenie\templates\web\images\prettyPhoto\light_rounded\loader.gif.vir
[2014/02/17 16:34:59 | 000,002,545 | ---- | M] () -- \AdwCleaner\Quarantine\C\Program Files (x86)\Mobogenie\templates\web\images\prettyPhoto\light_square\loader.gif.vir
[2014/02/17 16:34:59 | 000,002,545 | ---- | M] () -- \AdwCleaner\Quarantine\C\Users\Jirka\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\prettyPhoto\dark_rounded\loader.gif.vir
[2014/02/17 16:34:59 | 000,002,545 | ---- | M] () -- \AdwCleaner\Quarantine\C\Users\Jirka\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\prettyPhoto\dark_square\loader.gif.vir
[2014/02/17 16:34:59 | 000,006,331 | ---- | M] () -- \AdwCleaner\Quarantine\C\Users\Jirka\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\prettyPhoto\default\loader.gif.vir
[2014/02/17 16:34:59 | 000,002,545 | ---- | M] () -- \AdwCleaner\Quarantine\C\Users\Jirka\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\prettyPhoto\facebook\loader.gif.vir
[2014/02/17 16:34:59 | 000,002,545 | ---- | M] () -- \AdwCleaner\Quarantine\C\Users\Jirka\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\prettyPhoto\light_rounded\loader.gif.vir
[2014/02/17 16:34:59 | 000,002,545 | ---- | M] () -- \AdwCleaner\Quarantine\C\Users\Jirka\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\prettyPhoto\light_square\loader.gif.vir
[2013/12/17 15:43:40 | 000,071,208 | ---- | M] () -- \Games\World_of_Tanks\PhysXLoader.dll
[2013/12/17 15:43:40 | 000,002,221 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\graphicspresetsloader.pyc
[2013/12/17 15:43:40 | 000,007,015 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\guicolorsloader.pyc
[2013/12/17 15:43:40 | 000,003,974 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\guisoundsloader.pyc
[2013/12/17 15:43:40 | 000,006,629 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\logindataloader.pyc
[2013/12/17 15:43:40 | 000,002,773 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\windowsstoreddataloader.pyc
[2013/12/17 15:43:40 | 000,001,504 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\scaleform\framework\entities\abstract\loadermanagermeta.pyc
[2013/12/17 15:43:40 | 000,006,542 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\scaleform\framework\managers\loaders.pyc
[2013/12/17 15:43:40 | 000,003,668 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\helpers\rssdownloader.pyc
[2013/12/17 15:43:40 | 000,006,907 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\tutorial\loader.pyc
[2011/02/17 16:50:18 | 000,234,104 | ---- | M] () -- \Program Files (x86)\Assassin's Creed Brotherhood\ubiorbitapi_r2_loader.dll
[2013/04/01 19:09:12 | 000,788,184 | ---- | M] () -- \Program Files (x86)\Common Files\AgeofWushu_download\Downloader.exe
[2013/08/18 21:17:25 | 000,000,194 | ---- | M] () -- \Program Files (x86)\Common Files\Blizzard Entertainment\BlizzardDownloader.ini
[2001/01/16 06:55:36 | 000,053,248 | ---- | M] () -- \Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\COLOADER.DLL
[2001/01/16 04:22:34 | 000,002,560 | ---- | M] () -- \Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\COLOADER.TLB
[2012/07/16 06:06:24 | 000,127,464 | ---- | M] () -- \Program Files (x86)\CyberLink\Media Suite\koan\pyloader.dll
[2012/07/09 02:11:22 | 002,475,832 | ---- | M] () -- \Program Files (x86)\CyberLink\PhotoDirector\Kernel\CES\CES_3DLoaderFBX.dll
[2012/07/09 07:40:48 | 000,127,504 | ---- | M] () -- \Program Files (x86)\CyberLink\PhotoDirector\Koan\pyloader.dll
[2012/07/09 02:11:40 | 000,006,629 | ---- | M] () -- \Program Files (x86)\CyberLink\PhotoDirector\Presentation\UI\Import\ThumbnailLoader.kc
[2012/07/09 02:11:43 | 000,012,172 | ---- | M] () -- \Program Files (x86)\CyberLink\PhotoDirector\System\PyUploader.kc
[2012/07/09 07:40:12 | 000,161,296 | ---- | M] () -- \Program Files (x86)\CyberLink\PhotoDirector\System\_PyUploader.pyd
[2012/07/09 02:11:44 | 000,007,658 | ---- | M] () -- \Program Files (x86)\CyberLink\PhotoDirector\System\Model\SlideShowProduction\ProfileLoader.kc
[2010/12/24 07:00:58 | 000,167,720 | ---- | M] () -- \Program Files (x86)\CyberLink\Power2Go8\runtime\CES\PlugIn\CES_3DLoaderC3S.dll
[2010/12/24 07:00:58 | 002,525,480 | ---- | M] () -- \Program Files (x86)\CyberLink\Power2Go8\runtime\CES\PlugIn\CES_3DLoaderFBX.dll
[2012/07/03 13:02:42 | 000,127,504 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD10\3DPhotoPlayer\Koan\pyloader.dll
[2011/05/05 16:35:06 | 000,010,775 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cox\mm\MediaCtrl\ImageLoader.kc
[2011/05/05 16:35:08 | 000,003,567 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cox\widget\langloader.kc
[2011/05/05 16:35:08 | 000,013,369 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cox\widget\layoutloader.kc
[2012/04/09 19:20:34 | 002,533,160 | ---- | M] () -- \Program Files (x86)\CyberLink\Shared files\Plugin\8.0\CES_3DLoaderFBX.dll
[2003/04/11 13:45:42 | 000,348,160 | ---- | M] () -- \Program Files (x86)\GameSpy Arcade\Services\_common\PortraitLoader.dll
[2011/07/18 22:33:32 | 000,008,787 | ---- | M] () -- \Program Files (x86)\Notepad++\user.manual\sites\all\modules\fancy_login\images\ajax-loader.gif
[2013/10/23 21:07:40 | 000,007,825 | ---- | M] () -- \Program Files (x86)\Steam\remoteui\static\libs\images\ajax-loader.gif
[2014/01/17 03:59:48 | 000,142,336 | ---- | M] () -- \Program Files (x86)\Steam\SteamApps\common\PlanetSide 2\APEX_Loader_x86.dll
[2013/06/07 21:01:47 | 000,319,488 | ---- | M] () -- \Program Files (x86)\Steam\SteamApps\common\PlanetSide 2\wws_crashreport_uploader.exe
[2013/02/01 23:04:54 | 000,300,392 | ---- | M] () -- \Program Files (x86)\Steam\SteamApps\common\PlanetSide 2\LaunchPad.libs\wws_crashreport_uploader.exe
[2012/07/26 10:47:26 | 000,039,485 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Bing_1.2.0.137_x64__8wekyb3d8bbwe\shell\js\backgroundImageLoader.js
[2013/06/14 14:46:05 | 000,032,157 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Bing_1.5.1.259_x64__8wekyb3d8bbwe\shell\js\backgroundImageLoader.js
[2012/07/26 10:46:23 | 000,002,809 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\DependencyLoader\DependencyLoader.js
[2012/07/26 10:46:24 | 000,001,583 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\ModernAttachmentWell\AttachmentWellComposeDependencyLoader.js
[2012/07/26 10:46:24 | 000,001,711 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\ModernAttachmentWell\AttachmentWellReadDependencyLoader.js
[2012/07/26 10:46:24 | 000,002,509 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\ModernAttachmentWell\AttachmentWellShareAnythingControlDependencyLoader.js
[2012/07/26 10:46:24 | 000,002,394 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\ModernPeople\appframe\BackgroundLoader.js
[2012/07/26 10:46:25 | 000,005,028 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\ModernShareAnything\ShareDataLoader.js
[2013/03/28 09:12:03 | 000,002,089 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\DependencyLoader\DependencyLoader.js
[2013/03/28 09:12:06 | 000,001,326 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\ModernAttachmentWell\AttachmentWellComposeDependencyLoader.js
[2013/03/04 13:00:00 | 000,001,208 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\ModernAttachmentWell\AttachmentWellReadDependencyLoader.js
[2013/03/28 09:12:06 | 000,002,552 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\ModernAttachmentWell\AttachmentWellShareAnythingControlDependencyLoader.js
[2013/03/28 09:12:08 | 000,001,915 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\ModernPeople\appframe\BackgroundLoader.js
[2013/03/28 09:12:08 | 000,005,019 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\ModernShareAnything\ShareDataLoader.js
[2012/07/26 10:47:23 | 000,049,108 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.XboxLIVEGames_1.0.927.0_x64__8wekyb3d8bbwe\Framework\imageLoader.js
[2013/05/06 14:49:32 | 000,046,874 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.XboxLIVEGames_1.3.10.0_x64__8wekyb3d8bbwe\Framework\imageLoader.js
[2012/07/26 10:46:59 | 000,049,108 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.ZuneMusic_1.0.927.0_x64__8wekyb3d8bbwe\Framework\imageLoader.js
[2013/05/18 10:29:39 | 000,053,549 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.ZuneMusic_1.4.18.0_x64__8wekyb3d8bbwe\Framework\imageLoader.js
[2013/12/18 13:50:00 | 000,053,416 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.ZuneMusic_1.5.216.0_x64__8wekyb3d8bbwe\Framework\imageLoader.js
[2012/07/26 10:47:07 | 000,049,108 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.ZuneVideo_1.0.927.0_x64__8wekyb3d8bbwe\Framework\imageLoader.js
[2013/12/18 13:49:22 | 000,054,211 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.ZuneVideo_1.5.338.0_x64__8wekyb3d8bbwe\Framework\imageLoader.js
[2014/02/11 14:12:31 | 000,054,304 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.ZuneVideo_1.5.444.0_x64__8wekyb3d8bbwe\Framework\imageLoader.js
[2013/09/17 16:36:21 | 000,000,404 | ---- | M] () -- \Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.71\deploy\assets\storeImages\layout\small_loader.gif
[2012/04/09 19:20:34 | 002,533,160 | ---- | M] () -- \SWSETUP\APP\Applications\CyberLink\PowerDirector\10.0.1.1925\src\ShareFiles\Share_x86\Plugin\8.0\CES_3DLoaderFBX.dll
[2014/02/19 16:05:00 | 000,760,192 | ---- | M] () -- \Users\Jirka\AppData\Local\Installer\Install_20878\ytdownloader_ww_setup_20140203.exe
[2014/02/19 16:05:00 | 000,760,192 | ---- | M] () -- \Users\Jirka\AppData\Local\Installer\Install_6591\ytdownloader_ww_setup_20140203.exe
[2014/02/21 21:29:24 | 000,005,708 | ---- | M] () -- \Users\Jirka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7WE2QM0C\queryLoader[1].js
[2014/02/21 21:29:19 | 000,000,374 | ---- | M] () -- \Users\Jirka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F61WPEP9\queryLoader[1].css
[2014/02/22 13:45:28 | 000,071,683 | ---- | M] () -- \Users\Jirka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\QG70BJ2X\sf_preloader[1].js
[2013/06/29 13:14:56 | 000,002,946 | ---- | M] () -- \Users\Jirka\AppData\Roaming\.minecraft\ForgeModLoader-client-0.log
[2013/04/20 19:53:04 | 000,199,010 | ---- | M] () -- \Users\Jirka\AppData\Roaming\.minecraft\ForgeModLoader-client-0.log.1
[2013/04/20 19:52:43 | 000,000,000 | ---- | M] () -- \Users\Jirka\AppData\Roaming\.minecraft\ForgeModLoader-client-0.log.1.lck
[2013/06/29 13:14:54 | 000,000,000 | ---- | M] () -- \Users\Jirka\AppData\Roaming\.minecraft\ForgeModLoader-client-0.log.lck
[2013/05/31 17:13:28 | 000,492,873 | ---- | M] () -- \Users\Jirka\AppData\Roaming\.minecraft\ForgeModLoader-client-1.log
[2013/05/30 21:00:36 | 000,454,818 | ---- | M] () -- \Users\Jirka\AppData\Roaming\.minecraft\ForgeModLoader-client-2.log
[2013/05/31 16:16:04 | 000,000,136 | ---- | M] () -- \Users\Jirka\AppData\Roaming\.minecraft\liteloader.properties
[2013/05/31 17:13:27 | 000,006,685 | ---- | M] () -- \Users\Jirka\AppData\Roaming\.minecraft\LiteLoader.txt
[2013/04/20 19:53:03 | 000,006,678 | ---- | M] () -- \Users\Jirka\AppData\Roaming\.minecraft\LiteLoader.txt.1
[2013/04/20 19:52:55 | 000,000,000 | ---- | M] () -- \Users\Jirka\AppData\Roaming\.minecraft\LiteLoader.txt.1.lck
[2013/02/01 23:04:54 | 000,300,392 | ---- | M] () -- \Users\Public\Sony Online Entertainment\Installed Games\PlanetSide 2\LaunchPad.libs\wws_crashreport_uploader.exe
[2012/07/26 03:46:24 | 000,003,072 | -H-- | M] () -- \windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/07/26 03:46:25 | 000,003,584 | -H-- | M] () -- \windows\System32\api-ms-win-core-libraryloader-l1-1-1.dll
[2012/07/26 03:46:36 | 000,002,560 | -H-- | M] () -- \windows\System32\api-ms-win-core-stringloader-l1-1-0.dll
[2012/07/26 04:18:20 | 000,036,352 | ---- | M] () -- \windows\System32\dmloader.dll
[2013/04/03 14:13:18 | 000,012,532 | ---- | M] () -- \windows\System32\Adobe\Shockwave 12\shockwave_Projector_Loader.dcr
[2012/07/26 03:46:24 | 000,003,072 | -H-- | M] () -- \windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/07/26 03:46:25 | 000,003,584 | -H-- | M] () -- \windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-1.dll
[2012/07/26 03:46:36 | 000,002,560 | -H-- | M] () -- \windows\SysWOW64\api-ms-win-core-stringloader-l1-1-0.dll
[2012/07/26 04:18:20 | 000,036,352 | ---- | M] () -- \windows\SysWOW64\dmloader.dll
[2013/04/03 14:13:18 | 000,012,532 | ---- | M] () -- \windows\SysWOW64\Adobe\Shockwave 12\shockwave_Projector_Loader.dcr
[2012/07/26 05:53:16 | 001,084,144 | ---- | M] () -- \windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.16384_none_891afac5ef497dae\hvloader.efi
[2012/07/26 05:53:16 | 000,998,128 | ---- | M] () -- \windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.16384_none_891afac5ef497dae\hvloader.exe
[2012/10/11 09:42:55 | 001,084,136 | ---- | M] () -- \windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.16433_none_89500bfdef21d5c9\hvloader.efi
[2012/10/11 09:42:55 | 000,998,120 | ---- | M] () -- \windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.16433_none_89500bfdef21d5c9\hvloader.exe
[2013/03/02 11:39:39 | 001,084,136 | ---- | M] () -- \windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.16548_none_894a3f69ef256d94\hvloader.efi
[2013/03/02 11:39:39 | 000,998,120 | ---- | M] () -- \windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.16548_none_894a3f69ef256d94\hvloader.exe
[2013/03/02 11:39:39 | 001,084,136 | ---- | M] () -- \windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.16579_none_892acfefef3cdabe\hvloader.efi
[2013/04/09 06:24:49 | 000,998,152 | ---- | M] () -- \windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.16579_none_892acfefef3cdabe\hvloader.exe
[2013/06/01 13:02:14 | 001,084,160 | ---- | M] () -- \windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.16628_none_895fe127ef1532d9\hvloader.efi
[2013/06/01 13:02:14 | 000,998,144 | ---- | M] () -- \windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.16628_none_895fe127ef1532d9\hvloader.exe
[2012/10/11 08:29:20 | 001,084,136 | ---- | M] () -- \windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.20534_none_89daa913083e8eea\hvloader.efi
[2012/10/11 08:29:20 | 000,998,120 | ---- | M] () -- \windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.20534_none_89daa913083e8eea\hvloader.exe
[2013/03/02 11:22:17 | 001,084,136 | ---- | M] () -- \windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.20652_none_89c30a8d08509145\hvloader.efi
[2013/03/02 11:22:17 | 000,998,120 | ---- | M] () -- \windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.20652_none_89c30a8d08509145\hvloader.exe
[2013/03/02 11:22:17 | 001,084,136 | ---- | M] () -- \windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.20683_none_89a39b130867fe6f\hvloader.efi
[2013/04/09 01:24:11 | 000,998,152 | ---- | M] () -- \windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.20683_none_89a39b130867fe6f\hvloader.exe
[2013/06/01 13:49:37 | 001,084,160 | ---- | M] () -- \windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.20733_none_89d9ac95083f6fe1\hvloader.efi
[2013/06/01 13:49:37 | 000,998,144 | ---- | M] () -- \windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.20733_none_89d9ac95083f6fe1\hvloader.exe
[2012/07/26 04:05:30 | 000,047,616 | ---- | M] () -- \windows\WinSxS\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.2.9200.16384_none_9ebdc35619670551\dmloader.dll
[2012/07/26 03:35:54 | 000,003,072 | -H-- | M] () -- \windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.2.9200.16384_none_637b975b05942933\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/07/26 03:35:54 | 000,003,584 | -H-- | M] () -- \windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.2.9200.16384_none_637b975b05942933\api-ms-win-core-libraryloader-l1-1-1.dll
[2012/07/26 03:35:58 | 000,002,560 | -H-- | M] () -- \windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.2.9200.16384_none_637b975b05942933\api-ms-win-core-stringloader-l1-1-0.dll
[2012/11/12 20:30:37 | 000,004,656 | ---- | M] () -- \windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_cs-cz_8c0c160e86cdb00c.manifest
[2012/11/12 20:30:37 | 000,030,448 | ---- | M] () -- \windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_cs-cz_8c0c160e86cdb00c_winload.efi.mui_35ee487d
[2012/11/12 20:30:37 | 000,030,448 | ---- | M] () -- \windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_cs-cz_8c0c160e86cdb00c_winload.exe.mui_3bc5b827
[2012/11/12 20:30:37 | 000,020,208 | ---- | M] () -- \windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_cs-cz_8c0c160e86cdb00c_winresume.efi.mui_f412814e
[2012/11/12 20:30:37 | 000,020,208 | ---- | M] () -- \windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_cs-cz_8c0c160e86cdb00c_winresume.exe.mui_ff8b5358
[2013/07/17 08:26:52 | 000,005,808 | ---- | M] () -- \windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.16628_none_b43547f8f636cb6a.manifest
[2013/07/17 08:26:52 | 001,403,296 | ---- | M] () -- \windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.16628_none_b43547f8f636cb6a_winload.efi_75834aa0
[2013/07/17 08:26:52 | 001,271,584 | ---- | M] () -- \windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.16628_none_b43547f8f636cb6a_winload.exe_75835076
[2013/07/17 08:26:52 | 001,217,352 | ---- | M] () -- \windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.16628_none_b43547f8f636cb6a_winresume.efi_85cd069f
[2013/07/17 08:26:52 | 001,093,904 | ---- | M] () -- \windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.16628_none_b43547f8f636cb6a_winresume.exe_85cd1215
[2012/07/26 09:11:35 | 000,000,596 | ---- | M] () -- \windows\WinSxS\FileMaps\programdata_microsoft_network_downloader_7fafaef6d33e4371.cdf-ms
[2012/11/12 20:28:13 | 000,004,656 | ---- | M] () -- \windows\WinSxS\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_cs-cz_8c0c160e86cdb00c.manifest
[2012/07/26 06:00:58 | 000,005,810 | ---- | M] () -- \windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.16384_none_b3f06196f66b163f.manifest
[2012/09/20 09:33:02 | 000,005,810 | ---- | M] () -- \windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.16420_none_b42d41dcf63e0664.manifest
[2012/10/11 08:33:59 | 000,005,810 | ---- | M] () -- \windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.16433_none_b42572cef6436e5a.manifest
[2013/04/09 07:04:17 | 000,005,808 | ---- | M] () -- \windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.16579_none_b40036c0f65e734f.manifest
[2013/06/01 12:31:54 | 000,005,808 | ---- | M] () -- \windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.16628_none_b43547f8f636cb6a.manifest
[2012/09/20 10:24:25 | 000,005,810 | ---- | M] () -- \windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.20521_none_b4b7def20f5abf85.manifest
[2012/10/11 08:26:48 | 000,005,810 | ---- | M] () -- \windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.20534_none_b4b00fe40f60277b.manifest
[2013/04/09 01:53:04 | 000,005,808 | ---- | M] () -- \windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.20683_none_b47901e40f899700.manifest
[2013/06/01 13:10:50 | 000,005,808 | ---- | M] () -- \windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.20733_none_b4af13660f610872.manifest
[2012/07/26 04:18:20 | 000,036,352 | ---- | M] () -- \windows\WinSxS\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.2.9200.16384_none_429f27d26109941b\dmloader.dll
[2012/07/26 03:46:24 | 000,003,072 | -H-- | M] () -- \windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.2.9200.16384_none_075cfbd74d36b7fd\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/07/26 03:46:25 | 000,003,584 | -H-- | M] () -- \windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.2.9200.16384_none_075cfbd74d36b7fd\api-ms-win-core-libraryloader-l1-1-1.dll
[2012/07/26 03:46:36 | 000,002,560 | -H-- | M] () -- \windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.2.9200.16384_none_075cfbd74d36b7fd\api-ms-win-core-stringloader-l1-1-0.dll

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2013/08/17 01:06:37 | 000,011,776 | ---- | M] () -- \$Windows.~BT\Sources\sxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.3.9600.16384_cs-cz_b0eacafe7f4d1992\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2013/08/03 05:44:51 | 000,090,112 | ---- | M] () -- \$Windows.~BT\Sources\sxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.3.9600.16384_cs-cz_4e32729c2675dfcf\System.RunTime.Serialization.Resources.dll
[2013/08/17 01:06:27 | 000,131,072 | ---- | M] () -- \$Windows.~BT\Sources\sxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.3.9600.16384_none_f057a9271ce694b1\system.runtime.serialization.formatters.soap.dll
[2013/08/03 05:47:46 | 000,847,872 | ---- | M] () -- \$Windows.~BT\Sources\sxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.3.9600.16384_none_9fc99c9c7c4c05c7\system.runtime.serialization.dll
[2013/08/03 05:47:44 | 000,847,872 | ---- | M] () -- \$Windows.~BT\Sources\sxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.16384_none_daa0a966d0440060\system.runtime.serialization.dll
[2013/08/17 01:06:31 | 000,131,072 | ---- | M] () -- \$Windows.~BT\Sources\sxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.3.9600.16384_none_63202903e7dbbda6\system.runtime.serialization.formatters.soap.dll
[2013/08/17 01:06:37 | 000,011,776 | ---- | M] () -- \$Windows.~BT\Sources\sxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.3.9600.16384_cs-cz_1c493f6fe173c69f\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013/08/03 05:41:46 | 000,970,752 | ---- | M] () -- \$Windows.~BT\Sources\sxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.3.9600.16384_none_ed2ffed67c428df1\system.runtime.serialization.dll
[2013/08/03 05:44:51 | 000,090,112 | ---- | M] () -- \$Windows.~BT\Sources\sxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.3.9600.16384_cs-cz_7adb458f8b8eae0b\System.RunTime.Serialization.Resources.dll
[2013/08/03 05:41:46 | 000,970,752 | ---- | M] () -- \$Windows.~BT\Sources\sxs\msil_system.runtime.serialization_b77a5c561934e089_6.3.9600.16384_none_1d733470a3e98f24\system.runtime.serialization.dll
[2013/08/17 01:06:37 | 000,011,776 | ---- | M] () -- \$Windows.~BT\Sources\sxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.3.9600.16384_cs-cz_54cc2f7ac6efa85c\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013/08/03 05:41:46 | 000,970,752 | ---- | M] () -- \$Windows.~BT\Sources\sxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.16384_none_224de03de4c02966\system.runtime.serialization.dll
[2013/12/17 15:43:40 | 000,003,176 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\shared\gui_items\serializers.pyc
[2012/10/10 02:35:25 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2014/01/24 20:53:49 | 000,712,704 | ---- | M] () -- \Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\dmserializers.dll
[2012/10/10 02:36:13 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2012/11/12 20:30:20 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2012/11/12 20:30:20 | 000,011,776 | ---- | M] () -- \windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012/07/26 11:07:31 | 000,131,072 | R--- | M] () -- \windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2012/11/12 20:30:20 | 000,090,112 | ---- | M] () -- \windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2012/10/10 02:35:25 | 000,970,752 | ---- | M] () -- \windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2014/02/14 15:22:43 | 000,310,784 | ---- | M] () -- \windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\1d9a6ab847f1bcfd10b85410b7a63f90\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013/08/17 18:24:23 | 000,310,784 | ---- | M] () -- \windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\70c38c5db6131d4cf9b238f6a40d276e\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014/02/13 18:48:39 | 002,822,656 | ---- | M] () -- \windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\deba9405e920eefee41a8efe93e93cc6\System.Runtime.Serialization.ni.dll
[2014/02/13 18:48:39 | 000,001,308 | ---- | M] () -- \windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\deba9405e920eefee41a8efe93e93cc6\System.Runtime.Serialization.ni.dll.aux
[2014/02/13 18:44:03 | 003,637,248 | ---- | M] () -- \windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\3549a37d36038a93844b48253ac02488\System.Runtime.Serialization.ni.dll
[2014/02/13 18:44:03 | 000,001,308 | ---- | M] () -- \windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\3549a37d36038a93844b48253ac02488\System.Runtime.Serialization.ni.dll.aux
[2012/07/26 09:09:26 | 000,001,032 | ---- | M] () -- \windows\Inf\c_multiportserial.inf
[2012/07/26 08:21:08 | 000,004,224 | ---- | M] () -- \windows\Inf\c_multiportserial.PNF
[2012/08/31 01:51:52 | 000,027,808 | ---- | M] () -- \windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012/07/12 03:02:06 | 000,132,656 | ---- | M] () -- \windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2012/07/12 03:02:06 | 000,022,024 | ---- | M] () -- \windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Json\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Json.dll
[2012/07/12 03:02:06 | 000,022,048 | ---- | M] () -- \windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Primitives\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Primitives.dll
[2012/08/31 01:51:46 | 000,113,752 | ---- | M] () -- \windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2012/07/12 03:02:06 | 000,022,016 | ---- | M] () -- \windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Xml\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Xml.dll
[2013/07/10 23:08:35 | 001,050,768 | ---- | M] () -- \windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2012/07/12 03:02:08 | 000,036,320 | ---- | M] () -- \windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2012/07/12 03:02:08 | 000,022,496 | ---- | M] () -- \windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.XmlSerializer\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Xml.XmlSerializer.dll
[2012/07/26 11:07:31 | 000,131,072 | R--- | M] () -- \windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2012/11/12 20:30:19 | 000,011,776 | ---- | M] () -- \windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012/10/10 02:35:25 | 000,970,752 | ---- | M] () -- \windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013/07/10 23:08:35 | 001,050,768 | ---- | M] () -- \windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2012/07/12 03:02:06 | 000,132,656 | ---- | M] () -- \windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2012/07/12 03:02:06 | 000,022,024 | ---- | M] () -- \windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Json.dll
[2012/07/12 03:02:06 | 000,022,048 | ---- | M] () -- \windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2012/07/12 03:02:06 | 000,022,016 | ---- | M] () -- \windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2012/07/12 03:02:08 | 000,036,320 | ---- | M] () -- \windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2012/07/12 03:02:08 | 000,022,496 | ---- | M] () -- \windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.XmlSerializer.dll
[2012/08/31 01:51:52 | 000,027,808 | ---- | M] () -- \windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012/08/31 01:51:52 | 000,113,752 | ---- | M] () -- \windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2012/07/26 11:07:31 | 000,131,072 | R--- | M] () -- \windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2012/11/12 20:30:18 | 000,011,776 | ---- | M] () -- \windows\Microsoft.NET\Framework64\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2012/10/10 02:36:14 | 000,847,872 | ---- | M] () -- \windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013/07/10 23:09:10 | 001,050,768 | ---- | M] () -- \windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2012/07/12 03:01:17 | 000,132,656 | ---- | M] () -- \windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2012/07/12 03:01:17 | 000,022,024 | ---- | M] () -- \windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Json.dll
[2012/07/12 03:01:17 | 000,022,048 | ---- | M] () -- \windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2012/07/12 03:01:17 | 000,022,016 | ---- | M] () -- \windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2012/07/12 03:01:20 | 000,036,320 | ---- | M] () -- \windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2012/07/12 03:01:20 | 000,022,496 | ---- | M] () -- \windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.XmlSerializer.dll
[2012/08/31 01:51:45 | 000,027,808 | ---- | M] () -- \windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012/08/31 01:51:46 | 000,113,752 | ---- | M] () -- \windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2012/07/26 04:19:54 | 000,015,360 | ---- | M] () -- \windows\System32\serialui.dll
[2012/11/12 20:30:12 | 000,005,120 | ---- | M] () -- \windows\System32\cs-CZ\serialui.dll.mui
[2012/07/26 10:42:57 | 000,000,232 | ---- | M] () -- \windows\System32\DriverStore\en-US\c_multiportserial.inf_loc
[2012/07/25 21:35:47 | 000,001,032 | ---- | M] () -- \windows\System32\DriverStore\FileRepository\c_multiportserial.inf_amd64_45188a76c7257c7d\c_multiportserial.inf
[2012/07/26 03:30:01 | 000,076,800 | ---- | M] () -- \windows\System32\DriverStore\FileRepository\msports.inf_amd64_b9497ff7bf3c4b05\serial.sys
[2012/07/26 04:19:54 | 000,015,360 | ---- | M] () -- \windows\SysWOW64\serialui.dll
[2012/11/12 20:30:12 | 000,005,120 | ---- | M] () -- \windows\SysWOW64\cs-CZ\serialui.dll.mui
[2012/07/26 10:42:57 | 000,000,232 | ---- | M] () -- \windows\WinSxS\amd64_c_multiportserial.inf.resources_31bf3856ad364e35_6.2.9200.16384_en-us_9df633403910846e\c_multiportserial.inf_loc
[2012/07/25 21:35:47 | 000,001,032 | ---- | M] () -- \windows\WinSxS\amd64_c_multiportserial.inf_31bf3856ad364e35_6.2.9200.16384_none_f9bc515a3410ee82\c_multiportserial.inf
[2013/06/18 08:39:17 | 000,000,181 | ---- | M] () -- \windows\WinSxS\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.2.9200.16384_cs-cz_18f61258351a4915\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2012/11/12 20:30:18 | 000,011,776 | ---- | M] () -- \windows\WinSxS\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.2.9200.16430_cs-cz_192822b234f5552b\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2013/06/18 08:39:23 | 000,000,181 | ---- | M] () -- \windows\WinSxS\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.2.9200.20531_cs-cz_19b2bfc74e120e4c\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2012/11/12 20:30:12 | 000,005,120 | ---- | M] () -- \windows\WinSxS\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.2.9200.16384_cs-cz_a73488f66d6efa73\serialui.dll.mui
[2012/07/26 04:07:10 | 000,017,920 | ---- | M] () -- \windows\WinSxS\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.2.9200.16384_none_4dcb48f2a86ef2b0\serialui.dll
[2013/06/18 09:02:52 | 000,000,184 | ---- | M] () -- \windows\WinSxS\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.2.9200.16384_cs-cz_b63db9f5dc430f52\System.RunTime.Serialization.Resources.dll
[2012/11/12 20:30:20 | 000,090,112 | ---- | M] () -- \windows\WinSxS\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.2.9200.16430_cs-cz_b66fca4fdc1e1b68\System.RunTime.Serialization.Resources.dll
[2013/06/18 09:02:53 | 000,000,184 | ---- | M] () -- \windows\WinSxS\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.2.9200.20531_cs-cz_b6fa6764f53ad489\System.RunTime.Serialization.Resources.dll
[2012/11/12 20:30:09 | 000,009,728 | ---- | M] () -- \windows\WinSxS\amd64_msports.inf.resources_31bf3856ad364e35_6.2.9200.16384_cs-cz_1d7fc9ead6009a1c\serial.sys.mui
[2012/07/26 03:30:01 | 000,076,800 | ---- | M] () -- \windows\WinSxS\amd64_msports.inf_31bf3856ad364e35_6.2.9200.16384_none_5161581642227a2a\serial.sys
[2013/06/18 09:07:22 | 000,004,892 | ---- | M] () -- \windows\WinSxS\amd64_netfx4clientcorecomp.resources_31bf3856ad364e35_6.2.9200.16384_cs-cz_6b79c54ad2b7ba05\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013/06/18 09:07:15 | 000,004,906 | ---- | M] () -- \windows\WinSxS\amd64_netfx4clientcorecomp.resources_31bf3856ad364e35_6.2.9200.16384_cs-cz_6b79c54ad2b7ba05\System.RunTime.Serialization.resources.dll
[2012/08/31 01:51:45 | 000,027,808 | ---- | M] () -- \windows\WinSxS\amd64_netfx4clientcorecomp.resources_31bf3856ad364e35_6.2.9200.16430_cs-cz_6babd5a4d292c61b\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012/08/31 01:51:46 | 000,113,752 | ---- | M] () -- \windows\WinSxS\amd64_netfx4clientcorecomp.resources_31bf3856ad364e35_6.2.9200.16430_cs-cz_6babd5a4d292c61b\System.RunTime.Serialization.resources.dll
[2013/06/18 09:07:52 | 000,002,683 | ---- | M] () -- \windows\WinSxS\amd64_netfx4clientcorecomp.resources_31bf3856ad364e35_6.2.9200.20531_cs-cz_6c3672b9ebaf7f3c\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013/06/18 09:07:47 | 000,003,257 | ---- | M] () -- \windows\WinSxS\amd64_netfx4clientcorecomp.resources_31bf3856ad364e35_6.2.9200.20531_cs-cz_6c3672b9ebaf7f3c\System.RunTime.Serialization.resources.dll
[2012/07/12 03:01:17 | 000,132,656 | ---- | M] () -- \windows\WinSxS\amd64_netfx4-system.runti..ion.formatters.soap_b03f5f7f11d50a3a_4.0.9200.16384_none_d68148ce3ff07e02\System.Runtime.Serialization.Formatters.Soap.dll
[2012/07/12 03:01:17 | 000,022,048 | ---- | M] () -- \windows\WinSxS\amd64_netfx4-system.runti..lization.primitives_b03f5f7f11d50a3a_4.0.9200.16384_none_43a8275875494b8e\System.Runtime.Serialization.Primitives.dll
[2012/07/12 03:01:17 | 000,022,024 | ---- | M] () -- \windows\WinSxS\amd64_netfx4-system.runtime.serialization.json_b03f5f7f11d50a3a_4.0.9200.16384_none_e25d0cd734f43e04\System.Runtime.Serialization.Json.dll
[2012/07/12 03:01:17 | 000,022,016 | ---- | M] () -- \windows\WinSxS\amd64_netfx4-system.runtime.serialization.xml_b03f5f7f11d50a3a_4.0.9200.16384_none_c974e4aa59db7371\System.Runtime.Serialization.Xml.dll
[2012/07/12 03:01:17 | 001,050,096 | ---- | M] () -- \windows\WinSxS\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9200.16384_none_8f14a7bb8fcb8036\System.Runtime.Serialization.dll
[2013/02/23 00:09:26 | 001,050,728 | ---- | M] () -- \windows\WinSxS\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9200.16543_none_8f10bd138fcf01db\System.Runtime.Serialization.dll
[2013/07/10 23:09:10 | 001,050,768 | ---- | M] () -- \windows\WinSxS\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9200.16664_none_8f12a6bb8fcd4e7b\System.Runtime.Serialization.dll
[2013/02/23 00:13:33 | 001,051,768 | ---- | M] () -- \windows\WinSxS\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9200.20647_none_7842bb33a976c865\System.Runtime.Serialization.dll
[2013/07/10 23:12:22 | 001,051,272 | ---- | M] () -- \windows\WinSxS\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9200.20772_none_78462dd5a9739496\System.Runtime.Serialization.dll
[2012/07/12 03:01:20 | 000,036,320 | ---- | M] () -- \windows\WinSxS\amd64_netfx4-system.xml.serialization_b03f5f7f11d50a3a_4.0.9200.16384_none_fed799684e8c8f15\System.Xml.Serialization.dll
[2012/07/12 03:01:20 | 000,022,496 | ---- | M] () -- \windows\WinSxS\amd64_netfx4-system.xml.xmlserializer_b03f5f7f11d50a3a_4.0.9200.16384_none_ea6130aafff18bc8\System.Xml.XmlSerializer.dll
[2012/07/26 11:07:31 | 000,131,072 | R--- | M] () -- \windows\WinSxS\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.2.9200.16384_none_e04b053008b35686\System.Runtime.Serialization.Formatters.Soap.dll
[2012/07/06 03:02:29 | 000,847,872 | ---- | M] () -- \windows\WinSxS\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.2.9200.16384_none_8fbcf8a56818c79c\System.Runtime.Serialization.dll
[2012/10/10 02:36:14 | 000,847,872 | ---- | M] () -- \windows\WinSxS\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.2.9200.16432_none_8fb8249f681d15f8\System.Runtime.Serialization.dll
[2012/10/10 02:36:23 | 000,847,872 | ---- | M] () -- \windows\WinSxS\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.2.9200.20533_none_78ea671781c48f9f\System.Runtime.Serialization.dll
[2012/07/06 03:02:29 | 000,847,872 | ---- | M] () -- \windows\WinSxS\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.2.9200.16384_none_ca94056fbc10c235\System.Runtime.Serialization.dll
[2012/10/10 02:36:13 | 000,847,872 | ---- | M] () -- \windows\WinSxS\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.2.9200.16432_none_ca8f3169bc151091\System.Runtime.Serialization.dll
[2012/10/10 02:36:22 | 000,847,872 | ---- | M] () -- \windows\WinSxS\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.2.9200.20533_none_b3c173e1d5bc8a38\System.Runtime.Serialization.dll
[2012/11/12 20:27:23 | 000,001,131 | ---- | M] () -- \windows\WinSxS\Manifests\amd64_c_multiportserial.inf-languagepack_31bf3856ad364e35_6.2.9200.16384_cs-cz_2b0eb54f379ff467.manifest
[2012/07/26 10:42:14 | 000,001,852 | ---- | M] () -- \windows\WinSxS\Manifests\amd64_c_multiportserial.inf.resources_31bf3856ad364e35_6.2.9200.16384_en-us_9df633403910846e.manifest
[2012/07/26 06:09:43 | 000,001,513 | ---- | M] () -- \windows\WinSxS\Manifests\amd64_c_multiportserial.inf_31bf3856ad364e35_6.2.9200.16384_none_f9bc515a3410ee82.manifest
[2012/07/26 06:26:40 | 000,002,626 | ---- | M] () -- \windows\WinSxS\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.2.9200.16384_none_6a7f3483366f250c.manifest
[2012/07/26 06:07:04 | 000,009,894 | ---- | M] () -- \windows\WinSxS\Manifests\amd64_microsoft-windows-serial-classextension_31bf3856ad364e35_6.2.9200.16384_none_8ede5994e2f7c2e3.manifest
[2012/07/26 06:06:54 | 000,000,452 | ---- | M] () -- \windows\WinSxS\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.2.9200.16384_none_85867a4c903a2d8f.manifest
[2012/07/26 05:48:21 | 000,002,226 | ---- | M] () -- \windows\WinSxS\Manifests\amd64_netfx4-system.runtime.serialization.json_b03f5f7f11d50a3a_4.0.9200.16384_none_e25d0cd734f43e04.manifest
[2012/07/26 05:48:33 | 000,002,222 | ---- | M] () -- \windows\WinSxS\Manifests\amd64_netfx4-system.runtime.serialization.xml_b03f5f7f11d50a3a_4.0.9200.16384_none_c974e4aa59db7371.manifest
[2012/07/26 05:48:19 | 000,002,206 | ---- | M] () -- \windows\WinSxS\Manifests\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9200.16384_none_8f14a7bb8fcb8036.manifest
[2013/02/25 02:50:28 | 000,002,206 | ---- | M] () -- \windows\WinSxS\Manifests\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9200.16543_none_8f10bd138fcf01db.manifest
[2013/07/11 06:33:51 | 000,002,206 | ---- | M] () -- \windows\WinSxS\Manifests\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9200.16664_none_8f12a6bb8fcd4e7b.manifest
[2013/02/25 02:20:05 | 000,002,206 | ---- | M] () -- \windows\WinSxS\Manifests\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9200.20647_none_7842bb33a976c865.manifest
[2013/07/11 08:26:42 | 000,002,206 | ---- | M] () -- \windows\WinSxS\Manifests\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9200.20772_none_78462dd5a9739496.manifest
[2012/07/26 05:48:28 | 000,002,190 | ---- | M] () -- \windows\WinSxS\Manifests\amd64_netfx4-system.xml.serialization_b03f5f7f11d50a3a_4.0.9200.16384_none_fed799684e8c8f15.manifest
[2012/07/26 05:48:22 | 000,002,190 | ---- | M] () -- \windows\WinSxS\Manifests\amd64_netfx4-system.xml.xmlserializer_b03f5f7f11d50a3a_4.0.9200.16384_none_ea6130aafff18bc8.manifest
[2012/07/26 05:48:30 | 000,002,276 | ---- | M] () -- \windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.2.9200.16384_none_8fbcf8a56818c79c.manifest
[2012/10/10 10:35:16 | 000,002,276 | ---- | M] () -- \windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.2.9200.16432_none_8fb8249f681d15f8.manifest
[2012/10/10 09:57:11 | 000,002,276 | ---- | M] () -- \windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.2.9200.20533_none_78ea671781c48f9f.manifest
[2012/07/26 05:48:13 | 000,002,301 | ---- | M] () -- \windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.2.9200.16384_none_ca94056fbc10c235.manifest
[2012/10/10 10:35:02 | 000,002,301 | ---- | M] () -- \windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.2.9200.16432_none_ca8f3169bc151091.manifest
[2012/10/10 09:56:39 | 000,002,301 | ---- | M] () -- \windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.2.9200.20533_none_b3c173e1d5bc8a38.manifest
[2012/07/26 04:40:05 | 000,002,301 | ---- | M] () -- \windows\WinSxS\Manifests\msil_system.runtime.serialization.json_b03f5f7f11d50a3a_4.0.9200.16384_none_4133a81e70d69dc1.manifest
[2012/07/26 04:45:32 | 000,002,325 | ---- | M] () -- \windows\WinSxS\Manifests\msil_system.runtime.serialization.primitives_b03f5f7f11d50a3a_4.0.9200.16384_none_bd2cf9cf998cc8b9.manifest
[2012/07/26 04:43:53 | 000,002,265 | ---- | M] () -- \windows\WinSxS\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.2.9200.16384_none_dd235adf680f4fc6.manifest
[2012/10/10 08:14:13 | 000,002,265 | ---- | M] () -- \windows\WinSxS\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.2.9200.16432_none_dd1e86d968139e22.manifest
[2012/10/10 08:29:05 | 000,002,265 | ---- | M] () -- \windows\WinSxS\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.2.9200.20533_none_c650c95181bb17c9.manifest
[2012/11/12 20:29:18 | 000,001,569 | ---- | M] () -- \windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9200.16384_cs-cz_04bd693af2668cc0.manifest
[2012/10/06 08:45:01 | 000,001,569 | ---- | M] () -- \windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9200.16430_cs-cz_04b8c2c4f26aa7da.manifest
[2013/02/25 05:17:13 | 000,001,569 | ---- | M] () -- \windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9200.16543_cs-cz_04b97e92f26a0e65.manifest
[2013/07/11 09:20:01 | 000,001,569 | ---- | M] () -- \windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9200.16664_cs-cz_04bb683af2685b05.manifest
[2012/10/06 08:49:51 | 000,001,569 | ---- | M] () -- \windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9200.20531_cs-cz_edeb053d0c122181.manifest
[2013/02/25 07:16:34 | 000,001,569 | ---- | M] () -- \windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9200.20647_cs-cz_edeb7cb30c11d4ef.manifest
[2013/07/11 11:04:59 | 000,001,569 | ---- | M] () -- \windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9200.20772_cs-cz_edeeef550c0ea120.manifest
[2012/11/12 20:29:12 | 000,001,643 | ---- | M] () -- \windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.2.9200.16384_cs-cz_6acea198775b6fe0.manifest
[2012/10/10 16:41:47 | 000,001,643 | ---- | M] () -- \windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.2.9200.16432_cs-cz_6ac9cd92775fbe3c.manifest
[2012/10/10 16:40:30 | 000,001,643 | ---- | M] () -- \windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.2.9200.20533_cs-cz_53fc100a910737e3.manifest
[2012/07/26 04:40:13 | 000,002,297 | ---- | M] () -- \windows\WinSxS\Manifests\msil_system.runtime.serialization.xml_b03f5f7f11d50a3a_4.0.9200.16384_none_ec5267dfb07eac70.manifest
[2012/07/26 04:40:38 | 000,002,730 | ---- | M] () -- \windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_4.0.9200.16384_none_a755581c0ac16dd9.manifest
[2013/02/25 01:20:49 | 000,002,730 | ---- | M] () -- \windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_4.0.9200.16543_none_a7516d740ac4ef7e.manifest
[2013/07/11 03:23:17 | 000,002,730 | ---- | M] () -- \windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_4.0.9200.16664_none_a753571c0ac33c1e.manifest
[2013/02/25 00:54:09 | 000,002,730 | ---- | M] () -- \windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_4.0.9200.20647_none_90836b94246cb608.manifest
[2013/07/11 05:09:43 | 000,002,730 | ---- | M] () -- \windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_4.0.9200.20772_none_9086de3624698239.manifest
[2012/07/26 04:45:31 | 000,002,018 | ---- | M] () -- \windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.2.9200.16384_none_0d6690798fb650f9.manifest
[2012/10/10 08:14:19 | 000,002,018 | ---- | M] () -- \windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.2.9200.16432_none_0d61bc738fba9f55.manifest
[2012/10/10 08:29:12 | 000,002,018 | ---- | M] () -- \windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.2.9200.20533_none_f693feeba96218fc.manifest
[2012/07/26 04:46:59 | 000,002,382 | ---- | M] () -- \windows\WinSxS\Manifests\msil_system.xml.serialization_b77a5c561934e089_4.0.9200.16384_none_39f3d82244d5cd7e.manifest
[2012/07/26 04:44:37 | 000,002,265 | ---- | M] () -- \windows\WinSxS\Manifests\msil_system.xml.xmlserializer_b03f5f7f11d50a3a_4.0.9200.16384_none_1c0994e6b8e022d1.manifest
[2012/07/26 04:40:08 | 000,002,299 | ---- | M] () -- \windows\WinSxS\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.2.9200.16384_none_12413c46d08ceb3b.manifest
[2012/10/10 08:14:00 | 000,002,299 | ---- | M] () -- \windows\WinSxS\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.2.9200.16432_none_123c6840d0913997.manifest
[2012/10/10 08:28:50 | 000,002,299 | ---- | M] () -- \windows\WinSxS\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.2.9200.20533_none_fb6eaab8ea38b33e.manifest
[2012/07/12 03:02:06 | 000,132,656 | ---- | M] () -- \windows\WinSxS\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_4.0.9200.16384_none_ed024caf4eb39c5b\System.Runtime.Serialization.Formatters.Soap.dll
[2012/07/26 11:07:31 | 000,131,072 | R--- | M] () -- \windows\WinSxS\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.2.9200.16384_none_5313850cd3a87f7b\System.Runtime.Serialization.Formatters.Soap.dll
[2012/11/12 20:30:21 | 000,027,736 | ---- | M] () -- \windows\WinSxS\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_4.0.9200.16384_cs-cz_a62b631b484ba554\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012/08/31 01:51:52 | 000,027,808 | ---- | M] () -- \windows\WinSxS\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_4.0.9200.16430_cs-cz_a626bca5484fc06e\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012/08/31 01:52:17 | 000,027,808 | ---- | M] () -- \windows\WinSxS\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_4.0.9200.20531_cs-cz_8f58ff1d61f73a15\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012/11/12 20:30:20 | 000,011,776 | ---- | M] () -- \windows\WinSxS\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.2.9200.16384_cs-cz_0c3c9b78cd408874\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012/07/12 03:02:06 | 000,022,024 | ---- | M] () -- \windows\WinSxS\msil_system.runtime.serialization.json_b03f5f7f11d50a3a_4.0.9200.16384_none_4133a81e70d69dc1\System.Runtime.Serialization.Json.dll
[2012/07/12 03:02:06 | 000,022,048 | ---- | M] () -- \windows\WinSxS\msil_system.runtime.serialization.primitives_b03f5f7f11d50a3a_4.0.9200.16384_none_bd2cf9cf998cc8b9\System.Runtime.Serialization.Primitives.dll
[2012/07/06 03:02:29 | 000,970,752 | ---- | M] () -- \windows\WinSxS\msil_system.runtime.serialization.ref_b77a5c561934e089_6.2.9200.16384_none_dd235adf680f4fc6\System.Runtime.Serialization.dll
[2012/10/10 02:35:25 | 000,970,752 | ---- | M] () -- \windows\WinSxS\msil_system.runtime.serialization.ref_b77a5c561934e089_6.2.9200.16432_none_dd1e86d968139e22\System.Runtime.Serialization.dll
[2012/10/10 02:36:08 | 000,970,752 | ---- | M] () -- \windows\WinSxS\msil_system.runtime.serialization.ref_b77a5c561934e089_6.2.9200.20533_none_c650c95181bb17c9\System.Runtime.Serialization.dll
[2012/11/12 20:30:23 | 000,113,704 | ---- | M] () -- \windows\WinSxS\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9200.16384_cs-cz_04bd693af2668cc0\System.RunTime.Serialization.resources.dll
[2012/08/31 01:51:52 | 000,113,752 | ---- | M] () -- \windows\WinSxS\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9200.16430_cs-cz_04b8c2c4f26aa7da\System.RunTime.Serialization.resources.dll
[2012/08/31 01:51:46 | 000,113,752 | ---- | M] () -- \windows\WinSxS\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9200.16543_cs-cz_04b97e92f26a0e65\System.RunTime.Serialization.resources.dll
[2012/08/31 01:51:46 | 000,113,752 | ---- | M] () -- \windows\WinSxS\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9200.16664_cs-cz_04bb683af2685b05\System.RunTime.Serialization.resources.dll
[2012/08/31 01:52:18 | 000,113,752 | ---- | M] () -- \windows\WinSxS\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9200.20531_cs-cz_edeb053d0c122181\System.RunTime.Serialization.resources.dll
[2012/08/31 01:52:07 | 000,113,752 | ---- | M] () -- \windows\WinSxS\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9200.20647_cs-cz_edeb7cb30c11d4ef\System.RunTime.Serialization.resources.dll
[2012/08/31 01:52:07 | 000,113,752 | ---- | M] () -- \windows\WinSxS\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9200.20772_cs-cz_edeeef550c0ea120\System.RunTime.Serialization.resources.dll
[2012/11/12 20:30:20 | 000,090,112 | ---- | M] () -- \windows\WinSxS\msil_system.runtime.serialization.resources_b77a5c561934e089_6.2.9200.16384_cs-cz_6acea198775b6fe0\System.RunTime.Serialization.Resources.dll
[2012/11/12 20:30:20 | 000,090,112 | ---- | M] () -- \windows\WinSxS\msil_system.runtime.serialization.resources_b77a5c561934e089_6.2.9200.16432_cs-cz_6ac9cd92775fbe3c\System.RunTime.Serialization.Resources.dll
[2012/11/12 20:30:20 | 000,090,112 | ---- | M] () -- \windows\WinSxS\msil_system.runtime.serialization.resources_b77a5c561934e089_6.2.9200.20533_cs-cz_53fc100a910737e3\System.RunTime.Serialization.Resources.dll
[2012/07/12 03:02:06 | 000,022,016 | ---- | M] () -- \windows\WinSxS\msil_system.runtime.serialization.xml_b03f5f7f11d50a3a_4.0.9200.16384_none_ec5267dfb07eac70\System.Runtime.Serialization.Xml.dll
[2012/07/12 03:02:06 | 001,050,096 | ---- | M] () -- \windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_4.0.9200.16384_none_a755581c0ac16dd9\System.Runtime.Serialization.dll
[2013/02/23 00:11:46 | 001,050,728 | ---- | M] () -- \windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_4.0.9200.16543_none_a7516d740ac4ef7e\System.Runtime.Serialization.dll
[2013/07/10 23:08:35 | 001,050,768 | ---- | M] () -- \windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_4.0.9200.16664_none_a753571c0ac33c1e\System.Runtime.Serialization.dll
[2013/02/23 00:13:32 | 001,051,768 | ---- | M] () -- \windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_4.0.9200.20647_none_90836b94246cb608\System.Runtime.Serialization.dll
[2013/07/10 23:12:02 | 001,051,272 | ---- | M] () -- \windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_4.0.9200.20772_none_9086de3624698239\System.Runtime.Serialization.dll
[2012/07/06 03:02:28 | 000,970,752 | ---- | M] () -- \windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_6.2.9200.16384_none_0d6690798fb650f9\System.Runtime.Serialization.dll
[2012/10/10 02:35:25 | 000,970,752 | ---- | M] () -- \windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_6.2.9200.16432_none_0d61bc738fba9f55\System.Runtime.Serialization.dll
[2012/10/10 02:36:07 | 000,970,752 | ---- | M] () -- \windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_6.2.9200.20533_none_f693feeba96218fc\System.Runtime.Serialization.dll
[2012/07/12 03:02:08 | 000,036,320 | ---- | M] () -- \windows\WinSxS\msil_system.xml.serialization_b77a5c561934e089_4.0.9200.16384_none_39f3d82244d5cd7e\System.Xml.Serialization.dll
[2012/07/12 03:02:08 | 000,022,496 | ---- | M] () -- \windows\WinSxS\msil_system.xml.xmlserializer_b03f5f7f11d50a3a_4.0.9200.16384_none_1c0994e6b8e022d1\System.Xml.XmlSerializer.dll
[2013/06/19 18:15:09 | 000,004,893 | ---- | M] () -- \windows\WinSxS\wow64_netfx4clientcorecomp.resources_31bf3856ad364e35_6.2.9200.16384_cs-cz_75ce6f9d07187c00\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013/06/19 18:15:03 | 000,004,266 | ---- | M] () -- \windows\WinSxS\wow64_netfx4clientcorecomp.resources_31bf3856ad364e35_6.2.9200.16384_cs-cz_75ce6f9d07187c00\System.RunTime.Serialization.resources.dll
[2012/08/31 01:51:52 | 000,027,808 | ---- | M] () -- \windows\WinSxS\wow64_netfx4clientcorecomp.resources_31bf3856ad364e35_6.2.9200.16430_cs-cz_76007ff706f38816\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012/08/31 01:51:52 | 000,113,752 | ---- | M] () -- \windows\WinSxS\wow64_netfx4clientcorecomp.resources_31bf3856ad364e35_6.2.9200.16430_cs-cz_76007ff706f38816\System.RunTime.Serialization.resources.dll
[2013/06/19 18:15:38 | 000,002,754 | ---- | M] () -- \windows\WinSxS\wow64_netfx4clientcorecomp.resources_31bf3856ad364e35_6.2.9200.20531_cs-cz_768b1d0c20104137\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013/06/19 18:15:32 | 000,002,384 | ---- | M] () -- \windows\WinSxS\wow64_netfx4clientcorecomp.resources_31bf3856ad364e35_6.2.9200.20531_cs-cz_768b1d0c20104137\System.RunTime.Serialization.resources.dll
[2013/06/22 10:59:17 | 000,000,181 | ---- | M] () -- \windows\WinSxS\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.2.9200.16384_cs-cz_bcd776d47cbcd7df\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012/11/12 20:30:19 | 000,011,776 | ---- | M] () -- \windows\WinSxS\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.2.9200.16430_cs-cz_bd09872e7c97e3f5\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013/06/22 11:00:42 | 000,000,181 | ---- | M] () -- \windows\WinSxS\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.2.9200.20531_cs-cz_bd94244395b49d16\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012/11/12 20:30:12 | 000,005,120 | ---- | M] () -- \windows\WinSxS\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.2.9200.16384_cs-cz_4b15ed72b511893d\serialui.dll.mui
[2012/07/26 04:19:54 | 000,015,360 | ---- | M] () -- \windows\WinSxS\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.2.9200.16384_none_f1acad6ef011817a\serialui.dll
[2012/07/26 11:07:31 | 000,970,752 | ---- | M] () -- \windows\WinSxS\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.2.9200.16384_none_12413c46d08ceb3b\System.Runtime.Serialization.dll
[2012/10/10 02:35:25 | 000,970,752 | ---- | M] () -- \windows\WinSxS\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.2.9200.16432_none_123c6840d0913997\System.Runtime.Serialization.dll
[2012/10/10 02:36:07 | 000,970,752 | ---- | M] () -- \windows\WinSxS\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.2.9200.20533_none_fb6eaab8ea38b33e\System.Runtime.Serialization.dll

< *w7lxe* /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 21 bytes -> \Users\Public\Sony Online Entertainment\Installed Games\PlanetSide 2\LaunchPad.libs\wws_crashreport_uploader.exe:crc
@Alternate Data Stream - 21 bytes -> \Program Files (x86)\Steam\SteamApps\common\PlanetSide 2\wws_crashreport_uploader.exe:crc
@Alternate Data Stream - 21 bytes -> \Program Files (x86)\Steam\SteamApps\common\PlanetSide 2\LaunchPad.libs\wws_crashreport_uploader.exe:crc
@Alternate Data Stream - 21 bytes -> \Program Files (x86)\Steam\SteamApps\common\PlanetSide 2\APEX_Loader_x86.dll:crc

< End of report >

Gladiator91 · #24 Příspěvek od **Gladiator91** » 24 úno 2014 18:59

OTL Extras logfile created on: 24. 2. 2014 18:17:47 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jirka\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16798)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d. M. yyyy

5,96 Gb Total Physical Memory | 4,60 Gb Available Physical Memory | 77,25% Memory free
6,89 Gb Paging File | 5,26 Gb Available in Paging File | 76,23% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 452,79 Gb Total Space | 270,23 Gb Free Space | 59,68% Space Free | Partition Type: NTFS
Drive D: | 11,15 Gb Total Space | 1,31 Gb Free Space | 11,77% Space Free | Partition Type: NTFS
Drive J: | 465,73 Gb Total Space | 386,76 Gb Free Space | 83,04% Space Free | Partition Type: NTFS

Computer Name: PC-OBYVAK | User Name: Jirka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = CE 37 E6 AF FF 6A CD 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0899B6AC-523F-460E-80CC-09E567B7CDA1}" = rport=139 | protocol=6 | dir=out | app=system |
"{11760944-8E0A-4C43-B7DE-78F9F6EFD4A9}" = lport=445 | protocol=6 | dir=in | app=system |
"{3559D8A6-0699-4347-809E-4C8F3AD6C3DF}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{42FE191E-0C4C-4522-86ED-98350366B027}" = lport=139 | protocol=6 | dir=in | app=system |
"{46F54767-CABA-4BC6-BABC-A1FDB09FA734}" = rport=10243 | protocol=6 | dir=out | app=system |
"{6105FFA4-9A4C-4D77-9019-2D061CC113C8}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{650F2081-7C45-4562-A274-7F936AB6B637}" = lport=53000 | protocol=6 | dir=in | name=hpconnectedremoteservice.exe |
"{650FE9CB-1ECD-4ECE-A3A0-BB528F365881}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{65E9C107-E7EC-4C70-A1C8-BC9806998345}" = lport=138 | protocol=17 | dir=in | app=system |
"{80995119-1AB1-4914-8364-AC9937912B06}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8F743963-ACE9-4255-82C1-5D0222E7BE8E}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A983D4AD-6D4B-4EA5-AF09-53ED5B7F4F62}" = lport=2869 | protocol=6 | dir=in | app=system |
"{ABCD728B-7D81-42F9-910D-152138929F74}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B3E13737-E621-42FA-92F3-3EA13935DA08}" = lport=10243 | protocol=6 | dir=in | app=system |
"{B41CEF5E-9061-45CF-837B-16E24109C009}" = rport=137 | protocol=17 | dir=out | app=system |
"{BC8987F2-780C-4911-B8D4-7B74CEECE03C}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{BD27ED5A-CC6E-4469-B9E2-0F6A6AD50F6E}" = lport=137 | protocol=17 | dir=in | app=system |
"{CEE5AD2D-C840-48FE-8A08-17501BFEB116}" = rport=445 | protocol=6 | dir=out | app=system |
"{DD5687D4-33E3-4BE7-81CE-9D88DE306EFE}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E10E60C8-567B-404A-9BC0-BF63AD4E94C2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E30601AF-A7F2-46D4-BA34-0048AB97DA95}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{EF03EB70-D675-47F6-A400-F54D33C6E626}" = rport=138 | protocol=17 | dir=out | app=system |
"{F3FDBF6A-E422-4BB3-A0BD-7AF3C441AA65}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FBD02B42-EE01-4267-8E81-168F9870663E}" = lport=52000 | protocol=6 | dir=in | name=hpconnectedremoteuser.exe |
"{FBFB89D8-0AEE-4E6D-940E-6D997838FD19}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0544DF86-6667-47D5-B155-06A21CEF8095}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2689\agent.exe |
"{0B46EBB3-DF14-4C5C-8E1A-15969AE438FE}" = dir=out | name=@{microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{0C015AFA-63A2-496D-9E99-2640598A2CF2}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{17D83431-3091-4308-B9CB-ABA537222529}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{17F85623-B69B-40B8-8BCE-688836A45BC3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1BF587BB-BF8A-4242-8086-A01F9C1F5EE2}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{1E40D3B2-90C8-4570-B730-A8F534FA8B40}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{1EDD6413-F2B4-4F05-B4CC-6AC1BFFA39C1}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{228A8505-B72F-46B5-B3AA-E46C0D13EB68}" = dir=out | name=@{microsoft.bing_1.5.1.259_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{286CCA85-2489-4510-B65D-E293CDA00EBB}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{2B06B8DB-8A63-411D-AF66-D849DF76BD36}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{2D8D10CA-3123-4094-8D29-36A8C4D8AB0F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe |
"{2F2D2FD3-4B5D-435F-8AD0-F9C2BE90F9A0}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{30664458-FA87-4CEF-BE26-37FD4D9B20D3}" = dir=out | name=@{microsoft.bingweather_2.0.0.288_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{32B49AA3-6B1D-4C7A-8DB0-D379A2EEB0EE}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{336AD5B1-4271-4D54-BB46-EB63E8AAB944}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe |
"{346864B4-F8EC-41C4-A3E0-BB8D72F53C4D}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{384E8071-12DD-476D-8107-EA84E86F4952}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{394D05F3-DEFD-4C22-A115-0592C35F2808}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{3F1B3089-A0DE-4FF8-80AD-2650542E5072}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{3F1F9028-CF7F-4C41-833E-113FCA86FDF4}" = dir=out | name=@{microsoft.bingmaps_1.6.1821.2624_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{41B048DF-5C62-49CB-BAE3-C622247A4F90}" = dir=in | name=@{microsoft.reader_6.2.9200.20623_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{41DCCD1C-A477-4588-9225-482B58B8C4FF}" = dir=out | name=@{microsoft.xboxlivegames_1.3.10.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{44B6BDD6-F626-467D-83C0-3D1E347BADA6}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector10\pdr10.exe |
"{44FDADB6-CBB4-496B-8E6F-E91070057EFF}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2380\agent.exe |
"{4E7EF48A-3CBB-44CA-9D15-AEDD35E6AEFC}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{508D85B4-553B-4EFD-AE91-0BF644F3D8B6}" = dir=out | name=kindle |
"{5151C865-C660-4F7B-BA39-597E2210ED61}" = protocol=58 | dir=in | app=system |
"{53070743-EEA5-42A3-A681-B447FC15FC12}" = protocol=6 | dir=in | app=c:\users\jirka\desktop\diablo iii\diablo iii.exe |
"{5534FB1A-3152-4F6C-AD9C-2E1A6179180E}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{5BD3D30C-167B-4722-AB5B-18B6154E8D7C}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2045\agent.exe |
"{5F4C9799-2505-48B0-A8A9-B7854AC9209D}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{6060C615-91AD-4D89-B219-C99878A9604F}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2380\agent.exe |
"{6062F7E0-12E4-46FB-A51A-4EE66F60E43B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{60E2823B-0904-40A0-8446-2FF1F8E32DA4}" = dir=out | name=skype |
"{64F0E014-8E26-4B18-8BEA-CEA499B3C1CD}" = dir=out | name=@{microsoft.zunevideo_1.5.338.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{67561FC3-4B19-40F6-8719-F1A6B81FB79F}" = dir=in | app=c:\users\jirka\appdata\local\tnt2\2.0.0.1702\tnt2user.exe |
"{6B8BF058-0EF3-4DB7-9E40-2F353011D59B}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{70EF3A1D-9F44-4B97-A941-C7DEC1B4E8B7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\planetside 2\launchpad.exe |
"{70F5E5B4-75E9-4A9F-BBFA-C9A73BF289D3}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{71ADA01A-C474-424F-B307-60E1FB8B82B8}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{7688EBCF-4A73-46B3-AE90-4DA9B3609F36}" = protocol=6 | dir=out | app=system |
"{7973918E-09ED-4BF2-A10B-C3DC693C2ACC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7C08086F-2009-4E33-8D01-43E284B2EB42}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{812C241E-0E52-467A-A8A3-A4C54F9D9F6F}" = dir=out | name=@{microsoft.bingtravel_2.0.0.274_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{833875C4-0A25-4DAB-9845-E5DA0D59026A}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{8416AB9C-411A-46F3-AE7C-59A6AEAF89E4}" = dir=out | name=getting started with windows 8 |
"{8AB90858-A1CF-4B03-A47E-7D33A631EA5A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{9190D24B-E355-4A24-A711-A6C662017C28}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{952410E1-4068-44CD-A593-46286A2CC069}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{9BE13B0A-5B18-46D2-A5F6-897618343998}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9CDB1B86-26E0-4E37-8E73-1FA3C105EDD0}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{9DA58A35-B4C0-4375-BB9A-87D59C8A479A}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{A370094D-3B6F-49D2-B447-E190D52ECC81}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2380\agent.exe |
"{A48E2B9C-1490-4885-B550-0618F3BABC96}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{A7F7CDF2-7548-4000-9E26-C21AD34424BC}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd10.exe |
"{AB8DCEFE-7649-4011-9487-5E1E28D3833A}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{ACE1EEAC-D0C1-46F8-8690-919A1C70AB08}" = dir=out | name=hp registration |
"{B34867F3-F3B9-41EC-8EC4-234F74D3C827}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BA8FE043-A9C9-4350-8A71-B11F0421E39E}" = dir=out | name=norton studio |
"{BC45A97A-35D1-43D4-98EB-2108D34563B3}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{BC7F0884-3EA2-4306-8736-301CA6292D15}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{C2F0F9F7-4593-4116-AE07-9627C92A5B2B}" = dir=in | name=skype |
"{C81776F7-5E30-4BD3-80CB-B0B8DDE3B020}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{CAA53792-E214-4FA9-A64B-40B0A588BC15}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CB676110-4C33-4CBF-8E63-ED1F7A80AC93}" = dir=out | name=@{microsoft.reader_6.2.9200.20623_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{CE2D8ED4-7BDF-4C79-A03F-3F85A5FC7301}" = dir=out | name=@{microsoft.bingsports_2.0.0.273_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{CE56AA7D-4733-48CE-848B-CAA18CDFE1F9}" = dir=out | name=@{microsoft.bingfinance_2.0.0.300_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{CE69872A-BF42-42E9-BA48-267316EDD26C}" = dir=in | name=@{microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{CF01DA29-13A8-48F3-A87F-00DB82E2B90B}" = dir=out | name=@{microsoft.zunemusic_1.4.18.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{D1F8B073-3797-4AFF-A5FC-C60B33B67FC7}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2045\agent.exe |
"{D95CA564-8C22-476F-BAB4-DE0229DAD491}" = protocol=17 | dir=in | name=hpconnectedremoteservice.exe |
"{E2247B97-4555-4983-B067-C6FCC482460D}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{E82FA000-E743-43B8-95E1-3E8DFBB8E1D0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{EE46FFB7-A08B-48B8-AF43-825AFCAA7E7D}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2380\agent.exe |
"{EEB316D0-8A38-47B3-BD41-9B5ABD9A1D38}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{EF553126-1D93-4C30-B2EE-62005EBD1A8A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\planetside 2\launchpad.exe |
"{F0E3E2CE-2DD8-4F6A-AE73-822B6174298A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F89FA44D-A5EA-4252-AFDC-8277827C4760}" = protocol=17 | dir=in | app=c:\users\jirka\desktop\diablo iii\diablo iii.exe |
"{FC2AB50B-2014-4541-A765-8F1A4D501F7A}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2689\agent.exe |
"{FD6365CB-60CF-4BB7-98FE-DDA36C4FBC32}" = dir=out | name=@{microsoft.bingnews_2.0.0.273_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"TCP Query User{2450C97F-8BBD-4C2A-AC0D-DDF6636D465E}C:\games\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"TCP Query User{35733738-B69A-4676-80C0-2508681A6303}C:\program files (x86)\quadcorem2\pack\core.bin" = protocol=6 | dir=in | app=c:\program files (x86)\quadcorem2\pack\core.bin |
"TCP Query User{4EEF4DA7-F860-40D7-B246-058D1F481D3D}C:\games\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"TCP Query User{5139E4E1-5D7A-4F49-B858-6EBDA0BD1E10}C:\windows\syswow64\javaw.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\javaw.exe |
"TCP Query User{7391EA00-FCBB-4179-8FED-54E36F5F1EEB}C:\games\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"TCP Query User{8101FBA5-0F2C-4EB1-805D-86A4B433E0EA}C:\windows\syswow64\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"TCP Query User{87A1E04B-4012-474D-946F-909DA21F3767}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{89B23F15-3B71-4547-96D1-02905A8E83E6}C:\program files (x86)\assassin's creed brotherhood\acbsp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\assassin's creed brotherhood\acbsp.exe |
"TCP Query User{8FEDEEB3-759B-4818-B2FA-0232615F7395}C:\users\jirka\desktop\projekty o konci světa\nesahat\diablo iii\diablo iii.exe" = protocol=6 | dir=in | app=c:\users\jirka\desktop\projekty o konci světa\nesahat\diablo iii\diablo iii.exe |
"TCP Query User{A44AE844-FB6F-4A94-8465-8745A644872F}C:\program files (x86)\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"TCP Query User{C7BE8FAA-E84E-4326-8F87-B21F1E51FBF4}C:\games\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"TCP Query User{D4B17CDD-C6A3-46DD-81C4-A75A9A3CE966}C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\planetside 2\planetside2.exe |
"TCP Query User{F17FC982-4669-423A-AE9F-7A64FA1F43C6}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{02D07209-A801-4FF7-A011-EE028B22D270}C:\users\jirka\desktop\projekty o konci světa\nesahat\diablo iii\diablo iii.exe" = protocol=17 | dir=in | app=c:\users\jirka\desktop\projekty o konci světa\nesahat\diablo iii\diablo iii.exe |
"UDP Query User{0EA009CA-E679-4E12-9ED4-08A473E439D3}C:\program files (x86)\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"UDP Query User{239A0453-8B0C-40A2-B93E-1702EDFCB2BC}C:\windows\syswow64\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"UDP Query User{25F412E0-BD86-47FF-9DA3-F3B7B72011A2}C:\program files (x86)\quadcorem2\pack\core.bin" = protocol=17 | dir=in | app=c:\program files (x86)\quadcorem2\pack\core.bin |
"UDP Query User{39F6E60A-F163-417A-8901-1ADF99DBD38C}C:\games\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"UDP Query User{48BD157D-6410-4E9A-9034-9B6233E3370A}C:\program files (x86)\assassin's creed brotherhood\acbsp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\assassin's creed brotherhood\acbsp.exe |
"UDP Query User{53FE5753-E764-418C-8062-A0BF3DC41DB9}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{BCE30026-F383-441C-8A0E-9A637862A77B}C:\windows\syswow64\javaw.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\javaw.exe |
"UDP Query User{C9B4B938-1E3C-4201-BBDC-B394FF12C482}C:\games\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"UDP Query User{C9FCE460-2168-44A3-8184-B69646FA56D2}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{DA67C402-FADB-4529-830E-C22FA9366096}C:\games\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"UDP Query User{DBAD213D-5302-4C94-9B3A-EDDF19CDABFE}C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\planetside 2\planetside2.exe |
"UDP Query User{E2428554-6299-4CED-B1F9-C15AB63F3A46}C:\games\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1F0C6AE7-8930-C5E2-7FB8-40026B03F760}" = ccc-utility64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E14E6D6-3175-4E1A-B934-CAB5A86367CD}" = HP Postscript Converter
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{BF821093-CFD3-EC1B-B357-6817EE34E5C7}" = AMD Catalyst Install Manager
"{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}" = HP Registration Service
"{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}" = Intel® Trusted Connect Service Client
"CCleaner" = CCleaner
"Rolimno" = Rolimno 3.0.0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{10145271-3F76-583D-AAAD-02753E604CCE}" = CCC Help Norwegian
"{101F30DF-3204-473B-A0DD-037A53983DEA}" = QuadcoreM2
"{11778DA1-0495-4ED9-972F-F9E0B0367CD5}" = Windows Live Writer
"{15F32C36-CE5C-F1AE-4D05-B9E5D45F5EBF}" = CCC Help German
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1CC2AD85-22B6-BBDB-89E0-EED44752E373}" = CCC Help Finnish
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1" = World of Tanks
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite 10
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{21453396-C635-2129-F0C5-D806E4D41A1C}" = CCC Help Thai
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2CDAA653-8AEE-ACB0-3135-491ECA3CA5CA}" = Catalyst Control Center Profiles Desktop
"{3199A409-EE9A-E445-2270-5789FB461DA9}" = HydraVision
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3EE8F72F-11B5-765E-241C-CD628B47F5A6}" = CCC Help Spanish
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{42CA986E-1D63-B863-2E57-66CF1BA1ECEF}" = CCC Help Polish
"{42EBEC32-7E26-20BB-F73B-054006D8924D}" = CCC Help Korean
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{46037DC7-F927-46DF-935F-D6F122BDD34B}_is1" = Connected Music powered by Universal Music Group version 1.0
"{47EBDD27-FE2E-D66F-3F09-D6469722F494}" = CCC Help Swedish
"{4862344A-A39C-4897-ACD4-A1BED5163C5A}" = CyberLink PhotoDirector
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{551936D3-AE34-71C6-B7E0-9EF4E682BBC4}" = Catalyst Control Center Localization All
"{558A2927-95BC-37CA-E790-A043C6EEA064}" = CCC Help Portuguese
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5E627606-53B9-42D1-97E1-D03F6229E248}" = Windows Live UX Platform Language Pack
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{630ABFFB-07A7-D193-D66A-B541D71EC5BA}" = CCC Help Chinese Standard
"{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6D9C5F89-1DAA-4909-9C8A-7681C0CFC3F3}" = CCC Help English
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.0.0
"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72352719-A3A8-8977-72DD-8D41BD6F92BB}" = CCC Help Czech
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{79BF4901-1EC4-4726-B3C2-A7859706C6E7}" = League of Legends
"{7A45C856-CF3A-9E2C-D240-852C9A972C97}" = CCC Help Danish
"{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}" = Windows Live Writer Resources
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86CE1746-9EFF-3C9C-8755-81EA8903AC34}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{890ABC27-DD36-0A12-55D4-8ED73CF2B72E}" = CCC Help Italian
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E2D9681-5050-D714-E3EE-E1D27C38ABB1}" = CCC Help French
"{8F5FEF49-4F33-DF60-5697-A408C1ED0447}" = CCC Help Russian
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{93B21E92-387A-46AD-81A2-B867C9D5D175}" = Catalyst Control Center - Branding
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office
"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{993A144A-1119-0FBF-F157-EF9415CB23B7}" = CCC Help Greek
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A0516FEE-EDF3-165D-7DD5-5BC71D51DBE6}" = CCC Help Hungarian
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A5456457-4504-CA3B-A028-0B0D432CEE7E}" = CCC Help Turkish
"{A642BB6B-CA1D-4142-8DD4-318C3F3DC834}" = Rome - Total War(TM)
"{A6AC699F-8315-40CA-8F70-E917494978AB}" = VirtualDJ Home FREE
"{A6D8170D-15FB-1737-1F5A-DB09CF985F50}" = Catalyst Control Center Graphics Previews Common
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{AC76BA86-7AD7-1029-7646-CE0000000001}" = Adobe Reader 6.0 CE
"{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}" = CyberLink PowerDirector 10
"{B2B7B1C8-7C8B-476C-BE2C-049731C55992}" = HP Support Information
"{B344FEB6-6C65-A66B-A306-AE83CC8F029B}" = CCC Help Japanese
"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6
"{BB7F8847-028B-366C-3BC4-BA3BC65A6D36}" = Catalyst Control Center
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{CAD7A104-AF07-B099-BDD7-FBB93490D34A}" = Catalyst Control Center InstallProxy
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D2344159-7CCE-E12A-BC17-C95AD1C58559}_is1" = Uplink Hacker Elite (full game ) version for Windows
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D7DA3C85-8B10-49E6-8D4E-94198829504E}_is1" = Assassin's Creed Brotherhood verze 1.03
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E2A3910B-30EC-1462-7C2E-A1C2365ABD73}" = CCC Help Chinese Traditional
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E87022D3-C8C9-4C76-8E27-BC7F18F9B8FB}" = Google Drive
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F243A34B-AB7F-4065-B770-B85B767C247C}" = HP Connected Remote
"{F2BCB229-F472-D13A-3F75-19AF40051262}" = CCC Help Dutch
"{F5CA78D9-B5E9-421E-8DF9-0B418BCBD563}" = LogMeIn Hamachi
"{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FF27F674-821E-4BA2-985B-DDF539C2CD03}" = HP Support Assistant
"Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"avast" = avast! Free Antivirus
"DAEMON Tools Lite" = DAEMON Tools Lite
"Diablo III" = Diablo III
"Fraps" = Fraps (remove only)
"GameSpy Arcade" = GameSpy Arcade
"Google Chrome" = Google Chrome
"InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite 10
"InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}" = CyberLink PhotoDirector
"InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}" = CyberLink PowerDirector 10
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD
"League of Legends 3.0.0" = League of Legends
"LogMeIn Hamachi" = LogMeIn Hamachi
"Minecraft1.6.2" = Minecraft1.6.2
"Notepad++" = Notepad++
"OpenAL" = OpenAL
"QuadcoreM2 1.12.2012" = QuadcoreM2
"StartHPConnectedMusic" = HP Connected Music (Meridian - installer)
"Steam" = Steam
"Steam App 218230" = PlanetSide 2
"Steam App 440" = Team Fortress 2
"TeamViewer 8" = TeamViewer 8
"Uplink" = Uplink
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.20 (32-bit)

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"PlayPickle" = Play Pickle Games Console
"UnityWebPlayer" = Unity Web Player

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 24. 2. 2014 13:47:22 | Computer Name = PC-obyvak | Source = ATIeRecord | ID = 16388
Description = ATI EEU Client event error

Error - 24. 2. 2014 13:47:37 | Computer Name = PC-obyvak | Source = ATIeRecord | ID = 16388
Description = ATI EEU Client event error

Error - 24. 2. 2014 13:47:52 | Computer Name = PC-obyvak | Source = ATIeRecord | ID = 16388
Description = ATI EEU Client event error

Error - 24. 2. 2014 13:48:07 | Computer Name = PC-obyvak | Source = ATIeRecord | ID = 16388
Description = ATI EEU Client event error

Error - 24. 2. 2014 13:48:22 | Computer Name = PC-obyvak | Source = ATIeRecord | ID = 16388
Description = ATI EEU Client event error

Error - 24. 2. 2014 13:48:37 | Computer Name = PC-obyvak | Source = ATIeRecord | ID = 16388
Description = ATI EEU Client event error

Error - 24. 2. 2014 13:48:52 | Computer Name = PC-obyvak | Source = ATIeRecord | ID = 16388
Description = ATI EEU Client event error

Error - 24. 2. 2014 13:49:07 | Computer Name = PC-obyvak | Source = ATIeRecord | ID = 16388
Description = ATI EEU Client event error

Error - 24. 2. 2014 13:49:22 | Computer Name = PC-obyvak | Source = ATIeRecord | ID = 16388
Description = ATI EEU Client event error

Error - 24. 2. 2014 13:49:37 | Computer Name = PC-obyvak | Source = ATIeRecord | ID = 16388
Description = ATI EEU Client event error

[ System Events ]
Error - 19. 2. 2014 11:19:09 | Computer Name = PC-obyvak | Source = Schannel | ID = 36870
Description = Při pokusu přistoupit k privátnímu klíči pověření SSL Server došlo
k závažné chybě. Kód chyby vrácený kryptografickým modulem je 0x8009030d. Stav
interní chyby je 10001.

Error - 19. 2. 2014 11:19:16 | Computer Name = PC-obyvak | Source = Schannel | ID = 36870
Description = Při pokusu přistoupit k privátnímu klíči pověření SSL Server došlo
k závažné chybě. Kód chyby vrácený kryptografickým modulem je 0x8009030d. Stav
interní chyby je 10001.

Error - 19. 2. 2014 12:55:43 | Computer Name = PC-obyvak | Source = Schannel | ID = 36870
Description = Při pokusu přistoupit k privátnímu klíči pověření SSL Server došlo
k závažné chybě. Kód chyby vrácený kryptografickým modulem je 0x8009030d. Stav
interní chyby je 10001.

Error - 19. 2. 2014 13:10:26 | Computer Name = PC-obyvak | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby Steam Client Service bylo dosaženo
časového limitu (30000 ms).

Error - 19. 2. 2014 13:10:26 | Computer Name = PC-obyvak | Source = Service Control Manager | ID = 7000
Description = Služba Steam Client Service neuspěla při spuštění v důsledku následující
chyby: %%1053

Error - 19. 2. 2014 14:55:36 | Computer Name = PC-obyvak | Source = Microsoft-Windows-Kernel-General | ID = 6
Description =

Error - 19. 2. 2014 14:58:19 | Computer Name = PC-obyvak | Source = Schannel | ID = 36870
Description = Při pokusu přistoupit k privátnímu klíči pověření SSL Server došlo
k závažné chybě. Kód chyby vrácený kryptografickým modulem je 0x8009030d. Stav
interní chyby je 10001.

Error - 19. 2. 2014 14:58:25 | Computer Name = PC-obyvak | Source = Schannel | ID = 36870
Description = Při pokusu přistoupit k privátnímu klíči pověření SSL Server došlo
k závažné chybě. Kód chyby vrácený kryptografickým modulem je 0x8009030d. Stav
interní chyby je 10001.

Error - 19. 2. 2014 15:14:28 | Computer Name = PC-obyvak | Source = Schannel | ID = 36870
Description = Při pokusu přistoupit k privátnímu klíči pověření SSL Server došlo
k závažné chybě. Kód chyby vrácený kryptografickým modulem je 0x8009030d. Stav
interní chyby je 10001.

Error - 20. 2. 2014 15:09:17 | Computer Name = PC-obyvak | Source = volsnap | ID = 393230
Description = Stínové kopie svazku C: byly přerušeny kvůli selhání V/V operace.
ve svazku C:.

< End of report >

#25 Příspěvek od **Márty84** » 24 úno 2014 19:30

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne

Znovu spustte OTL jako spravce
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[Purity]
[CreateRestorePoint]

:services
gupdate
AdobeFlashPlayerUpdateSvc
gupdatem

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\ProgramData\McAfee
C:\ProgramData\Norton

:otl
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
IE:64bit: - HKLM\..\SearchScopes\{4BDAFDEC-13F7-4508-968A-BD0C441C45B7}: "URL" = http://www.amazon.co.uk/s/ref=azs_osd_i ... -keywords={searchTerms}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{4BDAFDEC-13F7-4508-968A-BD0C441C45B7}: "URL" = http://www.amazon.co.uk/s/ref=azs_osd_i ... -keywords={searchTerms}
IE - HKU\S-1-5-21-3708454727-2438114274-1006808024-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
IE - HKU\S-1-5-21-3708454727-2438114274-1006808024-1001\..\SearchScopes\{3151DFA6-4D86-4672-85F2-0BD51A7FFFC3}: "URL" = http://www.search.ask.com/web?p2=%5EB7N ... trgb=IE&q={searchTerms}&psv=barid%253D%257B148936F5%252D0842%252D11E3%252DBE93%252D24BE0525F303%257D%2526cargo%253DCME%252DV7%2526spr%253Da
IE - HKU\S-1-5-21-3708454727-2438114274-1006808024-1001\..\SearchScopes\{4BDAFDEC-13F7-4508-968A-BD0C441C45B7}: "URL" = http://www.amazon.co.uk/s/ref=azs_osd_i ... -keywords={searchTerms}
IE - HKU\S-1-5-21-3708454727-2438114274-1006808024-1001\..\SearchScopes\{4C1C039E-0DFF-422D-B41F-E05B16999499}: "URL" = http://search.yahoo.com/search?p={searchTerms}&fr=tightropetb&type=10809
IE - HKU\S-1-5-21-3708454727-2438114274-1006808024-1001\..\SearchScopes\{92066D58-4E73-44FE-9CF4-DB282DC68BA3}: "URL" = http://search.ividi.org/?q={searchTerms}&src=tbsp&id=bef7544000000000000024be0525f303&affilt=3&r=93
IE - HKU\S-1-5-21-3708454727-2438114274-1006808024-1001\..\SearchScopes\{CFE35342-AF4B-4503-B73D-11453E0C7781}: "URL" = http://search.findwide.com/serp?guid={722AB15A-C70B-4689-9D64-79EF3E361340}&action=default_search&serpv=22&k={searchTerms}
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
O2:64bit: - BHO: (Object Browser) - {11111111-1111-1111-1111-110311281150} - C:\Program Files (x86)\Object Browser\Object Browser-bho64.dll File not found
O2:64bit: - BHO: (iWebar) - {11111111-1111-1111-1111-110311551110} - C:\Program Files (x86)\iWebar\iWebar-bho64.dll File not found
O2:64bit: - BHO: (Sense) - {11111111-1111-1111-1111-110411821192} - C:\Program Files (x86)\Sense\Sense-bho64.dll File not found
O2:64bit: - BHO: (Shopper Pro) - {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} - C:\ProgramData\ShopperPro\ShopperPro64.dll File not found
O3 - HKU\S-1-5-21-3708454727-2438114274-1006808024-1001\..\Toolbar\WebBrowser: (no name) - {434D452D-5637-006A-76A7-7A786E7484D7} - No CLSID value found.
O3 - HKU\S-1-5-21-3708454727-2438114274-1006808024-1001\..\Toolbar\WebBrowser: (no name) - {BE8E6C58-482D-4525-B4EC-224EBB8087FF} - No CLSID value found.
O15 - HKU\.DEFAULT\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-19\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-21-3708454727-2438114274-1006808024-1001\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-3708454727-2438114274-1006808024-1001\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-3708454727-2438114274-1006808024-1001\..Trusted Domains: localhost ([]http in Internet)
O15 - HKU\S-1-5-21-3708454727-2438114274-1006808024-1001\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-3708454727-2438114274-1006808024-1001\..Trusted Domains: sony.com ([]* in Trusted sites)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[2 C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[4 C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[2 C:\windows\Installer\*.tmp files -> C:\windows\Installer\*.tmp -> ]
[2 C:\windows\Panther\*.tmp files -> C:\windows\Panther\*.tmp -> ]
[2 \$Windows.~BT\Sources\*.tmp files -> \$Windows.~BT\Sources\*.tmp -> ]
@Alternate Data Stream - 21 bytes -> \Users\Public\Sony Online Entertainment\Installed Games\PlanetSide 2\LaunchPad.libs\wws_crashreport_uploader.exe:crc
@Alternate Data Stream - 21 bytes -> \Program Files (x86)\Steam\SteamApps\common\PlanetSide 2\wws_crashreport_uploader.exe:crc
@Alternate Data Stream - 21 bytes -> \Program Files (x86)\Steam\SteamApps\common\PlanetSide 2\LaunchPad.libs\wws_crashreport_uploader.exe:crc
@Alternate Data Stream - 21 bytes -> \Program Files (x86)\Steam\SteamApps\common\PlanetSide 2\APEX_Loader_x86.dll:crc

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311281150}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311551110}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411821192}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}]

Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

Gladiator91 · #26 Příspěvek od **Gladiator91** » 24 úno 2014 19:41

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: hedev
->Temp folder emptied: 0 bytes

User: Jirka
->Temp folder emptied: 69789 bytes
->Temporary Internet Files folder emptied: 69115027 bytes
->Java cache emptied: 8171650 bytes
->Google Chrome cache emptied: 350559386 bytes
->Flash cache emptied: 1233 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 49631 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 186858 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 408,00 mb

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: hedev

User: Jirka
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb

Restore point Set: OTL Restore Point
========== SERVICES/DRIVERS ==========
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
========== FILES ==========
File/Folder C:\windows\system32\*.tmp.dll not found.
File/Folder C:\windows\system32\SET*.tmp not found.
File/Folder C:\windows\*.tmp not found.
C:\ProgramData\McAfee\MCLOGS\SecurityScanner\McUicnt folder moved successfully.
C:\ProgramData\McAfee\MCLOGS\SecurityScanner folder moved successfully.
C:\ProgramData\McAfee\MCLOGS\PartnerCustom\SSScheduler folder moved successfully.
C:\ProgramData\McAfee\MCLOGS\PartnerCustom\SecurityScan_Release folder moved successfully.
C:\ProgramData\McAfee\MCLOGS\PartnerCustom\McUicnt folder moved successfully.
C:\ProgramData\McAfee\MCLOGS\PartnerCustom\McCHSvc folder moved successfully.
C:\ProgramData\McAfee\MCLOGS\PartnerCustom folder moved successfully.
C:\ProgramData\McAfee\MCLOGS\McUICnt\McUicnt folder moved successfully.
C:\ProgramData\McAfee\MCLOGS\McUICnt folder moved successfully.
C:\ProgramData\McAfee\MCLOGS folder moved successfully.
C:\ProgramData\McAfee folder moved successfully.
C:\ProgramData\Norton\{B7B64E4E-97E8-48AA-AF62-F11B5FF9819D}\6EDEDD3DAAE023CDFE89872EDB833186 folder moved successfully.
C:\ProgramData\Norton\{B7B64E4E-97E8-48AA-AF62-F11B5FF9819D} folder moved successfully.
C:\ProgramData\Norton\{086A63F0-6B13-4F29-9695-134E7A01E963} folder moved successfully.
C:\ProgramData\Norton\LocalDumps folder moved successfully.
C:\ProgramData\Norton\00000082\0000012c\00000664 folder moved successfully.
C:\ProgramData\Norton\00000082\0000012c folder moved successfully.
C:\ProgramData\Norton\00000082 folder moved successfully.
C:\ProgramData\Norton folder moved successfully.
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4BDAFDEC-13F7-4508-968A-BD0C441C45B7}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4BDAFDEC-13F7-4508-968A-BD0C441C45B7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4BDAFDEC-13F7-4508-968A-BD0C441C45B7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4BDAFDEC-13F7-4508-968A-BD0C441C45B7}\ not found.
Registry key HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\SearchScopes\{3151DFA6-4D86-4672-85F2-0BD51A7FFFC3}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3151DFA6-4D86-4672-85F2-0BD51A7FFFC3}\ not found.
Registry key HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\SearchScopes\{4BDAFDEC-13F7-4508-968A-BD0C441C45B7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4BDAFDEC-13F7-4508-968A-BD0C441C45B7}\ not found.
Registry key HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\SearchScopes\{4C1C039E-0DFF-422D-B41F-E05B16999499}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4C1C039E-0DFF-422D-B41F-E05B16999499}\ not found.
Registry key HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\SearchScopes\{92066D58-4E73-44FE-9CF4-DB282DC68BA3}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{92066D58-4E73-44FE-9CF4-DB282DC68BA3}\ not found.
Registry key HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\SearchScopes\{CFE35342-AF4B-4503-B73D-11453E0C7781}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CFE35342-AF4B-4503-B73D-11453E0C7781}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin\ deleted successfully.
C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll moved successfully.
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin\ deleted successfully.
File C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll not found.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311281150}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110311281150}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311551110}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110311551110}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411821192}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110411821192}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{434D452D-5637-006A-76A7-7A786E7484D7} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{434D452D-5637-006A-76A7-7A786E7484D7}\ not found.
Registry value HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BE8E6C58-482D-4525-B4EC-224EBB8087FF} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BE8E6C58-482D-4525-B4EC-224EBB8087FF}\ not found.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\clonewarsadventures.com\ deleted successfully.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\freerealms.com\ deleted successfully.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\soe.com\ deleted successfully.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sony.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\clonewarsadventures.com\ not found.
Registry key HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\freerealms.com\ not found.
Registry key HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\soe.com\ not found.
Registry key HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sony.com\ not found.
Registry key HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\clonewarsadventures.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\freerealms.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\soe.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sony.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\clonewarsadventures.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\freerealms.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\soe.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sony.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\clonewarsadventures.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\freerealms.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\localhost\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\soe.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sony.com\ deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4AD4.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPD270.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP1E7.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPD43D.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPDEC4.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE068.tmp folder deleted successfully.
C:\windows\Installer\MSI5939.tmp deleted successfully.
C:\windows\Installer\MSIA28E.tmp deleted successfully.
C:\windows\Panther\_s_6CD6.tmp deleted successfully.
C:\windows\Panther\_s_6F0A.tmp deleted successfully.
\$Windows.~BT\Sources\_s_1136.tmp deleted successfully.
\$Windows.~BT\Sources\_s_A33D.tmp deleted successfully.
ADS \Users\Public\Sony Online Entertainment\Installed Games\PlanetSide 2\LaunchPad.libs\wws_crashreport_uploader.exe:crc deleted successfully.
ADS \Program Files (x86)\Steam\SteamApps\common\PlanetSide 2\wws_crashreport_uploader.exe:crc deleted successfully.
ADS \Program Files (x86)\Steam\SteamApps\common\PlanetSide 2\LaunchPad.libs\wws_crashreport_uploader.exe:crc deleted successfully.
ADS \Program Files (x86)\Steam\SteamApps\common\PlanetSide 2\APEX_Loader_x86.dll:crc deleted successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311281150}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110311281150}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311551110}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110311551110}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411821192}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110411821192}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}\ not found.

OTL by OldTimer - Version 3.2.69.0 log created on 02242014_193822

Files\Folders moved on Reboot...
C:\Users\Jirka\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
C:\windows\temp\UploadUI.log moved successfully.
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

#27 Příspěvek od **Márty84** » 24 úno 2014 19:46

Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

Prejmenujte ComboFix na Uninstall a spustte ho. CF by se mel odinstalovat.

vyosek píše: T-Cleaner http://tharifas.sweb.cz/T-Cleaner.exe
Stahnete a spustte

Pro potvrzeni volby mackejte A, Enter

Po pouziti utilitu smazte

Antiviry mohou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.
Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.

Stahnete TFC http://oldtimer.geekstogo.com/TFC.exe , ulozte a spustte
Kliknete na START a pote OK - Po uklidu dojde k restartu pc.
Po pouziti muzete programek smazat

Stahnete Ccleaner http://www.piriform.com/ccleaner/download/slim a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!

Defragmentujte disk(y)
Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.

Pak napiste, jak je na tom pc.

Gladiator91 · #28 Příspěvek od **Gladiator91** » 26 úno 2014 08:36

Dneska večer dodělám

bylo hodně práce

#29 Příspěvek od **Márty84** » 26 úno 2014 19:03

Gladiator91 · #30 Příspěvek od **Gladiator91** » 27 úno 2014 19:43

Odinstalováno a všechno šlape jak má

mockrát děkuji

VIRY.CZ

Kontrola PC

Re: Kontrola PC

Re: Kontrola PC

Re: Kontrola PC

Re: Kontrola PC

Re: Kontrola PC

Re: Kontrola PC

Re: Kontrola PC

Re: Kontrola PC

Re: Kontrola PC

Re: Kontrola PC

Re: Kontrola PC

Re: Kontrola PC

Re: Kontrola PC

Re: Kontrola PC

Re: Kontrola PC