Dobrý den,
v posledních dnech jsem si nainstaloval nějaký pochybný software a od té doby Avast sem tam zahlásí, že něco zablokoval. Například při minulém spuštění se ptal iexplorer na nastavení výchozího prohlížeče (aniž bych jej zapnul) a při dalším spuštění mi Avast nahlásil iexplorer jako zavirovaný. Další problém který se objevil ve stejnou dobu - při spuštění PC mi vyskočí hlášení "program mncdaous.exe přestal pracovat" což je asi zbytek nějakého viru, který se Avast snažil zničit. Mám výkonný tower PC, ale i tak cítím pokles výkonu.
Díky za kontrolu logu z RSIT a pomoc s problémy,
Andy23
Logfile of random's system information tool 1.08 (written by random/random)
Run by Ondra at 2014-02-25 10:46:41
Microsoft Windows 7 Ultimate
System drive C: has 29 GB (26%) free of 114 GB
Total RAM: 16334 MB (82% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:46:49, on 25.2.2014
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
D:\Program Files\My Lockbox\mylbx.exe
C:\Program Files (x86)\Anti-Vibrate Oscar Editor\OscarEditor.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
D:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Extensis\Suitcase Fusion 5\FMCore.exe
D:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
D:\Program Files (x86)\uTorrent\uTorrent.exe
D:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
D:\Program Files (x86)\iTunes\iTunesHelper.exe
D:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
D:\Program Files (x86)\Mozilla Firefox\firefox.exe
D:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
C:\Program Files\trend micro\Ondra.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - D:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Super-Charger] D:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [BCSSync] "D:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "D:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [ControlCenterCount] C:\Program Files (x86)\MSI\ControlCenter\ControlCenterCount.exe
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [MSStp] C:\Windows\system32\msstp.vbe
O4 - HKLM\..\Run: [mncdaousSrv] C:\Windows\inf\mncdaous.vbe
O4 - HKCU\..\Run: [OscarEditor] "C:\Program Files (x86)\Anti-Vibrate Oscar Editor\OscarEditor.exe" Minimum
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [OscarX7Mouse5Mode] "C:\Program Files (x86)\OscarX7Editor5Mode\OscarX7Editor5Mode\OscarEditor.exe" Minimum
O4 - HKCU\..\Run: [Copy] "C:\Users\Ondra\AppData\Roaming\Copy\CopyAgent.exe"
O4 - HKCU\..\Run: [Steam] "D:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [FMCore.exe] "C:\Program Files (x86)\Extensis\Suitcase Fusion 5\FMCore.exe" -standalone
O4 - HKCU\..\Run: [OfficeSyncProcess] "D:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKCU\..\Run: [uTorrent] "D:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Copy] "C:\Users\Ondra\AppData\Roaming\Copy\CopyAgent.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Copy] "C:\Users\Ondra\AppData\Roaming\Copy\CopyAgent.exe" (User 'Default user')
O4 - Startup: ControlCenter.exe – zástupce.lnk = C:\Program Files (x86)\MSI\ControlCenter\ControlCenter.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://D:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Připojit cíl vazby k existujícímu PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Připojit k existujícímu PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Broken Internet access because of LSP provider 'c:\program files (x86)\extensis\extensis suitcase 11\bonjour\mdnsnsp.dll' missing
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - D:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: SCP DS3 Service (Ds3Service) - Scarlet.Crush Productions - D:\Stažené soubory\SCP-DS3-Driver-Package-1.1.0.136 (1)\ScpServer\bin\ScpService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EPSON V5 Service4(04) (EPSON_EB_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
O23 - Service: EPSON V3 Service4(04) (EPSON_PM_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MSISleep - Unknown owner - C:\Program Files (x86)\MSI\ControlCenter\Sleep\MSISleepService.exe
O23 - Service: MSI_SuperCharger - MSI - D:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 x64 (PSI_SVC_2_x64) - arvato digital services llc - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wacom Consumer Service (WTabletServiceCon) - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
O23 - Service: Wacom Professional Service (WTabletServicePro) - Wacom Technology, Corp. - C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
--
End of file - 14859 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
"C:\Program Files\Tablet\Pen\WTabletServiceCon.exe"
"C:\Program Files\Tablet\Wacom\WTabletServicePro.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
/QuitInfo:0000000000000488;000000000000048C; /AddRef;
C:\Windows\system32\svchost.exe -k NetworkService
"D:\Program Files\AVAST Software\Avast\AvastSvc.exe"
/QuitInfo:0000000000000744;000000000000073C; /AddRef;
/QuitInfo:0000000000000740;000000000000074C;
"C:\Windows\system32\Dwm.exe"
/loadhooks /Parent:0000000000000748
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"D:\Stažené soubory\SCP-DS3-Driver-Package-1.1.0.136 (1)\ScpServer\bin\ScpService.exe"
"C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE"
"C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE"
"C:\Program Files (x86)\MSI\ControlCenter\Sleep\MSISleepService.exe"
"D:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe"
"C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe"
"D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
"D:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc" /escort 2944
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
"D:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc" /escort 3520
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-4077b9d4-a352-4a52-a25a-6abe5cb2cc2c -SystemEventPortName:HostProcess-3c1f38a8-fb09-4610-804b-1f9f7240917f -IoCancelEventPortName:HostProcess-13213c67-88bb-493a-994c-1fd05f7016e1 -NonStateChangingEventPortName:HostProcess-8ea9106a-0bb8-4e24-9b46-39f71066df1c -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:17a106db-bbcf-4916-8b58-fe9c8ac5380c
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Program Files\Tablet\Pen\Pen_TabletUser.exe"
"C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe"
"C:\Program Files\Tablet\Pen\WacomHost.exe" "C:\Program Files\Tablet\Pen\Pen_Tablet.exe" au
"C:\Program Files\Tablet\Wacom\WacomHost.exe" "C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe" au
"C:\Program Files\Tablet\Pen\Pen_Tablet.exe" au
"C:\Program Files\Tablet\Pen\Pen_TouchUser.exe"
"C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe" au
"C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe"
"D:\Program Files\My Lockbox\mylbx.exe" /a
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files (x86)\Anti-Vibrate Oscar Editor\OscarEditor.exe" Minimum
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Users\Ondra\AppData\Roaming\Copy\CopyAgent.exe"
"D:\Program Files (x86)\Steam\Steam.exe" -silent
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files (x86)\Extensis\Suitcase Fusion 5\FMCore.exe" -standalone
C:\Windows\system32\wbem\wmiprvse.exe
"D:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
"D:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"D:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"D:\Program Files (x86)\iTunes\iTunesHelper.exe"
"D:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe"
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"D:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe"
"D:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=8900.18201d00.1485708952 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll" -greomni "D:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "D:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "D:\Program Files (x86)\Mozilla Firefox\browser" 260915DCF3A62DA7 8900 "\\.\pipe\gecko-crash-server-pipe.8900" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe" --proxy-stub-channel=Flash7924.5B5EC768.4524 --host-broker-channel=Flash7924.5B5EC768.22481 --host-pid=7924 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe" --channel=8084.0020F884.935764743 --proxy-stub-channel=Flash7924.5B5EC768.4524 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll" --host-npapi-version=27 --type=renderer
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 528 532 540 65536 536
"D:\Stažené soubory\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! Online Security - D:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-02-24 1390368]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - D:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-02-24 1390368]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe Acrobat Create PDF Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2013-09-05 422280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 688528]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
Adobe Acrobat Create PDF from Selection - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2013-09-05 422280]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - D:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-12-18 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - D:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-02-24 1143168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe Acrobat Create PDF Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-09-05 330632]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - D:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-12-18 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
Adobe Acrobat Create PDF from Selection - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-09-05 330632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! Online Security - D:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-02-24 1390368]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe Acrobat Create PDF Toolbar - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2013-09-05 422280]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - D:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-02-24 1390368]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe Acrobat Create PDF Toolbar - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-09-05 330632]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - D:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-02-24 1143168]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Nvtmru"=C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe []
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20 444904]
"mylbx"=D:\Program Files\My Lockbox\mylbx.exe [2013-07-06 2584864]
"AutoKMS"=C:\Windows\AutoKMS.exe [2013-07-27 615936]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2012-06-12 6548112]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-01-21 2234144]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2014-01-21 1179576]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OscarEditor"=C:\Program Files (x86)\Anti-Vibrate Oscar Editor\OscarEditor.exe [2012-08-17 3345408]
"GoogleDriveSync"=C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2014-01-30 21822128]
"AdobeBridge"= []
"OscarX7Mouse5Mode"=C:\Program Files (x86)\OscarX7Editor5Mode\OscarX7Editor5Mode\OscarEditor.exe [2013-02-01 3571712]
"Copy"=C:\Users\Ondra\AppData\Roaming\Copy\CopyAgent.exe [2014-02-10 15501968]
"Steam"=D:\Program Files (x86)\Steam\steam.exe [2014-02-20 1822400]
"DAEMON Tools Lite"=D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-03-14 3672640]
"FMCore.exe"=C:\Program Files (x86)\Extensis\Suitcase Fusion 5\FMCore.exe [2013-08-25 10399232]
"OfficeSyncProcess"=D:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [2010-03-16 718208]
"uTorrent"=D:\Program Files (x86)\uTorrent\uTorrent.exe [2013-06-26 1045072]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-03-14 3672640]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON SX125 Series]
C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGGE.EXE [2009-09-14 224768]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HTC Sync Loader]
C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe [2013-05-13 659456]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-05-04 630912]
"Super-Charger"=D:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [2012-10-23 502328]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"QuickTime Task"=D:\Program Files (x86)\QuickTime\QTTask.exe [2013-05-01 421888]
"BCSSync"=D:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"iTunesHelper"=D:\Program Files (x86)\iTunes\iTunesHelper.exe [2013-05-31 152392]
"AvastUI.exe"=D:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-24 3767096]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"ControlCenterCount"=C:\Program Files (x86)\MSI\ControlCenter\ControlCenterCount.exe [2012-03-26 872448]
"LogMeIn Hamachi Ui"=D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2014-02-04 3813712]
""= []
"Acrobat Assistant 8.0"=C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [2013-09-05 3478392]
"MSStp"=C:\Windows\system32\msstp.vbe []
"mncdaousSrv"=C:\Windows\inf\mncdaous.vbe [2014-01-19 1342]
C:\Users\Ondra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
ControlCenter.exe – zástupce.lnk - C:\Program Files (x86)\MSI\ControlCenter\ControlCenter.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=D:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - "D:\Program Files\Adobe\Adobe Dreamweaver CS6\Dreamweaver.exe","%1"
======List of files/folders created in the last 1 months======
2014-02-25 10:46:42 ----D---- C:\Program Files\trend micro
2014-02-25 10:46:41 ----D---- C:\rsit
2014-02-20 16:06:57 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2014-02-20 16:06:57 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2014-02-20 16:06:57 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2014-02-20 16:06:57 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2014-02-20 16:06:57 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2014-02-20 16:06:57 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2014-02-20 16:06:57 ----A---- C:\Windows\SYSWOW64\NvIFROpenGL.dll
2014-02-20 16:06:57 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2014-02-20 16:06:57 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2014-02-20 16:06:57 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll
2014-02-20 16:06:57 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2014-02-20 16:06:57 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2014-02-20 16:06:57 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2014-02-20 16:06:57 ----A---- C:\Windows\system32\nvopencl.dll
2014-02-20 16:06:57 ----A---- C:\Windows\system32\nvoglv64.dll
2014-02-20 16:06:57 ----A---- C:\Windows\system32\nvoglshim64.dll
2014-02-20 16:06:57 ----A---- C:\Windows\system32\nvinitx.dll
2014-02-20 16:06:57 ----A---- C:\Windows\system32\NvIFROpenGL.dll
2014-02-20 16:06:57 ----A---- C:\Windows\system32\NvIFR64.dll
2014-02-20 16:06:57 ----A---- C:\Windows\system32\NvFBC64.dll
2014-02-20 16:06:57 ----A---- C:\Windows\system32\nvEncodeAPI64.dll
2014-02-20 16:06:57 ----A---- C:\Windows\system32\nvdispgenco6433489.dll
2014-02-20 16:06:57 ----A---- C:\Windows\system32\nvdispco6433489.dll
2014-02-20 16:06:57 ----A---- C:\Windows\system32\nvd3dumx.dll
2014-02-20 16:06:57 ----A---- C:\Windows\system32\nvcuvid.dll
2014-02-20 16:06:57 ----A---- C:\Windows\system32\nvcuvenc.dll
2014-02-20 16:06:57 ----A---- C:\Windows\system32\nvcuda.dll
2014-02-20 16:06:57 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2014-02-20 16:06:56 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2014-02-20 16:06:56 ----A---- C:\Windows\system32\nvcompiler.dll
2014-02-19 13:58:29 ----A---- C:\Windows\SYSWOW64\d3dx11_43.dll
2014-02-19 13:58:29 ----A---- C:\Windows\system32\d3dx11_43.dll
2014-02-19 13:58:28 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll
2014-02-19 13:58:28 ----A---- C:\Windows\system32\D3DX9_43.dll
2014-02-19 13:58:28 ----A---- C:\Windows\system32\d3dx10_43.dll
2014-02-19 13:58:19 ----A---- C:\Windows\SYSWOW64\nvspcap.dll
2014-02-19 13:58:19 ----A---- C:\Windows\system32\nvspcap64.dll
2014-02-19 13:58:02 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2014-02-19 13:58:02 ----A---- C:\Windows\system32\nvaudcap64v.dll
2014-02-19 13:58:02 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2014-02-19 01:38:47 ----SHD---- C:\Config.Msi
======List of files/folders modified in the last 1 months======
2014-02-25 10:46:43 ----D---- C:\Windows\Temp
2014-02-25 10:46:42 ----RD---- C:\Program Files
2014-02-25 10:45:17 ----D---- C:\Users\Ondra\AppData\Roaming\uTorrent
2014-02-25 10:42:38 ----D---- C:\Windows\System32
2014-02-25 10:42:38 ----D---- C:\Windows\inf
2014-02-25 10:42:38 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-02-25 10:38:18 ----D---- C:\Users\Ondra\AppData\Roaming\Copy
2014-02-25 10:37:13 ----D---- C:\Windows\system32\catroot2
2014-02-25 10:36:33 ----RD---- C:\Program Files (x86)
2014-02-25 10:34:55 ----D---- C:\Windows\SysWOW64
2014-02-25 10:33:57 ----SHD---- C:\System Volume Information
2014-02-25 10:19:13 ----A---- C:\Windows\SYSWOW64\zlib.dll
2014-02-25 01:46:57 ----D---- C:\Users\Ondra\AppData\Roaming\vlc
2014-02-24 16:44:13 ----D---- C:\Windows\system32\Tasks
2014-02-24 16:44:12 ----D---- C:\Windows
2014-02-24 16:44:12 ----A---- C:\Windows\system32\aswBoot.exe
2014-02-24 16:35:44 ----D---- C:\Windows\Prefetch
2014-02-22 15:56:41 ----D---- C:\Windows\system32\catroot
2014-02-22 03:14:18 ----D---- C:\Windows\system32\config
2014-02-20 16:09:36 ----D---- C:\ProgramData\NVIDIA
2014-02-20 16:09:34 ----D---- C:\Windows\Minidump
2014-02-20 16:08:34 ----D---- C:\Windows\system32\drivers
2014-02-20 16:08:29 ----D---- C:\Windows\system32\DriverStore
2014-02-20 16:07:08 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2014-02-20 14:31:23 ----RSD---- C:\Windows\Fonts
2014-02-19 13:58:39 ----D---- C:\ProgramData\NVIDIA Corporation
2014-02-19 13:58:20 ----D---- C:\Windows\Logs
2014-02-19 13:58:19 ----D---- C:\Program Files\NVIDIA Corporation
2014-02-19 13:58:18 ----RSD---- C:\Windows\assembly
2014-02-19 13:58:04 ----RD---- C:\Users
2014-02-19 01:38:54 ----SHD---- C:\Windows\Installer
2014-02-17 20:49:12 ----D---- C:\Users\Ondra\AppData\Roaming\FEZ
2014-02-11 21:19:21 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2014-02-11 21:18:02 ----D---- C:\ProgramData\Adobe
2014-02-11 21:17:49 ----D---- C:\Program Files (x86)\Adobe
2014-02-11 21:12:31 ----D---- C:\Users\Ondra\AppData\Roaming\DAEMON Tools Lite
2014-02-10 04:42:03 ----D---- C:\Users\Ondra\AppData\Roaming\Skype
2014-02-08 19:34:51 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2014-02-08 19:34:51 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2014-02-08 19:34:51 ----A---- C:\Windows\system32\nvwgf2umx.dll
2014-02-08 19:34:51 ----A---- C:\Windows\system32\nvumdshimx.dll
2014-02-08 19:34:51 ----A---- C:\Windows\system32\nvapi64.dll
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2013-10-21 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-01-02 207904]
R0 FSProFilter;FSPro File Filter; C:\Windows\System32\Drivers\FSPFltd.sys [2010-07-22 54848]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2011-11-03 56208]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R1 aswRdr;aswRdr; \??\C:\Windows\system32\drivers\aswRdr2.sys [2013-10-21 92544]
R1 aswSnx;aswSnx; \??\C:\Windows\system32\drivers\aswSnx.sys [2014-02-24 1038072]
R1 aswSP;aswSP; \??\C:\Windows\system32\drivers\aswSP.sys [2014-02-24 421704]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-06-26 283200]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 AODDriver4.1;AODDriver4.1; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2011-11-13 55936]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2014-02-24 78648]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 asmthub3;ASMedia USB3 Hub Service; C:\Windows\system32\DRIVERS\asmthub3.sys [2012-05-02 134944]
R3 asmtxhci;ASMEDIA XHCI Service; C:\Windows\system32\DRIVERS\asmtxhci.sys [2012-05-02 403232]
R3 aswStm;aswStm; \??\C:\Windows\system32\drivers\aswStm.sys [2014-02-24 80184]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 hidkmdf;KMDF Driver; C:\Windows\system32\DRIVERS\hidkmdf.sys [2013-04-30 14136]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-06-19 4065296]
R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver; C:\Windows\system32\DRIVERS\MijXfilt.sys [2013-12-29 121416]
R3 NTIOLib_1_0_3;NTIOLib_1_0_3; \??\D:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [2012-10-25 13368]
R3 NTIOLib_MSISMB_CC;NTIOLib_MSISMB_CC; \??\C:\Program Files (x86)\MSI\ControlCenter\Sleep\NTIOLib_X64.sys [2012-11-09 13368]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-02-25 194848]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2013-12-27 39200]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2012-02-16 676968]
R3 ScpVBus;Scp Virtual Bus Driver; C:\Windows\system32\DRIVERS\ScpVBus.sys [2013-05-19 39168]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2010-11-28 44672]
R3 WacHidRouter;Wacom Hid Router; C:\Windows\system32\DRIVERS\wachidrouter.sys [2013-04-30 85304]
R3 wacomrouterfilter;Wacom Router Filter Driver; C:\Windows\system32\DRIVERS\wacomrouterfilter.sys [2012-12-20 15344]
S3 Apowersoft_AudioDevice;Apowersoft_AudioDevice; C:\Windows\system32\drivers\Apowersoft_AudioDevice.sys [2013-06-02 31920]
S3 HTCAND64;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2009-11-02 33736]
S3 htcnprot;HTC NDIS Protocol Driver; C:\Windows\system32\DRIVERS\htcnprot.sys [2012-12-07 36928]
S3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1; C:\Windows\system32\drivers\libusb0.sys []
S3 MSICDSetup;MSICDSetup; \??\E:\CDriver64.sys []
S3 netr28ux;TP-LINK Wireless USB Adapter; C:\Windows\system32\DRIVERS\netr28ux.sys [2012-02-14 1547616]
S3 NTIOLib_1_0_2;NTIOLib_1_0_2; \??\C:\Program Files (x86)\MSI\ControlCenter\NTIOLib_X64.sys [2012-02-14 13328]
S3 NTIOLib_1_0_C;NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys []
S3 pwdrvio;pwdrvio; \??\C:\Windows\syswow64\pwdrvio.sys []
S3 pwdspio;pwdspio; \??\C:\Windows\syswow64\pwdspio.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 RivaTuner64;RivaTuner64; \??\D:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys [2013-06-27 19952]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-07-14 19968]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-05-04 361984]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-12-21 57008]
R2 avast! Antivirus;avast! Antivirus; D:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-02-24 50344]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Ds3Service;SCP DS3 Service; D:\Stažené soubory\SCP-DS3-Driver-Package-1.1.0.136 (1)\ScpServer\bin\ScpService.exe [2013-12-18 381952]
R2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04); C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE [2009-09-14 166400]
R2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04); C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [2009-09-14 128512]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2014-02-04 2222416]
R2 MSI_SuperCharger;MSI_SuperCharger; D:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [2012-10-25 143416]
R2 MSISleep;MSISleep; C:\Program Files (x86)\MSI\ControlCenter\Sleep\MSISleepService.exe [2013-04-29 282624]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-01-21 1593632]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-01-21 16939296]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-06-21 884512]
R2 PassThru Service;Internet Pass-Through Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2012-12-07 167424]
R2 PSI_SVC_2_x64;Protexis Licensing V2 x64; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2010-11-30 336824]
R2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-10-01 5087584]
R2 WTabletServiceCon;Wacom Consumer Service; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [2012-11-14 619904]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2013-05-31 641352]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-02-20 569024]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-26 136176]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-26 136176]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; D:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-06-18 117144]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
mncdaous.exe + časté blokace virů Avastem
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: mncdaous.exe + časté blokace virů Avastem
Zdravim 
Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text
Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text
Kód: Vybrat vše
CREATERESTOREPOINT
netsvcs
drivers32
savembr:0
/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop
%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5
*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: mncdaous.exe + časté blokace virů Avastem
Scan ještě pracuje, ale vyskočila mi hláška OTL - Cannot create file C:/.../Desktop/cmd.bat
Re: mncdaous.exe + časté blokace virů Avastem
OTL logfile created on: 25.2.2014 16:31:17 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Ondra\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
15,95 Gb Total Physical Memory | 10,90 Gb Available Physical Memory | 68,35% Memory free
31,90 Gb Paging File | 26,88 Gb Available in Paging File | 84,26% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111,69 Gb Total Space | 30,08 Gb Free Space | 26,93% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 22,59 Gb Free Space | 2,42% Space Free | Partition Type: NTFS
Drive I: | 931,51 Gb Total Space | 208,56 Gb Free Space | 22,39% Space Free | Partition Type: NTFS
Drive J: | 4,22 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive O: | 29,32 Gb Total Space | 9,99 Gb Free Space | 34,08% Space Free | Partition Type: FAT32
Computer Name: ONDRA-PC | User Name: Ondra | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014.02.25 12:32:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Ondra\Desktop\OTL.exe
PRC - [2014.02.24 16:44:10 | 003,767,096 | ---- | M] (AVAST Software) -- D:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014.02.24 16:44:10 | 000,050,344 | ---- | M] (AVAST Software) -- D:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014.02.20 00:07:34 | 001,822,400 | ---- | M] (Valve Corporation) -- D:\Program Files (x86)\Steam\Steam.exe
PRC - [2014.02.20 00:07:34 | 000,569,024 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2014.02.19 16:47:54 | 000,275,568 | ---- | M] (Mozilla Corporation) -- D:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2014.02.04 14:56:52 | 003,813,712 | ---- | M] (LogMeIn Inc.) -- D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2014.01.30 15:05:24 | 021,822,128 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe
PRC - [2014.01.21 03:56:25 | 002,234,144 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2014.01.21 03:55:50 | 001,593,632 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2013.12.21 07:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.10.01 13:14:40 | 005,087,584 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2013.09.05 15:04:16 | 003,478,392 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
PRC - [2013.08.25 13:44:52 | 010,399,232 | ---- | M] (Celartem, Inc., doing business as Extensis.) -- C:\Program Files (x86)\Extensis\Suitcase Fusion 5\FMCore.exe
PRC - [2013.07.26 18:15:53 | 001,861,512 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
PRC - [2013.07.06 14:10:22 | 002,584,864 | ---- | M] (FSPro Labs) -- D:\Program Files\My Lockbox\mylbx.exe
PRC - [2013.06.26 15:23:21 | 001,045,072 | ---- | M] (BitTorrent Inc.) -- D:\Program Files (x86)\uTorrent\uTorrent.exe
PRC - [2013.04.29 10:12:20 | 000,282,624 | ---- | M] () -- C:\Program Files (x86)\MSI\ControlCenter\Sleep\MSISleepService.exe
PRC - [2012.12.07 16:26:56 | 000,167,424 | ---- | M] () -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
PRC - [2012.10.25 19:30:38 | 000,143,416 | ---- | M] (MSI) -- D:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
PRC - [2012.10.23 08:54:10 | 000,502,328 | ---- | M] (MSI) -- D:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
PRC - [2012.10.09 00:15:51 | 000,039,808 | ---- | M] (Wacom Technology) -- C:\Program Files\Tablet\Wacom\WacomHost.exe
PRC - [2012.10.08 15:15:50 | 000,039,808 | ---- | M] (Wacom Technology) -- C:\Program Files\Tablet\Pen\WacomHost.exe
PRC - [2012.08.17 10:44:19 | 003,345,408 | ---- | M] () -- C:\Program Files (x86)\Anti-Vibrate Oscar Editor\OscarEditor.exe
PRC - [2012.03.09 15:26:58 | 001,073,312 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
PRC - [2010.03.16 01:58:36 | 000,718,208 | ---- | M] (Microsoft Corporation) -- D:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
========== Modules (No Company Name) ==========
MOD - [2014.02.25 10:37:11 | 001,175,040 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI50322\wx._core_.pyd
MOD - [2014.02.25 10:37:11 | 001,157,120 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI50322\_ssl.pyd
MOD - [2014.02.25 10:37:11 | 001,062,400 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI50322\wx._controls_.pyd
MOD - [2014.02.25 10:37:11 | 000,811,008 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI50322\wx._windows_.pyd
MOD - [2014.02.25 10:37:11 | 000,805,888 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI50322\wx._gdi_.pyd
MOD - [2014.02.25 10:37:11 | 000,735,232 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI50322\wx._misc_.pyd
MOD - [2014.02.25 10:37:11 | 000,712,192 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI50322\_hashlib.pyd
MOD - [2014.02.25 10:37:11 | 000,686,080 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI50322\unicodedata.pyd
MOD - [2014.02.25 10:37:11 | 000,557,056 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI50322\pysqlite2._sqlite.pyd
MOD - [2014.02.25 10:37:11 | 000,525,640 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI50322\windows._lib_cacheinvalidation.pyd
MOD - [2014.02.25 10:37:11 | 000,364,544 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI50322\pythoncom27.dll
MOD - [2014.02.25 10:37:11 | 000,320,512 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI50322\win32com.shell.shell.pyd
MOD - [2014.02.25 10:37:11 | 000,128,512 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI50322\_elementtree.pyd
MOD - [2014.02.25 10:37:11 | 000,127,488 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI50322\pyexpat.pyd
MOD - [2014.02.25 10:37:11 | 000,122,368 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI50322\wx._wizard.pyd
MOD - [2014.02.25 10:37:11 | 000,119,808 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI50322\win32file.pyd
MOD - [2014.02.25 10:37:11 | 000,110,080 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI50322\PyWinTypes27.dll
MOD - [2014.02.25 10:37:11 | 000,108,544 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI50322\win32security.pyd
MOD - [2014.02.25 10:37:11 | 000,098,816 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI50322\win32api.pyd
MOD - [2014.02.25 10:37:11 | 000,087,040 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI50322\_ctypes.pyd
MOD - [2014.02.25 10:37:11 | 000,070,656 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI50322\wx._html2.pyd
MOD - [2014.02.25 10:37:11 | 000,044,032 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI50322\_socket.pyd
MOD - [2014.02.25 10:37:11 | 000,038,912 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI50322\win32inet.pyd
MOD - [2014.02.25 10:37:11 | 000,035,840 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI50322\win32process.pyd
MOD - [2014.02.25 10:37:11 | 000,026,624 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI50322\_multiprocessing.pyd
MOD - [2014.02.25 10:37:11 | 000,025,600 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI50322\win32pdh.pyd
MOD - [2014.02.25 10:37:11 | 000,024,064 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI50322\win32pipe.pyd
MOD - [2014.02.25 10:37:11 | 000,022,528 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI50322\win32ts.pyd
MOD - [2014.02.25 10:37:11 | 000,018,432 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI50322\win32event.pyd
MOD - [2014.02.25 10:37:11 | 000,017,408 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI50322\win32profile.pyd
MOD - [2014.02.25 10:37:11 | 000,011,264 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI50322\win32crypt.pyd
MOD - [2014.02.25 10:37:11 | 000,010,240 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI50322\select.pyd
MOD - [2014.02.20 00:07:36 | 001,135,296 | ---- | M] () -- D:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2014.02.19 16:47:53 | 003,578,992 | ---- | M] () -- D:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2014.02.11 03:34:30 | 000,751,616 | ---- | M] () -- D:\Program Files (x86)\Steam\SDL2.dll
MOD - [2014.01.11 00:33:44 | 020,625,832 | ---- | M] () -- D:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2014.01.07 02:41:27 | 014,412,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3f95a6d480ed1ebe45cf27b770ba94ed\mscorlib.ni.dll
MOD - [2013.12.12 23:19:40 | 000,142,848 | ---- | M] () -- D:\Program Files (x86)\Steam\libavresample-1.dll
MOD - [2013.11.05 02:12:06 | 000,890,592 | ---- | M] () -- D:\Program Files (x86)\Steam\libavutil-52.dll
MOD - [2013.10.21 13:10:33 | 019,336,120 | ---- | M] () -- D:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2013.08.25 13:37:42 | 001,007,616 | ---- | M] () -- C:\Program Files (x86)\Extensis\Suitcase Fusion 5\libxml2.2.6.24.dll
MOD - [2013.08.25 13:37:42 | 000,901,120 | ---- | M] () -- C:\Program Files (x86)\Extensis\Suitcase Fusion 5\iconv-1.9.2.dll
MOD - [2013.08.25 13:37:42 | 000,007,168 | ---- | M] () -- C:\Program Files (x86)\Extensis\Suitcase Fusion 5\libcharset.dll
MOD - [2013.07.26 18:15:53 | 016,166,280 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll
MOD - [2013.06.15 00:49:12 | 001,100,800 | ---- | M] () -- D:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2013.06.15 00:49:12 | 000,192,000 | ---- | M] () -- D:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2013.06.15 00:49:12 | 000,124,416 | ---- | M] () -- D:\Program Files (x86)\Steam\bin\avutil-51.dll
MOD - [2013.04.21 20:44:32 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2013.04.21 20:44:04 | 001,242,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012.09.23 20:44:22 | 000,010,240 | ---- | M] () -- C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Locale\cs_CZ\AcroTray.CZE
MOD - [2012.08.17 10:44:19 | 003,345,408 | ---- | M] () -- C:\Program Files (x86)\Anti-Vibrate Oscar Editor\OscarEditor.exe
MOD - [2012.06.14 14:59:56 | 002,414,080 | ---- | M] () -- C:\Program Files (x86)\Anti-Vibrate Oscar Editor\Data\X7H\Forms\ScreenCapture\ScreenCapture.dll
MOD - [2012.05.17 10:17:35 | 001,000,448 | ---- | M] () -- C:\Program Files (x86)\Anti-Vibrate Oscar Editor\Data\X7H\Forms\TrayIconWebAdvertisement\TrayIconWebAdvertisement.dll
MOD - [2012.04.27 10:40:54 | 000,118,272 | ---- | M] () -- C:\Program Files (x86)\Anti-Vibrate Oscar Editor\dll\DLL_Wheel4D.dll
MOD - [2012.03.09 15:26:54 | 000,100,352 | ---- | M] () -- C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\zlib1.dll
MOD - [2011.04.12 14:14:04 | 000,063,488 | ---- | M] () -- C:\Program Files (x86)\Anti-Vibrate Oscar Editor\dll\DLL_AnalyzeGesturesInRight.dll
MOD - [2011.01.09 19:45:55 | 000,088,064 | ---- | M] () -- C:\Program Files (x86)\Anti-Vibrate Oscar Editor\dll\DLL_MouseDeviceManager.dll
MOD - [2010.12.02 16:56:52 | 000,815,104 | ---- | M] () -- C:\Program Files (x86)\Anti-Vibrate Oscar Editor\Data\X7H\Forms\OSD_Text\OSD_Text.dll
MOD - [2010.11.01 19:16:00 | 000,062,976 | ---- | M] () -- C:\Program Files (x86)\Anti-Vibrate Oscar Editor\dll\DLL_AnalyzeGesturesInOne.dll
MOD - [2010.09.20 13:18:57 | 000,085,504 | ---- | M] () -- C:\Program Files (x86)\Anti-Vibrate Oscar Editor\dll\DLL_ZoomControl.dll
MOD - [2010.09.20 13:18:54 | 000,054,272 | ---- | M] () -- C:\Program Files (x86)\Anti-Vibrate Oscar Editor\dll\DLL_ScrollbarControl.dll
MOD - [2010.06.30 13:03:14 | 000,051,512 | ---- | M] () -- D:\Program Files\My Lockbox\FSPFlt.dll
MOD - [2010.01.30 01:41:12 | 004,254,560 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
========== Services (SafeList) ==========
SRV:64bit: - [2014.01.21 03:55:35 | 016,939,296 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2013.06.06 18:31:52 | 000,598,808 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Wacom\WTabletServicePro.exe -- (WTabletServicePro)
SRV:64bit: - [2012.11.14 13:45:32 | 000,619,904 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\WTabletServiceCon.exe -- (WTabletServiceCon)
SRV:64bit: - [2012.05.04 14:40:36 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2010.11.30 12:27:58 | 000,336,824 | ---- | M] (arvato digital services llc) [Auto | Running] -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2_x64)
SRV:64bit: - [2009.09.14 04:00:00 | 000,166,400 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE -- (EPSON_EB_RPCV4_04)
SRV:64bit: - [2009.09.14 04:00:00 | 000,128,512 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE -- (EPSON_PM_RPCV4_04)
SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2014.02.24 16:44:10 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- D:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2014.02.20 00:07:34 | 000,569,024 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2014.02.04 14:56:50 | 002,222,416 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2014.01.21 03:55:50 | 001,593,632 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2013.12.21 07:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.12.18 10:10:40 | 000,381,952 | ---- | M] (Scarlet.Crush Productions) [Auto | Running] -- D:\Stažené soubory\SCP-DS3-Driver-Package-1.1.0.136 (1)\ScpServer\bin\ScpService.exe -- (Ds3Service)
SRV - [2013.10.23 08:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.10.01 13:14:40 | 005,087,584 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2013.06.18 15:21:21 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.04.29 10:12:20 | 000,282,624 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\MSI\ControlCenter\Sleep\MSISleepService.exe -- (MSISleep)
SRV - [2012.12.07 16:26:56 | 000,167,424 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2012.10.25 19:30:38 | 000,143,416 | ---- | M] (MSI) [Auto | Running] -- D:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe -- (MSI_SuperCharger)
SRV - [2010.03.25 09:25:22 | 030,969,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2014.02.24 16:44:12 | 001,038,072 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2014.02.24 16:44:12 | 000,421,704 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsp.sys -- (aswSP)
DRV:64bit: - [2014.02.24 16:44:12 | 000,080,184 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\aswstm.sys -- (aswStm)
DRV:64bit: - [2014.02.24 16:44:12 | 000,078,648 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2014.01.02 14:16:09 | 000,207,904 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013.12.29 23:54:50 | 000,121,416 | ---- | M] (MotioninJoy) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MijXfilt.sys -- (MotioninJoyXFilter)
DRV:64bit: - [2013.12.27 19:42:26 | 000,039,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2013.10.21 13:10:33 | 000,092,544 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013.10.21 13:10:33 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013.07.01 09:25:12 | 000,019,032 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdrvio.sys -- (pwdrvio)
DRV:64bit: - [2013.07.01 09:25:10 | 000,012,384 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdspio.sys -- (pwdspio)
DRV:64bit: - [2013.06.26 15:52:17 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2013.06.02 03:56:58 | 000,031,920 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Apowersoft_AudioDevice.sys -- (Apowersoft_AudioDevice)
DRV:64bit: - [2013.05.19 08:02:50 | 000,039,168 | ---- | M] (Scarlet.Crush Productions) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ScpVBus.sys -- (ScpVBus)
DRV:64bit: - [2013.04.30 18:18:10 | 000,085,304 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wachidrouter.sys -- (WacHidRouter)
DRV:64bit: - [2013.04.30 18:18:10 | 000,014,136 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hidkmdf.sys -- (hidkmdf)
DRV:64bit: - [2013.02.25 06:27:45 | 000,194,848 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012.12.20 23:20:07 | 000,015,344 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacomrouterfilter.sys -- (wacomrouterfilter)
DRV:64bit: - [2012.12.07 17:27:50 | 000,036,928 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\htcnprot.sys -- (htcnprot)
DRV:64bit: - [2012.08.21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012.05.02 11:31:56 | 000,403,232 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2012.05.02 11:31:56 | 000,134,944 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2012.02.16 06:42:00 | 000,676,968 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2012.02.14 13:07:52 | 001,547,616 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)
DRV:64bit: - [2011.11.13 13:31:16 | 000,055,936 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.1)
DRV:64bit: - [2011.11.03 02:01:00 | 000,056,208 | ---- | M] (Rovi Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010.11.28 21:50:38 | 000,044,672 | R--- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2010.08.19 19:24:34 | 000,074,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2010.07.22 16:13:28 | 000,054,848 | ---- | M] (FSPro Labs) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\FSPFltd.sys -- (FSProFilter)
DRV:64bit: - [2010.02.18 08:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009.11.02 17:16:50 | 000,033,736 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64)
DRV:64bit: - [2009.07.14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.07.14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 02:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 01:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.03.18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV - [2013.06.27 10:26:34 | 000,019,952 | ---- | M] () [Kernel | On_Demand | Stopped] -- D:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys -- (RivaTuner64)
DRV - [2012.11.09 09:49:14 | 000,013,368 | ---- | M] (MSI) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\MSI\ControlCenter\Sleep\NTIOLib_X64.sys -- (NTIOLib_MSISMB_CC)
DRV - [2012.10.25 18:45:52 | 000,013,368 | ---- | M] (MSI) [Kernel | On_Demand | Running] -- D:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys -- (NTIOLib_1_0_3)
DRV - [2012.02.14 11:32:16 | 000,013,328 | ---- | M] (MSI) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI\ControlCenter\NTIOLib_X64.sys -- (NTIOLib_1_0_2)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2005.03.09 20:50:16 | 000,033,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\libusb0.sys -- (libusb0)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3959666384-1753593180-1987673547-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3959666384-1753593180-1987673547-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-3959666384-1753593180-1987673547-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3959666384-1753593180-1987673547-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:27.0.1
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: D:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF:64bit: - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.2: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF:64bit: - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.3: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: D:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: D:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.2: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.3: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Ondra\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\wacom.com/WacomTabletPlugin: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: D:\Program Files\AVAST Software\Avast\WebRep\FF [2014.02.24 16:44:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014.02.11 21:18:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: D:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: D:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Components: D:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Plugins: D:\Program Files (x86)\Mozilla Firefox\plugins
[2013.06.26 20:20:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ondra\AppData\Roaming\Mozilla\Extensions
[2013.12.30 19:56:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ondra\AppData\Roaming\Mozilla\Firefox\Profiles\2c396gd3.default\extensions
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/ig/redirectdomain ... &bmod=ASUT
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\gcswf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - Extension: Media Hint = C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\anepbdekljkmmimmhbniglnnanmmkoja\0.1.13_0\
CHR - Extension: Dokumenty Google = C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Disk Google = C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Facebook = C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm\1.0.3_0\
CHR - Extension: Image Downloader = C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnpniohnfphhjihaiiggeabnkjhpaldj\1.3_0\
CHR - Extension: Vyhledávánà Google = C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Adobe Acrobat - Vytvořit PDF = C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\11.0.3.37_0\
CHR - Extension: Kalendář Google = C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\
CHR - Extension: AdBlock = C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.18_0\
CHR - Extension: SoundCloud = C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipebkipbeggmmkjjljenoblnfaenambp\1_0\
CHR - Extension: Mapy Google = C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.2.7_0\
CHR - Extension: Kontrola e-mailu Google = C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\
CHR - Extension: ČSFD Vyhledávač = C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnomkaadjmphnfnjihfmdkabiahgjmfb\1.3_0\
CHR - Extension: Peněženka Google = C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2013.06.27 01:02:34 | 000,002,810 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 192.150.14.69
O1 - Hosts: 127.0.0.1 192.150.18.101
O1 - Hosts: 127.0.0.1 192.150.18.108
O1 - Hosts: 127.0.0.1 192.150.22.40
O1 - Hosts: 127.0.0.1 192.150.8.100
O1 - Hosts: 127.0.0.1 192.150.8.118
O1 - Hosts: 127.0.0.1 209-34-83-73.ood.opsource.net
O1 - Hosts: 127.0.0.1 3dns-1.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-4.adobe.com
O1 - Hosts: 127.0.0.1 3dns.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip1.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip2.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 40 more lines...
O2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - D:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Adobe Acrobat Create PDF Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2:64bit: - BHO: (Adobe Acrobat Create PDF from Selection) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Adobe Acrobat Create PDF Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe Acrobat Create PDF from Selection) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - D:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (Adobe Acrobat Create PDF Toolbar) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - D:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Adobe Acrobat Create PDF Toolbar) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - D:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3:64bit: - HKU\S-1-5-21-3959666384-1753593180-1987673547-1000\..\Toolbar\WebBrowser: (Adobe Acrobat Create PDF Toolbar) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-3959666384-1753593180-1987673547-1000\..\Toolbar\WebBrowser: (Adobe Acrobat Create PDF Toolbar) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [AutoKMS] C:\Windows\AutoKMS.exe ()
O4:64bit: - HKLM..\Run: [mylbx] D:\Program Files\My Lockbox\mylbx.exe (FSPro Labs)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" File not found
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AvastUI.exe] D:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BCSSync] D:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ControlCenterCount] C:\Program Files (x86)\MSI\ControlCenter\ControlCenterCount.exe (MSI CO.,LTD.)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [mncdaousSrv] C:\Windows\inf\mncdaous.vbe ()
O4 - HKLM..\Run: [MSStp] C:\Windows\SysWOW64\msstp.vbe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [Super-Charger] D:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe (MSI)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKU\.DEFAULT..\Run: [Copy] C:\Users\Ondra\AppData\Roaming\Copy\CopyAgent.exe (Barracuda Networks, Inc.)
O4 - HKU\S-1-5-18..\Run: [Copy] C:\Users\Ondra\AppData\Roaming\Copy\CopyAgent.exe (Barracuda Networks, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3959666384-1753593180-1987673547-1000..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-21-3959666384-1753593180-1987673547-1000..\Run: [Copy] C:\Users\Ondra\AppData\Roaming\Copy\CopyAgent.exe (Barracuda Networks, Inc.)
O4 - HKU\S-1-5-21-3959666384-1753593180-1987673547-1000..\Run: [DAEMON Tools Lite] D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKU\S-1-5-21-3959666384-1753593180-1987673547-1000..\Run: [FMCore.exe] C:\Program Files (x86)\Extensis\Suitcase Fusion 5\FMCore.exe (Celartem, Inc., doing business as Extensis.)
O4 - HKU\S-1-5-21-3959666384-1753593180-1987673547-1000..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
O4 - HKU\S-1-5-21-3959666384-1753593180-1987673547-1000..\Run: [OfficeSyncProcess] D:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-21-3959666384-1753593180-1987673547-1000..\Run: [OscarEditor] C:\Program Files (x86)\Anti-Vibrate Oscar Editor\OscarEditor.exe ()
O4 - HKU\S-1-5-21-3959666384-1753593180-1987673547-1000..\Run: [OscarX7Mouse5Mode] C:\Program Files (x86)\OscarX7Editor5Mode\OscarX7Editor5Mode\OscarEditor.exe ()
O4 - HKU\S-1-5-21-3959666384-1753593180-1987673547-1000..\Run: [Steam] D:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-3959666384-1753593180-1987673547-1000..\Run: [uTorrent] D:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Ondra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ControlCenter.exe – zástupce.lnk = C:\Program Files (x86)\MSI\ControlCenter\ControlCenter.exe (MSI CO.,LTD.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - D:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Od&eslat do aplikace OneNote - D:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8:64bit: - Extra context menu item: Převést cíl vazby do Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Převést do Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Připojit cíl vazby k existujícímu PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Připojit k existujícímu PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - D:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Od&eslat do aplikace OneNote - D:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Převést do Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Připojit cíl vazby k existujícímu PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Připojit k existujícímu PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Extensis\Extensis Suitcase 11\Bonjour\mdnsNSP.dll File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2C58651D-00F9-41D6-9ECF-8BEFE8C785A5}: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{70F20639-0F8A-4A41-8919-4E65AAA71160}: DhcpNameServer = 10.15.20.199 8.8.8.8
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.10.14 12:56:42 | 000,000,049 | -H-- | M] () - I:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2013.06.25 12:11:51 | 000,000,050 | R--- | M] () - J:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{13ff077e-de6a-11e2-a6d4-d43d7e9c8416}\Shell - "" = AutoRun
O33 - MountPoints2\{13ff077e-de6a-11e2-a6d4-d43d7e9c8416}\Shell\AutoRun\command - "" = J:\Setup.exe -- [2013.11.13 21:05:43 | 001,681,225 | R--- | M] ( )
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2014.02.25 12:32:00 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Ondra\Desktop\OTL.exe
[2014.02.25 10:46:42 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014.02.25 10:46:41 | 000,000,000 | ---D | C] -- C:\rsit
[2014.02.20 16:06:57 | 031,432,480 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2014.02.20 16:06:57 | 023,683,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2014.02.20 16:06:57 | 017,715,784 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2014.02.20 16:06:57 | 015,740,232 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2014.02.20 16:06:57 | 011,636,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2014.02.20 16:06:57 | 011,589,272 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2014.02.20 16:06:57 | 009,728,064 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2014.02.20 16:06:57 | 009,690,424 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2014.02.20 16:06:57 | 003,142,432 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2014.02.20 16:06:57 | 002,956,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2014.02.20 16:06:57 | 002,782,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2014.02.20 16:06:57 | 002,410,784 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2014.02.20 16:06:57 | 001,885,472 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6433489.dll
[2014.02.20 16:06:57 | 001,515,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6433489.dll
[2014.02.20 16:06:57 | 000,892,192 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2014.02.20 16:06:57 | 000,875,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2014.02.20 16:06:57 | 000,863,520 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2014.02.20 16:06:57 | 000,844,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2014.02.20 16:06:57 | 000,832,424 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2014.02.20 16:06:57 | 000,483,104 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvEncodeAPI64.dll
[2014.02.20 16:06:57 | 000,408,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvEncodeAPI.dll
[2014.02.20 16:06:57 | 000,378,656 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFROpenGL.dll
[2014.02.20 16:06:57 | 000,353,504 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2014.02.20 16:06:57 | 000,305,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2014.02.20 16:06:57 | 000,174,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2014.02.20 16:06:57 | 000,148,528 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2014.02.20 16:06:56 | 025,256,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2014.02.20 16:06:56 | 017,560,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2014.02.19 13:58:39 | 000,000,000 | ---D | C] -- C:\Users\Ondra\AppData\Local\NVIDIA Corporation
[2014.02.19 13:58:29 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll
[2014.02.19 13:58:29 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll
[2014.02.19 13:58:28 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll
[2014.02.19 13:58:28 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll
[2014.02.19 13:58:28 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll
[2014.02.19 13:58:19 | 001,179,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspcap64.dll
[2014.02.19 13:58:19 | 001,048,152 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspcap.dll
[2014.02.19 13:58:02 | 000,039,200 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvvad64v.sys
[2014.02.19 13:58:02 | 000,035,104 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvaudcap64v.dll
[2014.02.19 13:58:02 | 000,033,056 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvaudcap32v.dll
[2014.02.19 01:38:47 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2014.02.05 22:02:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
========== Files - Modified Within 30 Days ==========
[2014.02.25 15:37:03 | 000,000,950 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014.02.25 13:37:00 | 000,000,946 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014.02.25 12:37:25 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.02.25 12:32:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Ondra\Desktop\OTL.exe
[2014.02.25 10:43:57 | 000,017,136 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.02.25 10:43:57 | 000,017,136 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.02.25 10:42:38 | 001,576,554 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014.02.25 10:42:38 | 000,666,194 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2014.02.25 10:42:38 | 000,651,938 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014.02.25 10:42:38 | 000,139,890 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2014.02.25 10:42:38 | 000,120,870 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014.02.25 10:38:21 | 000,001,259 | ---- | M] () -- C:\Users\Ondra\rgmnr
[2014.02.25 10:36:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.02.25 10:36:34 | 4255,252,478 | -HS- | M] () -- C:\hiberfil.sys
[2014.02.25 10:19:13 | 000,119,296 | ---- | M] () -- C:\Windows\SysWow64\zlib.dll
[2014.02.24 16:44:29 | 000,001,030 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014.02.24 16:44:12 | 001,038,072 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2014.02.24 16:44:12 | 000,421,704 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswsp.sys
[2014.02.24 16:44:12 | 000,334,136 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2014.02.24 16:44:12 | 000,080,184 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswstm.sys
[2014.02.24 16:44:12 | 000,078,648 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2014.02.24 16:44:11 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2014.02.21 19:39:12 | 000,002,189 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014.02.20 16:09:43 | 005,194,392 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014.02.19 12:11:20 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01009.Wdf
[2014.02.19 12:11:20 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_MijXfilt_01009.Wdf
[2014.02.11 21:18:58 | 000,002,146 | ---- | M] () -- C:\Users\Public\Desktop\Adobe FormsCentral.lnk
[2014.02.11 21:18:58 | 000,002,032 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Acrobat XI Pro.lnk
[2014.02.08 19:34:51 | 031,432,480 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2014.02.08 19:34:51 | 025,256,224 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2014.02.08 19:34:51 | 023,683,360 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2014.02.08 19:34:51 | 018,257,576 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2014.02.08 19:34:51 | 017,715,784 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2014.02.08 19:34:51 | 017,560,352 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2014.02.08 19:34:51 | 015,740,232 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2014.02.08 19:34:51 | 014,669,032 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2014.02.08 19:34:51 | 011,636,176 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2014.02.08 19:34:51 | 011,589,272 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2014.02.08 19:34:51 | 009,728,064 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2014.02.08 19:34:51 | 009,690,424 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2014.02.08 19:34:51 | 003,142,432 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2014.02.08 19:34:51 | 003,090,184 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2014.02.08 19:34:51 | 002,956,576 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2014.02.08 19:34:51 | 002,782,496 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2014.02.08 19:34:51 | 002,713,728 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2014.02.08 19:34:51 | 002,410,784 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2014.02.08 19:34:51 | 001,885,472 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6433489.dll
[2014.02.08 19:34:51 | 001,515,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6433489.dll
[2014.02.08 19:34:51 | 000,947,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2014.02.08 19:34:51 | 000,892,192 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2014.02.08 19:34:51 | 000,875,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2014.02.08 19:34:51 | 000,863,520 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2014.02.08 19:34:51 | 000,844,576 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2014.02.08 19:34:51 | 000,832,424 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2014.02.08 19:34:51 | 000,483,104 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvEncodeAPI64.dll
[2014.02.08 19:34:51 | 000,408,352 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvEncodeAPI.dll
[2014.02.08 19:34:51 | 000,378,656 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFROpenGL.dll
[2014.02.08 19:34:51 | 000,353,504 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2014.02.08 19:34:51 | 000,333,600 | ---- | M] () -- C:\Windows\SysWow64\NvIFROpenGL.dll
[2014.02.08 19:34:51 | 000,305,600 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2014.02.08 19:34:51 | 000,174,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2014.02.08 19:34:51 | 000,148,528 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2014.02.08 19:34:51 | 000,024,544 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
========== Files Created - No Company Name ==========
[2014.02.25 12:37:25 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.02.24 16:35:43 | 000,001,259 | ---- | C] () -- C:\Users\Ondra\rgmnr
[2014.02.24 16:23:46 | 000,001,419 | --S- | C] () -- C:\Windows\SysWow64\msstp.vbe
[2014.02.20 16:06:57 | 000,333,600 | ---- | C] () -- C:\Windows\SysWow64\NvIFROpenGL.dll
[2014.02.19 12:11:20 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01009.Wdf
[2014.02.19 12:11:20 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_MijXfilt_01009.Wdf
[2014.02.11 21:18:58 | 000,002,453 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat XI Pro.lnk
[2014.02.11 21:18:58 | 000,002,216 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe FormsCentral.lnk
[2014.02.11 21:18:58 | 000,002,146 | ---- | C] () -- C:\Users\Public\Desktop\Adobe FormsCentral.lnk
[2014.02.11 21:18:58 | 000,002,055 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller XI.lnk
[2014.02.11 21:18:58 | 000,002,032 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Acrobat XI Pro.lnk
[2014.01.24 20:51:37 | 000,000,037 | ---- | C] () -- C:\Windows\SWFConverter.INI
[2013.12.29 23:45:57 | 000,033,792 | ---- | C] () -- C:\Windows\SysWow64\drivers\libusb0.sys
[2013.12.29 23:30:47 | 000,119,296 | ---- | C] () -- C:\Windows\SysWow64\zlib.dll
[2013.12.29 23:30:47 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\ADsSecurity.dll
[2013.12.29 23:30:47 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\dxinputdll.dll
[2013.12.29 14:59:52 | 000,012,005 | ---- | C] () -- C:\Users\Ondra\AppData\Roaming\alsoft.ini
[2013.09.15 15:58:05 | 000,000,098 | ---- | C] () -- C:\ProgramData\.ST160
[2013.09.15 15:57:59 | 000,000,010 | ---- | C] () -- C:\ProgramData\.F4G6EEC4-B493-3E31-C6BG-8C6C9B764D36
[2013.09.15 15:57:59 | 000,000,010 | ---- | C] () -- C:\Users\Ondra\AppData\Local\.C3F2FH85-G3D2-2F02-D5CH-7D3D8C553E56
[2013.08.28 20:21:49 | 000,112,640 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2013.07.29 10:01:47 | 000,000,014 | ---- | C] () -- C:\ProgramData\.ST150
[2013.07.27 01:07:06 | 000,615,936 | ---- | C] () -- C:\Windows\AutoKMS.exe
[2013.07.27 01:07:06 | 000,000,161 | ---- | C] () -- C:\Windows\AutoKMS.ini
[2013.07.20 00:53:18 | 000,761,856 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2013.07.20 00:53:18 | 000,135,168 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2013.07.01 19:30:06 | 000,000,132 | ---- | C] () -- C:\Users\Ondra\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
[2013.06.29 08:26:07 | 000,000,010 | ---- | C] () -- C:\Users\Ondra\AppData\Local\.HG88C586-G30G-2HE2-DGDE-8H3E1D530D30
[2013.06.29 08:26:07 | 000,000,010 | ---- | C] () -- C:\ProgramData\.F464B91F-G49F-3G3D-CFCD-9G7D2C141C96
[2013.06.27 17:56:03 | 000,000,017 | ---- | C] () -- C:\Users\Ondra\AppData\Local\resmon.resmoncfg
[2013.06.26 18:48:18 | 001,554,160 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.05.04 14:37:46 | 000,054,784 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
========== ZeroAccess Check ==========
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2009.07.14 02:41:54 | 014,161,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2009.07.14 02:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.07.14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2013.08.29 22:16:32 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Apowersoft
[2013.06.26 16:34:43 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Ashampoo
[2013.07.25 17:17:06 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Autodesk
[2013.10.22 08:16:46 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\AVAST Software
[2013.09.06 18:05:56 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Braid
[2013.07.12 15:26:00 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2014.02.25 16:21:31 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Copy
[2014.02.11 21:12:31 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\DAEMON Tools Lite
[2013.07.08 14:34:41 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Doublefine
[2013.07.07 18:05:19 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\EPSON
[2013.09.15 09:58:36 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Extensis
[2014.02.17 20:49:12 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\FEZ
[2013.11.30 16:00:42 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\GHISLER
[2014.01.15 16:26:50 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Gomo
[2013.07.06 22:02:01 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\HTC
[2013.07.06 22:02:59 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
[2013.08.29 22:10:27 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\KastorAllVideoDownloader
[2013.08.29 22:01:38 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\KastorFreeVimeoDownloader
[2013.06.29 10:29:14 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\MAXON
[2013.12.29 23:18:04 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\MotioninJoy
[2013.08.28 00:03:04 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Opera Software
[2013.12.30 19:56:46 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Orbit
[2013.06.30 10:59:47 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Origin
[2013.06.30 22:05:45 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\PACE Anti-Piracy
[2013.06.26 15:58:32 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\PerformerSoft
[2013.12.29 23:32:47 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\PowerUp Software
[2013.12.30 19:50:42 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\ProgSense
[2013.08.30 12:03:19 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Resolume
[2013.08.25 12:29:33 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Resolume Arena 4
[2013.09.15 09:33:42 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Resolume Avenue 4
[2014.01.15 18:46:54 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\SketchUp
[2013.06.27 02:09:58 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2013.10.31 12:01:39 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\TeamViewer
[2013.10.31 14:38:14 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Trillian
[2013.08.30 11:55:55 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\TroikaTronix
[2013.09.15 09:27:16 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\TS3Client
[2013.07.14 16:54:55 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Ubisoft
[2013.07.07 09:58:46 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Unity
[2014.02.25 16:38:28 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\uTorrent
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:A1EDB939
@Alternate Data Stream - 128 bytes -> C:\Windows\SysWow64\zlib.dll:SummaryInformation
@Alternate Data Stream - 128 bytes -> C:\Windows\SysWow64\zlib.dll:DocumentSummaryInformation
< End of report >
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Ondra\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
15,95 Gb Total Physical Memory | 10,90 Gb Available Physical Memory | 68,35% Memory free
31,90 Gb Paging File | 26,88 Gb Available in Paging File | 84,26% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111,69 Gb Total Space | 30,08 Gb Free Space | 26,93% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 22,59 Gb Free Space | 2,42% Space Free | Partition Type: NTFS
Drive I: | 931,51 Gb Total Space | 208,56 Gb Free Space | 22,39% Space Free | Partition Type: NTFS
Drive J: | 4,22 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive O: | 29,32 Gb Total Space | 9,99 Gb Free Space | 34,08% Space Free | Partition Type: FAT32
Computer Name: ONDRA-PC | User Name: Ondra | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014.02.25 12:32:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Ondra\Desktop\OTL.exe
PRC - [2014.02.24 16:44:10 | 003,767,096 | ---- | M] (AVAST Software) -- D:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014.02.24 16:44:10 | 000,050,344 | ---- | M] (AVAST Software) -- D:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014.02.20 00:07:34 | 001,822,400 | ---- | M] (Valve Corporation) -- D:\Program Files (x86)\Steam\Steam.exe
PRC - [2014.02.20 00:07:34 | 000,569,024 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2014.02.19 16:47:54 | 000,275,568 | ---- | M] (Mozilla Corporation) -- D:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2014.02.04 14:56:52 | 003,813,712 | ---- | M] (LogMeIn Inc.) -- D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2014.01.30 15:05:24 | 021,822,128 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe
PRC - [2014.01.21 03:56:25 | 002,234,144 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2014.01.21 03:55:50 | 001,593,632 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2013.12.21 07:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.10.01 13:14:40 | 005,087,584 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2013.09.05 15:04:16 | 003,478,392 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
PRC - [2013.08.25 13:44:52 | 010,399,232 | ---- | M] (Celartem, Inc., doing business as Extensis.) -- C:\Program Files (x86)\Extensis\Suitcase Fusion 5\FMCore.exe
PRC - [2013.07.26 18:15:53 | 001,861,512 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
PRC - [2013.07.06 14:10:22 | 002,584,864 | ---- | M] (FSPro Labs) -- D:\Program Files\My Lockbox\mylbx.exe
PRC - [2013.06.26 15:23:21 | 001,045,072 | ---- | M] (BitTorrent Inc.) -- D:\Program Files (x86)\uTorrent\uTorrent.exe
PRC - [2013.04.29 10:12:20 | 000,282,624 | ---- | M] () -- C:\Program Files (x86)\MSI\ControlCenter\Sleep\MSISleepService.exe
PRC - [2012.12.07 16:26:56 | 000,167,424 | ---- | M] () -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
PRC - [2012.10.25 19:30:38 | 000,143,416 | ---- | M] (MSI) -- D:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
PRC - [2012.10.23 08:54:10 | 000,502,328 | ---- | M] (MSI) -- D:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
PRC - [2012.10.09 00:15:51 | 000,039,808 | ---- | M] (Wacom Technology) -- C:\Program Files\Tablet\Wacom\WacomHost.exe
PRC - [2012.10.08 15:15:50 | 000,039,808 | ---- | M] (Wacom Technology) -- C:\Program Files\Tablet\Pen\WacomHost.exe
PRC - [2012.08.17 10:44:19 | 003,345,408 | ---- | M] () -- C:\Program Files (x86)\Anti-Vibrate Oscar Editor\OscarEditor.exe
PRC - [2012.03.09 15:26:58 | 001,073,312 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
PRC - [2010.03.16 01:58:36 | 000,718,208 | ---- | M] (Microsoft Corporation) -- D:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
========== Modules (No Company Name) ==========
MOD - [2014.02.25 10:37:11 | 001,175,040 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI50322\wx._core_.pyd
MOD - [2014.02.25 10:37:11 | 001,157,120 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI50322\_ssl.pyd
MOD - [2014.02.25 10:37:11 | 001,062,400 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI50322\wx._controls_.pyd
MOD - [2014.02.25 10:37:11 | 000,811,008 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI50322\wx._windows_.pyd
MOD - [2014.02.25 10:37:11 | 000,805,888 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI50322\wx._gdi_.pyd
MOD - [2014.02.25 10:37:11 | 000,735,232 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI50322\wx._misc_.pyd
MOD - [2014.02.25 10:37:11 | 000,712,192 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI50322\_hashlib.pyd
MOD - [2014.02.25 10:37:11 | 000,686,080 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI50322\unicodedata.pyd
MOD - [2014.02.25 10:37:11 | 000,557,056 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI50322\pysqlite2._sqlite.pyd
MOD - [2014.02.25 10:37:11 | 000,525,640 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI50322\windows._lib_cacheinvalidation.pyd
MOD - [2014.02.25 10:37:11 | 000,364,544 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI50322\pythoncom27.dll
MOD - [2014.02.25 10:37:11 | 000,320,512 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI50322\win32com.shell.shell.pyd
MOD - [2014.02.25 10:37:11 | 000,128,512 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI50322\_elementtree.pyd
MOD - [2014.02.25 10:37:11 | 000,127,488 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI50322\pyexpat.pyd
MOD - [2014.02.25 10:37:11 | 000,122,368 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI50322\wx._wizard.pyd
MOD - [2014.02.25 10:37:11 | 000,119,808 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI50322\win32file.pyd
MOD - [2014.02.25 10:37:11 | 000,110,080 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI50322\PyWinTypes27.dll
MOD - [2014.02.25 10:37:11 | 000,108,544 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI50322\win32security.pyd
MOD - [2014.02.25 10:37:11 | 000,098,816 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI50322\win32api.pyd
MOD - [2014.02.25 10:37:11 | 000,087,040 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI50322\_ctypes.pyd
MOD - [2014.02.25 10:37:11 | 000,070,656 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI50322\wx._html2.pyd
MOD - [2014.02.25 10:37:11 | 000,044,032 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI50322\_socket.pyd
MOD - [2014.02.25 10:37:11 | 000,038,912 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI50322\win32inet.pyd
MOD - [2014.02.25 10:37:11 | 000,035,840 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI50322\win32process.pyd
MOD - [2014.02.25 10:37:11 | 000,026,624 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI50322\_multiprocessing.pyd
MOD - [2014.02.25 10:37:11 | 000,025,600 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI50322\win32pdh.pyd
MOD - [2014.02.25 10:37:11 | 000,024,064 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI50322\win32pipe.pyd
MOD - [2014.02.25 10:37:11 | 000,022,528 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI50322\win32ts.pyd
MOD - [2014.02.25 10:37:11 | 000,018,432 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI50322\win32event.pyd
MOD - [2014.02.25 10:37:11 | 000,017,408 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI50322\win32profile.pyd
MOD - [2014.02.25 10:37:11 | 000,011,264 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI50322\win32crypt.pyd
MOD - [2014.02.25 10:37:11 | 000,010,240 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI50322\select.pyd
MOD - [2014.02.20 00:07:36 | 001,135,296 | ---- | M] () -- D:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2014.02.19 16:47:53 | 003,578,992 | ---- | M] () -- D:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2014.02.11 03:34:30 | 000,751,616 | ---- | M] () -- D:\Program Files (x86)\Steam\SDL2.dll
MOD - [2014.01.11 00:33:44 | 020,625,832 | ---- | M] () -- D:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2014.01.07 02:41:27 | 014,412,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3f95a6d480ed1ebe45cf27b770ba94ed\mscorlib.ni.dll
MOD - [2013.12.12 23:19:40 | 000,142,848 | ---- | M] () -- D:\Program Files (x86)\Steam\libavresample-1.dll
MOD - [2013.11.05 02:12:06 | 000,890,592 | ---- | M] () -- D:\Program Files (x86)\Steam\libavutil-52.dll
MOD - [2013.10.21 13:10:33 | 019,336,120 | ---- | M] () -- D:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2013.08.25 13:37:42 | 001,007,616 | ---- | M] () -- C:\Program Files (x86)\Extensis\Suitcase Fusion 5\libxml2.2.6.24.dll
MOD - [2013.08.25 13:37:42 | 000,901,120 | ---- | M] () -- C:\Program Files (x86)\Extensis\Suitcase Fusion 5\iconv-1.9.2.dll
MOD - [2013.08.25 13:37:42 | 000,007,168 | ---- | M] () -- C:\Program Files (x86)\Extensis\Suitcase Fusion 5\libcharset.dll
MOD - [2013.07.26 18:15:53 | 016,166,280 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll
MOD - [2013.06.15 00:49:12 | 001,100,800 | ---- | M] () -- D:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2013.06.15 00:49:12 | 000,192,000 | ---- | M] () -- D:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2013.06.15 00:49:12 | 000,124,416 | ---- | M] () -- D:\Program Files (x86)\Steam\bin\avutil-51.dll
MOD - [2013.04.21 20:44:32 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2013.04.21 20:44:04 | 001,242,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012.09.23 20:44:22 | 000,010,240 | ---- | M] () -- C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Locale\cs_CZ\AcroTray.CZE
MOD - [2012.08.17 10:44:19 | 003,345,408 | ---- | M] () -- C:\Program Files (x86)\Anti-Vibrate Oscar Editor\OscarEditor.exe
MOD - [2012.06.14 14:59:56 | 002,414,080 | ---- | M] () -- C:\Program Files (x86)\Anti-Vibrate Oscar Editor\Data\X7H\Forms\ScreenCapture\ScreenCapture.dll
MOD - [2012.05.17 10:17:35 | 001,000,448 | ---- | M] () -- C:\Program Files (x86)\Anti-Vibrate Oscar Editor\Data\X7H\Forms\TrayIconWebAdvertisement\TrayIconWebAdvertisement.dll
MOD - [2012.04.27 10:40:54 | 000,118,272 | ---- | M] () -- C:\Program Files (x86)\Anti-Vibrate Oscar Editor\dll\DLL_Wheel4D.dll
MOD - [2012.03.09 15:26:54 | 000,100,352 | ---- | M] () -- C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\zlib1.dll
MOD - [2011.04.12 14:14:04 | 000,063,488 | ---- | M] () -- C:\Program Files (x86)\Anti-Vibrate Oscar Editor\dll\DLL_AnalyzeGesturesInRight.dll
MOD - [2011.01.09 19:45:55 | 000,088,064 | ---- | M] () -- C:\Program Files (x86)\Anti-Vibrate Oscar Editor\dll\DLL_MouseDeviceManager.dll
MOD - [2010.12.02 16:56:52 | 000,815,104 | ---- | M] () -- C:\Program Files (x86)\Anti-Vibrate Oscar Editor\Data\X7H\Forms\OSD_Text\OSD_Text.dll
MOD - [2010.11.01 19:16:00 | 000,062,976 | ---- | M] () -- C:\Program Files (x86)\Anti-Vibrate Oscar Editor\dll\DLL_AnalyzeGesturesInOne.dll
MOD - [2010.09.20 13:18:57 | 000,085,504 | ---- | M] () -- C:\Program Files (x86)\Anti-Vibrate Oscar Editor\dll\DLL_ZoomControl.dll
MOD - [2010.09.20 13:18:54 | 000,054,272 | ---- | M] () -- C:\Program Files (x86)\Anti-Vibrate Oscar Editor\dll\DLL_ScrollbarControl.dll
MOD - [2010.06.30 13:03:14 | 000,051,512 | ---- | M] () -- D:\Program Files\My Lockbox\FSPFlt.dll
MOD - [2010.01.30 01:41:12 | 004,254,560 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
========== Services (SafeList) ==========
SRV:64bit: - [2014.01.21 03:55:35 | 016,939,296 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2013.06.06 18:31:52 | 000,598,808 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Wacom\WTabletServicePro.exe -- (WTabletServicePro)
SRV:64bit: - [2012.11.14 13:45:32 | 000,619,904 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\WTabletServiceCon.exe -- (WTabletServiceCon)
SRV:64bit: - [2012.05.04 14:40:36 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2010.11.30 12:27:58 | 000,336,824 | ---- | M] (arvato digital services llc) [Auto | Running] -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2_x64)
SRV:64bit: - [2009.09.14 04:00:00 | 000,166,400 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE -- (EPSON_EB_RPCV4_04)
SRV:64bit: - [2009.09.14 04:00:00 | 000,128,512 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE -- (EPSON_PM_RPCV4_04)
SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2014.02.24 16:44:10 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- D:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2014.02.20 00:07:34 | 000,569,024 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2014.02.04 14:56:50 | 002,222,416 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2014.01.21 03:55:50 | 001,593,632 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2013.12.21 07:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.12.18 10:10:40 | 000,381,952 | ---- | M] (Scarlet.Crush Productions) [Auto | Running] -- D:\Stažené soubory\SCP-DS3-Driver-Package-1.1.0.136 (1)\ScpServer\bin\ScpService.exe -- (Ds3Service)
SRV - [2013.10.23 08:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.10.01 13:14:40 | 005,087,584 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2013.06.18 15:21:21 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.04.29 10:12:20 | 000,282,624 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\MSI\ControlCenter\Sleep\MSISleepService.exe -- (MSISleep)
SRV - [2012.12.07 16:26:56 | 000,167,424 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2012.10.25 19:30:38 | 000,143,416 | ---- | M] (MSI) [Auto | Running] -- D:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe -- (MSI_SuperCharger)
SRV - [2010.03.25 09:25:22 | 030,969,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2014.02.24 16:44:12 | 001,038,072 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2014.02.24 16:44:12 | 000,421,704 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsp.sys -- (aswSP)
DRV:64bit: - [2014.02.24 16:44:12 | 000,080,184 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\aswstm.sys -- (aswStm)
DRV:64bit: - [2014.02.24 16:44:12 | 000,078,648 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2014.01.02 14:16:09 | 000,207,904 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013.12.29 23:54:50 | 000,121,416 | ---- | M] (MotioninJoy) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MijXfilt.sys -- (MotioninJoyXFilter)
DRV:64bit: - [2013.12.27 19:42:26 | 000,039,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2013.10.21 13:10:33 | 000,092,544 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013.10.21 13:10:33 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013.07.01 09:25:12 | 000,019,032 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdrvio.sys -- (pwdrvio)
DRV:64bit: - [2013.07.01 09:25:10 | 000,012,384 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdspio.sys -- (pwdspio)
DRV:64bit: - [2013.06.26 15:52:17 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2013.06.02 03:56:58 | 000,031,920 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Apowersoft_AudioDevice.sys -- (Apowersoft_AudioDevice)
DRV:64bit: - [2013.05.19 08:02:50 | 000,039,168 | ---- | M] (Scarlet.Crush Productions) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ScpVBus.sys -- (ScpVBus)
DRV:64bit: - [2013.04.30 18:18:10 | 000,085,304 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wachidrouter.sys -- (WacHidRouter)
DRV:64bit: - [2013.04.30 18:18:10 | 000,014,136 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hidkmdf.sys -- (hidkmdf)
DRV:64bit: - [2013.02.25 06:27:45 | 000,194,848 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012.12.20 23:20:07 | 000,015,344 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacomrouterfilter.sys -- (wacomrouterfilter)
DRV:64bit: - [2012.12.07 17:27:50 | 000,036,928 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\htcnprot.sys -- (htcnprot)
DRV:64bit: - [2012.08.21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012.05.02 11:31:56 | 000,403,232 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2012.05.02 11:31:56 | 000,134,944 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2012.02.16 06:42:00 | 000,676,968 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2012.02.14 13:07:52 | 001,547,616 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)
DRV:64bit: - [2011.11.13 13:31:16 | 000,055,936 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.1)
DRV:64bit: - [2011.11.03 02:01:00 | 000,056,208 | ---- | M] (Rovi Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010.11.28 21:50:38 | 000,044,672 | R--- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2010.08.19 19:24:34 | 000,074,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2010.07.22 16:13:28 | 000,054,848 | ---- | M] (FSPro Labs) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\FSPFltd.sys -- (FSProFilter)
DRV:64bit: - [2010.02.18 08:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009.11.02 17:16:50 | 000,033,736 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64)
DRV:64bit: - [2009.07.14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.07.14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 02:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 01:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.03.18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV - [2013.06.27 10:26:34 | 000,019,952 | ---- | M] () [Kernel | On_Demand | Stopped] -- D:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys -- (RivaTuner64)
DRV - [2012.11.09 09:49:14 | 000,013,368 | ---- | M] (MSI) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\MSI\ControlCenter\Sleep\NTIOLib_X64.sys -- (NTIOLib_MSISMB_CC)
DRV - [2012.10.25 18:45:52 | 000,013,368 | ---- | M] (MSI) [Kernel | On_Demand | Running] -- D:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys -- (NTIOLib_1_0_3)
DRV - [2012.02.14 11:32:16 | 000,013,328 | ---- | M] (MSI) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI\ControlCenter\NTIOLib_X64.sys -- (NTIOLib_1_0_2)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2005.03.09 20:50:16 | 000,033,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\libusb0.sys -- (libusb0)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3959666384-1753593180-1987673547-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3959666384-1753593180-1987673547-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-3959666384-1753593180-1987673547-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3959666384-1753593180-1987673547-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:27.0.1
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: D:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF:64bit: - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.2: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF:64bit: - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.3: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: D:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: D:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.2: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.3: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Ondra\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\wacom.com/WacomTabletPlugin: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: D:\Program Files\AVAST Software\Avast\WebRep\FF [2014.02.24 16:44:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014.02.11 21:18:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: D:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: D:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Components: D:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Plugins: D:\Program Files (x86)\Mozilla Firefox\plugins
[2013.06.26 20:20:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ondra\AppData\Roaming\Mozilla\Extensions
[2013.12.30 19:56:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ondra\AppData\Roaming\Mozilla\Firefox\Profiles\2c396gd3.default\extensions
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/ig/redirectdomain ... &bmod=ASUT
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\gcswf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - Extension: Media Hint = C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\anepbdekljkmmimmhbniglnnanmmkoja\0.1.13_0\
CHR - Extension: Dokumenty Google = C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Disk Google = C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Facebook = C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm\1.0.3_0\
CHR - Extension: Image Downloader = C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnpniohnfphhjihaiiggeabnkjhpaldj\1.3_0\
CHR - Extension: Vyhledávánà Google = C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Adobe Acrobat - Vytvořit PDF = C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\11.0.3.37_0\
CHR - Extension: Kalendář Google = C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\
CHR - Extension: AdBlock = C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.18_0\
CHR - Extension: SoundCloud = C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipebkipbeggmmkjjljenoblnfaenambp\1_0\
CHR - Extension: Mapy Google = C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.2.7_0\
CHR - Extension: Kontrola e-mailu Google = C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\
CHR - Extension: ČSFD Vyhledávač = C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnomkaadjmphnfnjihfmdkabiahgjmfb\1.3_0\
CHR - Extension: Peněženka Google = C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2013.06.27 01:02:34 | 000,002,810 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 192.150.14.69
O1 - Hosts: 127.0.0.1 192.150.18.101
O1 - Hosts: 127.0.0.1 192.150.18.108
O1 - Hosts: 127.0.0.1 192.150.22.40
O1 - Hosts: 127.0.0.1 192.150.8.100
O1 - Hosts: 127.0.0.1 192.150.8.118
O1 - Hosts: 127.0.0.1 209-34-83-73.ood.opsource.net
O1 - Hosts: 127.0.0.1 3dns-1.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-4.adobe.com
O1 - Hosts: 127.0.0.1 3dns.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip1.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip2.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 40 more lines...
O2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - D:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Adobe Acrobat Create PDF Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2:64bit: - BHO: (Adobe Acrobat Create PDF from Selection) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Adobe Acrobat Create PDF Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe Acrobat Create PDF from Selection) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - D:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (Adobe Acrobat Create PDF Toolbar) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - D:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Adobe Acrobat Create PDF Toolbar) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - D:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3:64bit: - HKU\S-1-5-21-3959666384-1753593180-1987673547-1000\..\Toolbar\WebBrowser: (Adobe Acrobat Create PDF Toolbar) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-3959666384-1753593180-1987673547-1000\..\Toolbar\WebBrowser: (Adobe Acrobat Create PDF Toolbar) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [AutoKMS] C:\Windows\AutoKMS.exe ()
O4:64bit: - HKLM..\Run: [mylbx] D:\Program Files\My Lockbox\mylbx.exe (FSPro Labs)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" File not found
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AvastUI.exe] D:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BCSSync] D:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ControlCenterCount] C:\Program Files (x86)\MSI\ControlCenter\ControlCenterCount.exe (MSI CO.,LTD.)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [mncdaousSrv] C:\Windows\inf\mncdaous.vbe ()
O4 - HKLM..\Run: [MSStp] C:\Windows\SysWOW64\msstp.vbe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [Super-Charger] D:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe (MSI)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKU\.DEFAULT..\Run: [Copy] C:\Users\Ondra\AppData\Roaming\Copy\CopyAgent.exe (Barracuda Networks, Inc.)
O4 - HKU\S-1-5-18..\Run: [Copy] C:\Users\Ondra\AppData\Roaming\Copy\CopyAgent.exe (Barracuda Networks, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3959666384-1753593180-1987673547-1000..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-21-3959666384-1753593180-1987673547-1000..\Run: [Copy] C:\Users\Ondra\AppData\Roaming\Copy\CopyAgent.exe (Barracuda Networks, Inc.)
O4 - HKU\S-1-5-21-3959666384-1753593180-1987673547-1000..\Run: [DAEMON Tools Lite] D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKU\S-1-5-21-3959666384-1753593180-1987673547-1000..\Run: [FMCore.exe] C:\Program Files (x86)\Extensis\Suitcase Fusion 5\FMCore.exe (Celartem, Inc., doing business as Extensis.)
O4 - HKU\S-1-5-21-3959666384-1753593180-1987673547-1000..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
O4 - HKU\S-1-5-21-3959666384-1753593180-1987673547-1000..\Run: [OfficeSyncProcess] D:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-21-3959666384-1753593180-1987673547-1000..\Run: [OscarEditor] C:\Program Files (x86)\Anti-Vibrate Oscar Editor\OscarEditor.exe ()
O4 - HKU\S-1-5-21-3959666384-1753593180-1987673547-1000..\Run: [OscarX7Mouse5Mode] C:\Program Files (x86)\OscarX7Editor5Mode\OscarX7Editor5Mode\OscarEditor.exe ()
O4 - HKU\S-1-5-21-3959666384-1753593180-1987673547-1000..\Run: [Steam] D:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-3959666384-1753593180-1987673547-1000..\Run: [uTorrent] D:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Ondra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ControlCenter.exe – zástupce.lnk = C:\Program Files (x86)\MSI\ControlCenter\ControlCenter.exe (MSI CO.,LTD.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - D:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Od&eslat do aplikace OneNote - D:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8:64bit: - Extra context menu item: Převést cíl vazby do Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Převést do Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Připojit cíl vazby k existujícímu PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Připojit k existujícímu PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - D:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Od&eslat do aplikace OneNote - D:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Převést do Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Připojit cíl vazby k existujícímu PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Připojit k existujícímu PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Extensis\Extensis Suitcase 11\Bonjour\mdnsNSP.dll File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2C58651D-00F9-41D6-9ECF-8BEFE8C785A5}: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{70F20639-0F8A-4A41-8919-4E65AAA71160}: DhcpNameServer = 10.15.20.199 8.8.8.8
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.10.14 12:56:42 | 000,000,049 | -H-- | M] () - I:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2013.06.25 12:11:51 | 000,000,050 | R--- | M] () - J:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{13ff077e-de6a-11e2-a6d4-d43d7e9c8416}\Shell - "" = AutoRun
O33 - MountPoints2\{13ff077e-de6a-11e2-a6d4-d43d7e9c8416}\Shell\AutoRun\command - "" = J:\Setup.exe -- [2013.11.13 21:05:43 | 001,681,225 | R--- | M] ( )
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2014.02.25 12:32:00 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Ondra\Desktop\OTL.exe
[2014.02.25 10:46:42 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014.02.25 10:46:41 | 000,000,000 | ---D | C] -- C:\rsit
[2014.02.20 16:06:57 | 031,432,480 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2014.02.20 16:06:57 | 023,683,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2014.02.20 16:06:57 | 017,715,784 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2014.02.20 16:06:57 | 015,740,232 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2014.02.20 16:06:57 | 011,636,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2014.02.20 16:06:57 | 011,589,272 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2014.02.20 16:06:57 | 009,728,064 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2014.02.20 16:06:57 | 009,690,424 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2014.02.20 16:06:57 | 003,142,432 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2014.02.20 16:06:57 | 002,956,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2014.02.20 16:06:57 | 002,782,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2014.02.20 16:06:57 | 002,410,784 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2014.02.20 16:06:57 | 001,885,472 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6433489.dll
[2014.02.20 16:06:57 | 001,515,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6433489.dll
[2014.02.20 16:06:57 | 000,892,192 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2014.02.20 16:06:57 | 000,875,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2014.02.20 16:06:57 | 000,863,520 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2014.02.20 16:06:57 | 000,844,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2014.02.20 16:06:57 | 000,832,424 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2014.02.20 16:06:57 | 000,483,104 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvEncodeAPI64.dll
[2014.02.20 16:06:57 | 000,408,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvEncodeAPI.dll
[2014.02.20 16:06:57 | 000,378,656 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFROpenGL.dll
[2014.02.20 16:06:57 | 000,353,504 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2014.02.20 16:06:57 | 000,305,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2014.02.20 16:06:57 | 000,174,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2014.02.20 16:06:57 | 000,148,528 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2014.02.20 16:06:56 | 025,256,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2014.02.20 16:06:56 | 017,560,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2014.02.19 13:58:39 | 000,000,000 | ---D | C] -- C:\Users\Ondra\AppData\Local\NVIDIA Corporation
[2014.02.19 13:58:29 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll
[2014.02.19 13:58:29 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll
[2014.02.19 13:58:28 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll
[2014.02.19 13:58:28 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll
[2014.02.19 13:58:28 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll
[2014.02.19 13:58:19 | 001,179,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspcap64.dll
[2014.02.19 13:58:19 | 001,048,152 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspcap.dll
[2014.02.19 13:58:02 | 000,039,200 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvvad64v.sys
[2014.02.19 13:58:02 | 000,035,104 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvaudcap64v.dll
[2014.02.19 13:58:02 | 000,033,056 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvaudcap32v.dll
[2014.02.19 01:38:47 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2014.02.05 22:02:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
========== Files - Modified Within 30 Days ==========
[2014.02.25 15:37:03 | 000,000,950 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014.02.25 13:37:00 | 000,000,946 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014.02.25 12:37:25 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.02.25 12:32:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Ondra\Desktop\OTL.exe
[2014.02.25 10:43:57 | 000,017,136 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.02.25 10:43:57 | 000,017,136 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.02.25 10:42:38 | 001,576,554 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014.02.25 10:42:38 | 000,666,194 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2014.02.25 10:42:38 | 000,651,938 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014.02.25 10:42:38 | 000,139,890 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2014.02.25 10:42:38 | 000,120,870 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014.02.25 10:38:21 | 000,001,259 | ---- | M] () -- C:\Users\Ondra\rgmnr
[2014.02.25 10:36:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.02.25 10:36:34 | 4255,252,478 | -HS- | M] () -- C:\hiberfil.sys
[2014.02.25 10:19:13 | 000,119,296 | ---- | M] () -- C:\Windows\SysWow64\zlib.dll
[2014.02.24 16:44:29 | 000,001,030 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014.02.24 16:44:12 | 001,038,072 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2014.02.24 16:44:12 | 000,421,704 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswsp.sys
[2014.02.24 16:44:12 | 000,334,136 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2014.02.24 16:44:12 | 000,080,184 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswstm.sys
[2014.02.24 16:44:12 | 000,078,648 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2014.02.24 16:44:11 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2014.02.21 19:39:12 | 000,002,189 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014.02.20 16:09:43 | 005,194,392 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014.02.19 12:11:20 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01009.Wdf
[2014.02.19 12:11:20 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_MijXfilt_01009.Wdf
[2014.02.11 21:18:58 | 000,002,146 | ---- | M] () -- C:\Users\Public\Desktop\Adobe FormsCentral.lnk
[2014.02.11 21:18:58 | 000,002,032 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Acrobat XI Pro.lnk
[2014.02.08 19:34:51 | 031,432,480 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2014.02.08 19:34:51 | 025,256,224 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2014.02.08 19:34:51 | 023,683,360 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2014.02.08 19:34:51 | 018,257,576 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2014.02.08 19:34:51 | 017,715,784 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2014.02.08 19:34:51 | 017,560,352 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2014.02.08 19:34:51 | 015,740,232 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2014.02.08 19:34:51 | 014,669,032 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2014.02.08 19:34:51 | 011,636,176 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2014.02.08 19:34:51 | 011,589,272 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2014.02.08 19:34:51 | 009,728,064 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2014.02.08 19:34:51 | 009,690,424 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2014.02.08 19:34:51 | 003,142,432 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2014.02.08 19:34:51 | 003,090,184 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2014.02.08 19:34:51 | 002,956,576 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2014.02.08 19:34:51 | 002,782,496 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2014.02.08 19:34:51 | 002,713,728 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2014.02.08 19:34:51 | 002,410,784 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2014.02.08 19:34:51 | 001,885,472 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6433489.dll
[2014.02.08 19:34:51 | 001,515,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6433489.dll
[2014.02.08 19:34:51 | 000,947,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2014.02.08 19:34:51 | 000,892,192 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2014.02.08 19:34:51 | 000,875,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2014.02.08 19:34:51 | 000,863,520 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2014.02.08 19:34:51 | 000,844,576 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2014.02.08 19:34:51 | 000,832,424 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2014.02.08 19:34:51 | 000,483,104 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvEncodeAPI64.dll
[2014.02.08 19:34:51 | 000,408,352 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvEncodeAPI.dll
[2014.02.08 19:34:51 | 000,378,656 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFROpenGL.dll
[2014.02.08 19:34:51 | 000,353,504 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2014.02.08 19:34:51 | 000,333,600 | ---- | M] () -- C:\Windows\SysWow64\NvIFROpenGL.dll
[2014.02.08 19:34:51 | 000,305,600 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2014.02.08 19:34:51 | 000,174,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2014.02.08 19:34:51 | 000,148,528 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2014.02.08 19:34:51 | 000,024,544 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
========== Files Created - No Company Name ==========
[2014.02.25 12:37:25 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.02.24 16:35:43 | 000,001,259 | ---- | C] () -- C:\Users\Ondra\rgmnr
[2014.02.24 16:23:46 | 000,001,419 | --S- | C] () -- C:\Windows\SysWow64\msstp.vbe
[2014.02.20 16:06:57 | 000,333,600 | ---- | C] () -- C:\Windows\SysWow64\NvIFROpenGL.dll
[2014.02.19 12:11:20 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01009.Wdf
[2014.02.19 12:11:20 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_MijXfilt_01009.Wdf
[2014.02.11 21:18:58 | 000,002,453 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat XI Pro.lnk
[2014.02.11 21:18:58 | 000,002,216 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe FormsCentral.lnk
[2014.02.11 21:18:58 | 000,002,146 | ---- | C] () -- C:\Users\Public\Desktop\Adobe FormsCentral.lnk
[2014.02.11 21:18:58 | 000,002,055 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller XI.lnk
[2014.02.11 21:18:58 | 000,002,032 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Acrobat XI Pro.lnk
[2014.01.24 20:51:37 | 000,000,037 | ---- | C] () -- C:\Windows\SWFConverter.INI
[2013.12.29 23:45:57 | 000,033,792 | ---- | C] () -- C:\Windows\SysWow64\drivers\libusb0.sys
[2013.12.29 23:30:47 | 000,119,296 | ---- | C] () -- C:\Windows\SysWow64\zlib.dll
[2013.12.29 23:30:47 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\ADsSecurity.dll
[2013.12.29 23:30:47 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\dxinputdll.dll
[2013.12.29 14:59:52 | 000,012,005 | ---- | C] () -- C:\Users\Ondra\AppData\Roaming\alsoft.ini
[2013.09.15 15:58:05 | 000,000,098 | ---- | C] () -- C:\ProgramData\.ST160
[2013.09.15 15:57:59 | 000,000,010 | ---- | C] () -- C:\ProgramData\.F4G6EEC4-B493-3E31-C6BG-8C6C9B764D36
[2013.09.15 15:57:59 | 000,000,010 | ---- | C] () -- C:\Users\Ondra\AppData\Local\.C3F2FH85-G3D2-2F02-D5CH-7D3D8C553E56
[2013.08.28 20:21:49 | 000,112,640 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2013.07.29 10:01:47 | 000,000,014 | ---- | C] () -- C:\ProgramData\.ST150
[2013.07.27 01:07:06 | 000,615,936 | ---- | C] () -- C:\Windows\AutoKMS.exe
[2013.07.27 01:07:06 | 000,000,161 | ---- | C] () -- C:\Windows\AutoKMS.ini
[2013.07.20 00:53:18 | 000,761,856 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2013.07.20 00:53:18 | 000,135,168 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2013.07.01 19:30:06 | 000,000,132 | ---- | C] () -- C:\Users\Ondra\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
[2013.06.29 08:26:07 | 000,000,010 | ---- | C] () -- C:\Users\Ondra\AppData\Local\.HG88C586-G30G-2HE2-DGDE-8H3E1D530D30
[2013.06.29 08:26:07 | 000,000,010 | ---- | C] () -- C:\ProgramData\.F464B91F-G49F-3G3D-CFCD-9G7D2C141C96
[2013.06.27 17:56:03 | 000,000,017 | ---- | C] () -- C:\Users\Ondra\AppData\Local\resmon.resmoncfg
[2013.06.26 18:48:18 | 001,554,160 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.05.04 14:37:46 | 000,054,784 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
========== ZeroAccess Check ==========
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2009.07.14 02:41:54 | 014,161,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2009.07.14 02:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.07.14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2013.08.29 22:16:32 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Apowersoft
[2013.06.26 16:34:43 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Ashampoo
[2013.07.25 17:17:06 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Autodesk
[2013.10.22 08:16:46 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\AVAST Software
[2013.09.06 18:05:56 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Braid
[2013.07.12 15:26:00 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2014.02.25 16:21:31 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Copy
[2014.02.11 21:12:31 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\DAEMON Tools Lite
[2013.07.08 14:34:41 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Doublefine
[2013.07.07 18:05:19 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\EPSON
[2013.09.15 09:58:36 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Extensis
[2014.02.17 20:49:12 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\FEZ
[2013.11.30 16:00:42 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\GHISLER
[2014.01.15 16:26:50 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Gomo
[2013.07.06 22:02:01 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\HTC
[2013.07.06 22:02:59 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
[2013.08.29 22:10:27 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\KastorAllVideoDownloader
[2013.08.29 22:01:38 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\KastorFreeVimeoDownloader
[2013.06.29 10:29:14 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\MAXON
[2013.12.29 23:18:04 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\MotioninJoy
[2013.08.28 00:03:04 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Opera Software
[2013.12.30 19:56:46 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Orbit
[2013.06.30 10:59:47 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Origin
[2013.06.30 22:05:45 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\PACE Anti-Piracy
[2013.06.26 15:58:32 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\PerformerSoft
[2013.12.29 23:32:47 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\PowerUp Software
[2013.12.30 19:50:42 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\ProgSense
[2013.08.30 12:03:19 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Resolume
[2013.08.25 12:29:33 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Resolume Arena 4
[2013.09.15 09:33:42 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Resolume Avenue 4
[2014.01.15 18:46:54 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\SketchUp
[2013.06.27 02:09:58 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2013.10.31 12:01:39 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\TeamViewer
[2013.10.31 14:38:14 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Trillian
[2013.08.30 11:55:55 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\TroikaTronix
[2013.09.15 09:27:16 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\TS3Client
[2013.07.14 16:54:55 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Ubisoft
[2013.07.07 09:58:46 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Unity
[2014.02.25 16:38:28 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\uTorrent
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:A1EDB939
@Alternate Data Stream - 128 bytes -> C:\Windows\SysWow64\zlib.dll:SummaryInformation
@Alternate Data Stream - 128 bytes -> C:\Windows\SysWow64\zlib.dll:DocumentSummaryInformation
< End of report >
Re: mncdaous.exe + časté blokace virů Avastem
OTL Extras logfile created on: 25.2.2014 16:31:17 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Ondra\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
15,95 Gb Total Physical Memory | 10,90 Gb Available Physical Memory | 68,35% Memory free
31,90 Gb Paging File | 26,88 Gb Available in Paging File | 84,26% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111,69 Gb Total Space | 30,08 Gb Free Space | 26,93% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 22,59 Gb Free Space | 2,42% Space Free | Partition Type: NTFS
Drive I: | 931,51 Gb Total Space | 208,56 Gb Free Space | 22,39% Space Free | Partition Type: NTFS
Drive J: | 4,22 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive O: | 29,32 Gb Total Space | 9,99 Gb Free Space | 34,08% Space Free | Partition Type: FAT32
Computer Name: ONDRA-PC | User Name: Ondra | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = OperaStable] -- C:\Program Files (x86)\Opera\Launcher.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = OperaStable] -- C:\Program Files (x86)\Opera\Launcher.exe (Opera Software)
[HKEY_USERS\S-1-5-21-3959666384-1753593180-1987673547-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- D:\Program Files\Adobe\Adobe Bridge CS6\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [Browse with &IrfanView] -- "D:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- D:\Program Files\Adobe\Adobe Bridge CS6\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [Browse with &IrfanView] -- "D:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{027344F4-1002-4D7B-855F-CF2A2FE521CD}" = lport=138 | protocol=17 | dir=in | app=system |
"{077DDF13-E01D-4CBF-AA1E-02B8C6FCBA92}" = rport=10243 | protocol=6 | dir=out | app=system |
"{1148A54E-3B26-4911-95AA-AEA3EC2113BB}" = rport=139 | protocol=6 | dir=out | app=system |
"{35F0114E-83A8-4A2F-8469-B3B25E3C83D1}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{479903BC-4CB1-4388-A638-6FB017270C09}" = lport=6004 | protocol=17 | dir=in | app=d:\program files (x86)\microsoft office\office14\outlook.exe |
"{5E65F22D-D68A-4902-8B46-03DFB9B1200C}" = lport=137 | protocol=17 | dir=in | app=system |
"{663F2E7B-DAEA-495F-BB94-E22ACEF29E96}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{7DD520A7-6169-4BB4-BB21-A5CAF8FC5324}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{81222A23-007C-4231-BF7F-A555EAF1272A}" = lport=445 | protocol=6 | dir=in | app=system |
"{84914D7D-523C-471D-A376-82DB4ED8F871}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{863E15A7-AF1F-476A-A2B2-F0CEAC3D49C3}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8B6B8182-F933-4478-A0A2-8458343DE2D5}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8C208F86-5197-4851-B3D3-40C1FD29B727}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8F7F1C64-CE3B-4D4B-87CE-280FDB458464}" = lport=139 | protocol=6 | dir=in | app=system |
"{95B5C01C-1681-42B4-B949-05981A867B20}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9D16796A-4225-4A02-BBE2-F1425A4DD922}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A98DF7B3-CAA5-408E-BBBF-AE8C24B8CD2E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B65C763D-ACDA-496F-A61D-202ECB934BE2}" = lport=7935 | protocol=6 | dir=in | name=adobe flash builder 4.6 |
"{BF6A3FFC-220A-46AC-9A91-F4EE2AE890DD}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{D4B7E253-1F45-43F7-B45A-34E41F3F79E6}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D50694F5-69A8-4EBF-B58B-37FC9C679A86}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{D58F2B62-1E85-4022-9F84-3A0EC9CDBC24}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D616103E-44D3-4D86-9057-873C62048A9F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D7699624-31AD-4C8B-89A8-40D46FA79BC7}" = lport=2869 | protocol=6 | dir=in | app=system |
"{D77BA55F-8997-43A2-A4D2-497F82B064E6}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{DADB179E-91C1-4C22-AF5B-B518AED1D54B}" = rport=137 | protocol=17 | dir=out | app=system |
"{E5B7C732-BD33-4DA0-B5F3-62B9F20ADFE4}" = rport=445 | protocol=6 | dir=out | app=system |
"{EDE4CE16-EB23-476A-9862-DDA0429FB1E5}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{F2666F61-1FAD-4370-9E1E-E59467457A45}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{F9106D74-B6D4-4F2F-A738-2EF6129E8F29}" = lport=10243 | protocol=6 | dir=in | app=system |
"{FCE68E97-2029-43AD-BBC6-685A8042557E}" = rport=138 | protocol=17 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00F6B617-5828-4827-A777-6D413A08003B}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{04474BED-A327-4F06-86BE-869ECD2FE381}" = protocol=17 | dir=in | app=d:\program files (x86)\microsoft office\office14\groove.exe |
"{08E617E9-FC1B-40D3-AF69-F1B5CDE37530}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{0A842736-393F-4E10-BC82-69C8E1A19458}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{0B1BC75C-B816-42C9-A08B-3013CD12CFC1}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{148668E0-D16B-4D24-A721-F85B949AA851}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{157AC0D0-C381-4F4E-B2A7-5DCAF287733C}" = protocol=6 | dir=in | app=d:\program files (x86)\utorrent\utorrent.exe |
"{177BD0EF-023A-460A-B0E8-17A985A2D0D6}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{1F35233D-604C-4F1B-999F-244C125282BE}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{2229B4F1-0BB1-4A01-A5A5-76BF733F5846}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{2C2B4EA9-511C-40C8-B6A4-8F30BBCE84DB}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{2E8108C5-7219-486B-965E-063439EAADDB}" = protocol=6 | dir=in | app=d:\program files\adobe\adobe illustrator cs6 (64 bit)\support files\contents\windows\illustrator.exe |
"{2ED3A640-24E8-46E7-9544-0355C89C15B1}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{30E6D6D0-6A3D-4A8B-B3BE-058B20ED677A}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{31F56CA7-699E-4344-9AA5-B2E8A23E9C81}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{3253E546-1DAE-4752-A633-0B22616299E9}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{359AEB6B-326C-4D63-A6A8-EEA7796951BF}" = protocol=6 | dir=in | app=d:\stažené soubory\lpmt_1.2.1_win_trial\lpmt.exe |
"{35B3A812-9CD2-45A7-8789-EC841BDBDE23}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3C2C0BE8-4FE2-47B3-84DC-9A0C31C2AA4F}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{3D50DEB1-89C9-4765-88EB-36C5F5CC47AC}" = protocol=17 | dir=in | app=d:\program files (x86)\rockstar games\eflc\launcheflc.exe |
"{4161153B-8358-428C-9E03-A763498FAF58}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{42C1E149-6F2A-41B7-8921-C897D5AD1573}" = protocol=17 | dir=in | app=d:\program files (x86)\ubisoft\farcry 3\bin\farcry3_d3d11.exe |
"{438C7614-8308-4BE4-AC30-80D307D94FAD}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{450A0738-A98F-4A42-880E-567B8DD424AE}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{4751E2D4-E4CF-41C3-9E61-7B0F40972E51}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{4879B8FE-D37B-492E-9033-F3DF307C85BB}" = protocol=17 | dir=in | app=c:\program files (x86)\resolume arena 4.1.3\arena.exe |
"{4DC92114-229C-4BE8-9B9A-0C19B72773A6}" = protocol=17 | dir=in | app=k:\portable programy\resolume avenue 4 portable\resolume avenue 4.0.0.exe |
"{53583EE4-3C57-4458-AD6D-6518AA4B5A45}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{55F15E8D-C6C9-4232-ADCC-A780D793044B}" = protocol=17 | dir=in | app=d:\program files (x86)\utorrent\utorrent.exe |
"{5619E0E5-E488-41AD-826C-D7CC87D4DC5D}" = protocol=6 | dir=in | app=d:\program files (x86)\microsoft office\office14\onenote.exe |
"{566585DE-EB7D-4527-A2B4-BC2BD84E37C4}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2045\agent.exe |
"{56955F29-9AFC-4645-9B0B-69858895C2F3}" = protocol=17 | dir=in | app=d:\program files (x86)\microsoft office\office14\onenote.exe |
"{57A0C75E-57B9-4CA2-9685-F042BF25570A}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{584C9E47-52B9-48CA-BF37-46CE71D2C958}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{58F371DA-065C-45DA-B5BA-7AD41DB9A05D}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{5F9E9741-24C6-4EFE-A8E2-ECE1C7FC7890}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{61E6CB20-FA77-4B43-AF41-7BDFAF0DEC43}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2006\agent.exe |
"{667DB248-B4F9-450B-9B9B-1087C5F947A2}" = protocol=6 | dir=in | app=d:\program files (x86)\ubisoft\farcry 3\bin\farcry3_d3d11.exe |
"{69CD19A6-B6C7-4BCE-B33B-BD26133BC517}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{6E740340-45F5-46D5-AA4A-87686F5DFA0B}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{71B6FDB7-FEA0-4786-84B4-096440A82F81}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{7279DA7F-90BF-4C04-933A-81CB508FFEA8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{73352A7C-D06D-4EBD-B160-9853A4E1A9BB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{7D1A503F-8013-4C4E-943B-3048CEAD8F65}" = protocol=6 | dir=in | app=k:\portable programy\resolume avenue 4 portable\resolume avenue 4.0.0.exe |
"{7FE706DB-2A32-4D13-9FF0-AB05EABE0F26}" = protocol=17 | dir=in | app=d:\program files\adobe\adobe flash builder 4.6\flashbuilder.exe |
"{82CE490A-580B-465E-9B73-6A60B210F021}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{84F3B85B-2DC9-4F68-ABAB-262D7BBBE907}" = protocol=6 | dir=in | app=d:\program files\adobe\adobe photoshop cs6 (64 bit)\photoshop.exe |
"{8B75A29A-6B04-4453-8EC2-1F85BCFF7FE5}" = protocol=6 | dir=in | app=d:\program files (x86)\microsoft office\office14\groove.exe |
"{8CD3D103-2C08-437F-BB24-A1B4267DB080}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8CD683F3-5E56-489F-9C27-7AEFC99DFBB5}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{8D2ACDD9-9EE2-4265-A735-F3EBC580BACE}" = protocol=6 | dir=in | app=c:\program files (x86)\resolume arena 4.1.3\arena.exe |
"{8F784FBA-5761-4DF1-AC99-FCA247533A39}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{90692BAD-A1F5-4071-B9F9-59C779287A9E}" = protocol=6 | dir=in | app=d:\program files\adobe\adobe flash builder 4.6\flashbuilder.exe |
"{90FE7D09-FADB-470B-BD81-8CA5CF50DE33}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{937A1D9C-EAC4-4F8D-B12B-DEE1376CA438}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{953EF99C-94C1-4012-90BB-1C5018AC9676}" = protocol=17 | dir=in | app=d:\program files\adobe\adobe photoshop cs6 (64 bit)\photoshop.exe |
"{984B4A9F-31E6-42B3-A713-D09385D48881}" = dir=in | app=c:\users\ondra\appdata\roaming\copy\copyagent.exe |
"{9A44C229-43F3-4EC7-A25A-B41D907A4A93}" = protocol=17 | dir=in | app=d:\program files\adobe\adobe indesign cs6\indesign.exe |
"{9AB89F0A-34F7-4A58-A49D-0534714EC669}" = protocol=6 | dir=out | app=system |
"{A36A0FB1-14AD-48C1-893C-B6A62FA8846E}" = protocol=6 | dir=in | app=d:\program files\adobe\adobe indesign cs6\indesign.exe |
"{A561C444-3020-4448-B07F-FCAE76566E9A}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steam.exe |
"{A7CC2A86-1058-4739-81C1-90AE6E27C05D}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{A7F68B36-3CD0-47EB-906A-C8714BDBF258}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{B0C68C16-3473-4409-9588-E8927C404236}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{B1B69F79-9299-4050-B3B1-8A170B47FA0F}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2006\agent.exe |
"{B35FD71E-8393-4229-B743-68D11F5E6E33}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{BDBD85F1-41E7-4EF8-B4B6-84707FC11F04}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{BE53AEB0-6197-4891-9F18-B29DE969C2C8}" = protocol=6 | dir=in | app=c:\windows\kmsemulator.exe |
"{BF820D43-002C-43A4-878B-70B5D2615733}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BFA78017-D808-48D9-9600-FB8DD381717A}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{C9639D5B-4AFF-4048-BC2D-405CAE6A18C2}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{CB48231C-7219-4519-9B9C-FDA57C7B9228}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{CEEE5A71-C783-4367-838F-105BA93FA315}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steam.exe |
"{CF05305A-366A-43FC-AE5E-BB532C5CC105}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{CFAF5476-C5EF-4861-B79A-99F2F4BC72BB}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{D253E76B-48F1-4B24-B9DA-2583B0175509}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{D31362E7-EBC1-49CD-B145-8C579F39FB01}" = protocol=6 | dir=in | app=d:\program files (x86)\rockstar games\eflc\launcheflc.exe |
"{D332872D-D21F-41B6-9E4F-49DFE00108A3}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D558A5B8-1EFF-45A9-8D69-63C3EF03031C}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{D636CCBA-EF34-4F27-A89C-917D2C0F2F25}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{D7222F3B-7FC7-4621-950F-853295ECDD4B}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{DCA2AAB3-3D39-40E4-827D-56BC0FCC08B3}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{DE1FD38B-54F5-4CCC-B9AA-23BE9C628766}" = protocol=17 | dir=in | app=c:\windows\kmsemulator.exe |
"{E182525B-57C9-4007-B4B2-9514F159B0CD}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2045\agent.exe |
"{E4994C2E-AA84-42A1-B0EB-2B0C76553A77}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E5764462-292B-4100-93CF-766B6C706BBE}" = protocol=17 | dir=in | app=d:\program files\adobe\adobe illustrator cs6 (64 bit)\support files\contents\windows\illustrator.exe |
"{E65BBC59-BA2D-47E9-BC8C-454686CB24CE}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{E8824C53-737B-494B-A427-BF57AC19F1F4}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{E9763F8D-45AE-4F11-8E07-1799F18CAEC8}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{EAF1A38F-4E04-4EAF-BEEA-1F6032001874}" = dir=in | app=d:\program files (x86)\itunes\itunes.exe |
"{F27B22C3-4829-4612-9129-E40259EDBF8E}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{F70C0AC0-7AED-463F-9AD0-42F2BB62D30D}" = protocol=17 | dir=in | app=d:\stažené soubory\lpmt_1.2.1_win_trial\lpmt.exe |
"{FF3DC817-FBFC-4B8C-B835-4629E01C94BB}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"TCP Query User{01A2A4E0-2128-4A3E-9B29-D748F812E1A1}C:\users\ondra\appdata\roaming\copy\copyagent.exe" = protocol=6 | dir=in | app=c:\users\ondra\appdata\roaming\copy\copyagent.exe |
"TCP Query User{1DF3479A-ABDE-4C7A-BA97-6BAFFA41981A}K:\portable programy\resolume avenue 4 portable\resolume avenue 4.0.0.exe" = protocol=6 | dir=in | app=k:\portable programy\resolume avenue 4 portable\resolume avenue 4.0.0.exe |
"TCP Query User{23D61FA9-867F-4C3F-A048-3BFAC9BD4991}D:\program files (x86)\ubisoft\farcry 3\bin\farcry3_d3d11.exe" = protocol=6 | dir=in | app=d:\program files (x86)\ubisoft\farcry 3\bin\farcry3_d3d11.exe |
"TCP Query User{25BF8868-DBE8-41FE-98EA-6B0490ACA27B}D:\program files (x86)\rockstar games\eflc\eflc.exe" = protocol=6 | dir=in | app=d:\program files (x86)\rockstar games\eflc\eflc.exe |
"TCP Query User{416B7276-615B-424F-99FC-A0BE2DD90A28}D:\stažené soubory\lpmt_1.2.1_win_trial\lpmt.exe" = protocol=6 | dir=in | app=d:\stažené soubory\lpmt_1.2.1_win_trial\lpmt.exe |
"TCP Query User{421BEAB0-137A-40B2-921B-A0CEF8E587F2}C:\windows\kmsemulator.exe" = protocol=6 | dir=in | app=c:\windows\kmsemulator.exe |
"TCP Query User{6030269A-B94A-4166-88B2-765FAC522898}D:\program files\adobe\adobe photoshop cs6 (64 bit)\photoshop.exe" = protocol=6 | dir=in | app=d:\program files\adobe\adobe photoshop cs6 (64 bit)\photoshop.exe |
"TCP Query User{61BF861D-638E-4C2B-9450-1BD4663CBE0E}C:\program files (x86)\resolume arena 4.1.3\arena.exe" = protocol=6 | dir=in | app=c:\program files (x86)\resolume arena 4.1.3\arena.exe |
"TCP Query User{66F54743-18D7-4DEC-AA00-54BF758566C8}D:\program files\adobe\adobe indesign cs6\indesign.exe" = protocol=6 | dir=in | app=d:\program files\adobe\adobe indesign cs6\indesign.exe |
"TCP Query User{70BFFD13-1DCB-4B54-98F3-0C912DD45843}D:\program files (x86)\ubisoft\farcry 3\bin\farcry3.exe" = protocol=6 | dir=in | app=d:\program files (x86)\ubisoft\farcry 3\bin\farcry3.exe |
"TCP Query User{7583EB25-4414-4DF5-860D-45492019395C}D:\program files (x86)\jdownloader\jre\bin\javaw.exe" = protocol=6 | dir=in | app=d:\program files (x86)\jdownloader\jre\bin\javaw.exe |
"TCP Query User{7D327F57-0A64-4CAF-B95A-28A1F8300F61}D:\stažené soubory\broken age\brokenage.exe" = protocol=6 | dir=in | app=d:\stažené soubory\broken age\brokenage.exe |
"TCP Query User{8D5D2890-EC07-48B2-87C7-F3181D4148C7}C:\program files (x86)\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"TCP Query User{A96B42BF-D06D-4807-B76A-EF26B117D4BC}D:\program files (x86)\jdownloader\jre\bin\javaw.exe" = protocol=6 | dir=in | app=d:\program files (x86)\jdownloader\jre\bin\javaw.exe |
"TCP Query User{BEC919F3-7BCF-431E-B08E-17A4208F59E2}D:\program files\adobe\adobe illustrator cs6 (64 bit)\support files\contents\windows\illustrator.exe" = protocol=6 | dir=in | app=d:\program files\adobe\adobe illustrator cs6 (64 bit)\support files\contents\windows\illustrator.exe |
"UDP Query User{0B659428-C501-4371-90C9-C358206A0D48}C:\windows\kmsemulator.exe" = protocol=17 | dir=in | app=c:\windows\kmsemulator.exe |
"UDP Query User{2F15368B-121A-41EE-A480-72D0E7F6D20D}D:\stažené soubory\lpmt_1.2.1_win_trial\lpmt.exe" = protocol=17 | dir=in | app=d:\stažené soubory\lpmt_1.2.1_win_trial\lpmt.exe |
"UDP Query User{35A7B6BC-F94F-4436-88FB-DA9746115CA9}D:\program files (x86)\ubisoft\farcry 3\bin\farcry3_d3d11.exe" = protocol=17 | dir=in | app=d:\program files (x86)\ubisoft\farcry 3\bin\farcry3_d3d11.exe |
"UDP Query User{3B889748-C4E0-40D2-8608-D6D711DE8804}D:\program files (x86)\jdownloader\jre\bin\javaw.exe" = protocol=17 | dir=in | app=d:\program files (x86)\jdownloader\jre\bin\javaw.exe |
"UDP Query User{469992FE-3EE3-489A-BE2A-4C32D34FC847}C:\users\ondra\appdata\roaming\copy\copyagent.exe" = protocol=17 | dir=in | app=c:\users\ondra\appdata\roaming\copy\copyagent.exe |
"UDP Query User{58C98CAC-93EF-4B96-85CF-C0E8CEB17F19}D:\program files\adobe\adobe indesign cs6\indesign.exe" = protocol=17 | dir=in | app=d:\program files\adobe\adobe indesign cs6\indesign.exe |
"UDP Query User{6B7C00E5-E253-43BA-9506-5B655011F191}C:\program files (x86)\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"UDP Query User{6F6ED9DB-B73F-47B6-9765-2E711A9A6454}C:\program files (x86)\resolume arena 4.1.3\arena.exe" = protocol=17 | dir=in | app=c:\program files (x86)\resolume arena 4.1.3\arena.exe |
"UDP Query User{87E0ECC2-D5C8-48DC-BA48-656522F0DA01}D:\program files\adobe\adobe photoshop cs6 (64 bit)\photoshop.exe" = protocol=17 | dir=in | app=d:\program files\adobe\adobe photoshop cs6 (64 bit)\photoshop.exe |
"UDP Query User{A80A2CFC-B2F5-4EFF-A2AA-D51EA00E983F}D:\program files (x86)\rockstar games\eflc\eflc.exe" = protocol=17 | dir=in | app=d:\program files (x86)\rockstar games\eflc\eflc.exe |
"UDP Query User{AB2423D8-17FF-473A-8141-920DB5FB2825}D:\program files\adobe\adobe illustrator cs6 (64 bit)\support files\contents\windows\illustrator.exe" = protocol=17 | dir=in | app=d:\program files\adobe\adobe illustrator cs6 (64 bit)\support files\contents\windows\illustrator.exe |
"UDP Query User{C200BF30-4722-44BC-8402-44AE06F64EE5}D:\stažené soubory\broken age\brokenage.exe" = protocol=17 | dir=in | app=d:\stažené soubory\broken age\brokenage.exe |
"UDP Query User{ED21EB9F-0CC0-435C-83AE-DF1E22D23397}K:\portable programy\resolume avenue 4 portable\resolume avenue 4.0.0.exe" = protocol=17 | dir=in | app=k:\portable programy\resolume avenue 4 portable\resolume avenue 4.0.0.exe |
"UDP Query User{FB9D7789-B628-4ACB-9C7E-9809B4235090}D:\program files (x86)\ubisoft\farcry 3\bin\farcry3.exe" = protocol=17 | dir=in | app=d:\program files (x86)\ubisoft\farcry 3\bin\farcry3.exe |
"UDP Query User{FFDE5466-08B4-42EA-B814-AC5BED8D2314}D:\program files (x86)\jdownloader\jre\bin\javaw.exe" = protocol=17 | dir=in | app=d:\program files (x86)\jdownloader\jre\bin\javaw.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{B16BB34E-B7BF-47DF-8658-BEABCF40CD6A}" = Corel Graphics - Windows Shell Extension
"_{BDBFAC49-8877-472F-876B-75ADB7DBC955}" = CorelDRAW Graphics Suite X6 (64-Bit)
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0CEA94E0-E6F4-4F2D-AA98-D0EFD6833754}" = Corel Graphics - Windows Shell Extension 32 Bit
"{10762393-1B90-4AC2-AF1A-4C0C04AE303F}" = CorelDRAW Graphics Suite X6 - VBA (x64)
"{1967EF95-E00B-4669-8B1C-A589BE8BF24F}" = CorelDRAW Graphics Suite X6 - Capture (x64)
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1E3A578C-0A7D-4820-990F-B7545C0B2303}" = CorelDRAW Graphics Suite X6 - VSTA (x64)
"{27AE72A4-B217-4CDC-B82B-3311E9D7460E}" = CorelDRAW Graphics Suite X6 - Draw (x64)
"{2C72B5E4-AA34-4F1A-8C7E-468530F9F6A3}" = CorelDRAW Graphics Suite X6 - Photozoom Plugin (x64)
"{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1" = MotioninJoy ds3 driver version 0.6.0001
"{35869A6C-BA31-4F23-B52D-BC1B1E41EC1B}" = CorelDRAW Graphics Suite X6 - Common (x64)
"{3933C06C-8239-432B-87FC-F2BDC5B49A10}" = CorelDRAW Graphics Suite X6 - FontNav (x64)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{6099F026-0A98-4D40-9B3D-ED2123A8CBD0}" = CorelDRAW Graphics Suite X6 - Redist (x64)
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7386B5FA-8715-481D-821F-7785110506DF}" = CorelDRAW Graphics Suite X6 - Custom Data (x64)
"{764384C5-BCA9-307C-9AAC-FD443662686A}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
"{76FF0F03-B707-4332-B5D1-A56C8303514E}" = iTunes
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{7B79AE44-9B76-4815-84E5-ACAC3F0F0278}" = CorelDRAW Graphics Suite X6 - VideoBrowser (x64)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120064-0070-0000-0000-4000000FF1CE}" = Microsoft Visual Basic for Applications 7.1 (x64)
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2010
"{90F60409-7000-11D3-8CFE-0150048383C9}" = Microsoft Visual Basic for Applications 7.1 (x64) English
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{96AAAB95-AEBE-437A-B7CA-37C7BE13FFE9}" = CorelDRAW Graphics Suite X6 - Connect (x64)
"{975290F7-01EE-6256-484A-EDD705037432}" = ccc-utility64
"{A324DC11-FF02-3CE8-9D6F-67EBC006D970}" = Microsoft .NET Framework 4 Extended CSY Language Pack
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B16BB34E-B7BF-47DF-8658-BEABCF40CD6A}" = Corel Graphics - Windows Shell Extension
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 320.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 320.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.8.2
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Ovladač řídící jednotky 3D Vision 320.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.13.0604
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 11.10.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamC" = GeForce Experience NvStream Client Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovladač HD audia 1.3.24.2
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 11.10.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.20
"{B6294D78-AFAA-48DF-8243-B41902D7F236}" = CorelDRAW Graphics Suite X6 - CZ (x64)
"{B6DF7031-2843-44FD-9CAB-DECAB4257456}" = CorelDRAW Graphics Suite X6 - IPM
"{BDBFAC49-8877-472F-876B-75ADB7DBC955}" = CorelDRAW Graphics Suite X6 - Setup Files (x64)
"{CCE7423E-1D84-4CD3-9E32-220EC9358D97}" = CorelDRAW Graphics Suite X6 (x64)
"{D7C2687D-924E-4485-B367-C7D95CBF8DDD}" = CorelDRAW Graphics Suite X6 - PHOTO-PAINT (x64)
"{DD562794-C098-A1E5-66ED-10E8BD1C84C5}" = AMD Catalyst Install Manager
"{DDE82E3D-20C4-48E1-AE1D-B1F10E42CA44}" = CorelDRAW Graphics Suite X6 - Writing Tools (x64)
"{E699230D-4B5E-411E-9F45-FF50789B18DD}" = CorelDRAW Graphics Suite X6 - Filters (x64)
"{E94CF53A-B97F-DBCF-17F4-60AEECFC1A62}" = AMD Fuel
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F7D10A5F-5584-43FD-A931-1CD2CD517AF2}" = Copy
"CCleaner" = CCleaner
"EPSON SX125 Series" = Odinstalace tiskárny EPSON SX125 Series
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended CSY Language Pack" = Microsoft .NET Framework 4 Extended CSY Language Pack
"My Lockbox_is1" = My Lockbox 2.9.9
"Pen Tablet Driver" = Bamboo
"Recuva" = Recuva
"Totalcmd64" = Total Commander 64-bit (Remove or Repair)
"VLC media player" = VLC media player 2.0.7
"vsfilter64_is1" = VSFilter 2.41.35 (d08a416) Nightly (64-bit)
"Wacom Tablet Driver" = Wacom Tablet
"Wacom WebTabletPlugin for Internet Explorer and Netscape" = WebTablet FB Plugin 64 bit
"WinRAR archiver" = WinRAR 4.20 (64-bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}" = Ghostscript GPL 8.64 (Msi Setup)
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1" = MiniTool Partition Wizard Home Edition 8.0
"{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}" = Ghostscript GPL 8.64 (Msi Setup)
"{08208143-777D-4A06-BB54-71BF0AD1BB70}" = IPTInstaller
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0C7B34CC-3C7F-97F6-B989-1259B93E304F}" = CCC Help Turkish
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{185F9795-9663-4F13-9EF9-307A282ADB5A}" = ph
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{19ECB379-937F-4778-9B72-7522B66660AB}_is1" = TitulkyCom verze 1.003
"{1C63AA59-66B2-418C-BDF5-53A534DA5690}_is1" = Sothink SWF to Video Converter
"{1D437FD2-BEBA-294A-14B0-73DF88537625}" = CCC Help Danish
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{225E3607-953C-EFCF-84C5-727EBE431CAB}" = CCC Help Greek
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 51
"{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime
"{2A075BB4-E976-4278-BF3F-E5C6945D84C0}" = bl
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}" = Microsoft Games for Windows - LIVE
"{31A559C1-9E4D-423B-9DD3-34A6C5398752}" = HTC BMP USB Driver
"{3282FBE1-35FC-48D8-98CA-115A5EF1F9B4}" = NVIDIA PhysX
"{3567AA55-A730-4EFB-D419-C198EF9C3B51}" = CCC Help English
"{3C2379D2-337A-4FFA-9017-BDFB80EC0931}" = OSCAR Editor
"{3D6AD258-61EA-35F5-812C-B7A02152996E}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610
"{3EA29604-AB1F-00F7-AD0C-11FC133CE7C0}" = CCC Help Thai
"{443F2BDB-67B3-E0BF-0A8D-D1FC7A83FB1C}" = CCC Help Japanese
"{449DC4DE-157B-4CE5-685D-8A0ACCDAEE9F}" = CCC Help Chinese Standard
"{48624777-27AF-4045-93E5-5A3186D96781}" = Freeframe Installer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A85401C-71E6-5487-F1C0-598C10E22D3B}" = CCC Help Spanish
"{4CEEE5D0-F905-4688-B9F9-ECC710507796}" = HTC Driver Installer
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11
"{501E43C9-C95D-8E8D-8D12-AA5FEFBA09EC}" = CCC Help Swedish
"{5600BE52-805C-4847-93F2-7921116ED0B3}" = OSCAR Editor
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{61B8B2F9-D8DA-4B24-89A9-DB09F38A4899}" = Grand Theft Auto: Episodes From Liberty City
"{634CBDF9-98A3-4AF5-AED4-A23EC2665434}_is1" = FEZ version 1.10
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{6395030F-815F-0948-F166-73ECC57097E3}" = CCC Help Norwegian
"{69C610F3-4DEC-44C5-D142-E69217E88448}" = CCC Help Russian
"{6A4945F7-5B9C-6DDA-A08A-048816260309}" = CCC Help German
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{777D5DD4-8BBC-EADA-B300-815B68F33D5F}" = CCC Help Finnish
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1" = Super-Charger
"{81CF5153-38CF-41e2-AC3C-3D477C987D96}_is1" = Winki
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8e70e4e1-06d7-470b-9f74-a51bef21088e}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
"{90140000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1" = Ashampoo Burning Studio 6 FREE v.6.84
"{9243354A-3075-C91E-6E12-403D932B38E5}" = Catalyst Control Center InstallProxy
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{95716cce-fc71-413f-8ad5-56c2892d4b3a}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D2DD563-E1DD-920B-6E64-C057D4F080EB}" = CCC Help Hungarian
"{9D6D7292-8EA9-B5DD-9C10-D5B2937CFD84}" = CCC Help Italian
"{A0087DDE-69D0-11E2-AD57-43CA6188709B}" = Adobe AIR
"{a1909659-0a08-4554-8af1-2175904903a1}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
"{A5B4707E-CFD3-A08F-ED69-C500D541EAEF}" = CCC Help Korean
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{AC76BA86-1033-FFFF-7760-000000000006}" = Adobe Acrobat XI Pro
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.06) - Czech
"{AF14F0CD-5307-4134-BDFA-15974473C1EE}_is1" = ControlCenter
"{AF37176A-78CA-545B-34EF-8B6A21514DD1}" = Adobe Help Manager
"{B001064C-D061-4BAE-9031-416A838D5536}" = Adobe Flash Player 10 ActiveX
"{B6700BBF-1153-FA04-FD0A-ADEF36C564E3}" = CCC Help Dutch
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{B75BC01B-4586-43F8-9349-D250DB98F26F}" = SketchUp 2013
"{B8E7A402-AB25-F1EC-C21A-7E95F2BBDDB0}" = CCC Help Czech
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{C4494248-6D52-4674-B8CF-9177EA3F92F8}" = HTC Sync
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D2437C5C-2D8C-40D2-8059-689AD7239FA3}" = Intel(R) C++ Redistributables for Windows* on Intel(R) 64
"{D6116D91-A114-671F-D075-73B4154F7390}" = Catalyst Control Center
"{D87A50FE-11B3-3B70-77EB-E64570E82F9E}" = CCC Help French
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DF549E6D-193A-0EA3-7C90-F24B631CC2EB}" = CCC Help Portuguese
"{DF7ADC65-EBCE-97DA-4C8A-4F0BCF7C0E73}" = CCC Help Polish
"{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}" = Far Cry 3
"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
"{E78C80B9-B41A-42F7-87BC-FE7BFB647BEA}" = Extensis Suitcase Fusion 5
"{E796AA87-FE52-49A8-AD93-0236A9F87632}" = TP-LINK TL-WN727N Driver
"{E7D4E834-93EB-351F-B8FB-82CDAE623003}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610
"{E87022D3-C8C9-4C76-8E27-BC7F18F9B8FB}" = Google Drive
"{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}" = Adobe Creative Suite 6 Master Collection
"{EFBE6DD5-B224-96E5-72B9-68D328CB12A6}" = Adobe Widget Browser
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0F34B75-C634-8714-D226-9259FC1A7E92}" = Catalyst Control Center Localization All
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F5CA78D9-B5E9-421E-8DF9-0B418BCBD563}" = LogMeIn Hamachi
"{FC53A2BD-6B34-C6FB-C3F4-9D8DC7ED5C92}" = CCC Help Chinese Traditional
"5513-1208-7298-9440" = JDownloader 0.9
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Anno 2070 Deluxe_is1" = Anno 2070 Deluxe v2.0.7780.0
"Assassins Creed 4 Black Flag_is1" = Assassins Creed 4 Black Flag
"avast" = avast! Free Antivirus
"Botanicula_is1" = Botanicula
"com.adobe.WidgetBrowser" = Adobe Widget Browser
"DAEMON Tools Lite" = DAEMON Tools Lite
"EPSON Scanner" = EPSON Scan
"Faster Than Light_is1" = Faster Than Light version 1.0.2.8
"ffdshow_is1" = ffdshow v1.3.4500 [2013-01-06]
"FormatFactory" = FormatFactory 3.1.1
"Gomo 1.0.4" = Gomo 1.0.4
"Google Chrome" = Google Chrome
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Help Manager
"Incredible Adventures Of Van Helsing_is1" = Incredible Adventures Of Van Helsing
"InstallShield_{3C2379D2-337A-4FFA-9017-BDFB80EC0931}" = X7 Oscar Editor
"InstallShield_{5600BE52-805C-4847-93F2-7921116ED0B3}" = Anti-Vibrate Oscar Editor
"IrfanView" = IrfanView (remove only)
"LIMBO" = LIMBO
"LogMeIn Hamachi" = LogMeIn Hamachi
"Mozilla Firefox 22.0 (x86 cs)" = Mozilla Firefox 22.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"Opera 16.0.1196.62" = Opera Stable 16.0.1196.62
"OscarX7Mouse5Mode" = 5-Mode Oscar Editor
"Paperless Converter_is1" = Paperless Converter version 9.07
"Paperless Printer_is1" = Paperless Printer version 5.3.0.3
"QXNzYXNzaW5zQ3JlZWRJVkJsYWNrRmxhZw==_is1" = Assassins Creed IV Black Flag Update v1.06
"Remember Me_is1" = Remember Me v1.0.1
"Resolume Arena 4.1.3_is1" = Resolume Arena 4.1.3
"Resolume DXV Codec 2.2_is1" = Resolume DXV Codec 2.2
"RivaTuner" = RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition
"Sleeping Dogs_is1" = Sleeping Dogs verze 2.1.437044
"Sothink SWF to Video Converter_is1" = Sothink SWF to Video Converter
"SpeedFan" = SpeedFan (remove only)
"Steam App 570" = Dota 2
"Super Hexagon_is1" = Super Hexagon
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TeamViewer 8" = TeamViewer 8
"The Cave (c) SEGA_is1" = The Cave (c) SEGA version 1
"Tombraider_is1" = Tombraider
"Uplay" = Uplay
"uTorrent" = µTorrent
"Wacom WebTabletPlugin for Internet Explorer and Netscape" = WebTablet FB Plugin 32 bit
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-3959666384-1753593180-1987673547-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Mozilla Firefox 27.0.1 (x86 cs)" = Mozilla Firefox 27.0.1 (x86 cs)
"UnityWebPlayer" = Unity Web Player
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 24.2.2014 11:02:16 | Computer Name = Ondra-PC | Source = Steam Client Service | ID = 1
Description = Error: Failed to poke open firewall
Error - 24.2.2014 11:35:09 | Computer Name = Ondra-PC | Source = Steam Client Service | ID = 1
Description = Error: Failed to poke open firewall
Error - 24.2.2014 11:37:16 | Computer Name = Ondra-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: mncdaous.exe, verze: 0.0.0.0, časové razítko:
0x526b8bad Název chybujícího modulu: mncdaous.exe, verze: 0.0.0.0, časové razítko:
0x526b8bad Kód výjimky: 0xc0000005 Posun chyby: 0x000483f3 ID chybujícího procesu:
0x1918 Čas spuštění chybující aplikace: 0x01cf317649f5ff78 Cesta k chybující aplikaci:
C:\Windows\inf\mncdaous\mncdaous.exe Cesta k chybujícímu modulu: C:\Windows\inf\mncdaous\mncdaous.exe
ID
zprávy: 89849781-9d69-11e3-acf6-d43d7e9c8416
Error - 24.2.2014 19:00:51 | Computer Name = Ondra-PC | Source = .NET Runtime | ID = 1026
Description =
Error - 24.2.2014 19:00:51 | Computer Name = Ondra-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Illustrator.exe, verze: 16.0.0.682, časové
razítko: 0x4f6e45b7 Název chybujícího modulu: dvaui.dll, verze: 6.0.0.0, časové
razítko: 0x4f6e3e47 Kód výjimky: 0xc0000005 Posun chyby: 0x0000000000041521 ID chybujícího
procesu: 0x18b0 Čas spuštění chybující aplikace: 0x01cf3186bc61c98c Cesta k chybující
aplikaci: D:\Program Files\Adobe\Adobe Illustrator CS6 (64 Bit)\Support Files\Contents\Windows\Illustrator.exe
Cesta
k chybujícímu modulu: D:\Program Files\Adobe\Adobe Illustrator CS6 (64 Bit)\Support
Files\Contents\Windows\dvaui.dll ID zprávy: 814e33b4-9da7-11e3-acf6-d43d7e9c8416
Error - 25.2.2014 5:20:01 | Computer Name = Ondra-PC | Source = Steam Client Service | ID = 1
Description = Error: Failed to poke open firewall
Error - 25.2.2014 5:21:50 | Computer Name = Ondra-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: mncdaous.exe, verze: 0.0.0.0, časové razítko:
0x526b8bad Název chybujícího modulu: mncdaous.exe, verze: 0.0.0.0, časové razítko:
0x526b8bad Kód výjimky: 0xc0000005 Posun chyby: 0x000483f3 ID chybujícího procesu:
0xd58 Čas spuštění chybující aplikace: 0x01cf320b025080a6 Cesta k chybující aplikaci:
C:\Windows\inf\mncdaous\mncdaous.exe Cesta k chybujícímu modulu: C:\Windows\inf\mncdaous\mncdaous.exe
ID
zprávy: 41642a2b-9dfe-11e3-8e4b-d43d7e9c8416
Error - 25.2.2014 5:37:54 | Computer Name = Ondra-PC | Source = Steam Client Service | ID = 1
Description = Error: Failed to poke open firewall
Error - 25.2.2014 5:39:51 | Computer Name = Ondra-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: mncdaous.exe, verze: 0.0.0.0, časové razítko:
0x526b8bad Název chybujícího modulu: mncdaous.exe, verze: 0.0.0.0, časové razítko:
0x526b8bad Kód výjimky: 0xc0000005 Posun chyby: 0x000483f3 ID chybujícího procesu:
0x2704 Čas spuštění chybující aplikace: 0x01cf320d871375c5 Cesta k chybující aplikaci:
C:\Windows\inf\mncdaous\mncdaous.exe Cesta k chybujícímu modulu: C:\Windows\inf\mncdaous\mncdaous.exe
ID
zprávy: c5b76c3d-9e00-11e3-877e-d43d7e9c8416
Error - 25.2.2014 10:18:35 | Computer Name = Ondra-PC | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro d:\program files (x86)\irfanview\Plugins\Riot.dll
se nezdařilo. Chyba v souboru manifestu nebo zásady d:\program files (x86)\irfanview\Plugins\Riot.dll
na řádku 8. Hodnota atributu name v prvku file je neplatná.
[ System Events ]
Error - 24.10.2013 12:06:40 | Computer Name = Ondra-PC | Source = Service Control Manager | ID = 7000
Description = Služba Bonjour Service neuspěla při spuštění v důsledku následující
chyby: %%2
Error - 25.10.2013 3:54:42 | Computer Name = Ondra-PC | Source = Service Control Manager | ID = 7000
Description = Služba Bonjour Service neuspěla při spuštění v důsledku následující
chyby: %%2
Error - 25.10.2013 8:32:37 | Computer Name = Ondra-PC | Source = Service Control Manager | ID = 7000
Description = Služba Bonjour Service neuspěla při spuštění v důsledku následující
chyby: %%2
Error - 29.10.2013 12:43:15 | Computer Name = Ondra-PC | Source = Service Control Manager | ID = 7000
Description = Služba Bonjour Service neuspěla při spuštění v důsledku následující
chyby: %%2
Error - 30.10.2013 3:48:53 | Computer Name = Ondra-PC | Source = Service Control Manager | ID = 7000
Description = Služba Bonjour Service neuspěla při spuštění v důsledku následující
chyby: %%2
Error - 30.10.2013 12:03:08 | Computer Name = Ondra-PC | Source = Service Control Manager | ID = 7000
Description = Služba Bonjour Service neuspěla při spuštění v důsledku následující
chyby: %%2
Error - 30.10.2013 19:12:14 | Computer Name = Ondra-PC | Source = Service Control Manager | ID = 7000
Description = Služba Bonjour Service neuspěla při spuštění v důsledku následující
chyby: %%2
Error - 30.10.2013 19:13:08 | Computer Name = Ondra-PC | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby Steam Client Service bylo dosaženo
časového limitu (30000 ms).
Error - 30.10.2013 19:13:08 | Computer Name = Ondra-PC | Source = Service Control Manager | ID = 7000
Description = Služba Steam Client Service neuspěla při spuštění v důsledku následující
chyby: %%1053
Error - 31.10.2013 4:44:45 | Computer Name = Ondra-PC | Source = Service Control Manager | ID = 7000
Description = Služba Bonjour Service neuspěla při spuštění v důsledku následující
chyby: %%2
< End of report >
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Ondra\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
15,95 Gb Total Physical Memory | 10,90 Gb Available Physical Memory | 68,35% Memory free
31,90 Gb Paging File | 26,88 Gb Available in Paging File | 84,26% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111,69 Gb Total Space | 30,08 Gb Free Space | 26,93% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 22,59 Gb Free Space | 2,42% Space Free | Partition Type: NTFS
Drive I: | 931,51 Gb Total Space | 208,56 Gb Free Space | 22,39% Space Free | Partition Type: NTFS
Drive J: | 4,22 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive O: | 29,32 Gb Total Space | 9,99 Gb Free Space | 34,08% Space Free | Partition Type: FAT32
Computer Name: ONDRA-PC | User Name: Ondra | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = OperaStable] -- C:\Program Files (x86)\Opera\Launcher.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = OperaStable] -- C:\Program Files (x86)\Opera\Launcher.exe (Opera Software)
[HKEY_USERS\S-1-5-21-3959666384-1753593180-1987673547-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- D:\Program Files\Adobe\Adobe Bridge CS6\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [Browse with &IrfanView] -- "D:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- D:\Program Files\Adobe\Adobe Bridge CS6\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [Browse with &IrfanView] -- "D:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{027344F4-1002-4D7B-855F-CF2A2FE521CD}" = lport=138 | protocol=17 | dir=in | app=system |
"{077DDF13-E01D-4CBF-AA1E-02B8C6FCBA92}" = rport=10243 | protocol=6 | dir=out | app=system |
"{1148A54E-3B26-4911-95AA-AEA3EC2113BB}" = rport=139 | protocol=6 | dir=out | app=system |
"{35F0114E-83A8-4A2F-8469-B3B25E3C83D1}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{479903BC-4CB1-4388-A638-6FB017270C09}" = lport=6004 | protocol=17 | dir=in | app=d:\program files (x86)\microsoft office\office14\outlook.exe |
"{5E65F22D-D68A-4902-8B46-03DFB9B1200C}" = lport=137 | protocol=17 | dir=in | app=system |
"{663F2E7B-DAEA-495F-BB94-E22ACEF29E96}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{7DD520A7-6169-4BB4-BB21-A5CAF8FC5324}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{81222A23-007C-4231-BF7F-A555EAF1272A}" = lport=445 | protocol=6 | dir=in | app=system |
"{84914D7D-523C-471D-A376-82DB4ED8F871}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{863E15A7-AF1F-476A-A2B2-F0CEAC3D49C3}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8B6B8182-F933-4478-A0A2-8458343DE2D5}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8C208F86-5197-4851-B3D3-40C1FD29B727}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8F7F1C64-CE3B-4D4B-87CE-280FDB458464}" = lport=139 | protocol=6 | dir=in | app=system |
"{95B5C01C-1681-42B4-B949-05981A867B20}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9D16796A-4225-4A02-BBE2-F1425A4DD922}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A98DF7B3-CAA5-408E-BBBF-AE8C24B8CD2E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B65C763D-ACDA-496F-A61D-202ECB934BE2}" = lport=7935 | protocol=6 | dir=in | name=adobe flash builder 4.6 |
"{BF6A3FFC-220A-46AC-9A91-F4EE2AE890DD}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{D4B7E253-1F45-43F7-B45A-34E41F3F79E6}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D50694F5-69A8-4EBF-B58B-37FC9C679A86}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{D58F2B62-1E85-4022-9F84-3A0EC9CDBC24}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D616103E-44D3-4D86-9057-873C62048A9F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D7699624-31AD-4C8B-89A8-40D46FA79BC7}" = lport=2869 | protocol=6 | dir=in | app=system |
"{D77BA55F-8997-43A2-A4D2-497F82B064E6}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{DADB179E-91C1-4C22-AF5B-B518AED1D54B}" = rport=137 | protocol=17 | dir=out | app=system |
"{E5B7C732-BD33-4DA0-B5F3-62B9F20ADFE4}" = rport=445 | protocol=6 | dir=out | app=system |
"{EDE4CE16-EB23-476A-9862-DDA0429FB1E5}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{F2666F61-1FAD-4370-9E1E-E59467457A45}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{F9106D74-B6D4-4F2F-A738-2EF6129E8F29}" = lport=10243 | protocol=6 | dir=in | app=system |
"{FCE68E97-2029-43AD-BBC6-685A8042557E}" = rport=138 | protocol=17 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00F6B617-5828-4827-A777-6D413A08003B}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{04474BED-A327-4F06-86BE-869ECD2FE381}" = protocol=17 | dir=in | app=d:\program files (x86)\microsoft office\office14\groove.exe |
"{08E617E9-FC1B-40D3-AF69-F1B5CDE37530}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{0A842736-393F-4E10-BC82-69C8E1A19458}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{0B1BC75C-B816-42C9-A08B-3013CD12CFC1}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{148668E0-D16B-4D24-A721-F85B949AA851}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{157AC0D0-C381-4F4E-B2A7-5DCAF287733C}" = protocol=6 | dir=in | app=d:\program files (x86)\utorrent\utorrent.exe |
"{177BD0EF-023A-460A-B0E8-17A985A2D0D6}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{1F35233D-604C-4F1B-999F-244C125282BE}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{2229B4F1-0BB1-4A01-A5A5-76BF733F5846}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{2C2B4EA9-511C-40C8-B6A4-8F30BBCE84DB}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{2E8108C5-7219-486B-965E-063439EAADDB}" = protocol=6 | dir=in | app=d:\program files\adobe\adobe illustrator cs6 (64 bit)\support files\contents\windows\illustrator.exe |
"{2ED3A640-24E8-46E7-9544-0355C89C15B1}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{30E6D6D0-6A3D-4A8B-B3BE-058B20ED677A}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{31F56CA7-699E-4344-9AA5-B2E8A23E9C81}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{3253E546-1DAE-4752-A633-0B22616299E9}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{359AEB6B-326C-4D63-A6A8-EEA7796951BF}" = protocol=6 | dir=in | app=d:\stažené soubory\lpmt_1.2.1_win_trial\lpmt.exe |
"{35B3A812-9CD2-45A7-8789-EC841BDBDE23}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3C2C0BE8-4FE2-47B3-84DC-9A0C31C2AA4F}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{3D50DEB1-89C9-4765-88EB-36C5F5CC47AC}" = protocol=17 | dir=in | app=d:\program files (x86)\rockstar games\eflc\launcheflc.exe |
"{4161153B-8358-428C-9E03-A763498FAF58}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{42C1E149-6F2A-41B7-8921-C897D5AD1573}" = protocol=17 | dir=in | app=d:\program files (x86)\ubisoft\farcry 3\bin\farcry3_d3d11.exe |
"{438C7614-8308-4BE4-AC30-80D307D94FAD}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{450A0738-A98F-4A42-880E-567B8DD424AE}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{4751E2D4-E4CF-41C3-9E61-7B0F40972E51}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{4879B8FE-D37B-492E-9033-F3DF307C85BB}" = protocol=17 | dir=in | app=c:\program files (x86)\resolume arena 4.1.3\arena.exe |
"{4DC92114-229C-4BE8-9B9A-0C19B72773A6}" = protocol=17 | dir=in | app=k:\portable programy\resolume avenue 4 portable\resolume avenue 4.0.0.exe |
"{53583EE4-3C57-4458-AD6D-6518AA4B5A45}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{55F15E8D-C6C9-4232-ADCC-A780D793044B}" = protocol=17 | dir=in | app=d:\program files (x86)\utorrent\utorrent.exe |
"{5619E0E5-E488-41AD-826C-D7CC87D4DC5D}" = protocol=6 | dir=in | app=d:\program files (x86)\microsoft office\office14\onenote.exe |
"{566585DE-EB7D-4527-A2B4-BC2BD84E37C4}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2045\agent.exe |
"{56955F29-9AFC-4645-9B0B-69858895C2F3}" = protocol=17 | dir=in | app=d:\program files (x86)\microsoft office\office14\onenote.exe |
"{57A0C75E-57B9-4CA2-9685-F042BF25570A}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{584C9E47-52B9-48CA-BF37-46CE71D2C958}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{58F371DA-065C-45DA-B5BA-7AD41DB9A05D}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{5F9E9741-24C6-4EFE-A8E2-ECE1C7FC7890}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{61E6CB20-FA77-4B43-AF41-7BDFAF0DEC43}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2006\agent.exe |
"{667DB248-B4F9-450B-9B9B-1087C5F947A2}" = protocol=6 | dir=in | app=d:\program files (x86)\ubisoft\farcry 3\bin\farcry3_d3d11.exe |
"{69CD19A6-B6C7-4BCE-B33B-BD26133BC517}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{6E740340-45F5-46D5-AA4A-87686F5DFA0B}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{71B6FDB7-FEA0-4786-84B4-096440A82F81}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{7279DA7F-90BF-4C04-933A-81CB508FFEA8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{73352A7C-D06D-4EBD-B160-9853A4E1A9BB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{7D1A503F-8013-4C4E-943B-3048CEAD8F65}" = protocol=6 | dir=in | app=k:\portable programy\resolume avenue 4 portable\resolume avenue 4.0.0.exe |
"{7FE706DB-2A32-4D13-9FF0-AB05EABE0F26}" = protocol=17 | dir=in | app=d:\program files\adobe\adobe flash builder 4.6\flashbuilder.exe |
"{82CE490A-580B-465E-9B73-6A60B210F021}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{84F3B85B-2DC9-4F68-ABAB-262D7BBBE907}" = protocol=6 | dir=in | app=d:\program files\adobe\adobe photoshop cs6 (64 bit)\photoshop.exe |
"{8B75A29A-6B04-4453-8EC2-1F85BCFF7FE5}" = protocol=6 | dir=in | app=d:\program files (x86)\microsoft office\office14\groove.exe |
"{8CD3D103-2C08-437F-BB24-A1B4267DB080}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8CD683F3-5E56-489F-9C27-7AEFC99DFBB5}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{8D2ACDD9-9EE2-4265-A735-F3EBC580BACE}" = protocol=6 | dir=in | app=c:\program files (x86)\resolume arena 4.1.3\arena.exe |
"{8F784FBA-5761-4DF1-AC99-FCA247533A39}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{90692BAD-A1F5-4071-B9F9-59C779287A9E}" = protocol=6 | dir=in | app=d:\program files\adobe\adobe flash builder 4.6\flashbuilder.exe |
"{90FE7D09-FADB-470B-BD81-8CA5CF50DE33}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{937A1D9C-EAC4-4F8D-B12B-DEE1376CA438}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{953EF99C-94C1-4012-90BB-1C5018AC9676}" = protocol=17 | dir=in | app=d:\program files\adobe\adobe photoshop cs6 (64 bit)\photoshop.exe |
"{984B4A9F-31E6-42B3-A713-D09385D48881}" = dir=in | app=c:\users\ondra\appdata\roaming\copy\copyagent.exe |
"{9A44C229-43F3-4EC7-A25A-B41D907A4A93}" = protocol=17 | dir=in | app=d:\program files\adobe\adobe indesign cs6\indesign.exe |
"{9AB89F0A-34F7-4A58-A49D-0534714EC669}" = protocol=6 | dir=out | app=system |
"{A36A0FB1-14AD-48C1-893C-B6A62FA8846E}" = protocol=6 | dir=in | app=d:\program files\adobe\adobe indesign cs6\indesign.exe |
"{A561C444-3020-4448-B07F-FCAE76566E9A}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steam.exe |
"{A7CC2A86-1058-4739-81C1-90AE6E27C05D}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{A7F68B36-3CD0-47EB-906A-C8714BDBF258}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{B0C68C16-3473-4409-9588-E8927C404236}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{B1B69F79-9299-4050-B3B1-8A170B47FA0F}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2006\agent.exe |
"{B35FD71E-8393-4229-B743-68D11F5E6E33}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{BDBD85F1-41E7-4EF8-B4B6-84707FC11F04}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{BE53AEB0-6197-4891-9F18-B29DE969C2C8}" = protocol=6 | dir=in | app=c:\windows\kmsemulator.exe |
"{BF820D43-002C-43A4-878B-70B5D2615733}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BFA78017-D808-48D9-9600-FB8DD381717A}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{C9639D5B-4AFF-4048-BC2D-405CAE6A18C2}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{CB48231C-7219-4519-9B9C-FDA57C7B9228}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{CEEE5A71-C783-4367-838F-105BA93FA315}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steam.exe |
"{CF05305A-366A-43FC-AE5E-BB532C5CC105}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{CFAF5476-C5EF-4861-B79A-99F2F4BC72BB}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{D253E76B-48F1-4B24-B9DA-2583B0175509}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{D31362E7-EBC1-49CD-B145-8C579F39FB01}" = protocol=6 | dir=in | app=d:\program files (x86)\rockstar games\eflc\launcheflc.exe |
"{D332872D-D21F-41B6-9E4F-49DFE00108A3}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D558A5B8-1EFF-45A9-8D69-63C3EF03031C}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{D636CCBA-EF34-4F27-A89C-917D2C0F2F25}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{D7222F3B-7FC7-4621-950F-853295ECDD4B}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{DCA2AAB3-3D39-40E4-827D-56BC0FCC08B3}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{DE1FD38B-54F5-4CCC-B9AA-23BE9C628766}" = protocol=17 | dir=in | app=c:\windows\kmsemulator.exe |
"{E182525B-57C9-4007-B4B2-9514F159B0CD}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2045\agent.exe |
"{E4994C2E-AA84-42A1-B0EB-2B0C76553A77}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E5764462-292B-4100-93CF-766B6C706BBE}" = protocol=17 | dir=in | app=d:\program files\adobe\adobe illustrator cs6 (64 bit)\support files\contents\windows\illustrator.exe |
"{E65BBC59-BA2D-47E9-BC8C-454686CB24CE}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{E8824C53-737B-494B-A427-BF57AC19F1F4}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{E9763F8D-45AE-4F11-8E07-1799F18CAEC8}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{EAF1A38F-4E04-4EAF-BEEA-1F6032001874}" = dir=in | app=d:\program files (x86)\itunes\itunes.exe |
"{F27B22C3-4829-4612-9129-E40259EDBF8E}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{F70C0AC0-7AED-463F-9AD0-42F2BB62D30D}" = protocol=17 | dir=in | app=d:\stažené soubory\lpmt_1.2.1_win_trial\lpmt.exe |
"{FF3DC817-FBFC-4B8C-B835-4629E01C94BB}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"TCP Query User{01A2A4E0-2128-4A3E-9B29-D748F812E1A1}C:\users\ondra\appdata\roaming\copy\copyagent.exe" = protocol=6 | dir=in | app=c:\users\ondra\appdata\roaming\copy\copyagent.exe |
"TCP Query User{1DF3479A-ABDE-4C7A-BA97-6BAFFA41981A}K:\portable programy\resolume avenue 4 portable\resolume avenue 4.0.0.exe" = protocol=6 | dir=in | app=k:\portable programy\resolume avenue 4 portable\resolume avenue 4.0.0.exe |
"TCP Query User{23D61FA9-867F-4C3F-A048-3BFAC9BD4991}D:\program files (x86)\ubisoft\farcry 3\bin\farcry3_d3d11.exe" = protocol=6 | dir=in | app=d:\program files (x86)\ubisoft\farcry 3\bin\farcry3_d3d11.exe |
"TCP Query User{25BF8868-DBE8-41FE-98EA-6B0490ACA27B}D:\program files (x86)\rockstar games\eflc\eflc.exe" = protocol=6 | dir=in | app=d:\program files (x86)\rockstar games\eflc\eflc.exe |
"TCP Query User{416B7276-615B-424F-99FC-A0BE2DD90A28}D:\stažené soubory\lpmt_1.2.1_win_trial\lpmt.exe" = protocol=6 | dir=in | app=d:\stažené soubory\lpmt_1.2.1_win_trial\lpmt.exe |
"TCP Query User{421BEAB0-137A-40B2-921B-A0CEF8E587F2}C:\windows\kmsemulator.exe" = protocol=6 | dir=in | app=c:\windows\kmsemulator.exe |
"TCP Query User{6030269A-B94A-4166-88B2-765FAC522898}D:\program files\adobe\adobe photoshop cs6 (64 bit)\photoshop.exe" = protocol=6 | dir=in | app=d:\program files\adobe\adobe photoshop cs6 (64 bit)\photoshop.exe |
"TCP Query User{61BF861D-638E-4C2B-9450-1BD4663CBE0E}C:\program files (x86)\resolume arena 4.1.3\arena.exe" = protocol=6 | dir=in | app=c:\program files (x86)\resolume arena 4.1.3\arena.exe |
"TCP Query User{66F54743-18D7-4DEC-AA00-54BF758566C8}D:\program files\adobe\adobe indesign cs6\indesign.exe" = protocol=6 | dir=in | app=d:\program files\adobe\adobe indesign cs6\indesign.exe |
"TCP Query User{70BFFD13-1DCB-4B54-98F3-0C912DD45843}D:\program files (x86)\ubisoft\farcry 3\bin\farcry3.exe" = protocol=6 | dir=in | app=d:\program files (x86)\ubisoft\farcry 3\bin\farcry3.exe |
"TCP Query User{7583EB25-4414-4DF5-860D-45492019395C}D:\program files (x86)\jdownloader\jre\bin\javaw.exe" = protocol=6 | dir=in | app=d:\program files (x86)\jdownloader\jre\bin\javaw.exe |
"TCP Query User{7D327F57-0A64-4CAF-B95A-28A1F8300F61}D:\stažené soubory\broken age\brokenage.exe" = protocol=6 | dir=in | app=d:\stažené soubory\broken age\brokenage.exe |
"TCP Query User{8D5D2890-EC07-48B2-87C7-F3181D4148C7}C:\program files (x86)\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"TCP Query User{A96B42BF-D06D-4807-B76A-EF26B117D4BC}D:\program files (x86)\jdownloader\jre\bin\javaw.exe" = protocol=6 | dir=in | app=d:\program files (x86)\jdownloader\jre\bin\javaw.exe |
"TCP Query User{BEC919F3-7BCF-431E-B08E-17A4208F59E2}D:\program files\adobe\adobe illustrator cs6 (64 bit)\support files\contents\windows\illustrator.exe" = protocol=6 | dir=in | app=d:\program files\adobe\adobe illustrator cs6 (64 bit)\support files\contents\windows\illustrator.exe |
"UDP Query User{0B659428-C501-4371-90C9-C358206A0D48}C:\windows\kmsemulator.exe" = protocol=17 | dir=in | app=c:\windows\kmsemulator.exe |
"UDP Query User{2F15368B-121A-41EE-A480-72D0E7F6D20D}D:\stažené soubory\lpmt_1.2.1_win_trial\lpmt.exe" = protocol=17 | dir=in | app=d:\stažené soubory\lpmt_1.2.1_win_trial\lpmt.exe |
"UDP Query User{35A7B6BC-F94F-4436-88FB-DA9746115CA9}D:\program files (x86)\ubisoft\farcry 3\bin\farcry3_d3d11.exe" = protocol=17 | dir=in | app=d:\program files (x86)\ubisoft\farcry 3\bin\farcry3_d3d11.exe |
"UDP Query User{3B889748-C4E0-40D2-8608-D6D711DE8804}D:\program files (x86)\jdownloader\jre\bin\javaw.exe" = protocol=17 | dir=in | app=d:\program files (x86)\jdownloader\jre\bin\javaw.exe |
"UDP Query User{469992FE-3EE3-489A-BE2A-4C32D34FC847}C:\users\ondra\appdata\roaming\copy\copyagent.exe" = protocol=17 | dir=in | app=c:\users\ondra\appdata\roaming\copy\copyagent.exe |
"UDP Query User{58C98CAC-93EF-4B96-85CF-C0E8CEB17F19}D:\program files\adobe\adobe indesign cs6\indesign.exe" = protocol=17 | dir=in | app=d:\program files\adobe\adobe indesign cs6\indesign.exe |
"UDP Query User{6B7C00E5-E253-43BA-9506-5B655011F191}C:\program files (x86)\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"UDP Query User{6F6ED9DB-B73F-47B6-9765-2E711A9A6454}C:\program files (x86)\resolume arena 4.1.3\arena.exe" = protocol=17 | dir=in | app=c:\program files (x86)\resolume arena 4.1.3\arena.exe |
"UDP Query User{87E0ECC2-D5C8-48DC-BA48-656522F0DA01}D:\program files\adobe\adobe photoshop cs6 (64 bit)\photoshop.exe" = protocol=17 | dir=in | app=d:\program files\adobe\adobe photoshop cs6 (64 bit)\photoshop.exe |
"UDP Query User{A80A2CFC-B2F5-4EFF-A2AA-D51EA00E983F}D:\program files (x86)\rockstar games\eflc\eflc.exe" = protocol=17 | dir=in | app=d:\program files (x86)\rockstar games\eflc\eflc.exe |
"UDP Query User{AB2423D8-17FF-473A-8141-920DB5FB2825}D:\program files\adobe\adobe illustrator cs6 (64 bit)\support files\contents\windows\illustrator.exe" = protocol=17 | dir=in | app=d:\program files\adobe\adobe illustrator cs6 (64 bit)\support files\contents\windows\illustrator.exe |
"UDP Query User{C200BF30-4722-44BC-8402-44AE06F64EE5}D:\stažené soubory\broken age\brokenage.exe" = protocol=17 | dir=in | app=d:\stažené soubory\broken age\brokenage.exe |
"UDP Query User{ED21EB9F-0CC0-435C-83AE-DF1E22D23397}K:\portable programy\resolume avenue 4 portable\resolume avenue 4.0.0.exe" = protocol=17 | dir=in | app=k:\portable programy\resolume avenue 4 portable\resolume avenue 4.0.0.exe |
"UDP Query User{FB9D7789-B628-4ACB-9C7E-9809B4235090}D:\program files (x86)\ubisoft\farcry 3\bin\farcry3.exe" = protocol=17 | dir=in | app=d:\program files (x86)\ubisoft\farcry 3\bin\farcry3.exe |
"UDP Query User{FFDE5466-08B4-42EA-B814-AC5BED8D2314}D:\program files (x86)\jdownloader\jre\bin\javaw.exe" = protocol=17 | dir=in | app=d:\program files (x86)\jdownloader\jre\bin\javaw.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{B16BB34E-B7BF-47DF-8658-BEABCF40CD6A}" = Corel Graphics - Windows Shell Extension
"_{BDBFAC49-8877-472F-876B-75ADB7DBC955}" = CorelDRAW Graphics Suite X6 (64-Bit)
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0CEA94E0-E6F4-4F2D-AA98-D0EFD6833754}" = Corel Graphics - Windows Shell Extension 32 Bit
"{10762393-1B90-4AC2-AF1A-4C0C04AE303F}" = CorelDRAW Graphics Suite X6 - VBA (x64)
"{1967EF95-E00B-4669-8B1C-A589BE8BF24F}" = CorelDRAW Graphics Suite X6 - Capture (x64)
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1E3A578C-0A7D-4820-990F-B7545C0B2303}" = CorelDRAW Graphics Suite X6 - VSTA (x64)
"{27AE72A4-B217-4CDC-B82B-3311E9D7460E}" = CorelDRAW Graphics Suite X6 - Draw (x64)
"{2C72B5E4-AA34-4F1A-8C7E-468530F9F6A3}" = CorelDRAW Graphics Suite X6 - Photozoom Plugin (x64)
"{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1" = MotioninJoy ds3 driver version 0.6.0001
"{35869A6C-BA31-4F23-B52D-BC1B1E41EC1B}" = CorelDRAW Graphics Suite X6 - Common (x64)
"{3933C06C-8239-432B-87FC-F2BDC5B49A10}" = CorelDRAW Graphics Suite X6 - FontNav (x64)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{6099F026-0A98-4D40-9B3D-ED2123A8CBD0}" = CorelDRAW Graphics Suite X6 - Redist (x64)
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7386B5FA-8715-481D-821F-7785110506DF}" = CorelDRAW Graphics Suite X6 - Custom Data (x64)
"{764384C5-BCA9-307C-9AAC-FD443662686A}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
"{76FF0F03-B707-4332-B5D1-A56C8303514E}" = iTunes
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{7B79AE44-9B76-4815-84E5-ACAC3F0F0278}" = CorelDRAW Graphics Suite X6 - VideoBrowser (x64)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120064-0070-0000-0000-4000000FF1CE}" = Microsoft Visual Basic for Applications 7.1 (x64)
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2010
"{90F60409-7000-11D3-8CFE-0150048383C9}" = Microsoft Visual Basic for Applications 7.1 (x64) English
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{96AAAB95-AEBE-437A-B7CA-37C7BE13FFE9}" = CorelDRAW Graphics Suite X6 - Connect (x64)
"{975290F7-01EE-6256-484A-EDD705037432}" = ccc-utility64
"{A324DC11-FF02-3CE8-9D6F-67EBC006D970}" = Microsoft .NET Framework 4 Extended CSY Language Pack
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B16BB34E-B7BF-47DF-8658-BEABCF40CD6A}" = Corel Graphics - Windows Shell Extension
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 320.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 320.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.8.2
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Ovladač řídící jednotky 3D Vision 320.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.13.0604
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 11.10.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamC" = GeForce Experience NvStream Client Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovladač HD audia 1.3.24.2
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 11.10.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.20
"{B6294D78-AFAA-48DF-8243-B41902D7F236}" = CorelDRAW Graphics Suite X6 - CZ (x64)
"{B6DF7031-2843-44FD-9CAB-DECAB4257456}" = CorelDRAW Graphics Suite X6 - IPM
"{BDBFAC49-8877-472F-876B-75ADB7DBC955}" = CorelDRAW Graphics Suite X6 - Setup Files (x64)
"{CCE7423E-1D84-4CD3-9E32-220EC9358D97}" = CorelDRAW Graphics Suite X6 (x64)
"{D7C2687D-924E-4485-B367-C7D95CBF8DDD}" = CorelDRAW Graphics Suite X6 - PHOTO-PAINT (x64)
"{DD562794-C098-A1E5-66ED-10E8BD1C84C5}" = AMD Catalyst Install Manager
"{DDE82E3D-20C4-48E1-AE1D-B1F10E42CA44}" = CorelDRAW Graphics Suite X6 - Writing Tools (x64)
"{E699230D-4B5E-411E-9F45-FF50789B18DD}" = CorelDRAW Graphics Suite X6 - Filters (x64)
"{E94CF53A-B97F-DBCF-17F4-60AEECFC1A62}" = AMD Fuel
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F7D10A5F-5584-43FD-A931-1CD2CD517AF2}" = Copy
"CCleaner" = CCleaner
"EPSON SX125 Series" = Odinstalace tiskárny EPSON SX125 Series
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended CSY Language Pack" = Microsoft .NET Framework 4 Extended CSY Language Pack
"My Lockbox_is1" = My Lockbox 2.9.9
"Pen Tablet Driver" = Bamboo
"Recuva" = Recuva
"Totalcmd64" = Total Commander 64-bit (Remove or Repair)
"VLC media player" = VLC media player 2.0.7
"vsfilter64_is1" = VSFilter 2.41.35 (d08a416) Nightly (64-bit)
"Wacom Tablet Driver" = Wacom Tablet
"Wacom WebTabletPlugin for Internet Explorer and Netscape" = WebTablet FB Plugin 64 bit
"WinRAR archiver" = WinRAR 4.20 (64-bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}" = Ghostscript GPL 8.64 (Msi Setup)
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1" = MiniTool Partition Wizard Home Edition 8.0
"{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}" = Ghostscript GPL 8.64 (Msi Setup)
"{08208143-777D-4A06-BB54-71BF0AD1BB70}" = IPTInstaller
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0C7B34CC-3C7F-97F6-B989-1259B93E304F}" = CCC Help Turkish
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{185F9795-9663-4F13-9EF9-307A282ADB5A}" = ph
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{19ECB379-937F-4778-9B72-7522B66660AB}_is1" = TitulkyCom verze 1.003
"{1C63AA59-66B2-418C-BDF5-53A534DA5690}_is1" = Sothink SWF to Video Converter
"{1D437FD2-BEBA-294A-14B0-73DF88537625}" = CCC Help Danish
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{225E3607-953C-EFCF-84C5-727EBE431CAB}" = CCC Help Greek
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 51
"{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime
"{2A075BB4-E976-4278-BF3F-E5C6945D84C0}" = bl
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}" = Microsoft Games for Windows - LIVE
"{31A559C1-9E4D-423B-9DD3-34A6C5398752}" = HTC BMP USB Driver
"{3282FBE1-35FC-48D8-98CA-115A5EF1F9B4}" = NVIDIA PhysX
"{3567AA55-A730-4EFB-D419-C198EF9C3B51}" = CCC Help English
"{3C2379D2-337A-4FFA-9017-BDFB80EC0931}" = OSCAR Editor
"{3D6AD258-61EA-35F5-812C-B7A02152996E}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610
"{3EA29604-AB1F-00F7-AD0C-11FC133CE7C0}" = CCC Help Thai
"{443F2BDB-67B3-E0BF-0A8D-D1FC7A83FB1C}" = CCC Help Japanese
"{449DC4DE-157B-4CE5-685D-8A0ACCDAEE9F}" = CCC Help Chinese Standard
"{48624777-27AF-4045-93E5-5A3186D96781}" = Freeframe Installer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A85401C-71E6-5487-F1C0-598C10E22D3B}" = CCC Help Spanish
"{4CEEE5D0-F905-4688-B9F9-ECC710507796}" = HTC Driver Installer
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11
"{501E43C9-C95D-8E8D-8D12-AA5FEFBA09EC}" = CCC Help Swedish
"{5600BE52-805C-4847-93F2-7921116ED0B3}" = OSCAR Editor
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{61B8B2F9-D8DA-4B24-89A9-DB09F38A4899}" = Grand Theft Auto: Episodes From Liberty City
"{634CBDF9-98A3-4AF5-AED4-A23EC2665434}_is1" = FEZ version 1.10
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{6395030F-815F-0948-F166-73ECC57097E3}" = CCC Help Norwegian
"{69C610F3-4DEC-44C5-D142-E69217E88448}" = CCC Help Russian
"{6A4945F7-5B9C-6DDA-A08A-048816260309}" = CCC Help German
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{777D5DD4-8BBC-EADA-B300-815B68F33D5F}" = CCC Help Finnish
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1" = Super-Charger
"{81CF5153-38CF-41e2-AC3C-3D477C987D96}_is1" = Winki
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8e70e4e1-06d7-470b-9f74-a51bef21088e}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
"{90140000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1" = Ashampoo Burning Studio 6 FREE v.6.84
"{9243354A-3075-C91E-6E12-403D932B38E5}" = Catalyst Control Center InstallProxy
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{95716cce-fc71-413f-8ad5-56c2892d4b3a}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D2DD563-E1DD-920B-6E64-C057D4F080EB}" = CCC Help Hungarian
"{9D6D7292-8EA9-B5DD-9C10-D5B2937CFD84}" = CCC Help Italian
"{A0087DDE-69D0-11E2-AD57-43CA6188709B}" = Adobe AIR
"{a1909659-0a08-4554-8af1-2175904903a1}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
"{A5B4707E-CFD3-A08F-ED69-C500D541EAEF}" = CCC Help Korean
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{AC76BA86-1033-FFFF-7760-000000000006}" = Adobe Acrobat XI Pro
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.06) - Czech
"{AF14F0CD-5307-4134-BDFA-15974473C1EE}_is1" = ControlCenter
"{AF37176A-78CA-545B-34EF-8B6A21514DD1}" = Adobe Help Manager
"{B001064C-D061-4BAE-9031-416A838D5536}" = Adobe Flash Player 10 ActiveX
"{B6700BBF-1153-FA04-FD0A-ADEF36C564E3}" = CCC Help Dutch
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{B75BC01B-4586-43F8-9349-D250DB98F26F}" = SketchUp 2013
"{B8E7A402-AB25-F1EC-C21A-7E95F2BBDDB0}" = CCC Help Czech
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{C4494248-6D52-4674-B8CF-9177EA3F92F8}" = HTC Sync
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D2437C5C-2D8C-40D2-8059-689AD7239FA3}" = Intel(R) C++ Redistributables for Windows* on Intel(R) 64
"{D6116D91-A114-671F-D075-73B4154F7390}" = Catalyst Control Center
"{D87A50FE-11B3-3B70-77EB-E64570E82F9E}" = CCC Help French
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DF549E6D-193A-0EA3-7C90-F24B631CC2EB}" = CCC Help Portuguese
"{DF7ADC65-EBCE-97DA-4C8A-4F0BCF7C0E73}" = CCC Help Polish
"{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}" = Far Cry 3
"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
"{E78C80B9-B41A-42F7-87BC-FE7BFB647BEA}" = Extensis Suitcase Fusion 5
"{E796AA87-FE52-49A8-AD93-0236A9F87632}" = TP-LINK TL-WN727N Driver
"{E7D4E834-93EB-351F-B8FB-82CDAE623003}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610
"{E87022D3-C8C9-4C76-8E27-BC7F18F9B8FB}" = Google Drive
"{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}" = Adobe Creative Suite 6 Master Collection
"{EFBE6DD5-B224-96E5-72B9-68D328CB12A6}" = Adobe Widget Browser
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0F34B75-C634-8714-D226-9259FC1A7E92}" = Catalyst Control Center Localization All
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F5CA78D9-B5E9-421E-8DF9-0B418BCBD563}" = LogMeIn Hamachi
"{FC53A2BD-6B34-C6FB-C3F4-9D8DC7ED5C92}" = CCC Help Chinese Traditional
"5513-1208-7298-9440" = JDownloader 0.9
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Anno 2070 Deluxe_is1" = Anno 2070 Deluxe v2.0.7780.0
"Assassins Creed 4 Black Flag_is1" = Assassins Creed 4 Black Flag
"avast" = avast! Free Antivirus
"Botanicula_is1" = Botanicula
"com.adobe.WidgetBrowser" = Adobe Widget Browser
"DAEMON Tools Lite" = DAEMON Tools Lite
"EPSON Scanner" = EPSON Scan
"Faster Than Light_is1" = Faster Than Light version 1.0.2.8
"ffdshow_is1" = ffdshow v1.3.4500 [2013-01-06]
"FormatFactory" = FormatFactory 3.1.1
"Gomo 1.0.4" = Gomo 1.0.4
"Google Chrome" = Google Chrome
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Help Manager
"Incredible Adventures Of Van Helsing_is1" = Incredible Adventures Of Van Helsing
"InstallShield_{3C2379D2-337A-4FFA-9017-BDFB80EC0931}" = X7 Oscar Editor
"InstallShield_{5600BE52-805C-4847-93F2-7921116ED0B3}" = Anti-Vibrate Oscar Editor
"IrfanView" = IrfanView (remove only)
"LIMBO" = LIMBO
"LogMeIn Hamachi" = LogMeIn Hamachi
"Mozilla Firefox 22.0 (x86 cs)" = Mozilla Firefox 22.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"Opera 16.0.1196.62" = Opera Stable 16.0.1196.62
"OscarX7Mouse5Mode" = 5-Mode Oscar Editor
"Paperless Converter_is1" = Paperless Converter version 9.07
"Paperless Printer_is1" = Paperless Printer version 5.3.0.3
"QXNzYXNzaW5zQ3JlZWRJVkJsYWNrRmxhZw==_is1" = Assassins Creed IV Black Flag Update v1.06
"Remember Me_is1" = Remember Me v1.0.1
"Resolume Arena 4.1.3_is1" = Resolume Arena 4.1.3
"Resolume DXV Codec 2.2_is1" = Resolume DXV Codec 2.2
"RivaTuner" = RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition
"Sleeping Dogs_is1" = Sleeping Dogs verze 2.1.437044
"Sothink SWF to Video Converter_is1" = Sothink SWF to Video Converter
"SpeedFan" = SpeedFan (remove only)
"Steam App 570" = Dota 2
"Super Hexagon_is1" = Super Hexagon
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TeamViewer 8" = TeamViewer 8
"The Cave (c) SEGA_is1" = The Cave (c) SEGA version 1
"Tombraider_is1" = Tombraider
"Uplay" = Uplay
"uTorrent" = µTorrent
"Wacom WebTabletPlugin for Internet Explorer and Netscape" = WebTablet FB Plugin 32 bit
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-3959666384-1753593180-1987673547-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Mozilla Firefox 27.0.1 (x86 cs)" = Mozilla Firefox 27.0.1 (x86 cs)
"UnityWebPlayer" = Unity Web Player
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 24.2.2014 11:02:16 | Computer Name = Ondra-PC | Source = Steam Client Service | ID = 1
Description = Error: Failed to poke open firewall
Error - 24.2.2014 11:35:09 | Computer Name = Ondra-PC | Source = Steam Client Service | ID = 1
Description = Error: Failed to poke open firewall
Error - 24.2.2014 11:37:16 | Computer Name = Ondra-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: mncdaous.exe, verze: 0.0.0.0, časové razítko:
0x526b8bad Název chybujícího modulu: mncdaous.exe, verze: 0.0.0.0, časové razítko:
0x526b8bad Kód výjimky: 0xc0000005 Posun chyby: 0x000483f3 ID chybujícího procesu:
0x1918 Čas spuštění chybující aplikace: 0x01cf317649f5ff78 Cesta k chybující aplikaci:
C:\Windows\inf\mncdaous\mncdaous.exe Cesta k chybujícímu modulu: C:\Windows\inf\mncdaous\mncdaous.exe
ID
zprávy: 89849781-9d69-11e3-acf6-d43d7e9c8416
Error - 24.2.2014 19:00:51 | Computer Name = Ondra-PC | Source = .NET Runtime | ID = 1026
Description =
Error - 24.2.2014 19:00:51 | Computer Name = Ondra-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Illustrator.exe, verze: 16.0.0.682, časové
razítko: 0x4f6e45b7 Název chybujícího modulu: dvaui.dll, verze: 6.0.0.0, časové
razítko: 0x4f6e3e47 Kód výjimky: 0xc0000005 Posun chyby: 0x0000000000041521 ID chybujícího
procesu: 0x18b0 Čas spuštění chybující aplikace: 0x01cf3186bc61c98c Cesta k chybující
aplikaci: D:\Program Files\Adobe\Adobe Illustrator CS6 (64 Bit)\Support Files\Contents\Windows\Illustrator.exe
Cesta
k chybujícímu modulu: D:\Program Files\Adobe\Adobe Illustrator CS6 (64 Bit)\Support
Files\Contents\Windows\dvaui.dll ID zprávy: 814e33b4-9da7-11e3-acf6-d43d7e9c8416
Error - 25.2.2014 5:20:01 | Computer Name = Ondra-PC | Source = Steam Client Service | ID = 1
Description = Error: Failed to poke open firewall
Error - 25.2.2014 5:21:50 | Computer Name = Ondra-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: mncdaous.exe, verze: 0.0.0.0, časové razítko:
0x526b8bad Název chybujícího modulu: mncdaous.exe, verze: 0.0.0.0, časové razítko:
0x526b8bad Kód výjimky: 0xc0000005 Posun chyby: 0x000483f3 ID chybujícího procesu:
0xd58 Čas spuštění chybující aplikace: 0x01cf320b025080a6 Cesta k chybující aplikaci:
C:\Windows\inf\mncdaous\mncdaous.exe Cesta k chybujícímu modulu: C:\Windows\inf\mncdaous\mncdaous.exe
ID
zprávy: 41642a2b-9dfe-11e3-8e4b-d43d7e9c8416
Error - 25.2.2014 5:37:54 | Computer Name = Ondra-PC | Source = Steam Client Service | ID = 1
Description = Error: Failed to poke open firewall
Error - 25.2.2014 5:39:51 | Computer Name = Ondra-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: mncdaous.exe, verze: 0.0.0.0, časové razítko:
0x526b8bad Název chybujícího modulu: mncdaous.exe, verze: 0.0.0.0, časové razítko:
0x526b8bad Kód výjimky: 0xc0000005 Posun chyby: 0x000483f3 ID chybujícího procesu:
0x2704 Čas spuštění chybující aplikace: 0x01cf320d871375c5 Cesta k chybující aplikaci:
C:\Windows\inf\mncdaous\mncdaous.exe Cesta k chybujícímu modulu: C:\Windows\inf\mncdaous\mncdaous.exe
ID
zprávy: c5b76c3d-9e00-11e3-877e-d43d7e9c8416
Error - 25.2.2014 10:18:35 | Computer Name = Ondra-PC | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro d:\program files (x86)\irfanview\Plugins\Riot.dll
se nezdařilo. Chyba v souboru manifestu nebo zásady d:\program files (x86)\irfanview\Plugins\Riot.dll
na řádku 8. Hodnota atributu name v prvku file je neplatná.
[ System Events ]
Error - 24.10.2013 12:06:40 | Computer Name = Ondra-PC | Source = Service Control Manager | ID = 7000
Description = Služba Bonjour Service neuspěla při spuštění v důsledku následující
chyby: %%2
Error - 25.10.2013 3:54:42 | Computer Name = Ondra-PC | Source = Service Control Manager | ID = 7000
Description = Služba Bonjour Service neuspěla při spuštění v důsledku následující
chyby: %%2
Error - 25.10.2013 8:32:37 | Computer Name = Ondra-PC | Source = Service Control Manager | ID = 7000
Description = Služba Bonjour Service neuspěla při spuštění v důsledku následující
chyby: %%2
Error - 29.10.2013 12:43:15 | Computer Name = Ondra-PC | Source = Service Control Manager | ID = 7000
Description = Služba Bonjour Service neuspěla při spuštění v důsledku následující
chyby: %%2
Error - 30.10.2013 3:48:53 | Computer Name = Ondra-PC | Source = Service Control Manager | ID = 7000
Description = Služba Bonjour Service neuspěla při spuštění v důsledku následující
chyby: %%2
Error - 30.10.2013 12:03:08 | Computer Name = Ondra-PC | Source = Service Control Manager | ID = 7000
Description = Služba Bonjour Service neuspěla při spuštění v důsledku následující
chyby: %%2
Error - 30.10.2013 19:12:14 | Computer Name = Ondra-PC | Source = Service Control Manager | ID = 7000
Description = Služba Bonjour Service neuspěla při spuštění v důsledku následující
chyby: %%2
Error - 30.10.2013 19:13:08 | Computer Name = Ondra-PC | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby Steam Client Service bylo dosaženo
časového limitu (30000 ms).
Error - 30.10.2013 19:13:08 | Computer Name = Ondra-PC | Source = Service Control Manager | ID = 7000
Description = Služba Steam Client Service neuspěla při spuštění v důsledku následující
chyby: %%1053
Error - 31.10.2013 4:44:45 | Computer Name = Ondra-PC | Source = Service Control Manager | ID = 7000
Description = Služba Bonjour Service neuspěla při spuštění v důsledku následující
chyby: %%2
< End of report >
Re: mncdaous.exe + časté blokace virů Avastem
Vidim ze ten sken dobehl, jenze skenoval bez toho textu, ktery jste tam mel zkopirovat.
Takze podle stejneho navodu jeste jednou, ale s timto upravenym skriptem, kde by uz ta chyba vyskocit nemela
Takze podle stejneho navodu jeste jednou, ale s timto upravenym skriptem, kde by uz ta chyba vyskocit nemela
Kód: Vybrat vše
CREATERESTOREPOINT
netsvcs
drivers32
savembr:0
/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop
%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe
*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /sPokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: mncdaous.exe + časté blokace virů Avastem
za to se omlouvám 
poprvé se to seklo a u nového jsem na text zapomněl -_-
poprvé se to seklo a u nového jsem na text zapomněl -_-Re: mncdaous.exe + časté blokace virů Avastem
vytvořil se pouze jeden LOG:
OTL logfile created on: 27.2.2014 9:05:47 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Ondra\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
15,95 Gb Total Physical Memory | 13,02 Gb Available Physical Memory | 81,64% Memory free
31,90 Gb Paging File | 28,82 Gb Available in Paging File | 90,36% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111,69 Gb Total Space | 29,49 Gb Free Space | 26,40% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 22,32 Gb Free Space | 2,40% Space Free | Partition Type: NTFS
Drive I: | 931,51 Gb Total Space | 208,57 Gb Free Space | 22,39% Space Free | Partition Type: NTFS
Drive J: | 4,22 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive O: | 29,32 Gb Total Space | 9,99 Gb Free Space | 34,08% Space Free | Partition Type: FAT32
Computer Name: ONDRA-PC | User Name: Ondra | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014.02.25 22:57:46 | 000,568,512 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2014.02.25 22:57:44 | 001,821,888 | ---- | M] (Valve Corporation) -- D:\Program Files (x86)\Steam\Steam.exe
PRC - [2014.02.25 12:32:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Ondra\Desktop\OTL.exe
PRC - [2014.02.24 16:44:10 | 003,767,096 | ---- | M] (AVAST Software) -- D:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014.02.24 16:44:10 | 000,050,344 | ---- | M] (AVAST Software) -- D:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014.02.19 16:47:54 | 000,275,568 | ---- | M] (Mozilla Corporation) -- D:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2014.02.04 14:56:52 | 003,813,712 | ---- | M] (LogMeIn Inc.) -- D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2014.01.30 15:05:24 | 021,822,128 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe
PRC - [2014.01.21 03:56:25 | 002,234,144 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2014.01.21 03:55:50 | 001,593,632 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2013.12.21 07:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.10.01 13:14:40 | 005,087,584 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2013.09.05 15:04:16 | 003,478,392 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
PRC - [2013.08.25 13:44:52 | 010,399,232 | ---- | M] (Celartem, Inc., doing business as Extensis.) -- C:\Program Files (x86)\Extensis\Suitcase Fusion 5\FMCore.exe
PRC - [2013.07.26 18:15:53 | 001,861,512 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
PRC - [2013.07.06 14:10:22 | 002,584,864 | ---- | M] (FSPro Labs) -- D:\Program Files\My Lockbox\mylbx.exe
PRC - [2013.06.26 15:23:21 | 001,045,072 | ---- | M] (BitTorrent Inc.) -- D:\Program Files (x86)\uTorrent\uTorrent.exe
PRC - [2013.04.29 10:12:20 | 000,282,624 | ---- | M] () -- C:\Program Files (x86)\MSI\ControlCenter\Sleep\MSISleepService.exe
PRC - [2012.12.07 16:26:56 | 000,167,424 | ---- | M] () -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
PRC - [2012.10.25 19:30:38 | 000,143,416 | ---- | M] (MSI) -- D:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
PRC - [2012.10.23 08:54:10 | 000,502,328 | ---- | M] (MSI) -- D:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
PRC - [2012.10.09 00:15:51 | 000,039,808 | ---- | M] (Wacom Technology) -- C:\Program Files\Tablet\Wacom\WacomHost.exe
PRC - [2012.10.08 15:15:50 | 000,039,808 | ---- | M] (Wacom Technology) -- C:\Program Files\Tablet\Pen\WacomHost.exe
PRC - [2012.08.17 10:44:19 | 003,345,408 | ---- | M] () -- C:\Program Files (x86)\Anti-Vibrate Oscar Editor\OscarEditor.exe
PRC - [2010.03.16 01:58:36 | 000,718,208 | ---- | M] (Microsoft Corporation) -- D:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
========== Modules (No Company Name) ==========
MOD - [2014.02.27 08:58:27 | 000,805,888 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI47682\wx._gdi_.pyd
MOD - [2014.02.27 08:58:27 | 000,026,624 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI47682\_multiprocessing.pyd
MOD - [2014.02.27 08:58:26 | 001,157,120 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI47682\_ssl.pyd
MOD - [2014.02.27 08:58:26 | 001,062,400 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI47682\wx._controls_.pyd
MOD - [2014.02.27 08:58:26 | 000,811,008 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI47682\wx._windows_.pyd
MOD - [2014.02.27 08:58:26 | 000,712,192 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI47682\_hashlib.pyd
MOD - [2014.02.27 08:58:26 | 000,686,080 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI47682\unicodedata.pyd
MOD - [2014.02.27 08:58:26 | 000,557,056 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI47682\pysqlite2._sqlite.pyd
MOD - [2014.02.27 08:58:26 | 000,525,640 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI47682\windows._lib_cacheinvalidation.pyd
MOD - [2014.02.27 08:58:26 | 000,320,512 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI47682\win32com.shell.shell.pyd
MOD - [2014.02.27 08:58:26 | 000,128,512 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI47682\_elementtree.pyd
MOD - [2014.02.27 08:58:26 | 000,127,488 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI47682\pyexpat.pyd
MOD - [2014.02.27 08:58:26 | 000,119,808 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI47682\win32file.pyd
MOD - [2014.02.27 08:58:26 | 000,110,080 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI47682\PyWinTypes27.dll
MOD - [2014.02.27 08:58:26 | 000,108,544 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI47682\win32security.pyd
MOD - [2014.02.27 08:58:26 | 000,098,816 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI47682\win32api.pyd
MOD - [2014.02.27 08:58:26 | 000,087,040 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI47682\_ctypes.pyd
MOD - [2014.02.27 08:58:26 | 000,070,656 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI47682\wx._html2.pyd
MOD - [2014.02.27 08:58:26 | 000,044,032 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI47682\_socket.pyd
MOD - [2014.02.27 08:58:26 | 000,038,912 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI47682\win32inet.pyd
MOD - [2014.02.27 08:58:26 | 000,035,840 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI47682\win32process.pyd
MOD - [2014.02.27 08:58:26 | 000,025,600 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI47682\win32pdh.pyd
MOD - [2014.02.27 08:58:26 | 000,024,064 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI47682\win32pipe.pyd
MOD - [2014.02.27 08:58:26 | 000,022,528 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI47682\win32ts.pyd
MOD - [2014.02.27 08:58:26 | 000,018,432 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI47682\win32event.pyd
MOD - [2014.02.27 08:58:26 | 000,017,408 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI47682\win32profile.pyd
MOD - [2014.02.27 08:58:26 | 000,010,240 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI47682\select.pyd
MOD - [2014.02.27 08:58:25 | 001,175,040 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI47682\wx._core_.pyd
MOD - [2014.02.27 08:58:25 | 000,735,232 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI47682\wx._misc_.pyd
MOD - [2014.02.27 08:58:25 | 000,364,544 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI47682\pythoncom27.dll
MOD - [2014.02.27 08:58:25 | 000,122,368 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI47682\wx._wizard.pyd
MOD - [2014.02.27 08:58:25 | 000,011,264 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI47682\win32crypt.pyd
MOD - [2014.02.25 22:57:46 | 001,135,296 | ---- | M] () -- D:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2014.02.19 16:47:53 | 003,578,992 | ---- | M] () -- D:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2014.02.11 03:34:30 | 000,751,616 | ---- | M] () -- D:\Program Files (x86)\Steam\SDL2.dll
MOD - [2014.01.11 00:33:44 | 020,625,832 | ---- | M] () -- D:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2014.01.07 02:41:27 | 014,412,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3f95a6d480ed1ebe45cf27b770ba94ed\mscorlib.ni.dll
MOD - [2013.12.12 23:19:40 | 000,142,848 | ---- | M] () -- D:\Program Files (x86)\Steam\libavresample-1.dll
MOD - [2013.11.05 02:12:06 | 000,890,592 | ---- | M] () -- D:\Program Files (x86)\Steam\libavutil-52.dll
MOD - [2013.10.21 13:10:33 | 019,336,120 | ---- | M] () -- D:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2013.08.25 13:37:42 | 001,007,616 | ---- | M] () -- C:\Program Files (x86)\Extensis\Suitcase Fusion 5\libxml2.2.6.24.dll
MOD - [2013.08.25 13:37:42 | 000,901,120 | ---- | M] () -- C:\Program Files (x86)\Extensis\Suitcase Fusion 5\iconv-1.9.2.dll
MOD - [2013.08.25 13:37:42 | 000,007,168 | ---- | M] () -- C:\Program Files (x86)\Extensis\Suitcase Fusion 5\libcharset.dll
MOD - [2013.07.26 18:15:53 | 016,166,280 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll
MOD - [2013.06.15 00:49:12 | 001,100,800 | ---- | M] () -- D:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2013.06.15 00:49:12 | 000,192,000 | ---- | M] () -- D:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2013.06.15 00:49:12 | 000,124,416 | ---- | M] () -- D:\Program Files (x86)\Steam\bin\avutil-51.dll
MOD - [2013.04.21 20:44:32 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2013.04.21 20:44:04 | 001,242,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012.09.23 20:44:22 | 000,010,240 | ---- | M] () -- C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Locale\cs_CZ\AcroTray.CZE
MOD - [2012.08.17 10:44:19 | 003,345,408 | ---- | M] () -- C:\Program Files (x86)\Anti-Vibrate Oscar Editor\OscarEditor.exe
MOD - [2012.06.14 14:59:56 | 002,414,080 | ---- | M] () -- C:\Program Files (x86)\Anti-Vibrate Oscar Editor\Data\X7H\Forms\ScreenCapture\ScreenCapture.dll
MOD - [2012.05.17 10:17:35 | 001,000,448 | ---- | M] () -- C:\Program Files (x86)\Anti-Vibrate Oscar Editor\Data\X7H\Forms\TrayIconWebAdvertisement\TrayIconWebAdvertisement.dll
MOD - [2012.04.27 10:40:54 | 000,118,272 | ---- | M] () -- C:\Program Files (x86)\Anti-Vibrate Oscar Editor\dll\DLL_Wheel4D.dll
MOD - [2011.04.12 14:14:04 | 000,063,488 | ---- | M] () -- C:\Program Files (x86)\Anti-Vibrate Oscar Editor\dll\DLL_AnalyzeGesturesInRight.dll
MOD - [2011.01.09 19:45:55 | 000,088,064 | ---- | M] () -- C:\Program Files (x86)\Anti-Vibrate Oscar Editor\dll\DLL_MouseDeviceManager.dll
MOD - [2010.12.02 16:56:52 | 000,815,104 | ---- | M] () -- C:\Program Files (x86)\Anti-Vibrate Oscar Editor\Data\X7H\Forms\OSD_Text\OSD_Text.dll
MOD - [2010.11.01 19:16:00 | 000,062,976 | ---- | M] () -- C:\Program Files (x86)\Anti-Vibrate Oscar Editor\dll\DLL_AnalyzeGesturesInOne.dll
MOD - [2010.09.20 13:18:57 | 000,085,504 | ---- | M] () -- C:\Program Files (x86)\Anti-Vibrate Oscar Editor\dll\DLL_ZoomControl.dll
MOD - [2010.09.20 13:18:54 | 000,054,272 | ---- | M] () -- C:\Program Files (x86)\Anti-Vibrate Oscar Editor\dll\DLL_ScrollbarControl.dll
MOD - [2010.06.30 13:03:14 | 000,051,512 | ---- | M] () -- D:\Program Files\My Lockbox\FSPFlt.dll
MOD - [2010.01.30 01:41:12 | 004,254,560 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
========== Services (SafeList) ==========
SRV:64bit: - [2014.01.21 03:55:35 | 016,939,296 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2013.06.06 18:31:52 | 000,598,808 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Wacom\WTabletServicePro.exe -- (WTabletServicePro)
SRV:64bit: - [2012.11.14 13:45:32 | 000,619,904 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\WTabletServiceCon.exe -- (WTabletServiceCon)
SRV:64bit: - [2012.05.04 14:40:36 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2010.11.30 12:27:58 | 000,336,824 | ---- | M] (arvato digital services llc) [Auto | Running] -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2_x64)
SRV:64bit: - [2009.09.14 04:00:00 | 000,166,400 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE -- (EPSON_EB_RPCV4_04)
SRV:64bit: - [2009.09.14 04:00:00 | 000,128,512 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE -- (EPSON_PM_RPCV4_04)
SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2014.02.25 22:57:46 | 000,568,512 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2014.02.24 16:44:10 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- D:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2014.02.04 14:56:50 | 002,222,416 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2014.01.21 03:55:50 | 001,593,632 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2013.12.21 07:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.12.18 10:10:40 | 000,381,952 | ---- | M] (Scarlet.Crush Productions) [Auto | Running] -- D:\Stažené soubory\SCP-DS3-Driver-Package-1.1.0.136 (1)\ScpServer\bin\ScpService.exe -- (Ds3Service)
SRV - [2013.10.23 08:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.10.01 13:14:40 | 005,087,584 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2013.06.18 15:21:21 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.04.29 10:12:20 | 000,282,624 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\MSI\ControlCenter\Sleep\MSISleepService.exe -- (MSISleep)
SRV - [2012.12.07 16:26:56 | 000,167,424 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2012.10.25 19:30:38 | 000,143,416 | ---- | M] (MSI) [Auto | Running] -- D:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe -- (MSI_SuperCharger)
SRV - [2010.03.25 09:25:22 | 030,969,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2014.02.24 16:44:12 | 001,038,072 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2014.02.24 16:44:12 | 000,421,704 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsp.sys -- (aswSP)
DRV:64bit: - [2014.02.24 16:44:12 | 000,080,184 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\aswstm.sys -- (aswStm)
DRV:64bit: - [2014.02.24 16:44:12 | 000,078,648 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2014.01.02 14:16:09 | 000,207,904 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013.12.29 23:54:50 | 000,121,416 | ---- | M] (MotioninJoy) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MijXfilt.sys -- (MotioninJoyXFilter)
DRV:64bit: - [2013.12.27 19:42:26 | 000,039,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2013.10.21 13:10:33 | 000,092,544 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013.10.21 13:10:33 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013.07.01 09:25:12 | 000,019,032 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdrvio.sys -- (pwdrvio)
DRV:64bit: - [2013.07.01 09:25:10 | 000,012,384 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdspio.sys -- (pwdspio)
DRV:64bit: - [2013.06.26 15:52:17 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2013.06.02 03:56:58 | 000,031,920 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Apowersoft_AudioDevice.sys -- (Apowersoft_AudioDevice)
DRV:64bit: - [2013.05.19 08:02:50 | 000,039,168 | ---- | M] (Scarlet.Crush Productions) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ScpVBus.sys -- (ScpVBus)
DRV:64bit: - [2013.04.30 18:18:10 | 000,085,304 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wachidrouter.sys -- (WacHidRouter)
DRV:64bit: - [2013.04.30 18:18:10 | 000,014,136 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hidkmdf.sys -- (hidkmdf)
DRV:64bit: - [2013.02.25 06:27:45 | 000,194,848 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012.12.20 23:20:07 | 000,015,344 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacomrouterfilter.sys -- (wacomrouterfilter)
DRV:64bit: - [2012.12.07 17:27:50 | 000,036,928 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\htcnprot.sys -- (htcnprot)
DRV:64bit: - [2012.08.21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012.05.02 11:31:56 | 000,403,232 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2012.05.02 11:31:56 | 000,134,944 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2012.02.16 06:42:00 | 000,676,968 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2012.02.14 13:07:52 | 001,547,616 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)
DRV:64bit: - [2011.11.13 13:31:16 | 000,055,936 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.1)
DRV:64bit: - [2011.11.03 02:01:00 | 000,056,208 | ---- | M] (Rovi Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010.11.28 21:50:38 | 000,044,672 | R--- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2010.08.19 19:24:34 | 000,074,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2010.07.22 16:13:28 | 000,054,848 | ---- | M] (FSPro Labs) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\FSPFltd.sys -- (FSProFilter)
DRV:64bit: - [2010.02.18 08:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009.11.02 17:16:50 | 000,033,736 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64)
DRV:64bit: - [2009.07.14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.07.14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 02:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 01:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.03.18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV - [2013.06.27 10:26:34 | 000,019,952 | ---- | M] () [Kernel | On_Demand | Stopped] -- D:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys -- (RivaTuner64)
DRV - [2012.11.09 09:49:14 | 000,013,368 | ---- | M] (MSI) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\MSI\ControlCenter\Sleep\NTIOLib_X64.sys -- (NTIOLib_MSISMB_CC)
DRV - [2012.10.25 18:45:52 | 000,013,368 | ---- | M] (MSI) [Kernel | On_Demand | Running] -- D:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys -- (NTIOLib_1_0_3)
DRV - [2012.02.14 11:32:16 | 000,013,328 | ---- | M] (MSI) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI\ControlCenter\NTIOLib_X64.sys -- (NTIOLib_1_0_2)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2005.03.09 20:50:16 | 000,033,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\libusb0.sys -- (libusb0)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3959666384-1753593180-1987673547-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3959666384-1753593180-1987673547-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-3959666384-1753593180-1987673547-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3959666384-1753593180-1987673547-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:27.0.1
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: D:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF:64bit: - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.2: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF:64bit: - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.3: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: D:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: D:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.2: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.3: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Ondra\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\wacom.com/WacomTabletPlugin: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: D:\Program Files\AVAST Software\Avast\WebRep\FF [2014.02.24 16:44:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014.02.11 21:18:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: D:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: D:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Components: D:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Plugins: D:\Program Files (x86)\Mozilla Firefox\plugins
[2013.06.26 20:20:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ondra\AppData\Roaming\Mozilla\Extensions
[2013.12.30 19:56:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ondra\AppData\Roaming\Mozilla\Firefox\Profiles\2c396gd3.default\extensions
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/ig/redirectdomain ... &bmod=ASUT
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\gcswf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - Extension: Media Hint = C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\anepbdekljkmmimmhbniglnnanmmkoja\0.1.13_0\
CHR - Extension: Dokumenty Google = C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Disk Google = C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Facebook = C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm\1.0.3_0\
CHR - Extension: Image Downloader = C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnpniohnfphhjihaiiggeabnkjhpaldj\1.3_0\
CHR - Extension: Vyhledávánà Google = C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Adobe Acrobat - Vytvořit PDF = C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\11.0.3.37_0\
CHR - Extension: Kalendář Google = C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\
CHR - Extension: AdBlock = C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.18_0\
CHR - Extension: SoundCloud = C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipebkipbeggmmkjjljenoblnfaenambp\1_0\
CHR - Extension: Mapy Google = C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.2.7_0\
CHR - Extension: Kontrola e-mailu Google = C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\
CHR - Extension: ČSFD Vyhledávač = C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnomkaadjmphnfnjihfmdkabiahgjmfb\1.3_0\
CHR - Extension: Peněženka Google = C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2013.06.27 01:02:34 | 000,002,810 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 192.150.14.69
O1 - Hosts: 127.0.0.1 192.150.18.101
O1 - Hosts: 127.0.0.1 192.150.18.108
O1 - Hosts: 127.0.0.1 192.150.22.40
O1 - Hosts: 127.0.0.1 192.150.8.100
O1 - Hosts: 127.0.0.1 192.150.8.118
O1 - Hosts: 127.0.0.1 209-34-83-73.ood.opsource.net
O1 - Hosts: 127.0.0.1 3dns-1.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-4.adobe.com
O1 - Hosts: 127.0.0.1 3dns.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip1.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip2.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 40 more lines...
O2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - D:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Adobe Acrobat Create PDF Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2:64bit: - BHO: (Adobe Acrobat Create PDF from Selection) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Adobe Acrobat Create PDF Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe Acrobat Create PDF from Selection) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - D:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (Adobe Acrobat Create PDF Toolbar) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - D:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Adobe Acrobat Create PDF Toolbar) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - D:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3:64bit: - HKU\S-1-5-21-3959666384-1753593180-1987673547-1000\..\Toolbar\WebBrowser: (Adobe Acrobat Create PDF Toolbar) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-3959666384-1753593180-1987673547-1000\..\Toolbar\WebBrowser: (Adobe Acrobat Create PDF Toolbar) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [AutoKMS] C:\Windows\AutoKMS.exe ()
O4:64bit: - HKLM..\Run: [mylbx] D:\Program Files\My Lockbox\mylbx.exe (FSPro Labs)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" File not found
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AvastUI.exe] D:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BCSSync] D:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ControlCenterCount] C:\Program Files (x86)\MSI\ControlCenter\ControlCenterCount.exe (MSI CO.,LTD.)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [mncdaousSrv] C:\Windows\inf\mncdaous.vbe ()
O4 - HKLM..\Run: [MSStp] C:\Windows\SysWOW64\msstp.vbe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [Super-Charger] D:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe (MSI)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKU\.DEFAULT..\Run: [Copy] C:\Users\Ondra\AppData\Roaming\Copy\CopyAgent.exe (Barracuda Networks, Inc.)
O4 - HKU\S-1-5-18..\Run: [Copy] C:\Users\Ondra\AppData\Roaming\Copy\CopyAgent.exe (Barracuda Networks, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3959666384-1753593180-1987673547-1000..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-21-3959666384-1753593180-1987673547-1000..\Run: [Copy] C:\Users\Ondra\AppData\Roaming\Copy\CopyAgent.exe (Barracuda Networks, Inc.)
O4 - HKU\S-1-5-21-3959666384-1753593180-1987673547-1000..\Run: [DAEMON Tools Lite] D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKU\S-1-5-21-3959666384-1753593180-1987673547-1000..\Run: [FMCore.exe] C:\Program Files (x86)\Extensis\Suitcase Fusion 5\FMCore.exe (Celartem, Inc., doing business as Extensis.)
O4 - HKU\S-1-5-21-3959666384-1753593180-1987673547-1000..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
O4 - HKU\S-1-5-21-3959666384-1753593180-1987673547-1000..\Run: [OfficeSyncProcess] D:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-21-3959666384-1753593180-1987673547-1000..\Run: [OscarEditor] C:\Program Files (x86)\Anti-Vibrate Oscar Editor\OscarEditor.exe ()
O4 - HKU\S-1-5-21-3959666384-1753593180-1987673547-1000..\Run: [OscarX7Mouse5Mode] C:\Program Files (x86)\OscarX7Editor5Mode\OscarX7Editor5Mode\OscarEditor.exe ()
O4 - HKU\S-1-5-21-3959666384-1753593180-1987673547-1000..\Run: [Steam] D:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-3959666384-1753593180-1987673547-1000..\Run: [uTorrent] D:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Ondra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ControlCenter.exe – zástupce.lnk = C:\Program Files (x86)\MSI\ControlCenter\ControlCenter.exe (MSI CO.,LTD.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - D:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Od&eslat do aplikace OneNote - D:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8:64bit: - Extra context menu item: Převést cíl vazby do Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Převést do Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Připojit cíl vazby k existujícímu PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Připojit k existujícímu PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - D:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Od&eslat do aplikace OneNote - D:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Převést do Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Připojit cíl vazby k existujícímu PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Připojit k existujícímu PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Extensis\Extensis Suitcase 11\Bonjour\mdnsNSP.dll File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2C58651D-00F9-41D6-9ECF-8BEFE8C785A5}: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{70F20639-0F8A-4A41-8919-4E65AAA71160}: DhcpNameServer = 10.15.20.199 8.8.8.8
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.10.14 12:56:42 | 000,000,049 | -H-- | M] () - I:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2013.06.25 12:11:51 | 000,000,050 | R--- | M] () - J:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{13ff077e-de6a-11e2-a6d4-d43d7e9c8416}\Shell - "" = AutoRun
O33 - MountPoints2\{13ff077e-de6a-11e2-a6d4-d43d7e9c8416}\Shell\AutoRun\command - "" = J:\Setup.exe -- [2013.11.13 21:05:43 | 001,681,225 | R--- | M] ( )
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\SysWow64\ff_vfw.dll ()
Drivers32: vidc.MP42 - C:\Windows\SysWow64\MPG4c32.dll (Microsoft Corporation)
Drivers32: vidc.MP43 - C:\Windows\SysWow64\MPG4c32.dll (Microsoft Corporation)
Drivers32: vidc.MPG4 - C:\Windows\SysWow64\MPG4c32.dll (Microsoft Corporation)
Drivers32: vidc.XVID - C:\Windows\SysWow64\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2014.02.25 12:32:00 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Ondra\Desktop\OTL.exe
[2014.02.25 10:46:42 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014.02.25 10:46:41 | 000,000,000 | ---D | C] -- C:\rsit
[2014.02.20 16:06:57 | 031,432,480 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2014.02.20 16:06:57 | 023,683,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2014.02.20 16:06:57 | 017,715,784 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2014.02.20 16:06:57 | 015,740,232 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2014.02.20 16:06:57 | 011,636,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2014.02.20 16:06:57 | 011,589,272 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2014.02.20 16:06:57 | 009,728,064 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2014.02.20 16:06:57 | 009,690,424 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2014.02.20 16:06:57 | 003,142,432 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2014.02.20 16:06:57 | 002,956,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2014.02.20 16:06:57 | 002,782,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2014.02.20 16:06:57 | 002,410,784 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2014.02.20 16:06:57 | 001,885,472 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6433489.dll
[2014.02.20 16:06:57 | 001,515,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6433489.dll
[2014.02.20 16:06:57 | 000,892,192 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2014.02.20 16:06:57 | 000,875,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2014.02.20 16:06:57 | 000,863,520 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2014.02.20 16:06:57 | 000,844,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2014.02.20 16:06:57 | 000,832,424 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2014.02.20 16:06:57 | 000,483,104 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvEncodeAPI64.dll
[2014.02.20 16:06:57 | 000,408,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvEncodeAPI.dll
[2014.02.20 16:06:57 | 000,378,656 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFROpenGL.dll
[2014.02.20 16:06:57 | 000,353,504 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2014.02.20 16:06:57 | 000,305,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2014.02.20 16:06:57 | 000,174,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2014.02.20 16:06:57 | 000,148,528 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2014.02.20 16:06:56 | 025,256,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2014.02.20 16:06:56 | 017,560,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2014.02.19 13:58:39 | 000,000,000 | ---D | C] -- C:\Users\Ondra\AppData\Local\NVIDIA Corporation
[2014.02.19 13:58:29 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll
[2014.02.19 13:58:29 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll
[2014.02.19 13:58:28 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll
[2014.02.19 13:58:28 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll
[2014.02.19 13:58:28 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll
[2014.02.19 13:58:19 | 001,179,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspcap64.dll
[2014.02.19 13:58:19 | 001,048,152 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspcap.dll
[2014.02.19 13:58:02 | 000,039,200 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvvad64v.sys
[2014.02.19 13:58:02 | 000,035,104 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvaudcap64v.dll
[2014.02.19 13:58:02 | 000,033,056 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvaudcap32v.dll
[2014.02.19 01:38:47 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2014.02.05 22:02:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
========== Files - Modified Within 30 Days ==========
[2014.02.27 09:09:14 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.02.27 09:05:12 | 000,017,136 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.02.27 09:05:12 | 000,017,136 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.02.27 09:04:03 | 001,576,554 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014.02.27 09:04:03 | 000,666,194 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2014.02.27 09:04:03 | 000,651,938 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014.02.27 09:04:03 | 000,139,890 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2014.02.27 09:04:03 | 000,120,870 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014.02.27 08:59:37 | 000,001,259 | ---- | M] () -- C:\Users\Ondra\rgmnr
[2014.02.27 08:58:23 | 000,000,946 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014.02.27 08:58:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.02.27 08:57:59 | 4255,252,478 | -HS- | M] () -- C:\hiberfil.sys
[2014.02.26 10:38:02 | 000,000,950 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014.02.26 09:46:02 | 005,194,424 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014.02.25 12:32:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Ondra\Desktop\OTL.exe
[2014.02.25 10:19:13 | 000,119,296 | ---- | M] () -- C:\Windows\SysWow64\zlib.dll
[2014.02.24 16:44:29 | 000,001,030 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014.02.24 16:44:12 | 001,038,072 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2014.02.24 16:44:12 | 000,421,704 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswsp.sys
[2014.02.24 16:44:12 | 000,334,136 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2014.02.24 16:44:12 | 000,080,184 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswstm.sys
[2014.02.24 16:44:12 | 000,078,648 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2014.02.24 16:44:11 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2014.02.21 19:39:12 | 000,002,189 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014.02.19 12:11:20 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01009.Wdf
[2014.02.19 12:11:20 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_MijXfilt_01009.Wdf
[2014.02.11 21:18:58 | 000,002,146 | ---- | M] () -- C:\Users\Public\Desktop\Adobe FormsCentral.lnk
[2014.02.11 21:18:58 | 000,002,032 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Acrobat XI Pro.lnk
[2014.02.08 19:34:51 | 031,432,480 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2014.02.08 19:34:51 | 025,256,224 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2014.02.08 19:34:51 | 023,683,360 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2014.02.08 19:34:51 | 018,257,576 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2014.02.08 19:34:51 | 017,715,784 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2014.02.08 19:34:51 | 017,560,352 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2014.02.08 19:34:51 | 015,740,232 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2014.02.08 19:34:51 | 014,669,032 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2014.02.08 19:34:51 | 011,636,176 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2014.02.08 19:34:51 | 011,589,272 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2014.02.08 19:34:51 | 009,728,064 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2014.02.08 19:34:51 | 009,690,424 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2014.02.08 19:34:51 | 003,142,432 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2014.02.08 19:34:51 | 003,090,184 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2014.02.08 19:34:51 | 002,956,576 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2014.02.08 19:34:51 | 002,782,496 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2014.02.08 19:34:51 | 002,713,728 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2014.02.08 19:34:51 | 002,410,784 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2014.02.08 19:34:51 | 001,885,472 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6433489.dll
[2014.02.08 19:34:51 | 001,515,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6433489.dll
[2014.02.08 19:34:51 | 000,947,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2014.02.08 19:34:51 | 000,892,192 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2014.02.08 19:34:51 | 000,875,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2014.02.08 19:34:51 | 000,863,520 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2014.02.08 19:34:51 | 000,844,576 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2014.02.08 19:34:51 | 000,832,424 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2014.02.08 19:34:51 | 000,483,104 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvEncodeAPI64.dll
[2014.02.08 19:34:51 | 000,408,352 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvEncodeAPI.dll
[2014.02.08 19:34:51 | 000,378,656 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFROpenGL.dll
[2014.02.08 19:34:51 | 000,353,504 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2014.02.08 19:34:51 | 000,333,600 | ---- | M] () -- C:\Windows\SysWow64\NvIFROpenGL.dll
[2014.02.08 19:34:51 | 000,305,600 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2014.02.08 19:34:51 | 000,174,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2014.02.08 19:34:51 | 000,148,528 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2014.02.08 19:34:51 | 000,024,544 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
========== Files Created - No Company Name ==========
[2014.02.25 12:37:25 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.02.24 16:35:43 | 000,001,259 | ---- | C] () -- C:\Users\Ondra\rgmnr
[2014.02.24 16:23:46 | 000,001,419 | --S- | C] () -- C:\Windows\SysWow64\msstp.vbe
[2014.02.20 16:06:57 | 000,333,600 | ---- | C] () -- C:\Windows\SysWow64\NvIFROpenGL.dll
[2014.02.19 12:11:20 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01009.Wdf
[2014.02.19 12:11:20 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_MijXfilt_01009.Wdf
[2014.02.11 21:18:58 | 000,002,453 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat XI Pro.lnk
[2014.02.11 21:18:58 | 000,002,216 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe FormsCentral.lnk
[2014.02.11 21:18:58 | 000,002,146 | ---- | C] () -- C:\Users\Public\Desktop\Adobe FormsCentral.lnk
[2014.02.11 21:18:58 | 000,002,055 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller XI.lnk
[2014.02.11 21:18:58 | 000,002,032 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Acrobat XI Pro.lnk
[2014.01.24 20:51:37 | 000,000,037 | ---- | C] () -- C:\Windows\SWFConverter.INI
[2013.12.29 23:45:57 | 000,033,792 | ---- | C] () -- C:\Windows\SysWow64\drivers\libusb0.sys
[2013.12.29 23:30:47 | 000,119,296 | ---- | C] () -- C:\Windows\SysWow64\zlib.dll
[2013.12.29 23:30:47 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\ADsSecurity.dll
[2013.12.29 23:30:47 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\dxinputdll.dll
[2013.12.29 14:59:52 | 000,012,005 | ---- | C] () -- C:\Users\Ondra\AppData\Roaming\alsoft.ini
[2013.09.15 15:58:05 | 000,000,098 | ---- | C] () -- C:\ProgramData\.ST160
[2013.09.15 15:57:59 | 000,000,010 | ---- | C] () -- C:\ProgramData\.F4G6EEC4-B493-3E31-C6BG-8C6C9B764D36
[2013.09.15 15:57:59 | 000,000,010 | ---- | C] () -- C:\Users\Ondra\AppData\Local\.C3F2FH85-G3D2-2F02-D5CH-7D3D8C553E56
[2013.08.28 20:21:49 | 000,112,640 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2013.07.29 10:01:47 | 000,000,014 | ---- | C] () -- C:\ProgramData\.ST150
[2013.07.27 01:07:06 | 000,615,936 | ---- | C] () -- C:\Windows\AutoKMS.exe
[2013.07.27 01:07:06 | 000,000,161 | ---- | C] () -- C:\Windows\AutoKMS.ini
[2013.07.20 00:53:18 | 000,761,856 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2013.07.20 00:53:18 | 000,135,168 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2013.07.01 19:30:06 | 000,000,132 | ---- | C] () -- C:\Users\Ondra\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
[2013.06.29 08:26:07 | 000,000,010 | ---- | C] () -- C:\Users\Ondra\AppData\Local\.HG88C586-G30G-2HE2-DGDE-8H3E1D530D30
[2013.06.29 08:26:07 | 000,000,010 | ---- | C] () -- C:\ProgramData\.F464B91F-G49F-3G3D-CFCD-9G7D2C141C96
[2013.06.27 17:56:03 | 000,000,017 | ---- | C] () -- C:\Users\Ondra\AppData\Local\resmon.resmoncfg
[2013.06.26 18:48:18 | 001,554,160 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.05.04 14:37:46 | 000,054,784 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
========== ZeroAccess Check ==========
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2009.07.14 02:41:54 | 014,161,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2009.07.14 02:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.07.14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2013.08.29 22:16:32 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Apowersoft
[2013.06.26 16:34:43 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Ashampoo
[2013.07.25 17:17:06 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Autodesk
[2013.10.22 08:16:46 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\AVAST Software
[2013.09.06 18:05:56 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Braid
[2013.07.12 15:26:00 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2014.02.27 08:59:33 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Copy
[2014.02.11 21:12:31 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\DAEMON Tools Lite
[2013.07.08 14:34:41 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Doublefine
[2013.07.07 18:05:19 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\EPSON
[2013.09.15 09:58:36 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Extensis
[2014.02.17 20:49:12 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\FEZ
[2013.11.30 16:00:42 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\GHISLER
[2014.01.15 16:26:50 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Gomo
[2013.07.06 22:02:01 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\HTC
[2013.07.06 22:02:59 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
[2013.08.29 22:10:27 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\KastorAllVideoDownloader
[2013.08.29 22:01:38 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\KastorFreeVimeoDownloader
[2013.06.29 10:29:14 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\MAXON
[2013.12.29 23:18:04 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\MotioninJoy
[2013.08.28 00:03:04 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Opera Software
[2013.12.30 19:56:46 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Orbit
[2013.06.30 10:59:47 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Origin
[2013.06.30 22:05:45 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\PACE Anti-Piracy
[2013.06.26 15:58:32 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\PerformerSoft
[2013.12.29 23:32:47 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\PowerUp Software
[2013.12.30 19:50:42 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\ProgSense
[2013.08.30 12:03:19 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Resolume
[2013.08.25 12:29:33 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Resolume Arena 4
[2013.09.15 09:33:42 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Resolume Avenue 4
[2014.01.15 18:46:54 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\SketchUp
[2013.06.27 02:09:58 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2013.10.31 12:01:39 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\TeamViewer
[2013.10.31 14:38:14 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Trillian
[2013.08.30 11:55:55 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\TroikaTronix
[2013.09.15 09:27:16 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\TS3Client
[2013.07.14 16:54:55 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Ubisoft
[2013.07.07 09:58:46 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Unity
[2014.02.27 09:13:44 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\uTorrent
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009.07.14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 06:08:49 | 000,032,582 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2013.06.26 15:07:20 | 000,000,946 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.06.26 15:07:20 | 000,000,950 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
< >
< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\SysWOW64\autochk.exe
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 02:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\SysNative\autochk.exe
[2009.07.14 02:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
< MD5 for: CDROM.SYS >
[2009.07.14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\drivers\cdrom.sys
[2009.07.14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys
[2009.07.14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\SysWOW64\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2009.08.03 07:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2009.10.31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2009.10.31 07:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\explorer.exe
[2009.07.14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2009.08.03 07:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
< MD5 for: HAL.DLL >
[2009.07.14 02:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\SysNative\hal.dll
[2009.07.14 02:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\SysNative\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: TCPIP.SYS >
[2013.01.04 06:41:01 | 001,893,224 | ---- | M] (Microsoft Corporation) MD5=5CFB7AB8F9524D1A1E14369DE63B83CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_0f6a6af57fd59de6\tcpip.sys
[2013.01.03 06:57:12 | 001,876,824 | ---- | M] (Microsoft Corporation) MD5=692969AB90BDA19F56E27BF89A9260E2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_0fe8397098fc3d71\tcpip.sys
[2009.07.14 02:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\SysNative\drivers\tcpip.sys
[2009.07.14 02:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2013.01.03 07:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2013.01.04 06:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys
< MD5 for: USERINIT.EXE >
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\SysNative\winlogon.exe
[2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
< >
OTL logfile created on: 27.2.2014 9:05:47 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Ondra\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
15,95 Gb Total Physical Memory | 13,02 Gb Available Physical Memory | 81,64% Memory free
31,90 Gb Paging File | 28,82 Gb Available in Paging File | 90,36% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111,69 Gb Total Space | 29,49 Gb Free Space | 26,40% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 22,32 Gb Free Space | 2,40% Space Free | Partition Type: NTFS
Drive I: | 931,51 Gb Total Space | 208,57 Gb Free Space | 22,39% Space Free | Partition Type: NTFS
Drive J: | 4,22 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive O: | 29,32 Gb Total Space | 9,99 Gb Free Space | 34,08% Space Free | Partition Type: FAT32
Computer Name: ONDRA-PC | User Name: Ondra | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014.02.25 22:57:46 | 000,568,512 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2014.02.25 22:57:44 | 001,821,888 | ---- | M] (Valve Corporation) -- D:\Program Files (x86)\Steam\Steam.exe
PRC - [2014.02.25 12:32:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Ondra\Desktop\OTL.exe
PRC - [2014.02.24 16:44:10 | 003,767,096 | ---- | M] (AVAST Software) -- D:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014.02.24 16:44:10 | 000,050,344 | ---- | M] (AVAST Software) -- D:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014.02.19 16:47:54 | 000,275,568 | ---- | M] (Mozilla Corporation) -- D:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2014.02.04 14:56:52 | 003,813,712 | ---- | M] (LogMeIn Inc.) -- D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2014.01.30 15:05:24 | 021,822,128 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe
PRC - [2014.01.21 03:56:25 | 002,234,144 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2014.01.21 03:55:50 | 001,593,632 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2013.12.21 07:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.10.01 13:14:40 | 005,087,584 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2013.09.05 15:04:16 | 003,478,392 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
PRC - [2013.08.25 13:44:52 | 010,399,232 | ---- | M] (Celartem, Inc., doing business as Extensis.) -- C:\Program Files (x86)\Extensis\Suitcase Fusion 5\FMCore.exe
PRC - [2013.07.26 18:15:53 | 001,861,512 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
PRC - [2013.07.06 14:10:22 | 002,584,864 | ---- | M] (FSPro Labs) -- D:\Program Files\My Lockbox\mylbx.exe
PRC - [2013.06.26 15:23:21 | 001,045,072 | ---- | M] (BitTorrent Inc.) -- D:\Program Files (x86)\uTorrent\uTorrent.exe
PRC - [2013.04.29 10:12:20 | 000,282,624 | ---- | M] () -- C:\Program Files (x86)\MSI\ControlCenter\Sleep\MSISleepService.exe
PRC - [2012.12.07 16:26:56 | 000,167,424 | ---- | M] () -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
PRC - [2012.10.25 19:30:38 | 000,143,416 | ---- | M] (MSI) -- D:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
PRC - [2012.10.23 08:54:10 | 000,502,328 | ---- | M] (MSI) -- D:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
PRC - [2012.10.09 00:15:51 | 000,039,808 | ---- | M] (Wacom Technology) -- C:\Program Files\Tablet\Wacom\WacomHost.exe
PRC - [2012.10.08 15:15:50 | 000,039,808 | ---- | M] (Wacom Technology) -- C:\Program Files\Tablet\Pen\WacomHost.exe
PRC - [2012.08.17 10:44:19 | 003,345,408 | ---- | M] () -- C:\Program Files (x86)\Anti-Vibrate Oscar Editor\OscarEditor.exe
PRC - [2010.03.16 01:58:36 | 000,718,208 | ---- | M] (Microsoft Corporation) -- D:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
========== Modules (No Company Name) ==========
MOD - [2014.02.27 08:58:27 | 000,805,888 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI47682\wx._gdi_.pyd
MOD - [2014.02.27 08:58:27 | 000,026,624 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI47682\_multiprocessing.pyd
MOD - [2014.02.27 08:58:26 | 001,157,120 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI47682\_ssl.pyd
MOD - [2014.02.27 08:58:26 | 001,062,400 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI47682\wx._controls_.pyd
MOD - [2014.02.27 08:58:26 | 000,811,008 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI47682\wx._windows_.pyd
MOD - [2014.02.27 08:58:26 | 000,712,192 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI47682\_hashlib.pyd
MOD - [2014.02.27 08:58:26 | 000,686,080 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI47682\unicodedata.pyd
MOD - [2014.02.27 08:58:26 | 000,557,056 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI47682\pysqlite2._sqlite.pyd
MOD - [2014.02.27 08:58:26 | 000,525,640 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI47682\windows._lib_cacheinvalidation.pyd
MOD - [2014.02.27 08:58:26 | 000,320,512 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI47682\win32com.shell.shell.pyd
MOD - [2014.02.27 08:58:26 | 000,128,512 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI47682\_elementtree.pyd
MOD - [2014.02.27 08:58:26 | 000,127,488 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI47682\pyexpat.pyd
MOD - [2014.02.27 08:58:26 | 000,119,808 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI47682\win32file.pyd
MOD - [2014.02.27 08:58:26 | 000,110,080 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI47682\PyWinTypes27.dll
MOD - [2014.02.27 08:58:26 | 000,108,544 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI47682\win32security.pyd
MOD - [2014.02.27 08:58:26 | 000,098,816 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI47682\win32api.pyd
MOD - [2014.02.27 08:58:26 | 000,087,040 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI47682\_ctypes.pyd
MOD - [2014.02.27 08:58:26 | 000,070,656 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI47682\wx._html2.pyd
MOD - [2014.02.27 08:58:26 | 000,044,032 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI47682\_socket.pyd
MOD - [2014.02.27 08:58:26 | 000,038,912 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI47682\win32inet.pyd
MOD - [2014.02.27 08:58:26 | 000,035,840 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI47682\win32process.pyd
MOD - [2014.02.27 08:58:26 | 000,025,600 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI47682\win32pdh.pyd
MOD - [2014.02.27 08:58:26 | 000,024,064 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI47682\win32pipe.pyd
MOD - [2014.02.27 08:58:26 | 000,022,528 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI47682\win32ts.pyd
MOD - [2014.02.27 08:58:26 | 000,018,432 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI47682\win32event.pyd
MOD - [2014.02.27 08:58:26 | 000,017,408 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI47682\win32profile.pyd
MOD - [2014.02.27 08:58:26 | 000,010,240 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI47682\select.pyd
MOD - [2014.02.27 08:58:25 | 001,175,040 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI47682\wx._core_.pyd
MOD - [2014.02.27 08:58:25 | 000,735,232 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI47682\wx._misc_.pyd
MOD - [2014.02.27 08:58:25 | 000,364,544 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI47682\pythoncom27.dll
MOD - [2014.02.27 08:58:25 | 000,122,368 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI47682\wx._wizard.pyd
MOD - [2014.02.27 08:58:25 | 000,011,264 | ---- | M] () -- C:\Users\Ondra\AppData\Local\Temp\_MEI47682\win32crypt.pyd
MOD - [2014.02.25 22:57:46 | 001,135,296 | ---- | M] () -- D:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2014.02.19 16:47:53 | 003,578,992 | ---- | M] () -- D:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2014.02.11 03:34:30 | 000,751,616 | ---- | M] () -- D:\Program Files (x86)\Steam\SDL2.dll
MOD - [2014.01.11 00:33:44 | 020,625,832 | ---- | M] () -- D:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2014.01.07 02:41:27 | 014,412,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3f95a6d480ed1ebe45cf27b770ba94ed\mscorlib.ni.dll
MOD - [2013.12.12 23:19:40 | 000,142,848 | ---- | M] () -- D:\Program Files (x86)\Steam\libavresample-1.dll
MOD - [2013.11.05 02:12:06 | 000,890,592 | ---- | M] () -- D:\Program Files (x86)\Steam\libavutil-52.dll
MOD - [2013.10.21 13:10:33 | 019,336,120 | ---- | M] () -- D:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2013.08.25 13:37:42 | 001,007,616 | ---- | M] () -- C:\Program Files (x86)\Extensis\Suitcase Fusion 5\libxml2.2.6.24.dll
MOD - [2013.08.25 13:37:42 | 000,901,120 | ---- | M] () -- C:\Program Files (x86)\Extensis\Suitcase Fusion 5\iconv-1.9.2.dll
MOD - [2013.08.25 13:37:42 | 000,007,168 | ---- | M] () -- C:\Program Files (x86)\Extensis\Suitcase Fusion 5\libcharset.dll
MOD - [2013.07.26 18:15:53 | 016,166,280 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll
MOD - [2013.06.15 00:49:12 | 001,100,800 | ---- | M] () -- D:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2013.06.15 00:49:12 | 000,192,000 | ---- | M] () -- D:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2013.06.15 00:49:12 | 000,124,416 | ---- | M] () -- D:\Program Files (x86)\Steam\bin\avutil-51.dll
MOD - [2013.04.21 20:44:32 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2013.04.21 20:44:04 | 001,242,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012.09.23 20:44:22 | 000,010,240 | ---- | M] () -- C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Locale\cs_CZ\AcroTray.CZE
MOD - [2012.08.17 10:44:19 | 003,345,408 | ---- | M] () -- C:\Program Files (x86)\Anti-Vibrate Oscar Editor\OscarEditor.exe
MOD - [2012.06.14 14:59:56 | 002,414,080 | ---- | M] () -- C:\Program Files (x86)\Anti-Vibrate Oscar Editor\Data\X7H\Forms\ScreenCapture\ScreenCapture.dll
MOD - [2012.05.17 10:17:35 | 001,000,448 | ---- | M] () -- C:\Program Files (x86)\Anti-Vibrate Oscar Editor\Data\X7H\Forms\TrayIconWebAdvertisement\TrayIconWebAdvertisement.dll
MOD - [2012.04.27 10:40:54 | 000,118,272 | ---- | M] () -- C:\Program Files (x86)\Anti-Vibrate Oscar Editor\dll\DLL_Wheel4D.dll
MOD - [2011.04.12 14:14:04 | 000,063,488 | ---- | M] () -- C:\Program Files (x86)\Anti-Vibrate Oscar Editor\dll\DLL_AnalyzeGesturesInRight.dll
MOD - [2011.01.09 19:45:55 | 000,088,064 | ---- | M] () -- C:\Program Files (x86)\Anti-Vibrate Oscar Editor\dll\DLL_MouseDeviceManager.dll
MOD - [2010.12.02 16:56:52 | 000,815,104 | ---- | M] () -- C:\Program Files (x86)\Anti-Vibrate Oscar Editor\Data\X7H\Forms\OSD_Text\OSD_Text.dll
MOD - [2010.11.01 19:16:00 | 000,062,976 | ---- | M] () -- C:\Program Files (x86)\Anti-Vibrate Oscar Editor\dll\DLL_AnalyzeGesturesInOne.dll
MOD - [2010.09.20 13:18:57 | 000,085,504 | ---- | M] () -- C:\Program Files (x86)\Anti-Vibrate Oscar Editor\dll\DLL_ZoomControl.dll
MOD - [2010.09.20 13:18:54 | 000,054,272 | ---- | M] () -- C:\Program Files (x86)\Anti-Vibrate Oscar Editor\dll\DLL_ScrollbarControl.dll
MOD - [2010.06.30 13:03:14 | 000,051,512 | ---- | M] () -- D:\Program Files\My Lockbox\FSPFlt.dll
MOD - [2010.01.30 01:41:12 | 004,254,560 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
========== Services (SafeList) ==========
SRV:64bit: - [2014.01.21 03:55:35 | 016,939,296 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2013.06.06 18:31:52 | 000,598,808 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Wacom\WTabletServicePro.exe -- (WTabletServicePro)
SRV:64bit: - [2012.11.14 13:45:32 | 000,619,904 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\WTabletServiceCon.exe -- (WTabletServiceCon)
SRV:64bit: - [2012.05.04 14:40:36 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2010.11.30 12:27:58 | 000,336,824 | ---- | M] (arvato digital services llc) [Auto | Running] -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2_x64)
SRV:64bit: - [2009.09.14 04:00:00 | 000,166,400 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE -- (EPSON_EB_RPCV4_04)
SRV:64bit: - [2009.09.14 04:00:00 | 000,128,512 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE -- (EPSON_PM_RPCV4_04)
SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2014.02.25 22:57:46 | 000,568,512 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2014.02.24 16:44:10 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- D:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2014.02.04 14:56:50 | 002,222,416 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2014.01.21 03:55:50 | 001,593,632 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2013.12.21 07:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.12.18 10:10:40 | 000,381,952 | ---- | M] (Scarlet.Crush Productions) [Auto | Running] -- D:\Stažené soubory\SCP-DS3-Driver-Package-1.1.0.136 (1)\ScpServer\bin\ScpService.exe -- (Ds3Service)
SRV - [2013.10.23 08:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.10.01 13:14:40 | 005,087,584 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2013.06.18 15:21:21 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.04.29 10:12:20 | 000,282,624 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\MSI\ControlCenter\Sleep\MSISleepService.exe -- (MSISleep)
SRV - [2012.12.07 16:26:56 | 000,167,424 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2012.10.25 19:30:38 | 000,143,416 | ---- | M] (MSI) [Auto | Running] -- D:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe -- (MSI_SuperCharger)
SRV - [2010.03.25 09:25:22 | 030,969,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2014.02.24 16:44:12 | 001,038,072 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2014.02.24 16:44:12 | 000,421,704 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsp.sys -- (aswSP)
DRV:64bit: - [2014.02.24 16:44:12 | 000,080,184 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\aswstm.sys -- (aswStm)
DRV:64bit: - [2014.02.24 16:44:12 | 000,078,648 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2014.01.02 14:16:09 | 000,207,904 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013.12.29 23:54:50 | 000,121,416 | ---- | M] (MotioninJoy) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MijXfilt.sys -- (MotioninJoyXFilter)
DRV:64bit: - [2013.12.27 19:42:26 | 000,039,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2013.10.21 13:10:33 | 000,092,544 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013.10.21 13:10:33 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013.07.01 09:25:12 | 000,019,032 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdrvio.sys -- (pwdrvio)
DRV:64bit: - [2013.07.01 09:25:10 | 000,012,384 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdspio.sys -- (pwdspio)
DRV:64bit: - [2013.06.26 15:52:17 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2013.06.02 03:56:58 | 000,031,920 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Apowersoft_AudioDevice.sys -- (Apowersoft_AudioDevice)
DRV:64bit: - [2013.05.19 08:02:50 | 000,039,168 | ---- | M] (Scarlet.Crush Productions) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ScpVBus.sys -- (ScpVBus)
DRV:64bit: - [2013.04.30 18:18:10 | 000,085,304 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wachidrouter.sys -- (WacHidRouter)
DRV:64bit: - [2013.04.30 18:18:10 | 000,014,136 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hidkmdf.sys -- (hidkmdf)
DRV:64bit: - [2013.02.25 06:27:45 | 000,194,848 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012.12.20 23:20:07 | 000,015,344 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacomrouterfilter.sys -- (wacomrouterfilter)
DRV:64bit: - [2012.12.07 17:27:50 | 000,036,928 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\htcnprot.sys -- (htcnprot)
DRV:64bit: - [2012.08.21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012.05.02 11:31:56 | 000,403,232 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2012.05.02 11:31:56 | 000,134,944 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2012.02.16 06:42:00 | 000,676,968 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2012.02.14 13:07:52 | 001,547,616 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)
DRV:64bit: - [2011.11.13 13:31:16 | 000,055,936 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.1)
DRV:64bit: - [2011.11.03 02:01:00 | 000,056,208 | ---- | M] (Rovi Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010.11.28 21:50:38 | 000,044,672 | R--- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2010.08.19 19:24:34 | 000,074,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2010.07.22 16:13:28 | 000,054,848 | ---- | M] (FSPro Labs) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\FSPFltd.sys -- (FSProFilter)
DRV:64bit: - [2010.02.18 08:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009.11.02 17:16:50 | 000,033,736 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64)
DRV:64bit: - [2009.07.14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.07.14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 02:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 01:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.03.18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV - [2013.06.27 10:26:34 | 000,019,952 | ---- | M] () [Kernel | On_Demand | Stopped] -- D:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys -- (RivaTuner64)
DRV - [2012.11.09 09:49:14 | 000,013,368 | ---- | M] (MSI) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\MSI\ControlCenter\Sleep\NTIOLib_X64.sys -- (NTIOLib_MSISMB_CC)
DRV - [2012.10.25 18:45:52 | 000,013,368 | ---- | M] (MSI) [Kernel | On_Demand | Running] -- D:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys -- (NTIOLib_1_0_3)
DRV - [2012.02.14 11:32:16 | 000,013,328 | ---- | M] (MSI) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI\ControlCenter\NTIOLib_X64.sys -- (NTIOLib_1_0_2)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2005.03.09 20:50:16 | 000,033,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\libusb0.sys -- (libusb0)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3959666384-1753593180-1987673547-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3959666384-1753593180-1987673547-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-3959666384-1753593180-1987673547-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3959666384-1753593180-1987673547-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:27.0.1
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: D:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF:64bit: - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.2: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF:64bit: - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.3: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: D:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: D:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.2: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.3: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Ondra\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\wacom.com/WacomTabletPlugin: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: D:\Program Files\AVAST Software\Avast\WebRep\FF [2014.02.24 16:44:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014.02.11 21:18:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: D:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: D:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Components: D:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Plugins: D:\Program Files (x86)\Mozilla Firefox\plugins
[2013.06.26 20:20:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ondra\AppData\Roaming\Mozilla\Extensions
[2013.12.30 19:56:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ondra\AppData\Roaming\Mozilla\Firefox\Profiles\2c396gd3.default\extensions
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/ig/redirectdomain ... &bmod=ASUT
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\gcswf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - Extension: Media Hint = C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\anepbdekljkmmimmhbniglnnanmmkoja\0.1.13_0\
CHR - Extension: Dokumenty Google = C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Disk Google = C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Facebook = C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm\1.0.3_0\
CHR - Extension: Image Downloader = C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnpniohnfphhjihaiiggeabnkjhpaldj\1.3_0\
CHR - Extension: Vyhledávánà Google = C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Adobe Acrobat - Vytvořit PDF = C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\11.0.3.37_0\
CHR - Extension: Kalendář Google = C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\
CHR - Extension: AdBlock = C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.18_0\
CHR - Extension: SoundCloud = C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipebkipbeggmmkjjljenoblnfaenambp\1_0\
CHR - Extension: Mapy Google = C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.2.7_0\
CHR - Extension: Kontrola e-mailu Google = C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\
CHR - Extension: ČSFD Vyhledávač = C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnomkaadjmphnfnjihfmdkabiahgjmfb\1.3_0\
CHR - Extension: Peněženka Google = C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2013.06.27 01:02:34 | 000,002,810 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 192.150.14.69
O1 - Hosts: 127.0.0.1 192.150.18.101
O1 - Hosts: 127.0.0.1 192.150.18.108
O1 - Hosts: 127.0.0.1 192.150.22.40
O1 - Hosts: 127.0.0.1 192.150.8.100
O1 - Hosts: 127.0.0.1 192.150.8.118
O1 - Hosts: 127.0.0.1 209-34-83-73.ood.opsource.net
O1 - Hosts: 127.0.0.1 3dns-1.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-4.adobe.com
O1 - Hosts: 127.0.0.1 3dns.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip1.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip2.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 40 more lines...
O2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - D:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Adobe Acrobat Create PDF Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2:64bit: - BHO: (Adobe Acrobat Create PDF from Selection) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Adobe Acrobat Create PDF Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe Acrobat Create PDF from Selection) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - D:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (Adobe Acrobat Create PDF Toolbar) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - D:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Adobe Acrobat Create PDF Toolbar) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - D:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3:64bit: - HKU\S-1-5-21-3959666384-1753593180-1987673547-1000\..\Toolbar\WebBrowser: (Adobe Acrobat Create PDF Toolbar) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-3959666384-1753593180-1987673547-1000\..\Toolbar\WebBrowser: (Adobe Acrobat Create PDF Toolbar) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [AutoKMS] C:\Windows\AutoKMS.exe ()
O4:64bit: - HKLM..\Run: [mylbx] D:\Program Files\My Lockbox\mylbx.exe (FSPro Labs)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" File not found
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AvastUI.exe] D:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BCSSync] D:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ControlCenterCount] C:\Program Files (x86)\MSI\ControlCenter\ControlCenterCount.exe (MSI CO.,LTD.)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [mncdaousSrv] C:\Windows\inf\mncdaous.vbe ()
O4 - HKLM..\Run: [MSStp] C:\Windows\SysWOW64\msstp.vbe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [Super-Charger] D:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe (MSI)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKU\.DEFAULT..\Run: [Copy] C:\Users\Ondra\AppData\Roaming\Copy\CopyAgent.exe (Barracuda Networks, Inc.)
O4 - HKU\S-1-5-18..\Run: [Copy] C:\Users\Ondra\AppData\Roaming\Copy\CopyAgent.exe (Barracuda Networks, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3959666384-1753593180-1987673547-1000..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-21-3959666384-1753593180-1987673547-1000..\Run: [Copy] C:\Users\Ondra\AppData\Roaming\Copy\CopyAgent.exe (Barracuda Networks, Inc.)
O4 - HKU\S-1-5-21-3959666384-1753593180-1987673547-1000..\Run: [DAEMON Tools Lite] D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKU\S-1-5-21-3959666384-1753593180-1987673547-1000..\Run: [FMCore.exe] C:\Program Files (x86)\Extensis\Suitcase Fusion 5\FMCore.exe (Celartem, Inc., doing business as Extensis.)
O4 - HKU\S-1-5-21-3959666384-1753593180-1987673547-1000..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
O4 - HKU\S-1-5-21-3959666384-1753593180-1987673547-1000..\Run: [OfficeSyncProcess] D:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-21-3959666384-1753593180-1987673547-1000..\Run: [OscarEditor] C:\Program Files (x86)\Anti-Vibrate Oscar Editor\OscarEditor.exe ()
O4 - HKU\S-1-5-21-3959666384-1753593180-1987673547-1000..\Run: [OscarX7Mouse5Mode] C:\Program Files (x86)\OscarX7Editor5Mode\OscarX7Editor5Mode\OscarEditor.exe ()
O4 - HKU\S-1-5-21-3959666384-1753593180-1987673547-1000..\Run: [Steam] D:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-3959666384-1753593180-1987673547-1000..\Run: [uTorrent] D:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Ondra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ControlCenter.exe – zástupce.lnk = C:\Program Files (x86)\MSI\ControlCenter\ControlCenter.exe (MSI CO.,LTD.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - D:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Od&eslat do aplikace OneNote - D:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8:64bit: - Extra context menu item: Převést cíl vazby do Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Převést do Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Připojit cíl vazby k existujícímu PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Připojit k existujícímu PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - D:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Od&eslat do aplikace OneNote - D:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Převést do Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Připojit cíl vazby k existujícímu PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Připojit k existujícímu PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Extensis\Extensis Suitcase 11\Bonjour\mdnsNSP.dll File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2C58651D-00F9-41D6-9ECF-8BEFE8C785A5}: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{70F20639-0F8A-4A41-8919-4E65AAA71160}: DhcpNameServer = 10.15.20.199 8.8.8.8
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.10.14 12:56:42 | 000,000,049 | -H-- | M] () - I:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2013.06.25 12:11:51 | 000,000,050 | R--- | M] () - J:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{13ff077e-de6a-11e2-a6d4-d43d7e9c8416}\Shell - "" = AutoRun
O33 - MountPoints2\{13ff077e-de6a-11e2-a6d4-d43d7e9c8416}\Shell\AutoRun\command - "" = J:\Setup.exe -- [2013.11.13 21:05:43 | 001,681,225 | R--- | M] ( )
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\SysWow64\ff_vfw.dll ()
Drivers32: vidc.MP42 - C:\Windows\SysWow64\MPG4c32.dll (Microsoft Corporation)
Drivers32: vidc.MP43 - C:\Windows\SysWow64\MPG4c32.dll (Microsoft Corporation)
Drivers32: vidc.MPG4 - C:\Windows\SysWow64\MPG4c32.dll (Microsoft Corporation)
Drivers32: vidc.XVID - C:\Windows\SysWow64\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2014.02.25 12:32:00 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Ondra\Desktop\OTL.exe
[2014.02.25 10:46:42 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014.02.25 10:46:41 | 000,000,000 | ---D | C] -- C:\rsit
[2014.02.20 16:06:57 | 031,432,480 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2014.02.20 16:06:57 | 023,683,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2014.02.20 16:06:57 | 017,715,784 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2014.02.20 16:06:57 | 015,740,232 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2014.02.20 16:06:57 | 011,636,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2014.02.20 16:06:57 | 011,589,272 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2014.02.20 16:06:57 | 009,728,064 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2014.02.20 16:06:57 | 009,690,424 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2014.02.20 16:06:57 | 003,142,432 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2014.02.20 16:06:57 | 002,956,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2014.02.20 16:06:57 | 002,782,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2014.02.20 16:06:57 | 002,410,784 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2014.02.20 16:06:57 | 001,885,472 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6433489.dll
[2014.02.20 16:06:57 | 001,515,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6433489.dll
[2014.02.20 16:06:57 | 000,892,192 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2014.02.20 16:06:57 | 000,875,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2014.02.20 16:06:57 | 000,863,520 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2014.02.20 16:06:57 | 000,844,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2014.02.20 16:06:57 | 000,832,424 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2014.02.20 16:06:57 | 000,483,104 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvEncodeAPI64.dll
[2014.02.20 16:06:57 | 000,408,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvEncodeAPI.dll
[2014.02.20 16:06:57 | 000,378,656 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFROpenGL.dll
[2014.02.20 16:06:57 | 000,353,504 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2014.02.20 16:06:57 | 000,305,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2014.02.20 16:06:57 | 000,174,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2014.02.20 16:06:57 | 000,148,528 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2014.02.20 16:06:56 | 025,256,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2014.02.20 16:06:56 | 017,560,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2014.02.19 13:58:39 | 000,000,000 | ---D | C] -- C:\Users\Ondra\AppData\Local\NVIDIA Corporation
[2014.02.19 13:58:29 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll
[2014.02.19 13:58:29 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll
[2014.02.19 13:58:28 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll
[2014.02.19 13:58:28 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll
[2014.02.19 13:58:28 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll
[2014.02.19 13:58:19 | 001,179,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspcap64.dll
[2014.02.19 13:58:19 | 001,048,152 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspcap.dll
[2014.02.19 13:58:02 | 000,039,200 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvvad64v.sys
[2014.02.19 13:58:02 | 000,035,104 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvaudcap64v.dll
[2014.02.19 13:58:02 | 000,033,056 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvaudcap32v.dll
[2014.02.19 01:38:47 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2014.02.05 22:02:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
========== Files - Modified Within 30 Days ==========
[2014.02.27 09:09:14 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.02.27 09:05:12 | 000,017,136 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.02.27 09:05:12 | 000,017,136 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.02.27 09:04:03 | 001,576,554 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014.02.27 09:04:03 | 000,666,194 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2014.02.27 09:04:03 | 000,651,938 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014.02.27 09:04:03 | 000,139,890 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2014.02.27 09:04:03 | 000,120,870 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014.02.27 08:59:37 | 000,001,259 | ---- | M] () -- C:\Users\Ondra\rgmnr
[2014.02.27 08:58:23 | 000,000,946 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014.02.27 08:58:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.02.27 08:57:59 | 4255,252,478 | -HS- | M] () -- C:\hiberfil.sys
[2014.02.26 10:38:02 | 000,000,950 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014.02.26 09:46:02 | 005,194,424 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014.02.25 12:32:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Ondra\Desktop\OTL.exe
[2014.02.25 10:19:13 | 000,119,296 | ---- | M] () -- C:\Windows\SysWow64\zlib.dll
[2014.02.24 16:44:29 | 000,001,030 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014.02.24 16:44:12 | 001,038,072 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2014.02.24 16:44:12 | 000,421,704 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswsp.sys
[2014.02.24 16:44:12 | 000,334,136 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2014.02.24 16:44:12 | 000,080,184 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswstm.sys
[2014.02.24 16:44:12 | 000,078,648 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2014.02.24 16:44:11 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2014.02.21 19:39:12 | 000,002,189 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014.02.19 12:11:20 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01009.Wdf
[2014.02.19 12:11:20 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_MijXfilt_01009.Wdf
[2014.02.11 21:18:58 | 000,002,146 | ---- | M] () -- C:\Users\Public\Desktop\Adobe FormsCentral.lnk
[2014.02.11 21:18:58 | 000,002,032 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Acrobat XI Pro.lnk
[2014.02.08 19:34:51 | 031,432,480 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2014.02.08 19:34:51 | 025,256,224 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2014.02.08 19:34:51 | 023,683,360 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2014.02.08 19:34:51 | 018,257,576 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2014.02.08 19:34:51 | 017,715,784 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2014.02.08 19:34:51 | 017,560,352 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2014.02.08 19:34:51 | 015,740,232 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2014.02.08 19:34:51 | 014,669,032 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2014.02.08 19:34:51 | 011,636,176 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2014.02.08 19:34:51 | 011,589,272 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2014.02.08 19:34:51 | 009,728,064 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2014.02.08 19:34:51 | 009,690,424 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2014.02.08 19:34:51 | 003,142,432 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2014.02.08 19:34:51 | 003,090,184 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2014.02.08 19:34:51 | 002,956,576 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2014.02.08 19:34:51 | 002,782,496 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2014.02.08 19:34:51 | 002,713,728 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2014.02.08 19:34:51 | 002,410,784 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2014.02.08 19:34:51 | 001,885,472 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6433489.dll
[2014.02.08 19:34:51 | 001,515,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6433489.dll
[2014.02.08 19:34:51 | 000,947,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2014.02.08 19:34:51 | 000,892,192 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2014.02.08 19:34:51 | 000,875,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2014.02.08 19:34:51 | 000,863,520 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2014.02.08 19:34:51 | 000,844,576 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2014.02.08 19:34:51 | 000,832,424 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2014.02.08 19:34:51 | 000,483,104 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvEncodeAPI64.dll
[2014.02.08 19:34:51 | 000,408,352 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvEncodeAPI.dll
[2014.02.08 19:34:51 | 000,378,656 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFROpenGL.dll
[2014.02.08 19:34:51 | 000,353,504 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2014.02.08 19:34:51 | 000,333,600 | ---- | M] () -- C:\Windows\SysWow64\NvIFROpenGL.dll
[2014.02.08 19:34:51 | 000,305,600 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2014.02.08 19:34:51 | 000,174,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2014.02.08 19:34:51 | 000,148,528 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2014.02.08 19:34:51 | 000,024,544 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
========== Files Created - No Company Name ==========
[2014.02.25 12:37:25 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.02.24 16:35:43 | 000,001,259 | ---- | C] () -- C:\Users\Ondra\rgmnr
[2014.02.24 16:23:46 | 000,001,419 | --S- | C] () -- C:\Windows\SysWow64\msstp.vbe
[2014.02.20 16:06:57 | 000,333,600 | ---- | C] () -- C:\Windows\SysWow64\NvIFROpenGL.dll
[2014.02.19 12:11:20 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01009.Wdf
[2014.02.19 12:11:20 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_MijXfilt_01009.Wdf
[2014.02.11 21:18:58 | 000,002,453 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat XI Pro.lnk
[2014.02.11 21:18:58 | 000,002,216 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe FormsCentral.lnk
[2014.02.11 21:18:58 | 000,002,146 | ---- | C] () -- C:\Users\Public\Desktop\Adobe FormsCentral.lnk
[2014.02.11 21:18:58 | 000,002,055 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller XI.lnk
[2014.02.11 21:18:58 | 000,002,032 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Acrobat XI Pro.lnk
[2014.01.24 20:51:37 | 000,000,037 | ---- | C] () -- C:\Windows\SWFConverter.INI
[2013.12.29 23:45:57 | 000,033,792 | ---- | C] () -- C:\Windows\SysWow64\drivers\libusb0.sys
[2013.12.29 23:30:47 | 000,119,296 | ---- | C] () -- C:\Windows\SysWow64\zlib.dll
[2013.12.29 23:30:47 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\ADsSecurity.dll
[2013.12.29 23:30:47 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\dxinputdll.dll
[2013.12.29 14:59:52 | 000,012,005 | ---- | C] () -- C:\Users\Ondra\AppData\Roaming\alsoft.ini
[2013.09.15 15:58:05 | 000,000,098 | ---- | C] () -- C:\ProgramData\.ST160
[2013.09.15 15:57:59 | 000,000,010 | ---- | C] () -- C:\ProgramData\.F4G6EEC4-B493-3E31-C6BG-8C6C9B764D36
[2013.09.15 15:57:59 | 000,000,010 | ---- | C] () -- C:\Users\Ondra\AppData\Local\.C3F2FH85-G3D2-2F02-D5CH-7D3D8C553E56
[2013.08.28 20:21:49 | 000,112,640 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2013.07.29 10:01:47 | 000,000,014 | ---- | C] () -- C:\ProgramData\.ST150
[2013.07.27 01:07:06 | 000,615,936 | ---- | C] () -- C:\Windows\AutoKMS.exe
[2013.07.27 01:07:06 | 000,000,161 | ---- | C] () -- C:\Windows\AutoKMS.ini
[2013.07.20 00:53:18 | 000,761,856 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2013.07.20 00:53:18 | 000,135,168 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2013.07.01 19:30:06 | 000,000,132 | ---- | C] () -- C:\Users\Ondra\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
[2013.06.29 08:26:07 | 000,000,010 | ---- | C] () -- C:\Users\Ondra\AppData\Local\.HG88C586-G30G-2HE2-DGDE-8H3E1D530D30
[2013.06.29 08:26:07 | 000,000,010 | ---- | C] () -- C:\ProgramData\.F464B91F-G49F-3G3D-CFCD-9G7D2C141C96
[2013.06.27 17:56:03 | 000,000,017 | ---- | C] () -- C:\Users\Ondra\AppData\Local\resmon.resmoncfg
[2013.06.26 18:48:18 | 001,554,160 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.05.04 14:37:46 | 000,054,784 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
========== ZeroAccess Check ==========
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2009.07.14 02:41:54 | 014,161,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2009.07.14 02:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.07.14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2013.08.29 22:16:32 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Apowersoft
[2013.06.26 16:34:43 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Ashampoo
[2013.07.25 17:17:06 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Autodesk
[2013.10.22 08:16:46 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\AVAST Software
[2013.09.06 18:05:56 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Braid
[2013.07.12 15:26:00 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2014.02.27 08:59:33 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Copy
[2014.02.11 21:12:31 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\DAEMON Tools Lite
[2013.07.08 14:34:41 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Doublefine
[2013.07.07 18:05:19 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\EPSON
[2013.09.15 09:58:36 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Extensis
[2014.02.17 20:49:12 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\FEZ
[2013.11.30 16:00:42 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\GHISLER
[2014.01.15 16:26:50 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Gomo
[2013.07.06 22:02:01 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\HTC
[2013.07.06 22:02:59 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
[2013.08.29 22:10:27 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\KastorAllVideoDownloader
[2013.08.29 22:01:38 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\KastorFreeVimeoDownloader
[2013.06.29 10:29:14 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\MAXON
[2013.12.29 23:18:04 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\MotioninJoy
[2013.08.28 00:03:04 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Opera Software
[2013.12.30 19:56:46 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Orbit
[2013.06.30 10:59:47 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Origin
[2013.06.30 22:05:45 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\PACE Anti-Piracy
[2013.06.26 15:58:32 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\PerformerSoft
[2013.12.29 23:32:47 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\PowerUp Software
[2013.12.30 19:50:42 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\ProgSense
[2013.08.30 12:03:19 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Resolume
[2013.08.25 12:29:33 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Resolume Arena 4
[2013.09.15 09:33:42 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Resolume Avenue 4
[2014.01.15 18:46:54 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\SketchUp
[2013.06.27 02:09:58 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2013.10.31 12:01:39 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\TeamViewer
[2013.10.31 14:38:14 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Trillian
[2013.08.30 11:55:55 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\TroikaTronix
[2013.09.15 09:27:16 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\TS3Client
[2013.07.14 16:54:55 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Ubisoft
[2013.07.07 09:58:46 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Unity
[2014.02.27 09:13:44 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\uTorrent
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009.07.14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 06:08:49 | 000,032,582 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2013.06.26 15:07:20 | 000,000,946 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.06.26 15:07:20 | 000,000,950 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
< >
< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\SysWOW64\autochk.exe
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 02:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\SysNative\autochk.exe
[2009.07.14 02:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
< MD5 for: CDROM.SYS >
[2009.07.14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\drivers\cdrom.sys
[2009.07.14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys
[2009.07.14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\SysWOW64\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2009.08.03 07:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2009.10.31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2009.10.31 07:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\explorer.exe
[2009.07.14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2009.08.03 07:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
< MD5 for: HAL.DLL >
[2009.07.14 02:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\SysNative\hal.dll
[2009.07.14 02:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\SysNative\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: TCPIP.SYS >
[2013.01.04 06:41:01 | 001,893,224 | ---- | M] (Microsoft Corporation) MD5=5CFB7AB8F9524D1A1E14369DE63B83CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_0f6a6af57fd59de6\tcpip.sys
[2013.01.03 06:57:12 | 001,876,824 | ---- | M] (Microsoft Corporation) MD5=692969AB90BDA19F56E27BF89A9260E2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_0fe8397098fc3d71\tcpip.sys
[2009.07.14 02:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\SysNative\drivers\tcpip.sys
[2009.07.14 02:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2013.01.03 07:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2013.01.04 06:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys
< MD5 for: USERINIT.EXE >
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\SysNative\winlogon.exe
[2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
< >
Re: mncdaous.exe + časté blokace virů Avastem
< %systemroot%*.* /U /s >
[1 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[4 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[2 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[16 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2013.09.17 14:59:59 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Adobe
[2013.08.29 22:16:32 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Apowersoft
[2013.08.13 12:03:52 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Apple Computer
[2013.06.26 16:34:43 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Ashampoo
[2013.07.02 08:03:41 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\ATI
[2013.07.25 17:17:06 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Autodesk
[2013.10.22 08:16:46 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\AVAST Software
[2013.09.06 18:05:56 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Braid
[2013.07.12 15:26:00 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2014.02.27 09:18:36 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Copy
[2013.06.30 22:20:07 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Corel
[2014.02.11 21:12:31 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\DAEMON Tools Lite
[2013.07.08 14:34:41 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Doublefine
[2013.11.25 00:15:32 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\dvdcss
[2013.07.07 18:05:19 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\EPSON
[2013.09.15 09:58:36 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Extensis
[2014.02.17 20:49:12 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\FEZ
[2013.11.30 16:00:42 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\GHISLER
[2014.01.15 16:26:50 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Gomo
[2013.07.06 22:02:01 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\HTC
[2013.07.06 22:02:59 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
[2013.06.26 11:01:07 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Identities
[2013.08.29 22:10:27 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\KastorAllVideoDownloader
[2013.08.29 22:01:38 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\KastorFreeVimeoDownloader
[2013.06.26 15:15:14 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Macromedia
[2013.06.29 10:29:14 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\MAXON
[2009.07.14 16:36:38 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Media Center Programs
[2013.12.09 17:28:57 | 000,000,000 | --SD | M] -- C:\Users\Ondra\AppData\Roaming\Microsoft
[2013.12.29 23:18:04 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\MotioninJoy
[2013.06.26 20:20:21 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Mozilla
[2013.06.27 01:51:29 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\NVIDIA
[2013.08.28 00:03:04 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Opera Software
[2013.12.30 19:56:46 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Orbit
[2013.06.30 10:59:47 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Origin
[2013.06.30 22:05:45 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\PACE Anti-Piracy
[2013.06.26 15:58:32 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\PerformerSoft
[2013.12.29 23:32:47 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\PowerUp Software
[2013.12.30 19:50:42 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\ProgSense
[2013.12.30 19:57:08 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Real
[2013.08.30 12:03:19 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Resolume
[2013.08.25 12:29:33 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Resolume Arena 4
[2013.09.15 09:33:42 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Resolume Avenue 4
[2013.07.03 18:18:25 | 000,000,000 | RH-D | M] -- C:\Users\Ondra\AppData\Roaming\SecuROM
[2014.01.15 18:46:54 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\SketchUp
[2014.02.10 04:42:03 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Skype
[2013.06.27 02:09:58 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2013.10.31 12:01:39 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\TeamViewer
[2013.06.29 10:49:28 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\TortoiseHg
[2013.10.31 14:38:14 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Trillian
[2013.08.30 11:55:55 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\TroikaTronix
[2013.09.15 09:27:16 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\TS3Client
[2013.07.14 16:54:55 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Ubisoft
[2013.07.07 09:58:46 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Unity
[2014.02.27 09:18:50 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\uTorrent
[2014.02.26 00:46:16 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\vlc
[2013.06.26 16:29:47 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\WinRAR
[2013.08.08 04:25:22 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\WTablet
< %APPDATA%\*.exe /s >
[2014.02.10 17:35:19 | 015,501,968 | ---- | M] (Barracuda Networks, Inc.) -- C:\Users\Ondra\AppData\Roaming\Copy\CopyAgent.exe
[2014.02.10 17:35:19 | 003,715,728 | ---- | M] () -- C:\Users\Ondra\AppData\Roaming\Copy\CopyCmd.exe
[2014.02.10 17:35:19 | 002,500,752 | ---- | M] () -- C:\Users\Ondra\AppData\Roaming\Copy\CopyConsole.exe
[2013.07.06 22:00:02 | 000,054,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\Ondra\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2013.08.30 11:56:10 | 000,010,134 | R--- | M] () -- C:\Users\Ondra\AppData\Roaming\Microsoft\Installer\{48624777-27AF-4045-93E5-5A3186D96781}\ARPPRODUCTICON.exe
[2013.07.18 13:14:42 | 000,022,486 | R--- | M] () -- C:\Users\Ondra\AppData\Roaming\Microsoft\Installer\{F7D10A5F-5584-43FD-A931-1CD2CD517AF2}\product_1.exe
[2013.12.29 23:54:49 | 000,104,768 | ---- | M] (www.motioninjoy.com) -- C:\Users\Ondra\AppData\Roaming\MotioninJoy\DS3tool\update\DS3_Tool.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job >
[2014.02.27 08:58:23 | 000,000,946 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2014.02.26 10:38:02 | 000,000,950 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2014.02.25 10:19:13 | 000,119,296 | ---- | M] () -- C:\Windows\system32\zlib.dll
< %SYSTEMDRIVE%\*.exe >
< >
< *crack* /s >
< *keygen* /s >
< *AntiWPA* /s >
< *loader* /s >
[2013.05.16 15:41:22 | 001,152,288 | ---- | M] () -- \NVIDIA\DisplayDriver\GeForce320.49Driver\ExtensionLoader.dll
[2013.05.16 15:41:22 | 001,152,288 | ---- | M] () -- \NVIDIA\DisplayDriver\GeForce320.49Driver\GFExperience\ExtensionLoader.dll
[2014.01.21 03:54:02 | 001,168,672 | ---- | M] () -- \NVIDIA\DisplayDriver\GeForce334.89Driver\ExtensionLoader.dll
[2014.02.05 10:31:23 | 001,169,184 | ---- | M] () -- \NVIDIA\DisplayDriver\GeForce334.89Driver\GFExperience\ExtensionLoader.dll
[2012.09.23 20:43:52 | 000,012,278 | ---- | M] () -- \Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\WebPublish\BootStrapLoader.swf
[2012.02.22 22:11:56 | 000,078,336 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_BinaryLoader_4.4.3.dll
[2012.02.22 22:11:56 | 000,155,136 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_XSDLoader2_4.4.3.dll
[2012.02.22 22:11:56 | 000,117,248 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_XSDLoader_4.4.3.dll
[2013.04.21 20:44:16 | 000,008,827 | ---- | M] () -- \Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\HeapSnapshotLoader.js
[2008.07.30 09:06:58 | 000,072,192 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7Debug\coloader80.dll
[2008.07.29 02:43:16 | 000,004,096 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7Debug\coloader80.tlb
[2010.03.24 19:12:34 | 000,249,680 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2010.03.24 19:12:34 | 000,018,264 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2013.05.13 09:19:00 | 000,659,456 | ---- | M] () -- \Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
[2013.05.13 09:19:00 | 000,000,151 | ---- | M] () -- \Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.ini
[2014.01.21 03:54:02 | 001,168,672 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\ExtensionLoader.dll
[2013.06.04 09:57:24 | 000,057,224 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2013.06.04 09:57:24 | 000,065,416 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2013.06.04 09:57:24 | 000,083,848 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2013.06.04 09:57:24 | 000,088,968 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader64.dll
[2010.03.24 19:35:48 | 000,370,512 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2010.03.24 19:35:48 | 000,018,264 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2013.02.07 08:02:34 | 000,095,744 | ---- | M] () -- \Program Files\Maxon\CINEMA 4D R14\plugins\VrayBridge\vray_plugins64\vray_GeomMeshLoader.dll
[2013.02.07 08:02:34 | 000,105,984 | ---- | M] () -- \Program Files\Maxon\CINEMA 4D R14\plugins\VrayBridge\vray_plugins64\vray_GeomMeshLoader1.dll
[2014.01.21 03:54:02 | 001,168,672 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.GFExperience.{2498A556-CE32-4C9C-BEEF-BED33CCC0D81}\ExtensionLoader.dll
[2013.05.16 15:41:22 | 001,152,288 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.GFExperience.{68794087-CD08-4019-93DC-C7191365B67C}\ExtensionLoader.dll
[2014.02.05 10:31:23 | 001,169,184 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.GFExperience.{818AEF37-CA92-4269-B062-F9CB2CDB1DE4}\ExtensionLoader.dll
[2013.06.26 16:00:55 | 000,000,842 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Uninstaller.lnk
[2013.06.26 16:00:55 | 000,000,827 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
[2013.06.26 16:00:55 | 000,000,882 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
[2013.04.25 16:31:28 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2013.04.25 16:31:28 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2013.11.11 14:39:40 | 000,006,012 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\normal\loader_15fps.gif
[2013.11.11 14:39:40 | 000,021,956 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\normal\loader_30fps.gif
[2013.04.25 16:31:28 | 000,009,772 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\retina\loader@2x.png
[2013.06.26 16:00:55 | 000,000,842 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\JDownloader Uninstaller.lnk
[2013.06.26 16:00:55 | 000,000,827 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
[2013.06.26 16:00:55 | 000,000,882 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
[2013.04.25 16:31:28 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2013.04.25 16:31:28 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2013.11.11 14:39:40 | 000,006,012 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\normal\loader_15fps.gif
[2013.11.11 14:39:40 | 000,021,956 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\normal\loader_30fps.gif
[2013.04.25 16:31:28 | 000,009,772 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\retina\loader@2x.png
[2011.03.17 07:30:06 | 000,000,544 | ---- | M] () -- \Users\Ondra\AppData\Local\Adobe\Flash CS5.5\en_US\Configuration\Classes\FP7\MovieClipLoader.as
[2011.03.17 07:30:06 | 000,000,544 | ---- | M] () -- \Users\Ondra\AppData\Local\Adobe\Flash CS5.5\en_US\Configuration\Classes\FP8\MovieClipLoader.as
[2011.03.17 07:30:06 | 000,000,576 | ---- | M] () -- \Users\Ondra\AppData\Local\Adobe\Flash CS5.5\en_US\Configuration\Classes\FP9\MovieClipLoader.as
[2011.03.17 07:30:08 | 000,010,454 | ---- | M] () -- \Users\Ondra\AppData\Local\Adobe\Flash CS5.5\en_US\Configuration\Classes\mx\controls\Loader.as
[2012.03.30 15:20:02 | 000,000,544 | ---- | M] () -- \Users\Ondra\AppData\Local\Adobe\Flash CS6\cs_CZ\Configuration\Classes\FP7\MovieClipLoader.as
[2012.03.30 15:20:02 | 000,000,544 | ---- | M] () -- \Users\Ondra\AppData\Local\Adobe\Flash CS6\cs_CZ\Configuration\Classes\FP8\MovieClipLoader.as
[2012.03.30 15:20:02 | 000,000,576 | ---- | M] () -- \Users\Ondra\AppData\Local\Adobe\Flash CS6\cs_CZ\Configuration\Classes\FP9\MovieClipLoader.as
[2012.03.30 15:20:02 | 000,010,454 | ---- | M] () -- \Users\Ondra\AppData\Local\Adobe\Flash CS6\cs_CZ\Configuration\Classes\mx\controls\Loader.as
[2014.02.20 16:09:52 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI10002\_win32sysloader.pyd
[2014.01.06 01:26:16 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI17882\_win32sysloader.pyd
[2014.01.09 08:35:18 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI18322\_win32sysloader.pyd
[2014.01.08 14:01:03 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI22202\_win32sysloader.pyd
[2014.01.06 10:03:36 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI22602\_win32sysloader.pyd
[2014.02.10 13:13:20 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI23242\_win32sysloader.pyd
[2014.02.08 10:54:36 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI23682\_win32sysloader.pyd
[2014.01.27 14:02:52 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI24082\_win32sysloader.pyd
[2014.02.12 16:41:49 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI24122\_win32sysloader.pyd
[2014.02.14 13:33:38 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI24123\_win32sysloader.pyd
[2014.01.14 08:37:03 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI24282\_win32sysloader.pyd
[2014.02.18 10:19:00 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI24322\_win32sysloader.pyd
[2014.01.28 13:46:56 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI24362\_win32sysloader.pyd
[2014.02.23 17:03:51 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI24402\_win32sysloader.pyd
[2014.02.24 12:38:23 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI24403\_win32sysloader.pyd
[2014.02.21 08:50:22 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI24442\_win32sysloader.pyd
[2014.02.01 10:02:15 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI24562\_win32sysloader.pyd
[2014.02.17 17:53:45 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI24563\_win32sysloader.pyd
[2014.01.16 09:27:24 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI24602\_win32sysloader.pyd
[2014.01.22 09:28:32 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI24603\_win32sysloader.pyd
[2014.01.28 20:09:56 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI24604\_win32sysloader.pyd
[2014.01.23 14:28:22 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI24642\_win32sysloader.pyd
[2014.01.10 09:10:35 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI24722\_win32sysloader.pyd
[2014.01.09 23:55:57 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI24762\_win32sysloader.pyd
[2014.02.15 22:27:51 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI24763\_win32sysloader.pyd
[2014.02.04 13:47:51 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI24842\_win32sysloader.pyd
[2014.01.21 07:42:42 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI24882\_win32sysloader.pyd
[2014.02.12 17:05:36 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI24883\_win32sysloader.pyd
[2014.02.20 09:21:48 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI24884\_win32sysloader.pyd
[2014.01.12 14:59:57 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI24922\_win32sysloader.pyd
[2014.01.20 14:59:35 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI24923\_win32sysloader.pyd
[2014.01.16 13:43:29 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI24962\_win32sysloader.pyd
[2014.02.07 11:32:52 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI25002\_win32sysloader.pyd
[2014.02.23 12:15:53 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI25003\_win32sysloader.pyd
[2014.02.13 07:54:30 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI25122\_win32sysloader.pyd
[2014.02.13 14:21:26 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI25123\_win32sysloader.pyd
[2014.01.31 12:36:15 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI25162\_win32sysloader.pyd
[2014.02.17 10:37:59 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI25163\_win32sysloader.pyd
[2014.01.12 16:49:26 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI25202\_win32sysloader.pyd
[2014.01.18 05:35:42 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI25242\_win32sysloader.pyd
[2014.02.05 22:01:48 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI25243\_win32sysloader.pyd
[2014.01.19 08:39:27 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI25282\_win32sysloader.pyd
[2014.02.03 07:47:33 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI25442\_win32sysloader.pyd
[2014.02.09 11:38:32 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI25443\_win32sysloader.pyd
[2014.01.14 22:54:53 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI25482\_win32sysloader.pyd
[2014.02.11 13:17:28 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI25483\_win32sysloader.pyd
[2014.02.05 19:24:16 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI25522\_win32sysloader.pyd
[2014.01.21 09:09:48 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI25642\_win32sysloader.pyd
[2014.02.05 07:52:17 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI25682\_win32sysloader.pyd
[2014.01.13 15:30:36 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI25722\_win32sysloader.pyd
[2014.01.17 08:56:07 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI25762\_win32sysloader.pyd
[2014.01.18 15:05:02 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI25962\_win32sysloader.pyd
[2014.02.25 10:19:11 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI26122\_win32sysloader.pyd
[2014.02.02 01:48:37 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI26162\_win32sysloader.pyd
[2014.02.19 10:59:27 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI26402\_win32sysloader.pyd
[2014.02.06 18:12:35 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI26682\_win32sysloader.pyd
[2014.02.06 09:35:05 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI26802\_win32sysloader.pyd
[2014.01.31 23:55:31 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI26882\_win32sysloader.pyd
[2014.02.02 10:31:59 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI26962\_win32sysloader.pyd
[2014.02.24 16:00:53 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI26963\_win32sysloader.pyd
[2014.02.03 11:42:24 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI27242\_win32sysloader.pyd
[2014.02.16 10:05:40 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI27922\_win32sysloader.pyd
[2014.01.11 09:37:50 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI28282\_win32sysloader.pyd
[2014.01.23 15:37:28 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI37642\_win32sysloader.pyd
[2014.02.17 20:50:34 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI42522\_win32sysloader.pyd
[2014.02.12 10:38:52 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI47602\_win32sysloader.pyd
[2014.02.27 08:58:26 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI47682\_win32sysloader.pyd
[2014.02.25 10:37:11 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI50322\_win32sysloader.pyd
[2014.01.21 22:50:14 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI51082\_win32sysloader.pyd
[2014.02.19 01:38:57 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI99882\_win32sysloader.pyd
[2014.01.21 03:54:02 | 001,168,672 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\11.10.11.1\GFExperience\ExtensionLoader.dll
[2013.06.26 16:00:57 | 000,000,882 | ---- | M] () -- \Users\Ondra\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\JDownloader.lnk
[2013.06.26 16:00:55 | 000,000,882 | ---- | M] () -- \Users\Ondra\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\JDownloader.lnk
[2013.12.30 19:51:47 | 000,187,105 | ---- | M] () -- \Users\Ondra\AppData\Roaming\Orbit\icon\JDownloader.ico
[2013.12.30 19:51:47 | 000,022,486 | ---- | M] () -- \Users\Ondra\AppData\Roaming\Orbit\icon\Orbit Downloader.ico
[2013.06.30 11:02:25 | 000,000,882 | ---- | M] () -- \Users\Ondra\Desktop\JDownloader.lnk
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 02:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 02:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:28:57 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_66dcd6a595588d81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:41:11 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_66b5981d957562a1\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:26:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_66fe4899953f502c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:26:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_67667556ae762a72\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:36:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_67316604ae9dcf7e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 15:12:39 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_677d175eae65090e\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:38:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:38:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:32:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 16:17:49 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 16:17:49 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2009.07.14 16:17:49 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2009.07.14 16:17:49 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2009.07.14 16:17:49 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2009.07.14 03:58:45 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2009.07.14 03:58:45 | 000,641,088 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef_winload.efi_75834aa0
[2009.07.14 03:58:45 | 000,604,192 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef_winload.exe_75835076
[2009.07.14 03:58:45 | 000,557,136 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef_winresume.efi_85cd069f
[2009.07.14 03:58:45 | 000,518,352 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef_winresume.exe_85cd1215
[2009.07.14 03:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009.07.14 16:15:51 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 03:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011.02.05 14:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.02.05 14:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2011.02.05 18:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 14:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 03:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:45:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:56:23 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_0a96fc99dd17f16b\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:43:53 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_0adfad15dce1def6\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:48:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:44:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_0b12ca80f6405e48\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:39:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_0b5e7bdaf60797d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:40:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:45:15 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
< *minodlogin* /s >
< *tnod* /s >
[2013.12.30 19:56:18 | 000,000,004 | ---- | M] () -- \Users\Ondra\AppData\Roaming\Orbit\dhtnodes.dat
< *AutoKMS* /s >
[2013.07.27 01:07:06 | 000,615,936 | ---- | M] () -- \Windows\AutoKMS.exe
[2013.07.27 01:07:06 | 000,000,161 | ---- | M] () -- \Windows\AutoKMS.ini
< *activator* /s >
[2011.03.17 07:30:08 | 000,002,319 | ---- | M] () -- \Users\Ondra\AppData\Local\Adobe\Flash CS5.5\en_US\Configuration\Classes\mx\skins\halo\ActivatorSkin.as
[2011.03.17 07:30:08 | 000,001,806 | ---- | M] () -- \Users\Ondra\AppData\Local\Adobe\Flash CS5.5\en_US\Configuration\Classes\mx\skins\sample\ActivatorSkin.as
[2012.03.30 15:20:02 | 000,002,319 | ---- | M] () -- \Users\Ondra\AppData\Local\Adobe\Flash CS6\cs_CZ\Configuration\Classes\mx\skins\halo\ActivatorSkin.as
[2012.03.30 15:20:02 | 000,001,806 | ---- | M] () -- \Users\Ondra\AppData\Local\Adobe\Flash CS6\cs_CZ\Configuration\Classes\mx\skins\sample\ActivatorSkin.as
< *serial* /s >
[2005.04.18 11:14:42 | 000,022,659 | ---- | M] () -- \Program Files (x86)\Common Files\Logitech\LGS460Inst\Driver\Lserial.VxD
[2013.09.16 09:19:18 | 000,020,480 | ---- | M] () -- \Program Files (x86)\FEZ\ContentSerialization.dll
[2013.05.13 09:19:00 | 000,036,864 | ---- | M] () -- \Program Files (x86)\HTC\HTC Sync 3.0\Maps\SyncEngine.XmlSerializers.dll
[2006.01.26 23:44:04 | 000,000,612 | ---- | M] () -- \Program Files (x86)\Microsoft Visual Studio 9.0\VB\Snippets\1033\other\connectivity\EnumerateSerialPorts.snippet
[2006.01.26 23:44:04 | 000,001,198 | ---- | M] () -- \Program Files (x86)\Microsoft Visual Studio 9.0\VB\Snippets\1033\other\connectivity\ReadDatafromaSerialPort.snippet
[2006.01.26 23:44:04 | 000,001,512 | ---- | M] () -- \Program Files (x86)\Microsoft Visual Studio 9.0\VB\Snippets\1033\other\connectivity\UseaSerialPorttoDialaPhoneNumber.snippet
[2009.06.10 22:13:54 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2009.07.14 16:17:32 | 000,090,112 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2008.06.14 00:32:10 | 000,285,032 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\en\System.Runtime.Serialization.xml
[2013.05.20 15:13:38 | 000,002,745 | R--- | M] () -- \Program Files\Maxon\CINEMA 4D R14\plugins\cinema4dsdk\source\gui\serial.cpp
[2013.05.17 16:45:18 | 000,000,784 | R--- | M] () -- \Program Files\Maxon\CINEMA 4D R14\plugins\cinema4dsdk\source\gui\serial_hook.cpp
[2009.06.10 21:30:43 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2009.07.14 16:17:32 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2009.07.14 16:17:20 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2009.07.14 16:17:32 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2009.06.10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2014.01.07 02:34:25 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\39e53f507d9cbc5c10a2f47c4b0d09dd\System.Runtime.Serialization.ni.dll
[2014.01.07 02:34:08 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\d57d865568209a71d63739fa448ed6df\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.01.07 02:22:55 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\12aaff696a0c54773664b4c5407deaa2\System.Runtime.Serialization.ni.dll
[2014.01.07 02:22:22 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\d0c6d3aadce1e38bbcb06905e132a503\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.01.07 08:46:21 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\77abf1693d291d374b58ffbbfe36d4dd\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.01.07 09:27:18 | 002,647,040 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\910fe53ec2122cf3a2ad11c2b2f5cbfd\System.Runtime.Serialization.ni.dll
[2014.01.07 09:29:21 | 000,009,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\058c3947c450591cb81643529cfd5ca7\System.Xml.Serialization.ni.dll
[2013.06.26 20:53:19 | 003,375,616 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\08fba6b56d838ad48b4451c82e5728d4\System.Runtime.Serialization.ni.dll
[2014.01.07 02:46:25 | 003,412,992 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\a3a3ccd41789ba4eb01f51db6c508222\System.Runtime.Serialization.ni.dll
[2013.06.26 20:54:10 | 000,374,272 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\b468f9d8655e91b7a6aa11473eca4a97\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.01.07 02:47:23 | 000,376,832 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\c79d7323e38d906c09917fe1d40b2ad7\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.01.07 09:27:02 | 000,010,240 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.Serializ#\7711bba76f0bf9a22deaa8bb2e09bb16\System.Xml.Serialization.ni.dll
[2013.07.01 21:28:17 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014.01.07 02:40:38 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.07.01 21:28:17 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2014.01.07 02:40:38 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2014.01.07 02:40:40 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2009.07.14 16:17:21 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.06.02 07:01:28 | 000,009,272 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\en\System.Runtime.Serialization.Formatters.Soap.xml
[2009.06.10 22:14:06 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 12:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 12:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.06 16:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2010.06.15 01:33:16 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 01:33:16 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.06.10 21:40:06 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2009.07.14 16:17:19 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2009.06.10 21:30:46 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 12:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 12:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.06 16:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2010.06.15 01:48:20 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 01:48:20 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2009.07.14 16:17:13 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 01:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009.06.10 21:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2009.07.14 16:17:13 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\cs-CZ\serialui.dll.mui
[2009.07.14 16:17:19 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_1c215c9ac50719c5\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2009.07.14 16:17:22 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23\serialui.dll.mui
[2009.07.14 02:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2009.07.14 16:17:32 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_b96904386c2fe002\System.RunTime.Serialization.Resources.dll
[2009.07.14 16:17:25 | 000,009,728 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_20ab142d65ed6acc\serial.sys.mui
[2009.07.14 01:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009.06.10 21:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.10 21:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2009.06.10 21:30:46 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.16385_none_5943b25a748cb06c\System.Runtime.Serialization.dll
[2012.10.06 11:53:01 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.17136_none_593e9c4e749147df\System.Runtime.Serialization.dll
[2012.10.06 11:56:09 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.21337_none_4270dea28e38c1d7\System.Runtime.Serialization.dll
[2009.06.10 21:30:43 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_941abf24c884ab05\System.Runtime.Serialization.dll
[2012.10.06 11:53:00 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.17136_none_9415a918c8894278\System.Runtime.Serialization.dll
[2012.10.06 11:56:08 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.21337_none_7d47eb6ce230bc70\System.Runtime.Serialization.dll
[2009.07.14 03:57:21 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2009.07.14 03:57:21 | 000,017,984 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc_kdcom.dll_db5e7744
[2009.07.14 16:17:49 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23_serialui.dll.mui_7d29d2a3
[2009.07.14 03:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2009.07.14 16:17:47 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009.07.14 03:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009.07.14 03:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2011.02.05 14:10:43 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16757_none_6dccf6b5c641c933.manifest
[2011.02.05 14:05:47 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.20897_none_6e2b53d0df7fd8c1.manifest
[2011.02.05 18:35:45 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011.02.05 14:11:05 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009.07.14 03:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2009.07.14 03:26:23 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.16385_none_5943b25a748cb06c.manifest
[2012.10.06 19:44:48 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.17136_none_593e9c4e749147df.manifest
[2012.10.06 20:00:33 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.21337_none_4270dea28e38c1d7.manifest
[2009.07.14 03:27:09 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_941abf24c884ab05.manifest
[2012.10.06 19:46:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.17136_none_9415a918c8894278.manifest
[2012.10.06 20:01:29 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.21337_none_7d47eb6ce230bc70.manifest
[2009.07.14 02:52:33 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896.manifest
[2012.10.06 19:07:20 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.17136_none_a6a4fe887487d009.manifest
[2012.10.06 19:58:54 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.21337_none_8fd740dc8e2f4a01.manifest
[2009.07.14 16:16:38 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2012.10.06 21:42:01 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.17136_cs-cz_3450454183d3f023.manifest
[2012.10.06 23:05:03 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.21337_cs-cz_1d8287959d7b6a1b.manifest
[2009.07.14 02:51:52 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9.manifest
[2012.10.06 19:11:48 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.17136_none_d6e834229c2ed13c.manifest
[2012.10.06 20:03:01 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.21337_none_c01a7676b5d64b34.manifest
[2009.07.14 02:57:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b.manifest
[2012.10.06 19:09:38 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.17136_none_dbc2dfefdd056b7e.manifest
[2012.10.06 20:00:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.21337_none_c4f52243f6ace576.manifest
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2009.07.14 16:17:20 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 22:14:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896\System.Runtime.Serialization.dll
[2012.10.06 11:54:26 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.17136_none_a6a4fe887487d009\System.Runtime.Serialization.dll
[2012.10.06 11:57:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.21337_none_8fd740dc8e2f4a01\System.Runtime.Serialization.dll
[2009.07.14 16:17:32 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2009.07.14 16:17:32 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.17136_cs-cz_3450454183d3f023\System.RunTime.Serialization.Resources.dll
[2009.07.14 16:17:32 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.21337_cs-cz_1d8287959d7b6a1b\System.RunTime.Serialization.Resources.dll
[2009.06.10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9\System.Runtime.Serialization.dll
[2012.10.06 11:54:25 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.17136_none_d6e834229c2ed13c\System.Runtime.Serialization.dll
[2012.10.06 11:57:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.21337_none_c01a7676b5d64b34\System.Runtime.Serialization.dll
[2009.07.14 16:17:21 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_267606ecf967dbc0\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.07.14 16:17:13 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2009.07.14 16:17:32 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_5d4a68b4b3d26ecc\System.RunTime.Serialization.Resources.dll
[2009.06.10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b\System.Runtime.Serialization.dll
[2012.10.06 11:54:25 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.17136_none_dbc2dfefdd056b7e\System.Runtime.Serialization.dll
[2012.10.06 11:57:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.21337_none_c4f52243f6ace576\System.Runtime.Serialization.dll
< *w7lxe* /s >
========== Alternate Data Streams ==========
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:A1EDB939
@Alternate Data Stream - 128 bytes -> C:\Windows\SysWow64\zlib.dll:SummaryInformation
@Alternate Data Stream - 128 bytes -> C:\Windows\SysWow64\zlib.dll:DocumentSummaryInformation
@Alternate Data Stream - 128 bytes -> C:\Windows\System32\zlib.dll:SummaryInformation
@Alternate Data Stream - 128 bytes -> C:\Windows\System32\zlib.dll:DocumentSummaryInformation
< End of report >
[1 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[4 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[2 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[16 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2013.09.17 14:59:59 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Adobe
[2013.08.29 22:16:32 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Apowersoft
[2013.08.13 12:03:52 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Apple Computer
[2013.06.26 16:34:43 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Ashampoo
[2013.07.02 08:03:41 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\ATI
[2013.07.25 17:17:06 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Autodesk
[2013.10.22 08:16:46 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\AVAST Software
[2013.09.06 18:05:56 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Braid
[2013.07.12 15:26:00 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2014.02.27 09:18:36 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Copy
[2013.06.30 22:20:07 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Corel
[2014.02.11 21:12:31 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\DAEMON Tools Lite
[2013.07.08 14:34:41 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Doublefine
[2013.11.25 00:15:32 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\dvdcss
[2013.07.07 18:05:19 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\EPSON
[2013.09.15 09:58:36 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Extensis
[2014.02.17 20:49:12 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\FEZ
[2013.11.30 16:00:42 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\GHISLER
[2014.01.15 16:26:50 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Gomo
[2013.07.06 22:02:01 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\HTC
[2013.07.06 22:02:59 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
[2013.06.26 11:01:07 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Identities
[2013.08.29 22:10:27 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\KastorAllVideoDownloader
[2013.08.29 22:01:38 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\KastorFreeVimeoDownloader
[2013.06.26 15:15:14 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Macromedia
[2013.06.29 10:29:14 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\MAXON
[2009.07.14 16:36:38 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Media Center Programs
[2013.12.09 17:28:57 | 000,000,000 | --SD | M] -- C:\Users\Ondra\AppData\Roaming\Microsoft
[2013.12.29 23:18:04 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\MotioninJoy
[2013.06.26 20:20:21 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Mozilla
[2013.06.27 01:51:29 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\NVIDIA
[2013.08.28 00:03:04 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Opera Software
[2013.12.30 19:56:46 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Orbit
[2013.06.30 10:59:47 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Origin
[2013.06.30 22:05:45 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\PACE Anti-Piracy
[2013.06.26 15:58:32 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\PerformerSoft
[2013.12.29 23:32:47 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\PowerUp Software
[2013.12.30 19:50:42 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\ProgSense
[2013.12.30 19:57:08 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Real
[2013.08.30 12:03:19 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Resolume
[2013.08.25 12:29:33 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Resolume Arena 4
[2013.09.15 09:33:42 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Resolume Avenue 4
[2013.07.03 18:18:25 | 000,000,000 | RH-D | M] -- C:\Users\Ondra\AppData\Roaming\SecuROM
[2014.01.15 18:46:54 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\SketchUp
[2014.02.10 04:42:03 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Skype
[2013.06.27 02:09:58 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2013.10.31 12:01:39 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\TeamViewer
[2013.06.29 10:49:28 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\TortoiseHg
[2013.10.31 14:38:14 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Trillian
[2013.08.30 11:55:55 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\TroikaTronix
[2013.09.15 09:27:16 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\TS3Client
[2013.07.14 16:54:55 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Ubisoft
[2013.07.07 09:58:46 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Unity
[2014.02.27 09:18:50 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\uTorrent
[2014.02.26 00:46:16 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\vlc
[2013.06.26 16:29:47 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\WinRAR
[2013.08.08 04:25:22 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\WTablet
< %APPDATA%\*.exe /s >
[2014.02.10 17:35:19 | 015,501,968 | ---- | M] (Barracuda Networks, Inc.) -- C:\Users\Ondra\AppData\Roaming\Copy\CopyAgent.exe
[2014.02.10 17:35:19 | 003,715,728 | ---- | M] () -- C:\Users\Ondra\AppData\Roaming\Copy\CopyCmd.exe
[2014.02.10 17:35:19 | 002,500,752 | ---- | M] () -- C:\Users\Ondra\AppData\Roaming\Copy\CopyConsole.exe
[2013.07.06 22:00:02 | 000,054,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\Ondra\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2013.08.30 11:56:10 | 000,010,134 | R--- | M] () -- C:\Users\Ondra\AppData\Roaming\Microsoft\Installer\{48624777-27AF-4045-93E5-5A3186D96781}\ARPPRODUCTICON.exe
[2013.07.18 13:14:42 | 000,022,486 | R--- | M] () -- C:\Users\Ondra\AppData\Roaming\Microsoft\Installer\{F7D10A5F-5584-43FD-A931-1CD2CD517AF2}\product_1.exe
[2013.12.29 23:54:49 | 000,104,768 | ---- | M] (www.motioninjoy.com) -- C:\Users\Ondra\AppData\Roaming\MotioninJoy\DS3tool\update\DS3_Tool.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job >
[2014.02.27 08:58:23 | 000,000,946 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2014.02.26 10:38:02 | 000,000,950 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2014.02.25 10:19:13 | 000,119,296 | ---- | M] () -- C:\Windows\system32\zlib.dll
< %SYSTEMDRIVE%\*.exe >
< >
< *crack* /s >
< *keygen* /s >
< *AntiWPA* /s >
< *loader* /s >
[2013.05.16 15:41:22 | 001,152,288 | ---- | M] () -- \NVIDIA\DisplayDriver\GeForce320.49Driver\ExtensionLoader.dll
[2013.05.16 15:41:22 | 001,152,288 | ---- | M] () -- \NVIDIA\DisplayDriver\GeForce320.49Driver\GFExperience\ExtensionLoader.dll
[2014.01.21 03:54:02 | 001,168,672 | ---- | M] () -- \NVIDIA\DisplayDriver\GeForce334.89Driver\ExtensionLoader.dll
[2014.02.05 10:31:23 | 001,169,184 | ---- | M] () -- \NVIDIA\DisplayDriver\GeForce334.89Driver\GFExperience\ExtensionLoader.dll
[2012.09.23 20:43:52 | 000,012,278 | ---- | M] () -- \Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\WebPublish\BootStrapLoader.swf
[2012.02.22 22:11:56 | 000,078,336 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_BinaryLoader_4.4.3.dll
[2012.02.22 22:11:56 | 000,155,136 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_XSDLoader2_4.4.3.dll
[2012.02.22 22:11:56 | 000,117,248 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_XSDLoader_4.4.3.dll
[2013.04.21 20:44:16 | 000,008,827 | ---- | M] () -- \Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\HeapSnapshotLoader.js
[2008.07.30 09:06:58 | 000,072,192 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7Debug\coloader80.dll
[2008.07.29 02:43:16 | 000,004,096 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7Debug\coloader80.tlb
[2010.03.24 19:12:34 | 000,249,680 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2010.03.24 19:12:34 | 000,018,264 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2013.05.13 09:19:00 | 000,659,456 | ---- | M] () -- \Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
[2013.05.13 09:19:00 | 000,000,151 | ---- | M] () -- \Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.ini
[2014.01.21 03:54:02 | 001,168,672 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\ExtensionLoader.dll
[2013.06.04 09:57:24 | 000,057,224 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2013.06.04 09:57:24 | 000,065,416 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2013.06.04 09:57:24 | 000,083,848 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2013.06.04 09:57:24 | 000,088,968 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader64.dll
[2010.03.24 19:35:48 | 000,370,512 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2010.03.24 19:35:48 | 000,018,264 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2013.02.07 08:02:34 | 000,095,744 | ---- | M] () -- \Program Files\Maxon\CINEMA 4D R14\plugins\VrayBridge\vray_plugins64\vray_GeomMeshLoader.dll
[2013.02.07 08:02:34 | 000,105,984 | ---- | M] () -- \Program Files\Maxon\CINEMA 4D R14\plugins\VrayBridge\vray_plugins64\vray_GeomMeshLoader1.dll
[2014.01.21 03:54:02 | 001,168,672 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.GFExperience.{2498A556-CE32-4C9C-BEEF-BED33CCC0D81}\ExtensionLoader.dll
[2013.05.16 15:41:22 | 001,152,288 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.GFExperience.{68794087-CD08-4019-93DC-C7191365B67C}\ExtensionLoader.dll
[2014.02.05 10:31:23 | 001,169,184 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.GFExperience.{818AEF37-CA92-4269-B062-F9CB2CDB1DE4}\ExtensionLoader.dll
[2013.06.26 16:00:55 | 000,000,842 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Uninstaller.lnk
[2013.06.26 16:00:55 | 000,000,827 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
[2013.06.26 16:00:55 | 000,000,882 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
[2013.04.25 16:31:28 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2013.04.25 16:31:28 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2013.11.11 14:39:40 | 000,006,012 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\normal\loader_15fps.gif
[2013.11.11 14:39:40 | 000,021,956 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\normal\loader_30fps.gif
[2013.04.25 16:31:28 | 000,009,772 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\retina\loader@2x.png
[2013.06.26 16:00:55 | 000,000,842 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\JDownloader Uninstaller.lnk
[2013.06.26 16:00:55 | 000,000,827 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
[2013.06.26 16:00:55 | 000,000,882 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
[2013.04.25 16:31:28 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2013.04.25 16:31:28 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2013.11.11 14:39:40 | 000,006,012 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\normal\loader_15fps.gif
[2013.11.11 14:39:40 | 000,021,956 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\normal\loader_30fps.gif
[2013.04.25 16:31:28 | 000,009,772 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\retina\loader@2x.png
[2011.03.17 07:30:06 | 000,000,544 | ---- | M] () -- \Users\Ondra\AppData\Local\Adobe\Flash CS5.5\en_US\Configuration\Classes\FP7\MovieClipLoader.as
[2011.03.17 07:30:06 | 000,000,544 | ---- | M] () -- \Users\Ondra\AppData\Local\Adobe\Flash CS5.5\en_US\Configuration\Classes\FP8\MovieClipLoader.as
[2011.03.17 07:30:06 | 000,000,576 | ---- | M] () -- \Users\Ondra\AppData\Local\Adobe\Flash CS5.5\en_US\Configuration\Classes\FP9\MovieClipLoader.as
[2011.03.17 07:30:08 | 000,010,454 | ---- | M] () -- \Users\Ondra\AppData\Local\Adobe\Flash CS5.5\en_US\Configuration\Classes\mx\controls\Loader.as
[2012.03.30 15:20:02 | 000,000,544 | ---- | M] () -- \Users\Ondra\AppData\Local\Adobe\Flash CS6\cs_CZ\Configuration\Classes\FP7\MovieClipLoader.as
[2012.03.30 15:20:02 | 000,000,544 | ---- | M] () -- \Users\Ondra\AppData\Local\Adobe\Flash CS6\cs_CZ\Configuration\Classes\FP8\MovieClipLoader.as
[2012.03.30 15:20:02 | 000,000,576 | ---- | M] () -- \Users\Ondra\AppData\Local\Adobe\Flash CS6\cs_CZ\Configuration\Classes\FP9\MovieClipLoader.as
[2012.03.30 15:20:02 | 000,010,454 | ---- | M] () -- \Users\Ondra\AppData\Local\Adobe\Flash CS6\cs_CZ\Configuration\Classes\mx\controls\Loader.as
[2014.02.20 16:09:52 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI10002\_win32sysloader.pyd
[2014.01.06 01:26:16 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI17882\_win32sysloader.pyd
[2014.01.09 08:35:18 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI18322\_win32sysloader.pyd
[2014.01.08 14:01:03 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI22202\_win32sysloader.pyd
[2014.01.06 10:03:36 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI22602\_win32sysloader.pyd
[2014.02.10 13:13:20 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI23242\_win32sysloader.pyd
[2014.02.08 10:54:36 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI23682\_win32sysloader.pyd
[2014.01.27 14:02:52 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI24082\_win32sysloader.pyd
[2014.02.12 16:41:49 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI24122\_win32sysloader.pyd
[2014.02.14 13:33:38 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI24123\_win32sysloader.pyd
[2014.01.14 08:37:03 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI24282\_win32sysloader.pyd
[2014.02.18 10:19:00 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI24322\_win32sysloader.pyd
[2014.01.28 13:46:56 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI24362\_win32sysloader.pyd
[2014.02.23 17:03:51 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI24402\_win32sysloader.pyd
[2014.02.24 12:38:23 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI24403\_win32sysloader.pyd
[2014.02.21 08:50:22 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI24442\_win32sysloader.pyd
[2014.02.01 10:02:15 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI24562\_win32sysloader.pyd
[2014.02.17 17:53:45 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI24563\_win32sysloader.pyd
[2014.01.16 09:27:24 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI24602\_win32sysloader.pyd
[2014.01.22 09:28:32 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI24603\_win32sysloader.pyd
[2014.01.28 20:09:56 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI24604\_win32sysloader.pyd
[2014.01.23 14:28:22 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI24642\_win32sysloader.pyd
[2014.01.10 09:10:35 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI24722\_win32sysloader.pyd
[2014.01.09 23:55:57 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI24762\_win32sysloader.pyd
[2014.02.15 22:27:51 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI24763\_win32sysloader.pyd
[2014.02.04 13:47:51 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI24842\_win32sysloader.pyd
[2014.01.21 07:42:42 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI24882\_win32sysloader.pyd
[2014.02.12 17:05:36 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI24883\_win32sysloader.pyd
[2014.02.20 09:21:48 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI24884\_win32sysloader.pyd
[2014.01.12 14:59:57 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI24922\_win32sysloader.pyd
[2014.01.20 14:59:35 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI24923\_win32sysloader.pyd
[2014.01.16 13:43:29 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI24962\_win32sysloader.pyd
[2014.02.07 11:32:52 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI25002\_win32sysloader.pyd
[2014.02.23 12:15:53 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI25003\_win32sysloader.pyd
[2014.02.13 07:54:30 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI25122\_win32sysloader.pyd
[2014.02.13 14:21:26 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI25123\_win32sysloader.pyd
[2014.01.31 12:36:15 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI25162\_win32sysloader.pyd
[2014.02.17 10:37:59 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI25163\_win32sysloader.pyd
[2014.01.12 16:49:26 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI25202\_win32sysloader.pyd
[2014.01.18 05:35:42 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI25242\_win32sysloader.pyd
[2014.02.05 22:01:48 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI25243\_win32sysloader.pyd
[2014.01.19 08:39:27 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI25282\_win32sysloader.pyd
[2014.02.03 07:47:33 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI25442\_win32sysloader.pyd
[2014.02.09 11:38:32 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI25443\_win32sysloader.pyd
[2014.01.14 22:54:53 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI25482\_win32sysloader.pyd
[2014.02.11 13:17:28 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI25483\_win32sysloader.pyd
[2014.02.05 19:24:16 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI25522\_win32sysloader.pyd
[2014.01.21 09:09:48 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI25642\_win32sysloader.pyd
[2014.02.05 07:52:17 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI25682\_win32sysloader.pyd
[2014.01.13 15:30:36 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI25722\_win32sysloader.pyd
[2014.01.17 08:56:07 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI25762\_win32sysloader.pyd
[2014.01.18 15:05:02 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI25962\_win32sysloader.pyd
[2014.02.25 10:19:11 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI26122\_win32sysloader.pyd
[2014.02.02 01:48:37 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI26162\_win32sysloader.pyd
[2014.02.19 10:59:27 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI26402\_win32sysloader.pyd
[2014.02.06 18:12:35 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI26682\_win32sysloader.pyd
[2014.02.06 09:35:05 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI26802\_win32sysloader.pyd
[2014.01.31 23:55:31 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI26882\_win32sysloader.pyd
[2014.02.02 10:31:59 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI26962\_win32sysloader.pyd
[2014.02.24 16:00:53 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI26963\_win32sysloader.pyd
[2014.02.03 11:42:24 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI27242\_win32sysloader.pyd
[2014.02.16 10:05:40 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI27922\_win32sysloader.pyd
[2014.01.11 09:37:50 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI28282\_win32sysloader.pyd
[2014.01.23 15:37:28 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI37642\_win32sysloader.pyd
[2014.02.17 20:50:34 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI42522\_win32sysloader.pyd
[2014.02.12 10:38:52 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI47602\_win32sysloader.pyd
[2014.02.27 08:58:26 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI47682\_win32sysloader.pyd
[2014.02.25 10:37:11 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI50322\_win32sysloader.pyd
[2014.01.21 22:50:14 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI51082\_win32sysloader.pyd
[2014.02.19 01:38:57 | 000,008,192 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\_MEI99882\_win32sysloader.pyd
[2014.01.21 03:54:02 | 001,168,672 | ---- | M] () -- \Users\Ondra\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\11.10.11.1\GFExperience\ExtensionLoader.dll
[2013.06.26 16:00:57 | 000,000,882 | ---- | M] () -- \Users\Ondra\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\JDownloader.lnk
[2013.06.26 16:00:55 | 000,000,882 | ---- | M] () -- \Users\Ondra\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\JDownloader.lnk
[2013.12.30 19:51:47 | 000,187,105 | ---- | M] () -- \Users\Ondra\AppData\Roaming\Orbit\icon\JDownloader.ico
[2013.12.30 19:51:47 | 000,022,486 | ---- | M] () -- \Users\Ondra\AppData\Roaming\Orbit\icon\Orbit Downloader.ico
[2013.06.30 11:02:25 | 000,000,882 | ---- | M] () -- \Users\Ondra\Desktop\JDownloader.lnk
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 02:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 02:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:28:57 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_66dcd6a595588d81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:41:11 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_66b5981d957562a1\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:26:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_66fe4899953f502c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:26:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_67667556ae762a72\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:36:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_67316604ae9dcf7e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 15:12:39 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_677d175eae65090e\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:38:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:38:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:32:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 16:17:49 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 16:17:49 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2009.07.14 16:17:49 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2009.07.14 16:17:49 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2009.07.14 16:17:49 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2009.07.14 03:58:45 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2009.07.14 03:58:45 | 000,641,088 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef_winload.efi_75834aa0
[2009.07.14 03:58:45 | 000,604,192 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef_winload.exe_75835076
[2009.07.14 03:58:45 | 000,557,136 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef_winresume.efi_85cd069f
[2009.07.14 03:58:45 | 000,518,352 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef_winresume.exe_85cd1215
[2009.07.14 03:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009.07.14 16:15:51 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 03:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011.02.05 14:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.02.05 14:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2011.02.05 18:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 14:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 03:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:45:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:56:23 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_0a96fc99dd17f16b\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:43:53 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_0adfad15dce1def6\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:48:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:44:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_0b12ca80f6405e48\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:39:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_0b5e7bdaf60797d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:40:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:45:15 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
< *minodlogin* /s >
< *tnod* /s >
[2013.12.30 19:56:18 | 000,000,004 | ---- | M] () -- \Users\Ondra\AppData\Roaming\Orbit\dhtnodes.dat
< *AutoKMS* /s >
[2013.07.27 01:07:06 | 000,615,936 | ---- | M] () -- \Windows\AutoKMS.exe
[2013.07.27 01:07:06 | 000,000,161 | ---- | M] () -- \Windows\AutoKMS.ini
< *activator* /s >
[2011.03.17 07:30:08 | 000,002,319 | ---- | M] () -- \Users\Ondra\AppData\Local\Adobe\Flash CS5.5\en_US\Configuration\Classes\mx\skins\halo\ActivatorSkin.as
[2011.03.17 07:30:08 | 000,001,806 | ---- | M] () -- \Users\Ondra\AppData\Local\Adobe\Flash CS5.5\en_US\Configuration\Classes\mx\skins\sample\ActivatorSkin.as
[2012.03.30 15:20:02 | 000,002,319 | ---- | M] () -- \Users\Ondra\AppData\Local\Adobe\Flash CS6\cs_CZ\Configuration\Classes\mx\skins\halo\ActivatorSkin.as
[2012.03.30 15:20:02 | 000,001,806 | ---- | M] () -- \Users\Ondra\AppData\Local\Adobe\Flash CS6\cs_CZ\Configuration\Classes\mx\skins\sample\ActivatorSkin.as
< *serial* /s >
[2005.04.18 11:14:42 | 000,022,659 | ---- | M] () -- \Program Files (x86)\Common Files\Logitech\LGS460Inst\Driver\Lserial.VxD
[2013.09.16 09:19:18 | 000,020,480 | ---- | M] () -- \Program Files (x86)\FEZ\ContentSerialization.dll
[2013.05.13 09:19:00 | 000,036,864 | ---- | M] () -- \Program Files (x86)\HTC\HTC Sync 3.0\Maps\SyncEngine.XmlSerializers.dll
[2006.01.26 23:44:04 | 000,000,612 | ---- | M] () -- \Program Files (x86)\Microsoft Visual Studio 9.0\VB\Snippets\1033\other\connectivity\EnumerateSerialPorts.snippet
[2006.01.26 23:44:04 | 000,001,198 | ---- | M] () -- \Program Files (x86)\Microsoft Visual Studio 9.0\VB\Snippets\1033\other\connectivity\ReadDatafromaSerialPort.snippet
[2006.01.26 23:44:04 | 000,001,512 | ---- | M] () -- \Program Files (x86)\Microsoft Visual Studio 9.0\VB\Snippets\1033\other\connectivity\UseaSerialPorttoDialaPhoneNumber.snippet
[2009.06.10 22:13:54 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2009.07.14 16:17:32 | 000,090,112 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2008.06.14 00:32:10 | 000,285,032 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\en\System.Runtime.Serialization.xml
[2013.05.20 15:13:38 | 000,002,745 | R--- | M] () -- \Program Files\Maxon\CINEMA 4D R14\plugins\cinema4dsdk\source\gui\serial.cpp
[2013.05.17 16:45:18 | 000,000,784 | R--- | M] () -- \Program Files\Maxon\CINEMA 4D R14\plugins\cinema4dsdk\source\gui\serial_hook.cpp
[2009.06.10 21:30:43 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2009.07.14 16:17:32 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2009.07.14 16:17:20 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2009.07.14 16:17:32 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2009.06.10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2014.01.07 02:34:25 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\39e53f507d9cbc5c10a2f47c4b0d09dd\System.Runtime.Serialization.ni.dll
[2014.01.07 02:34:08 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\d57d865568209a71d63739fa448ed6df\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.01.07 02:22:55 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\12aaff696a0c54773664b4c5407deaa2\System.Runtime.Serialization.ni.dll
[2014.01.07 02:22:22 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\d0c6d3aadce1e38bbcb06905e132a503\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.01.07 08:46:21 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\77abf1693d291d374b58ffbbfe36d4dd\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.01.07 09:27:18 | 002,647,040 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\910fe53ec2122cf3a2ad11c2b2f5cbfd\System.Runtime.Serialization.ni.dll
[2014.01.07 09:29:21 | 000,009,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\058c3947c450591cb81643529cfd5ca7\System.Xml.Serialization.ni.dll
[2013.06.26 20:53:19 | 003,375,616 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\08fba6b56d838ad48b4451c82e5728d4\System.Runtime.Serialization.ni.dll
[2014.01.07 02:46:25 | 003,412,992 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\a3a3ccd41789ba4eb01f51db6c508222\System.Runtime.Serialization.ni.dll
[2013.06.26 20:54:10 | 000,374,272 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\b468f9d8655e91b7a6aa11473eca4a97\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.01.07 02:47:23 | 000,376,832 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\c79d7323e38d906c09917fe1d40b2ad7\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.01.07 09:27:02 | 000,010,240 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.Serializ#\7711bba76f0bf9a22deaa8bb2e09bb16\System.Xml.Serialization.ni.dll
[2013.07.01 21:28:17 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014.01.07 02:40:38 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.07.01 21:28:17 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2014.01.07 02:40:38 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2014.01.07 02:40:40 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2009.07.14 16:17:21 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.06.02 07:01:28 | 000,009,272 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\en\System.Runtime.Serialization.Formatters.Soap.xml
[2009.06.10 22:14:06 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 12:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 12:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.06 16:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2010.06.15 01:33:16 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 01:33:16 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.06.10 21:40:06 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2009.07.14 16:17:19 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2009.06.10 21:30:46 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 12:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 12:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.06 16:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2010.06.15 01:48:20 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 01:48:20 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2009.07.14 16:17:13 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 01:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009.06.10 21:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2009.07.14 16:17:13 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\cs-CZ\serialui.dll.mui
[2009.07.14 16:17:19 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_1c215c9ac50719c5\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2009.07.14 16:17:22 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23\serialui.dll.mui
[2009.07.14 02:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2009.07.14 16:17:32 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_b96904386c2fe002\System.RunTime.Serialization.Resources.dll
[2009.07.14 16:17:25 | 000,009,728 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_20ab142d65ed6acc\serial.sys.mui
[2009.07.14 01:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009.06.10 21:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.10 21:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2009.06.10 21:30:46 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.16385_none_5943b25a748cb06c\System.Runtime.Serialization.dll
[2012.10.06 11:53:01 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.17136_none_593e9c4e749147df\System.Runtime.Serialization.dll
[2012.10.06 11:56:09 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.21337_none_4270dea28e38c1d7\System.Runtime.Serialization.dll
[2009.06.10 21:30:43 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_941abf24c884ab05\System.Runtime.Serialization.dll
[2012.10.06 11:53:00 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.17136_none_9415a918c8894278\System.Runtime.Serialization.dll
[2012.10.06 11:56:08 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.21337_none_7d47eb6ce230bc70\System.Runtime.Serialization.dll
[2009.07.14 03:57:21 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2009.07.14 03:57:21 | 000,017,984 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc_kdcom.dll_db5e7744
[2009.07.14 16:17:49 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23_serialui.dll.mui_7d29d2a3
[2009.07.14 03:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2009.07.14 16:17:47 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009.07.14 03:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009.07.14 03:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2011.02.05 14:10:43 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16757_none_6dccf6b5c641c933.manifest
[2011.02.05 14:05:47 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.20897_none_6e2b53d0df7fd8c1.manifest
[2011.02.05 18:35:45 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011.02.05 14:11:05 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009.07.14 03:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2009.07.14 03:26:23 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.16385_none_5943b25a748cb06c.manifest
[2012.10.06 19:44:48 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.17136_none_593e9c4e749147df.manifest
[2012.10.06 20:00:33 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.21337_none_4270dea28e38c1d7.manifest
[2009.07.14 03:27:09 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_941abf24c884ab05.manifest
[2012.10.06 19:46:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.17136_none_9415a918c8894278.manifest
[2012.10.06 20:01:29 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.21337_none_7d47eb6ce230bc70.manifest
[2009.07.14 02:52:33 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896.manifest
[2012.10.06 19:07:20 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.17136_none_a6a4fe887487d009.manifest
[2012.10.06 19:58:54 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.21337_none_8fd740dc8e2f4a01.manifest
[2009.07.14 16:16:38 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2012.10.06 21:42:01 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.17136_cs-cz_3450454183d3f023.manifest
[2012.10.06 23:05:03 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.21337_cs-cz_1d8287959d7b6a1b.manifest
[2009.07.14 02:51:52 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9.manifest
[2012.10.06 19:11:48 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.17136_none_d6e834229c2ed13c.manifest
[2012.10.06 20:03:01 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.21337_none_c01a7676b5d64b34.manifest
[2009.07.14 02:57:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b.manifest
[2012.10.06 19:09:38 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.17136_none_dbc2dfefdd056b7e.manifest
[2012.10.06 20:00:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.21337_none_c4f52243f6ace576.manifest
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2009.07.14 16:17:20 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 22:14:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896\System.Runtime.Serialization.dll
[2012.10.06 11:54:26 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.17136_none_a6a4fe887487d009\System.Runtime.Serialization.dll
[2012.10.06 11:57:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.21337_none_8fd740dc8e2f4a01\System.Runtime.Serialization.dll
[2009.07.14 16:17:32 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2009.07.14 16:17:32 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.17136_cs-cz_3450454183d3f023\System.RunTime.Serialization.Resources.dll
[2009.07.14 16:17:32 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.21337_cs-cz_1d8287959d7b6a1b\System.RunTime.Serialization.Resources.dll
[2009.06.10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9\System.Runtime.Serialization.dll
[2012.10.06 11:54:25 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.17136_none_d6e834229c2ed13c\System.Runtime.Serialization.dll
[2012.10.06 11:57:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.21337_none_c01a7676b5d64b34\System.Runtime.Serialization.dll
[2009.07.14 16:17:21 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_267606ecf967dbc0\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.07.14 16:17:13 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2009.07.14 16:17:32 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_5d4a68b4b3d26ecc\System.RunTime.Serialization.Resources.dll
[2009.06.10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b\System.Runtime.Serialization.dll
[2012.10.06 11:54:25 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.17136_none_dbc2dfefdd056b7e\System.Runtime.Serialization.dll
[2012.10.06 11:57:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.21337_none_c4f52243f6ace576\System.Runtime.Serialization.dll
< *w7lxe* /s >
========== Alternate Data Streams ==========
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:A1EDB939
@Alternate Data Stream - 128 bytes -> C:\Windows\SysWow64\zlib.dll:SummaryInformation
@Alternate Data Stream - 128 bytes -> C:\Windows\SysWow64\zlib.dll:DocumentSummaryInformation
@Alternate Data Stream - 128 bytes -> C:\Windows\System32\zlib.dll:SummaryInformation
@Alternate Data Stream - 128 bytes -> C:\Windows\System32\zlib.dll:DocumentSummaryInformation
< End of report >
Re: mncdaous.exe + časté blokace virů Avastem
Jen se jeste zeptam, jak je to s legalitou systemu? Ultimate neni zrovna bezna domaci verze 
Udelejte !!!kompletni!!! kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekcePokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: mncdaous.exe + časté blokace virů Avastem
Jde o firemní počítač, využívaný externě ke studiovným účelům - střih, postprodukce, 3D modelace. Pc jsem dostal už se systémem, takže o legálnosti přehled bohužel nemám, ale vzhledem k velikosti firmy, si nemyslím, že by se jednalo o nelegální systém.
Malwarebytes Anti-Malware 1.75.0.1300
http://www.malwarebytes.org
Verze: v2014.02.27.04
Windows 7 x64 NTFS
Internet Explorer 8.0.7600.16385
Ondra :: ONDRA-PC [administrátor]
27.2.2014 13:41:43
MBAM-log-2014-02-27 (18-25-06).txt
Typ: Kompletní kontrola (C:\|D:\|I:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 711980
Uplynulý čas: 1 hodin, 20 minut, 3 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 3
HKCR\Typelib\{DCABB943-792E-44C4-9029-ECBEE6265AF9} (PUP.Optional.OutBrowse) -> Nebyla provedena žádná instrukce.
HKCR\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534} (PUP.Optional.OutBrowse) -> Nebyla provedena žádná instrukce.
HKLM\Software\InstallIQ (PUP.Optional.InstallBrain.A) -> Nebyla provedena žádná instrukce.
Nalezené hodnoty v registru: 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|MSStp (Malware.Trace) -> Data: C:\Windows\system32\msstp.vbe -> Nebyla provedena žádná instrukce.
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 3
C:\ProgramData\IBUpdaterService (Adware.InstallBrain) -> Nebyla provedena žádná instrukce.
C:\Windows\inf\mncdaous (Trojan.Agent.BCM) -> Nebyla provedena žádná instrukce.
C:\Windows\inf\mncdaous\bitstreams (Trojan.Agent.BCM) -> Nebyla provedena žádná instrukce.
Nalezené soubory: 27
C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\File System\002\t\00\00000000 (PUP.Optional.OneClickDownloader.A) -> Nebyla provedena žádná instrukce.
C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\File System\002\t\00\00000001 (PUP.Optional.OneClickDownloader.A) -> Nebyla provedena žádná instrukce.
C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\File System\002\t\00\00000002 (PUP.Optional.OneClickDownloader.A) -> Nebyla provedena žádná instrukce.
C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\File System\003\t\00\00000000 (PUP.Optional.Installex) -> Nebyla provedena žádná instrukce.
C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\File System\004\t\00\00000000 (PUP.Optional.Installex) -> Nebyla provedena žádná instrukce.
C:\Windows\AutoKMS.exe (Riskware.Keygen) -> Nebyla provedena žádná instrukce.
C:\Windows\inf\mncdaous\mncdaous.exe (Trojan.BitMiner) -> Nebyla provedena žádná instrukce.
D:\Stažené soubory\SoftonicDownloader_for_free-vimeo-downloader.exe (PUP.Optional.Softonic) -> Nebyla provedena žádná instrukce.
I:\backup adata\recup_dir.38\f151991984.exe (Trojan.Agent.W) -> Nebyla provedena žádná instrukce.
I:\backup adata\recup_dir.53\f320308608.exe (RiskWare.Tool.HCK) -> Nebyla provedena žádná instrukce.
I:\backup adata\recup_dir.63\f391155320.exe (CrackTool.Agent) -> Nebyla provedena žádná instrukce.
C:\Windows\System32\msstp.vbe (Malware.Trace) -> Nebyla provedena žádná instrukce.
C:\Windows\SysWOW64\msstp.vbe (Malware.Trace) -> Nebyla provedena žádná instrukce.
C:\ProgramData\IBUpdaterService\repository.xml (Adware.InstallBrain) -> Nebyla provedena žádná instrukce.
C:\Windows\inf\mncdaous\diablo130302.cl (Trojan.Agent.BCM) -> Nebyla provedena žádná instrukce.
C:\Windows\inf\mncdaous\diakgcn121016.cl (Trojan.Agent.BCM) -> Nebyla provedena žádná instrukce.
C:\Windows\inf\mncdaous\libcurl-4.dll (Trojan.Agent.BCM) -> Nebyla provedena žádná instrukce.
C:\Windows\inf\mncdaous\libeay32.dll (Trojan.Agent.BCM) -> Nebyla provedena žádná instrukce.
C:\Windows\inf\mncdaous\libidn-11.dll (Trojan.Agent.BCM) -> Nebyla provedena žádná instrukce.
C:\Windows\inf\mncdaous\librtmp.dll (Trojan.Agent.BCM) -> Nebyla provedena žádná instrukce.
C:\Windows\inf\mncdaous\libssh2.dll (Trojan.Agent.BCM) -> Nebyla provedena žádná instrukce.
C:\Windows\inf\mncdaous\phatk121016.cl (Trojan.Agent.BCM) -> Nebyla provedena žádná instrukce.
C:\Windows\inf\mncdaous\poclbm130302.cl (Trojan.Agent.BCM) -> Nebyla provedena žádná instrukce.
C:\Windows\inf\mncdaous\scrypt130511.cl (Trojan.Agent.BCM) -> Nebyla provedena žádná instrukce.
C:\Windows\inf\mncdaous\ssleay32.dll (Trojan.Agent.BCM) -> Nebyla provedena žádná instrukce.
C:\Windows\inf\mncdaous\zlib1.dll (Trojan.Agent.BCM) -> Nebyla provedena žádná instrukce.
C:\Windows\inf\mncdaous\bitstreams\fpgaminer_top_fixed7_197MHz.ncd (Trojan.Agent.BCM) -> Nebyla provedena žádná instrukce.
(konec)
Malwarebytes Anti-Malware 1.75.0.1300
http://www.malwarebytes.org
Verze: v2014.02.27.04
Windows 7 x64 NTFS
Internet Explorer 8.0.7600.16385
Ondra :: ONDRA-PC [administrátor]
27.2.2014 13:41:43
MBAM-log-2014-02-27 (18-25-06).txt
Typ: Kompletní kontrola (C:\|D:\|I:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 711980
Uplynulý čas: 1 hodin, 20 minut, 3 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 3
HKCR\Typelib\{DCABB943-792E-44C4-9029-ECBEE6265AF9} (PUP.Optional.OutBrowse) -> Nebyla provedena žádná instrukce.
HKCR\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534} (PUP.Optional.OutBrowse) -> Nebyla provedena žádná instrukce.
HKLM\Software\InstallIQ (PUP.Optional.InstallBrain.A) -> Nebyla provedena žádná instrukce.
Nalezené hodnoty v registru: 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|MSStp (Malware.Trace) -> Data: C:\Windows\system32\msstp.vbe -> Nebyla provedena žádná instrukce.
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 3
C:\ProgramData\IBUpdaterService (Adware.InstallBrain) -> Nebyla provedena žádná instrukce.
C:\Windows\inf\mncdaous (Trojan.Agent.BCM) -> Nebyla provedena žádná instrukce.
C:\Windows\inf\mncdaous\bitstreams (Trojan.Agent.BCM) -> Nebyla provedena žádná instrukce.
Nalezené soubory: 27
C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\File System\002\t\00\00000000 (PUP.Optional.OneClickDownloader.A) -> Nebyla provedena žádná instrukce.
C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\File System\002\t\00\00000001 (PUP.Optional.OneClickDownloader.A) -> Nebyla provedena žádná instrukce.
C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\File System\002\t\00\00000002 (PUP.Optional.OneClickDownloader.A) -> Nebyla provedena žádná instrukce.
C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\File System\003\t\00\00000000 (PUP.Optional.Installex) -> Nebyla provedena žádná instrukce.
C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\File System\004\t\00\00000000 (PUP.Optional.Installex) -> Nebyla provedena žádná instrukce.
C:\Windows\AutoKMS.exe (Riskware.Keygen) -> Nebyla provedena žádná instrukce.
C:\Windows\inf\mncdaous\mncdaous.exe (Trojan.BitMiner) -> Nebyla provedena žádná instrukce.
D:\Stažené soubory\SoftonicDownloader_for_free-vimeo-downloader.exe (PUP.Optional.Softonic) -> Nebyla provedena žádná instrukce.
I:\backup adata\recup_dir.38\f151991984.exe (Trojan.Agent.W) -> Nebyla provedena žádná instrukce.
I:\backup adata\recup_dir.53\f320308608.exe (RiskWare.Tool.HCK) -> Nebyla provedena žádná instrukce.
I:\backup adata\recup_dir.63\f391155320.exe (CrackTool.Agent) -> Nebyla provedena žádná instrukce.
C:\Windows\System32\msstp.vbe (Malware.Trace) -> Nebyla provedena žádná instrukce.
C:\Windows\SysWOW64\msstp.vbe (Malware.Trace) -> Nebyla provedena žádná instrukce.
C:\ProgramData\IBUpdaterService\repository.xml (Adware.InstallBrain) -> Nebyla provedena žádná instrukce.
C:\Windows\inf\mncdaous\diablo130302.cl (Trojan.Agent.BCM) -> Nebyla provedena žádná instrukce.
C:\Windows\inf\mncdaous\diakgcn121016.cl (Trojan.Agent.BCM) -> Nebyla provedena žádná instrukce.
C:\Windows\inf\mncdaous\libcurl-4.dll (Trojan.Agent.BCM) -> Nebyla provedena žádná instrukce.
C:\Windows\inf\mncdaous\libeay32.dll (Trojan.Agent.BCM) -> Nebyla provedena žádná instrukce.
C:\Windows\inf\mncdaous\libidn-11.dll (Trojan.Agent.BCM) -> Nebyla provedena žádná instrukce.
C:\Windows\inf\mncdaous\librtmp.dll (Trojan.Agent.BCM) -> Nebyla provedena žádná instrukce.
C:\Windows\inf\mncdaous\libssh2.dll (Trojan.Agent.BCM) -> Nebyla provedena žádná instrukce.
C:\Windows\inf\mncdaous\phatk121016.cl (Trojan.Agent.BCM) -> Nebyla provedena žádná instrukce.
C:\Windows\inf\mncdaous\poclbm130302.cl (Trojan.Agent.BCM) -> Nebyla provedena žádná instrukce.
C:\Windows\inf\mncdaous\scrypt130511.cl (Trojan.Agent.BCM) -> Nebyla provedena žádná instrukce.
C:\Windows\inf\mncdaous\ssleay32.dll (Trojan.Agent.BCM) -> Nebyla provedena žádná instrukce.
C:\Windows\inf\mncdaous\zlib1.dll (Trojan.Agent.BCM) -> Nebyla provedena žádná instrukce.
C:\Windows\inf\mncdaous\bitstreams\fpgaminer_top_fixed7_197MHz.ncd (Trojan.Agent.BCM) -> Nebyla provedena žádná instrukce.
(konec)
Re: mncdaous.exe + časté blokace virů Avastem
Pokud je to firemni pocitac, pravidla fora mi nedovoluji pokracovat.
http://forum.viry.cz/viewtopic.php?f=12&t=5601
http://forum.viry.cz/viewtopic.php?f=12&t=5601
6. Fórum viry.cz se nezabývá odvirováním firemních PC - na toto jsou ve firmách placení (a někdy až hodně nadstandardně) IT technici, případně si je firma může najmout. My jsme tu zdarma a ve svém volném čase, nehodláme dělat práci za někoho jiného, kdo si pak jen slízne smetánku a plat. Taktéž ani neposkytujeme poradenství v oblasti zabezpečení firemních sítí či nastavení firemních sítí. Zkrátka a jednoduše, naše fórum poskytuje podporu pouze domácím uživatelům.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: mncdaous.exe + časté blokace virů Avastem
Jsem externí živnostník při studiu, žádný IT specialista ke mě domů nepřijde, ale vaše pravidla respektuji, pokud lenze jinak.
Re: mncdaous.exe + časté blokace virů Avastem
Nelze jinak, je mi lito.
V tech pravidlech nejsou vypsany vsechny duvody. Jeden z nich je i mozna ztrata firemnich/pracovnich dat. Dalsi vec je to, ze tyto stroje maji v sobe software, ktery monitoruje vasi cinnost. Z domacich pc to vyhazujem a rada nami uzivanych programu je bez milosti likviduje. Jenze u pracovnich pc, kdy nejste jeho majitel, to opet zavani problemy. Proto se tim nikdo z nas nechce zabyvat
V tech pravidlech nejsou vypsany vsechny duvody. Jeden z nich je i mozna ztrata firemnich/pracovnich dat. Dalsi vec je to, ze tyto stroje maji v sobe software, ktery monitoruje vasi cinnost. Z domacich pc to vyhazujem a rada nami uzivanych programu je bez milosti likviduje. Jenze u pracovnich pc, kdy nejste jeho majitel, to opet zavani problemy. Proto se tim nikdo z nas nechce zabyvat
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Přispějete na provoz fóra?
