Prosím o kontrolu PC je pomalý

Zpráva

Tomas69 · #1 Příspěvek od **Tomas69** » 24 říj 2014 18:55

Předem děkuji

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-06-2014 01
Ran by Tomáš at 2014-10-24 19:50:59
Running from C:\Users\Tomáš\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: ESET Smart Security 5.2 (Disabled - Up to date) {77DEAFED-8149-104B-25A1-21771CA47CD1}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 5.2 (Disabled - Up to date) {CCBF4E09-A773-1FC5-1F11-1A056723366C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET personal firewall (Enabled) {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}

==================== Installed Programs ======================

2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}) (Version: - Microsoft)
2007 Microsoft Office Suite Service Pack 1 (SP1) (x32 Version: - Microsoft) Hidden
Abbott USB Data Cable Installation (HKLM-x32\...\InstallShield_{95A7C713-EC82-48DC-A3E9-8D60C7FBBFEB}) (Version: 1.00.0000 - Abbott Labs)
Abbott USB Data Cable Installation (x32 Version: 1.00.0000 - Abbott Labs) Hidden
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.0.112 - Adobe Systems, Inc.)
AM-DeadLink 4.6 (HKLM-x32\...\aignesamdeadlink_is1) (Version: 4.6 - www.aignes.com)
Avery Wizard 4.0 (HKLM-x32\...\{F5D84887-8A6F-4993-8560-B3AA44CB620D}) (Version: 4.0.201 - Avery)
Balíček ovladače systému Windows - Google, Inc. AndroidUsbDeviceClass (08/27/2012 7.0.0000.00001) (HKLM\...\6803A5C44482B015766CD85EAE73F57DAB0CD2D1) (Version: 08/27/2012 7.0.0000.00001 - Google, Inc.)
Balíček ovladače systému Windows - Nokia Modem (02/25/2011 4.7) (HKLM\...\E0AC723A3DE3A04256288CADBBB011B112AED454) (Version: 02/25/2011 4.7 - Nokia)
Balíček ovladače systému Windows - Nokia Modem (02/25/2011 7.01.0.9) (HKLM\...\72A50F48CC5601190B9C4E74D81161693133E7F7) (Version: 02/25/2011 7.01.0.9 - Nokia)
Balíček ovladače systému Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
CalcRC 2.5 verze 2.5 (HKLM-x32\...\{A50CCD4D-7B79-47D9-B6B8-415E4D9A1E9C}}_is1) (Version: 2.5 - Tomecek)
Canon IJ Network Scan Utility (HKLM-x32\...\Canon_IJ_Network_Scan_UTILITY) (Version: - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: - )
Canon MP Navigator EX 2.0 (HKLM-x32\...\MP Navigator EX 2.0) (Version: - )
Canon Utilities Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version: - )
Combined Community Codec Pack 2013-04-20 (HKLM-x32\...\Combined Community Codec Pack_is1) (Version: 2013.04.20.0 - CCCP Project)
Convert PDF to Word Desktop Software verze 3.3.1 (HKLM-x32\...\{84A79DF3-D855-4671-B67A-E6B8846EC5A3}_is1) (Version: 3.3.1 - Convertpdftoword.net)
CoPilot Health Management System (HKLM-x32\...\{391780BF-4092-402F-8276-E543008D409B}) (Version: 4.2.590 - Abbott Diabetes Care)
DCETools - ReDynaMix HDR (HKLM-x32\...\ReDynaMix HDR (Adobe Photoshop Plug-in)_is1) (Version: - Mediachance)
EAGLE 6.5.0 (HKLM-x32\...\EAGLE 6.5.0) (Version: 6.5.0 - CadSoft Computer GmbH)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESET Smart Security (HKLM\...\{F3F6A16B-E1BA-4FC8-94F5-26F457049420}) (Version: 5.2.15.1 - ESET, spol. s r.o.)
Google Drive (HKLM-x32\...\{C6640705-7479-4EE5-BC86-879F05F65E74}) (Version: 1.17.7290.4094 - Google, Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.104 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
inSSIDer (HKLM-x32\...\{45642795-567E-4B46-85E7-5CDBC8B2F697}) (Version: 2.1.3 - MetaGeek)
KeyboardTest V2.2 (HKLM-x32\...\KeyboardTest_is1) (Version: - PassMark Software)
K-Lite Mega Codec Pack 10.0.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.0.0 - )
Laps Free 0.14 CZ (HKLM-x32\...\{A9385052-8B83-428F-8D33-06AD11B597C8}_is1) (Version: - )
Logitech SetPoint 6.61 (HKLM\...\sp6) (Version: 6.61.15 - Logitech)
MAGIX Xtreme Photo & Graphic Designer SE (HKLM-x32\...\MAGIX_MSI_Xtreme_Foto_Grafik_Designer_5_SE) (Version: 5.1.2.12398 - MAGIX AG)
MAGIX Xtreme Photo & Graphic Designer SE (x32 Version: 5.1.2.12398 - MAGIX AG) Hidden
McAfee Security Scan Plus (HKLM-x32\...\McAfee Security Scan) (Version: 3.0.285.6 - McAfee, Inc.)
Microsoft Office Access MUI (Czech) 2007 (x32 Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6215.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Czech) 2007 (x32 Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (Czech) 2007 (x32 Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Czech) 2007 (x32 Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Czech) 2007 (x32 Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Czech) 2007 (x32 Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Czech) 2007 (x32 Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Czech) 2007 (x32 Version: 12.0.6213.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6213.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6213.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Slovak) 2007 (x32 Version: 12.0.6213.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Czech) 2007 (x32 Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Czech) 2007 (x32 Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Czech) 2007 (Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Czech) 2007 (x32 Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Czech) 2007 (x32 Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 17.0.2003.1112 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MKV TO AVI CONVERTER version 3.0 (HKLM-x32\...\MKV TO AVI CONVERTER_is1) (Version: - )
Mozilla Firefox 18.0.1 (x86 cs) (HKLM-x32\...\Mozilla Firefox 18.0.1 (x86 cs)) (Version: 18.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 18.0.1 - Mozilla)
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
NirSoft WirelessNetView (HKLM-x32\...\NirSoft WirelessNetView) (Version: - )
Nokia Connectivity Cable Driver (HKLM-x32\...\{A57025CC-5F2E-4D01-B387-06DB10500D43}) (Version: 7.1.78.0 - Nokia)
Nokia PC Suite (HKLM-x32\...\Nokia PC Suite) (Version: 7.1.180.94 - Nokia)
Nokia PC Suite (x32 Version: 7.1.180.94 - Nokia) Hidden
PC Connectivity Solution (HKLM-x32\...\{644F4910-E812-49AD-93EC-86828CB81A0D}) (Version: 12.0.27.0 - Nokia)
PC Štítky (HKLM-x32\...\PC Štítky_is1) (Version: - LAN Consult, spol. s r.o.)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Print Envelope 3.1.0.5 (HKLM-x32\...\Print Envelope_is1) (Version: - Mgr. Radovan Kraus)
Seznam Pošťák 2 (Všichni uživatelé tohoto počítače.) (HKLM-x32\...\szn-software-postak) (Version: - )
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.9.12585 - Skype Technologies S.A.)
Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
SMAC 2.0 (HKLM-x32\...\SMAC 2.0) (Version: - )
Start Menu 8 (HKLM-x32\...\IObit_StartMenu8_is1) (Version: 1.4.0.0 - IObit)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Tablet Driver V5.02 (HKLM-x32\...\TabletDriver) (Version: - )
The Panorama Factory V5 x64 Edition (HKLM\...\{624DEC4B-C864-4B33-AF6C-D1C290F23C7C}) (Version: 5.3.2802 - Smoky City Design)
tools-freebsd (x32 Version: 9.6.2.1744117 - VMware, Inc.) Hidden
tools-linux (x32 Version: 9.6.2.1744117 - VMware, Inc.) Hidden
tools-netware (x32 Version: 9.6.2.1744117 - VMware, Inc.) Hidden
tools-solaris (x32 Version: 9.6.2.1744117 - VMware, Inc.) Hidden
tools-windows (x32 Version: 9.6.2.1744117 - VMware, Inc.) Hidden
tools-winPre2k (x32 Version: 9.6.2.1744117 - VMware, Inc.) Hidden
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 4.5.3f3 - Unity Technologies ApS)
Virtual RC Pro Racing Simulator (HKLM-x32\...\{BF530916-26EE-4FE4-8946-670C82357454}_is1) (Version: - )
VMware Workstation (HKLM-x32\...\VMware_Workstation) (Version: 10.0.2 - VMware, Inc)
VMware Workstation (Version: 10.0.2 - VMware, Inc.) Hidden
WinOrganizer (HKLM-x32\...\WinOrganizer) (Version: 4.0 (Build 1049) - )
WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - )
Zoner Photo Studio 12 (HKLM-x32\...\ZonerPhotoStudio12_CZ_is1) (Version: - ZONER software)
Zoner Photo Studio 16 (HKLM\...\ZonerPhotoStudio16_CZ_is1) (Version: 16.0.1.7 - ZONER software)

==================== Restore Points =========================

23-09-2014 04:58:19 Naplánovaný kontrolní bod
14-10-2014 12:04:04 Naplánovaný kontrolní bod
22-10-2014 12:54:06 Naplánovaný kontrolní bod

==================== Hosts content: ==========================

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {03BAE977-B5DA-45C7-A333-C127CC8F1B09} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {073BE7C4-3F1A-44EC-B11F-D26B1EE650DF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-09] (Adobe Systems Incorporated)
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {30AEDCD0-355A-46A5-AA3D-585C5A5E9784} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-16] (Google Inc.)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {390F8901-F90D-48F1-BB9B-6FE7F1C3CCBC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-16] (Google Inc.)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {54C329C8-B425-4341-A889-FB27FBBF40CE} - System32\Tasks\StartMenuAutoupdate => C:\Program Files (x86)\IObit\Start Menu 8\AutoUpdate.exe [2013-12-09] (IObit)
Task: {56955078-68B3-4380-8024-8DAC14EFC554} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-10-15] (Microsoft Corporation)
Task: {5BB27A67-FBFE-4265-BCCF-511DB80A78B4} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-04-09] (Microsoft Corporation)
Task: {6236399C-AB93-4F6D-AD5E-A8A9E476E361} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {75974FAD-FD62-4170-A946-7B50E4B6081A} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {BFA33F9E-833E-49FF-AA94-3FF198CBE8E1} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {D9B1E713-299D-41ED-A40F-380853CCA165} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {FA1D95A7-76C0-4706-B047-C60CB748B82F} - System32\Tasks\Driver Booster SkipUAC (Tomáš) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {FEB6A34B-F499-4927-95F0-A5F1C198E6CF} - System32\Tasks\CommView for WiFi Update => D:\CommViewWiFi\Updater.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-12-17 20:58 - 2012-01-10 16:16 - 00491040 _____ () C:\Program Files (x86)\Seznam.cz\bin\postak.exe
2014-03-06 23:27 - 2013-12-09 17:10 - 00348992 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madExcept_.bpl
2014-03-06 23:27 - 2013-12-09 17:10 - 00183616 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madBasic_.bpl
2014-03-06 23:27 - 2013-12-09 17:10 - 00051008 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madDisAsm_.bpl
2010-09-28 12:00 - 2010-09-28 12:00 - 00285696 _____ () C:\WINDOWS\SYSTEM32\WinTab32.DLL
2014-04-14 16:41 - 2014-04-14 16:41 - 01261272 _____ () C:\Program Files (x86)\VMware\VMware Workstation\libxml2.dll
2014-03-06 23:27 - 2013-12-09 17:10 - 00089920 _____ () C:\Program Files (x86)\IObit\Start Menu 8\NTFSScan.dll
2014-03-06 23:27 - 2013-12-09 17:10 - 00039744 _____ () C:\Program Files (x86)\IObit\Start Menu 8\pri.dll
2014-03-06 23:27 - 2013-12-09 17:11 - 00041280 _____ () C:\Program Files (x86)\IObit\Start Menu 8\winkey.dll
2012-12-17 21:04 - 2012-01-10 14:51 - 00822816 _____ () C:\Program Files (x86)\Seznam.cz\bin\email.4.dll
2012-12-17 20:58 - 2012-01-10 14:51 - 01151520 _____ () C:\Program Files (x86)\Seznam.cz\bin\core.4.dll
2010-09-28 12:00 - 2010-09-28 12:00 - 00285696 _____ () C:\Windows\SYSTEM32\WinTab32.DLL
2014-10-24 13:45 - 2014-10-24 13:45 - 00098816 _____ () C:\Users\TOM~1\AppData\Local\Temp\_MEI36482\win32api.pyd
2014-10-24 13:45 - 2014-10-24 13:45 - 00110080 _____ () C:\Users\TOM~1\AppData\Local\Temp\_MEI36482\pywintypes27.dll
2014-10-24 13:45 - 2014-10-24 13:45 - 00364544 _____ () C:\Users\TOM~1\AppData\Local\Temp\_MEI36482\pythoncom27.dll
2014-10-24 13:45 - 2014-10-24 13:45 - 00045568 _____ () C:\Users\TOM~1\AppData\Local\Temp\_MEI36482\_socket.pyd
2014-10-24 13:45 - 2014-10-24 13:45 - 01160704 _____ () C:\Users\TOM~1\AppData\Local\Temp\_MEI36482\_ssl.pyd
2014-10-24 13:45 - 2014-10-24 13:45 - 00320512 _____ () C:\Users\TOM~1\AppData\Local\Temp\_MEI36482\win32com.shell.shell.pyd
2014-10-24 13:45 - 2014-10-24 13:45 - 00713216 _____ () C:\Users\TOM~1\AppData\Local\Temp\_MEI36482\_hashlib.pyd
2014-10-24 13:45 - 2014-10-24 13:45 - 01175040 _____ () C:\Users\TOM~1\AppData\Local\Temp\_MEI36482\wx._core_.pyd
2014-10-24 13:45 - 2014-10-24 13:45 - 00805888 _____ () C:\Users\TOM~1\AppData\Local\Temp\_MEI36482\wx._gdi_.pyd
2014-10-24 13:45 - 2014-10-24 13:45 - 00811008 _____ () C:\Users\TOM~1\AppData\Local\Temp\_MEI36482\wx._windows_.pyd
2014-10-24 13:45 - 2014-10-24 13:45 - 01062400 _____ () C:\Users\TOM~1\AppData\Local\Temp\_MEI36482\wx._controls_.pyd
2014-10-24 13:45 - 2014-10-24 13:45 - 00735232 _____ () C:\Users\TOM~1\AppData\Local\Temp\_MEI36482\wx._misc_.pyd
2014-10-24 13:45 - 2014-10-24 13:45 - 00128512 _____ () C:\Users\TOM~1\AppData\Local\Temp\_MEI36482\_elementtree.pyd
2014-10-24 13:45 - 2014-10-24 13:45 - 00127488 _____ () C:\Users\TOM~1\AppData\Local\Temp\_MEI36482\pyexpat.pyd
2014-10-24 13:45 - 2014-10-24 13:45 - 00557056 _____ () C:\Users\TOM~1\AppData\Local\Temp\_MEI36482\pysqlite2._sqlite.pyd
2014-10-24 13:45 - 2014-10-24 13:45 - 00007168 _____ () C:\Users\TOM~1\AppData\Local\Temp\_MEI36482\hashobjs_ext.pyd
2014-10-24 13:45 - 2014-10-24 13:45 - 00087552 _____ () C:\Users\TOM~1\AppData\Local\Temp\_MEI36482\_ctypes.pyd
2014-10-24 13:45 - 2014-10-24 13:45 - 00119808 _____ () C:\Users\TOM~1\AppData\Local\Temp\_MEI36482\win32file.pyd
2014-10-24 13:45 - 2014-10-24 13:45 - 00108544 _____ () C:\Users\TOM~1\AppData\Local\Temp\_MEI36482\win32security.pyd
2014-10-24 13:45 - 2014-10-24 13:45 - 00018432 _____ () C:\Users\TOM~1\AppData\Local\Temp\_MEI36482\win32event.pyd
2014-10-24 13:45 - 2014-10-24 13:45 - 00038912 _____ () C:\Users\TOM~1\AppData\Local\Temp\_MEI36482\win32inet.pyd
2014-10-24 13:45 - 2014-10-24 13:45 - 00070656 _____ () C:\Users\TOM~1\AppData\Local\Temp\_MEI36482\wx._html2.pyd
2014-10-24 13:45 - 2014-10-24 13:45 - 00167936 _____ () C:\Users\TOM~1\AppData\Local\Temp\_MEI36482\win32gui.pyd
2014-10-24 13:45 - 2014-10-24 13:45 - 00011264 _____ () C:\Users\TOM~1\AppData\Local\Temp\_MEI36482\win32crypt.pyd
2014-10-24 13:45 - 2014-10-24 13:45 - 00027136 _____ () C:\Users\TOM~1\AppData\Local\Temp\_MEI36482\_multiprocessing.pyd
2014-10-24 13:45 - 2014-10-24 13:45 - 00686080 _____ () C:\Users\TOM~1\AppData\Local\Temp\_MEI36482\unicodedata.pyd
2014-10-24 13:45 - 2014-10-24 13:45 - 00122368 _____ () C:\Users\TOM~1\AppData\Local\Temp\_MEI36482\wx._wizard.pyd
2014-10-24 13:45 - 2014-10-24 13:45 - 00010240 _____ () C:\Users\TOM~1\AppData\Local\Temp\_MEI36482\select.pyd
2014-10-24 13:45 - 2014-10-24 13:45 - 00024064 _____ () C:\Users\TOM~1\AppData\Local\Temp\_MEI36482\win32pipe.pyd
2014-10-24 13:45 - 2014-10-24 13:45 - 00025600 _____ () C:\Users\TOM~1\AppData\Local\Temp\_MEI36482\win32pdh.pyd
2014-10-24 13:45 - 2014-10-24 13:45 - 00525640 _____ () C:\Users\TOM~1\AppData\Local\Temp\_MEI36482\windows._lib_cacheinvalidation.pyd
2014-10-24 13:45 - 2014-10-24 13:45 - 00035840 _____ () C:\Users\TOM~1\AppData\Local\Temp\_MEI36482\win32process.pyd
2014-10-24 13:45 - 2014-10-24 13:45 - 00017408 _____ () C:\Users\TOM~1\AppData\Local\Temp\_MEI36482\win32profile.pyd
2014-10-24 13:45 - 2014-10-24 13:45 - 00022528 _____ () C:\Users\TOM~1\AppData\Local\Temp\_MEI36482\win32ts.pyd
2014-10-24 13:45 - 2014-10-24 13:45 - 00078336 _____ () C:\Users\TOM~1\AppData\Local\Temp\_MEI36482\wx._animate.pyd
2014-10-17 06:45 - 2014-10-10 04:03 - 01042760 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\libglesv2.dll
2014-10-17 06:45 - 2014-10-10 04:03 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\libegl.dll
2014-10-17 06:45 - 2014-10-10 04:04 - 08910664 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\pdf.dll
2014-10-17 06:45 - 2014-10-10 04:03 - 01681224 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\ffmpegsumo.dll
2014-10-17 06:45 - 2014-10-10 04:04 - 14902600 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\PepperFlash\pepflashplayer.dll
2013-02-18 19:08 - 2013-02-18 19:08 - 03022232 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Windows:{4B9A1497-0817-47C4-9612-D6A1C53ACF57}
AlternateDataStreams: C:\Users\Tomáš\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

==================== EXE Association (whitelisted) =============

==================== MSCONFIG/TASK MANAGER disabled items =========

MSCONFIG\startupreg: CanonMyPrinter =>
MSCONFIG\startupreg: CanonSolutionMenu => c:\program files (x86)\canon\solutionmenu\cnslmain.exe /logon
MSCONFIG\startupreg: EvtMgr6 => c:\program files\logitech\setpointp\setpoint.exe /launchgaming
MSCONFIG\startupreg: Seznam Postak => "c:\program files (x86)\seznam.cz\bin\postak.exe" -s
HKCU\...\StartupApproved\StartupFolder: => "Logitech . Registrace produktu.lnk"
HKCU\...\StartupApproved\Run: => "SkyDrive"

==================== Faulty Device Manager Devices =============

Name: Standardní klávesnice PS/2
Description: Standardní klávesnice PS/2
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardní klávesnice)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: VMware Virtual Ethernet Adapter for VMnet1
Description: VMware Virtual Ethernet Adapter for VMnet1
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: VMware Virtual Ethernet Adapter for VMnet8
Description: VMware Virtual Ethernet Adapter for VMnet8
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Broadcom 802.11g – síťový adaptér
Description: Broadcom 802.11g – síťový adaptér
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Broadcom
Service: BCM43XX
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Zařízení Bluetooth (síť PAN) #2
Description: Zařízení Bluetooth (síť PAN)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BthPan
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Controller
Description: Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Marvell
Service: yukonw8
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Neznámé zařízení USB (požadavek popisovače zařízení selhal)
Description: Neznámé zařízení USB (požadavek popisovače zařízení selhal)
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standardní hostitelský řadič USB)
Service:
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.

Name: Velkokapacitní paměťové zařízení USB
Description: Velkokapacitní paměťové zařízení USB
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Úložiště kompatibilní se sběrnicí USB
Service: USBSTOR
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

==================== Event log errors: =========================

Application errors:
==================
Error: (10/24/2014 01:45:57 PM) (Source: MsiInstaller) (EventID: 1024) (User: PC-OBYVAK)
Description: Aktualizaci {AC76BA86-7AD7-0000-2550-7A8C40011009} produktu Adobe Reader XI (11.0.08) - Czech nebylo možné nainstalovat. Kód chyby: 1625. Instalační služba systému Windows může vytvořit soubor protokolu s informacemi, které usnadní řešení potíží při instalaci softwaru. Další informace naleznete na webu na adrese http://go.microsoft.com/fwlink/?LinkId=23127

Error: (10/24/2014 01:27:15 PM) (Source: MsiInstaller) (EventID: 1024) (User: PC-OBYVAK)
Description: Aktualizaci {AC76BA86-7AD7-0000-2550-7A8C40011009} produktu Adobe Reader XI (11.0.08) - Czech nebylo možné nainstalovat. Kód chyby: 1625. Instalační služba systému Windows může vytvořit soubor protokolu s informacemi, které usnadní řešení potíží při instalaci softwaru. Další informace naleznete na webu na adrese http://go.microsoft.com/fwlink/?LinkId=23127

Error: (10/24/2014 01:22:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: vmware-usbarbitrator64.exe, verze: 12.1.17.0, časové razítko: 0x530ff71d
Název chybujícího modulu: vmware-usbarbitrator64.exe, verze: 12.1.17.0, časové razítko: 0x530ff71d
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000006092
ID chybujícího procesu: 0x658
Čas spuštění chybující aplikace: 0xvmware-usbarbitrator64.exe0
Cesta k chybující aplikaci: vmware-usbarbitrator64.exe1
Cesta k chybujícímu modulu: vmware-usbarbitrator64.exe2
ID zprávy: vmware-usbarbitrator64.exe3
Úplný název chybujícího balíčku: vmware-usbarbitrator64.exe4
ID aplikace související s chybujícím balíčkem: vmware-usbarbitrator64.exe5

Error: (10/24/2014 10:43:10 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1 se nezdařilo.
Závislé sestavení Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (10/24/2014 07:35:13 AM) (Source: MsiInstaller) (EventID: 1024) (User: PC-OBYVAK)
Description: Aktualizaci {AC76BA86-7AD7-0000-2550-7A8C40011009} produktu Adobe Reader XI (11.0.08) - Czech nebylo možné nainstalovat. Kód chyby: 1625. Instalační služba systému Windows může vytvořit soubor protokolu s informacemi, které usnadní řešení potíží při instalaci softwaru. Další informace naleznete na webu na adrese http://go.microsoft.com/fwlink/?LinkId=23127

Error: (10/23/2014 11:56:50 AM) (Source: MsiInstaller) (EventID: 1024) (User: PC-OBYVAK)
Description: Aktualizaci {AC76BA86-7AD7-0000-2550-7A8C40011009} produktu Adobe Reader XI (11.0.08) - Czech nebylo možné nainstalovat. Kód chyby: 1625. Instalační služba systému Windows může vytvořit soubor protokolu s informacemi, které usnadní řešení potíží při instalaci softwaru. Další informace naleznete na webu na adrese http://go.microsoft.com/fwlink/?LinkId=23127

Error: (10/23/2014 11:35:03 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1 se nezdařilo.
Závislé sestavení Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (10/23/2014 11:30:29 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC-OBYVAK)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2144927142. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (10/23/2014 11:30:24 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program LiveComm.exe verze 17.5.9600.20605 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: b78

Čas spuštění: 01cfeea3f01791c5

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\LiveComm.exe

ID hlášení: 34ba43e6-5a97-11e4-bf4b-c8071a909723

Úplný název chybujícího balíčku: microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe

ID aplikace související s chybujícím balíčkem: ppleae38af2e007f4358a809ac99a64a67c1

Error: (10/23/2014 11:28:17 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC-OBYVAK)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2144927142. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

System errors:
=============
Error: (10/24/2014 04:41:50 PM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: Ve struktuře systému souborů na svazku Program II bylo zjištěno poškození.

Hlavní tabulka souborů (MFT) obsahuje poškozený záznam souboru. Referenční číslo souboru je 0x9000000000009. Název souboru je <nelze určit název souboru>.

Error: (10/24/2014 04:41:48 PM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: Ve struktuře systému souborů na svazku Program II bylo zjištěno poškození.

Hlavní tabulka souborů (MFT) obsahuje poškozený záznam souboru. Referenční číslo souboru je 0x9000000000009. Název souboru je <nelze určit název souboru>.

Error: (10/24/2014 04:41:46 PM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: Ve struktuře systému souborů na svazku Program II bylo zjištěno poškození.

Hlavní tabulka souborů (MFT) obsahuje poškozený záznam souboru. Referenční číslo souboru je 0x9000000000009. Název souboru je <nelze určit název souboru>.

Error: (10/24/2014 04:41:45 PM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: Ve struktuře systému souborů na svazku Program II bylo zjištěno poškození.

Hlavní tabulka souborů (MFT) obsahuje poškozený záznam souboru. Referenční číslo souboru je 0x9000000000009. Název souboru je <nelze určit název souboru>.

Error: (10/24/2014 01:46:48 PM) (Source: DCOM) (EventID: 10016) (User: PC-OBYVAK)
Description: specifické pro aplikaciMístníSpuštění{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}PC-obyvakTomášS-1-5-21-3209533875-1285282057-897017112-1001LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici

Error: (10/24/2014 01:46:48 PM) (Source: DCOM) (EventID: 10016) (User: PC-OBYVAK)
Description: specifické pro aplikaciMístníSpuštění{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}PC-obyvakTomášS-1-5-21-3209533875-1285282057-897017112-1001LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici

Error: (10/24/2014 01:46:48 PM) (Source: DCOM) (EventID: 10016) (User: PC-OBYVAK)
Description: specifické pro aplikaciMístníSpuštění{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}PC-obyvakTomášS-1-5-21-3209533875-1285282057-897017112-1001LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici

Error: (10/24/2014 01:46:48 PM) (Source: DCOM) (EventID: 10016) (User: PC-OBYVAK)
Description: specifické pro aplikaciMístníSpuštění{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}PC-obyvakTomášS-1-5-21-3209533875-1285282057-897017112-1001LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici

Error: (10/24/2014 01:46:48 PM) (Source: DCOM) (EventID: 10016) (User: PC-OBYVAK)
Description: specifické pro aplikaciMístníSpuštění{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}PC-obyvakTomášS-1-5-21-3209533875-1285282057-897017112-1001LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici

Error: (10/24/2014 01:46:47 PM) (Source: DCOM) (EventID: 10016) (User: PC-OBYVAK)
Description: specifické pro aplikaciMístníSpuštění{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}PC-obyvakTomášS-1-5-21-3209533875-1285282057-897017112-1001LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici

Microsoft Office Sessions:
=========================
Error: (09/22/2014 10:52:11 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6212.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 85982 seconds with 300 seconds of active time. This session ended with a crash.

Error: (06/24/2014 01:31:29 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6212.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 643 seconds with 240 seconds of active time. This session ended with a crash.

Error: (06/02/2014 04:33:20 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6212.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 24 seconds with 0 seconds of active time. This session ended with a crash.

CodeIntegrity Errors:
===================================
Date: 2014-04-11 17:11:48.053
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\netr28x.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-04-11 17:07:47.897
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\netr28x.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Percentage of memory in use: 44%
Total physical RAM: 4095.11 MB
Available physical RAM: 2258.98 MB
Total Pagefile: 9471.11 MB
Available Pagefile: 3327.04 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB

==================== Drives ================================

Drive c: (Program II) (Fixed) (Total:232.88 GB) (Free:136.58 GB) NTFS
Drive d: (Program) (Fixed) (Total:232.88 GB) (Free:121.63 GB) NTFS
Drive e: () (Fixed) (Total:232.88 GB) (Free:132.24 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (Film Hudba) (Fixed) (Total:186.31 GB) (Free:28.09 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 19E419E3)
Partition 1: (Active) - (Size=233 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 233 GB) (Disk ID: 7BB8639B)
Partition 1: (Not Active) - (Size=233 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 233 GB) (Disk ID: 25520D21)
Partition 1: (Active) - (Size=233 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (Size: 186 GB) (Disk ID: C806C806)
Partition 1: (Not Active) - (Size=186 GB) - (Type=07 NTFS)

==================== End Of Log ============================

#2 Příspěvek od **vyosek** » 24 říj 2014 18:58

Zdravim

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5 

*crack* /s
*keygen* /s
*loader* /s

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku

Tomas69 · #3 Příspěvek od **Tomas69** » 24 říj 2014 19:53

OTL logfile created on: 24. 10. 2014 20:21:12 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Tomáš\Desktop
64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17351)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d. M. yyyy

4,00 Gb Total Physical Memory | 2,66 Gb Available Physical Memory | 66,46% Memory free
9,25 Gb Paging File | 3,79 Gb Available in Paging File | 40,98% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232,88 Gb Total Space | 136,60 Gb Free Space | 58,65% Space Free | Partition Type: NTFS
Drive D: | 232,88 Gb Total Space | 121,64 Gb Free Space | 52,23% Space Free | Partition Type: NTFS
Drive E: | 232,88 Gb Total Space | 132,24 Gb Free Space | 56,78% Space Free | Partition Type: NTFS
Drive F: | 186,31 Gb Total Space | 28,09 Gb Free Space | 15,08% Space Free | Partition Type: NTFS

Computer Name: PC-OBYVAK | User Name: Tomáš | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - File not found --
PRC - [2014/10/24 20:18:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Tomáš\Desktop\OTL.exe
PRC - [2014/10/20 06:32:45 | 000,230,792 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler.exe
PRC - [2014/10/10 04:04:06 | 000,854,344 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014/09/12 11:43:06 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2014/08/08 10:34:04 | 022,734,160 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe
PRC - [2014/06/16 17:25:46 | 000,833,024 | ---- | M] (ZONER software) -- C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe
PRC - [2014/04/14 16:41:38 | 000,359,128 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnetdhcp.exe
PRC - [2014/04/14 16:41:38 | 000,112,856 | ---- | M] (VMware, Inc.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
PRC - [2014/04/14 16:41:30 | 000,437,976 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnat.exe
PRC - [2014/04/14 15:44:50 | 000,086,744 | ---- | M] (VMware, Inc.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
PRC - [2013/12/09 17:11:10 | 000,030,016 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe
PRC - [2013/12/09 17:11:06 | 000,072,512 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe
PRC - [2013/12/09 17:10:58 | 001,706,304 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe
PRC - [2013/01/25 04:59:42 | 002,063,128 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\logishrd\sp6\LU1\LogitechUpdate.exe
PRC - [2013/01/25 04:59:36 | 000,350,488 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\logishrd\sp6\LU1\LULnchr.exe
PRC - [2012/11/16 15:24:44 | 000,913,184 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
PRC - [2012/01/10 16:16:10 | 000,491,040 | ---- | M] () -- C:\Program Files (x86)\Seznam.cz\bin\postak.exe
PRC - [2009/10/30 11:19:21 | 000,032,768 | ---- | M] (Tablet Driver) -- C:\Windows\SysWOW64\WTClient.exe

========== Modules (No Company Name) ==========

MOD - [2014/10/24 13:45:15 | 000,805,888 | ---- | M] () -- C:\Users\TOM~1\AppData\Local\Temp\_MEI36482\wx._gdi_.pyd
MOD - [2014/10/24 13:45:15 | 000,110,080 | ---- | M] () -- C:\Users\TOM~1\AppData\Local\Temp\_MEI36482\pywintypes27.dll
MOD - [2014/10/24 13:45:15 | 000,027,136 | ---- | M] () -- C:\Users\TOM~1\AppData\Local\Temp\_MEI36482\_multiprocessing.pyd
MOD - [2014/10/24 13:45:15 | 000,007,168 | ---- | M] () -- C:\Users\TOM~1\AppData\Local\Temp\_MEI36482\hashobjs_ext.pyd
MOD - [2014/10/24 13:45:14 | 001,160,704 | ---- | M] () -- C:\Users\TOM~1\AppData\Local\Temp\_MEI36482\_ssl.pyd
MOD - [2014/10/24 13:45:14 | 000,811,008 | ---- | M] () -- C:\Users\TOM~1\AppData\Local\Temp\_MEI36482\wx._windows_.pyd
MOD - [2014/10/24 13:45:14 | 000,713,216 | ---- | M] () -- C:\Users\TOM~1\AppData\Local\Temp\_MEI36482\_hashlib.pyd
MOD - [2014/10/24 13:45:14 | 000,070,656 | ---- | M] () -- C:\Users\TOM~1\AppData\Local\Temp\_MEI36482\wx._html2.pyd
MOD - [2014/10/24 13:45:14 | 000,024,064 | ---- | M] () -- C:\Users\TOM~1\AppData\Local\Temp\_MEI36482\win32pipe.pyd
MOD - [2014/10/24 13:45:13 | 000,025,600 | ---- | M] () -- C:\Users\TOM~1\AppData\Local\Temp\_MEI36482\win32pdh.pyd
MOD - [2014/10/24 13:45:12 | 001,062,400 | ---- | M] () -- C:\Users\TOM~1\AppData\Local\Temp\_MEI36482\wx._controls_.pyd
MOD - [2014/10/24 13:45:12 | 000,686,080 | ---- | M] () -- C:\Users\TOM~1\AppData\Local\Temp\_MEI36482\unicodedata.pyd
MOD - [2014/10/24 13:45:12 | 000,127,488 | ---- | M] () -- C:\Users\TOM~1\AppData\Local\Temp\_MEI36482\pyexpat.pyd
MOD - [2014/10/24 13:45:12 | 000,038,912 | ---- | M] () -- C:\Users\TOM~1\AppData\Local\Temp\_MEI36482\win32inet.pyd
MOD - [2014/10/24 13:45:12 | 000,018,432 | ---- | M] () -- C:\Users\TOM~1\AppData\Local\Temp\_MEI36482\win32event.pyd
MOD - [2014/10/24 13:45:12 | 000,017,408 | ---- | M] () -- C:\Users\TOM~1\AppData\Local\Temp\_MEI36482\win32profile.pyd
MOD - [2014/10/24 13:45:12 | 000,010,240 | ---- | M] () -- C:\Users\TOM~1\AppData\Local\Temp\_MEI36482\select.pyd
MOD - [2014/10/24 13:45:11 | 000,525,640 | ---- | M] () -- C:\Users\TOM~1\AppData\Local\Temp\_MEI36482\windows._lib_cacheinvalidation.pyd
MOD - [2014/10/24 13:45:11 | 000,167,936 | ---- | M] () -- C:\Users\TOM~1\AppData\Local\Temp\_MEI36482\win32gui.pyd
MOD - [2014/10/24 13:45:11 | 000,119,808 | ---- | M] () -- C:\Users\TOM~1\AppData\Local\Temp\_MEI36482\win32file.pyd
MOD - [2014/10/24 13:45:11 | 000,108,544 | ---- | M] () -- C:\Users\TOM~1\AppData\Local\Temp\_MEI36482\win32security.pyd
MOD - [2014/10/24 13:45:10 | 000,128,512 | ---- | M] () -- C:\Users\TOM~1\AppData\Local\Temp\_MEI36482\_elementtree.pyd
MOD - [2014/10/24 13:45:10 | 000,098,816 | ---- | M] () -- C:\Users\TOM~1\AppData\Local\Temp\_MEI36482\win32api.pyd
MOD - [2014/10/24 13:45:10 | 000,087,552 | ---- | M] () -- C:\Users\TOM~1\AppData\Local\Temp\_MEI36482\_ctypes.pyd
MOD - [2014/10/24 13:45:10 | 000,045,568 | ---- | M] () -- C:\Users\TOM~1\AppData\Local\Temp\_MEI36482\_socket.pyd
MOD - [2014/10/24 13:45:09 | 001,175,040 | ---- | M] () -- C:\Users\TOM~1\AppData\Local\Temp\_MEI36482\wx._core_.pyd
MOD - [2014/10/24 13:45:09 | 000,557,056 | ---- | M] () -- C:\Users\TOM~1\AppData\Local\Temp\_MEI36482\pysqlite2._sqlite.pyd
MOD - [2014/10/24 13:45:09 | 000,320,512 | ---- | M] () -- C:\Users\TOM~1\AppData\Local\Temp\_MEI36482\win32com.shell.shell.pyd
MOD - [2014/10/24 13:45:09 | 000,022,528 | ---- | M] () -- C:\Users\TOM~1\AppData\Local\Temp\_MEI36482\win32ts.pyd
MOD - [2014/10/24 13:45:08 | 000,735,232 | ---- | M] () -- C:\Users\TOM~1\AppData\Local\Temp\_MEI36482\wx._misc_.pyd
MOD - [2014/10/24 13:45:08 | 000,364,544 | ---- | M] () -- C:\Users\TOM~1\AppData\Local\Temp\_MEI36482\pythoncom27.dll
MOD - [2014/10/24 13:45:08 | 000,078,336 | ---- | M] () -- C:\Users\TOM~1\AppData\Local\Temp\_MEI36482\wx._animate.pyd
MOD - [2014/10/24 13:45:08 | 000,011,264 | ---- | M] () -- C:\Users\TOM~1\AppData\Local\Temp\_MEI36482\win32crypt.pyd
MOD - [2014/10/24 13:45:07 | 000,122,368 | ---- | M] () -- C:\Users\TOM~1\AppData\Local\Temp\_MEI36482\wx._wizard.pyd
MOD - [2014/10/24 13:45:06 | 000,035,840 | ---- | M] () -- C:\Users\TOM~1\AppData\Local\Temp\_MEI36482\win32process.pyd
MOD - [2014/10/10 04:04:02 | 008,910,664 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\pdf.dll
MOD - [2014/10/10 04:03:56 | 001,042,760 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\libglesv2.dll
MOD - [2014/10/10 04:03:54 | 000,211,272 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\libegl.dll
MOD - [2014/10/10 04:03:53 | 001,681,224 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\ffmpegsumo.dll
MOD - [2013/12/09 17:10:52 | 000,089,920 | ---- | M] () -- C:\Program Files (x86)\IObit\Start Menu 8\NTFSScan.dll
MOD - [2013/12/09 17:10:52 | 000,039,744 | ---- | M] () -- C:\Program Files (x86)\IObit\Start Menu 8\pri.dll
MOD - [2013/12/09 17:10:48 | 000,348,992 | ---- | M] () -- C:\Program Files (x86)\IObit\Start Menu 8\madexcept_.bpl
MOD - [2013/12/09 17:10:46 | 000,051,008 | ---- | M] () -- C:\Program Files (x86)\IObit\Start Menu 8\maddisAsm_.bpl
MOD - [2013/12/09 17:10:44 | 000,183,616 | ---- | M] () -- C:\Program Files (x86)\IObit\Start Menu 8\madbasic_.bpl
MOD - [2012/01/10 16:16:10 | 000,491,040 | ---- | M] () -- C:\Program Files (x86)\Seznam.cz\bin\postak.exe
MOD - [2012/01/10 14:51:40 | 000,822,816 | ---- | M] () -- C:\Program Files (x86)\Seznam.cz\bin\email.4.dll
MOD - [2012/01/10 14:51:14 | 001,151,520 | ---- | M] () -- C:\Program Files (x86)\Seznam.cz\bin\core.4.dll
MOD - [2010/09/28 12:00:55 | 000,217,088 | ---- | M] () -- C:\Windows\SysWOW64\WinTab32.dll
MOD - [2010/05/13 16:03:41 | 000,232,960 | ---- | M] () -- C:\Windows\SysWOW64\MyDrawLineWindowDll.dll
MOD - [2007/08/29 00:14:10 | 000,759,648 | ---- | M] () -- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
MOD - [2007/08/24 06:38:36 | 000,067,952 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\ColleagueImport.dll
MOD - [2006/10/27 16:35:18 | 000,436,512 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll
MOD - [2006/10/27 16:16:40 | 000,138,512 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office12\OUTLCTL.DLL

========== Services (SafeList) ==========

SRV:64bit: - [2014/09/10 11:08:24 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/08/16 05:29:38 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2014/08/16 02:58:35 | 000,287,744 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2014/08/16 02:45:51 | 000,267,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2014/07/24 09:28:58 | 001,600,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2014/06/02 06:23:24 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2014/06/02 06:23:24 | 000,201,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2014/04/09 07:31:18 | 000,710,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2014/04/09 07:31:16 | 000,530,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2014/04/09 07:31:06 | 000,366,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2014/04/09 07:30:57 | 003,394,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2014/04/09 07:30:57 | 001,576,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2014/04/09 07:30:51 | 000,399,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2014/03/24 04:31:14 | 000,347,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2014/03/24 04:31:14 | 000,023,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2014/03/08 07:41:25 | 001,306,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2014/03/06 09:02:13 | 000,834,560 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2013/09/30 05:58:14 | 000,183,296 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2013/09/30 05:58:14 | 000,090,464 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\KeyboardFilterSvc.dll -- (MsKeyboardFilter)
SRV:64bit: - [2013/08/22 13:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2013/08/22 13:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2013/08/22 13:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2013/08/22 13:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2013/08/22 13:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2013/08/22 12:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2013/08/22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2013/08/22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2013/08/22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2013/08/22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2013/08/22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2013/08/22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2013/08/22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2013/08/22 12:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2013/08/22 11:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2013/08/22 11:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2013/08/22 11:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/08/22 11:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/08/22 11:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2013/08/22 11:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2013/08/22 11:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/08/22 11:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2013/06/13 21:31:10 | 000,357,144 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2012/11/16 15:24:44 | 000,913,184 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2010/06/01 12:46:24 | 000,073,728 | ---- | M] (Tablet Driver) [Auto | Running] -- C:\Windows\SysNative\drivers\WTSrv.exe -- (WinTabService)
SRV - [2014/09/12 11:43:06 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014/09/09 19:52:45 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/08/16 05:29:38 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2014/06/02 06:23:23 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2014/04/14 16:41:38 | 000,359,128 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnetdhcp.exe -- (VMnetDHCP)
SRV - [2014/04/14 16:41:30 | 000,437,976 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnat.exe -- (VMware NAT Service)
SRV - [2014/04/14 16:04:22 | 014,407,384 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe -- (VMwareHostd)
SRV - [2014/04/14 15:44:50 | 000,086,744 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe -- (VMAuthdService)
SRV - [2014/02/27 18:40:46 | 000,906,432 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe -- (VMUSBArbService)
SRV - [2013/12/09 17:11:06 | 000,072,512 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe -- (StartMenuService)
SRV - [2013/12/03 17:10:24 | 002,151,200 | ---- | M] (IObit) [Auto | Stopped] -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe -- (LiveUpdateSvc)
SRV - [2013/08/22 05:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013/08/22 04:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2013/05/14 13:26:12 | 003,289,208 | ---- | M] (Skype Technologies S.A.) [On_Demand | Stopped] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013/02/18 19:08:52 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/09/05 17:56:44 | 000,234,776 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\3.0.285\McCHSvc.exe -- (McComponentHostService)
SRV - [2012/06/11 11:33:26 | 000,724,376 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2014/08/15 02:36:55 | 000,146,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2014/07/24 17:28:38 | 000,468,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2014/07/24 17:28:38 | 000,412,992 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2014/07/24 13:42:22 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2014/05/01 15:31:39 | 000,055,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2014/04/14 16:41:38 | 000,031,448 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetuserif.sys -- (VMnetuserif)
DRV:64bit: - [2014/04/14 16:41:22 | 000,064,728 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmx86.sys -- (vmx86)
DRV:64bit: - [2014/04/14 16:40:42 | 000,046,160 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetbridge.sys -- (VMnetBridge)
DRV:64bit: - [2014/04/14 16:40:42 | 000,020,560 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmnetadapter.sys -- (VMnetAdapter)
DRV:64bit: - [2014/04/09 07:31:00 | 000,924,504 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2014/04/09 07:30:24 | 000,236,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2014/04/09 07:30:24 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2014/04/09 07:30:24 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2014/04/09 07:30:23 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2014/04/09 07:30:23 | 000,189,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2014/04/01 10:04:46 | 000,029,384 | ---- | M] (TamoSoft) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\TsLwWfF.sys -- (TsLwWfF)
DRV:64bit: - [2014/03/24 04:30:57 | 000,257,880 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2014/03/24 04:30:57 | 000,123,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2014/03/24 04:27:03 | 000,035,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2014/03/20 05:41:20 | 000,376,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2014/03/13 14:35:24 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:64bit: - [2014/03/08 22:40:16 | 000,136,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2014/02/27 18:40:32 | 000,054,464 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hcmon.sys -- (hcmon)
DRV:64bit: - [2014/02/27 18:40:28 | 000,051,904 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmusb.sys -- (vmusb)
DRV:64bit: - [2013/11/11 04:48:41 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2013/11/01 13:39:53 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013/10/26 03:54:32 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2013/10/08 18:21:10 | 000,073,296 | ---- | M] (VMware, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vsock.sys -- (vsock)
DRV:64bit: - [2013/10/08 18:21:06 | 000,085,584 | ---- | M] (VMware, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vmci.sys -- (vmci)
DRV:64bit: - [2013/10/05 17:25:54 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2013/09/30 06:06:29 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2013/09/30 05:58:15 | 000,022,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\kbldfltr.sys -- (kbldfltr)
DRV:64bit: - [2013/09/30 05:58:14 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2013/09/30 05:58:08 | 000,220,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Vid.sys -- (Vid)
DRV:64bit: - [2013/09/30 05:58:08 | 000,129,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmbusr.sys -- (vmbusr)
DRV:64bit: - [2013/09/30 05:58:08 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\storvsp.sys -- (storvsp)
DRV:64bit: - [2013/09/30 05:58:08 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpcivsp.sys -- (vpcivsp)
DRV:64bit: - [2013/09/30 05:58:08 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2013/08/22 15:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013/08/22 15:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013/08/22 14:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2013/08/22 14:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013/08/22 14:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/08/22 14:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013/08/22 14:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013/08/22 14:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013/08/22 14:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013/08/22 14:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013/08/22 14:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013/08/22 14:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013/08/22 14:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013/08/22 14:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013/08/22 14:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013/08/22 14:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013/08/22 14:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013/08/22 14:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013/08/22 14:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013/08/22 14:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013/08/22 14:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013/08/22 14:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013/08/22 14:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013/08/22 14:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/08/22 14:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013/08/22 14:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013/08/22 14:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013/08/22 14:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2013/08/22 14:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013/08/22 13:39:58 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2013/08/22 13:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2013/08/22 13:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013/08/22 13:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013/08/22 13:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013/08/22 13:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013/08/22 13:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013/08/22 13:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/08/22 13:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013/08/22 13:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013/08/22 13:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013/08/22 13:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013/08/22 13:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013/08/22 13:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013/08/22 13:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2013/08/22 13:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/08/22 13:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013/08/22 13:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013/08/22 13:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2013/08/22 13:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013/08/22 13:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2013/08/22 13:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2013/08/22 12:27:46 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2013/08/22 10:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013/08/13 01:25:46 | 000,017,624 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013/08/10 02:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013/07/30 20:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013/07/25 21:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2013/07/01 18:50:07 | 005,170,176 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL63AL.SYS -- (BCM43XX)
DRV:64bit: - [2013/06/18 16:46:04 | 000,295,216 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk63x64.sys -- (yukonw8)
DRV:64bit: - [2013/05/23 08:12:52 | 000,059,160 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2013/05/23 08:12:50 | 000,076,568 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2013/05/23 08:12:48 | 000,077,592 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LEqdUsb.sys -- (LEqdUsb)
DRV:64bit: - [2013/05/23 08:12:48 | 000,013,080 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LHidEqd.sys -- (LHidEqd)
DRV:64bit: - [2013/05/17 11:13:26 | 000,017,280 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2012/11/16 14:56:48 | 000,209,808 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2012/11/16 14:56:48 | 000,062,024 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp)
DRV:64bit: - [2012/06/19 06:09:14 | 000,360,448 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012/06/19 06:05:46 | 011,926,016 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012/03/14 08:40:04 | 000,187,632 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw)
DRV:64bit: - [2012/03/14 08:40:04 | 000,038,288 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EpfwLWF.sys -- (EpfwLWF)
DRV:64bit: - [2012/03/14 08:40:02 | 000,148,528 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2010/09/07 14:27:24 | 000,038,912 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PcaSp60.sys -- (PcaSp60)
DRV:64bit: - [2010/07/05 12:59:23 | 000,034,839 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\Tablet2k.inf -- (Tablet2k)
DRV:64bit: - [2009/06/18 12:42:34 | 000,022,696 | ---- | M] (Tablet Driver) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UCTblHid.sys -- (UCTblHid)
DRV:64bit: - [2009/06/18 12:42:16 | 000,027,304 | ---- | M] (Tablet Driver) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TClass2k.sys -- (TClass2k)
DRV:64bit: - [2009/06/18 12:41:59 | 000,017,064 | ---- | M] (PenTablet Driver) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PTSimHid.sys -- (PTSimHid)
DRV:64bit: - [2009/06/18 12:41:46 | 000,027,304 | ---- | M] (PenTablet Driver) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PTSimBus.sys -- (PTSimBus)
DRV:64bit: - [2008/07/26 16:26:34 | 000,050,072 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LVUSBS64.sys -- (LVUSBS64)
DRV:64bit: - [2008/07/26 16:25:48 | 000,790,424 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2008/07/26 16:22:34 | 002,624,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LV302V64.SYS -- (PID_PEPI)
DRV:64bit: - [2008/07/26 16:22:22 | 000,015,768 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lv302a64.sys -- (lvpepf64)
DRV:64bit: - [2007/04/25 17:38:54 | 000,404,480 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV - [2010/09/07 14:27:24 | 000,038,912 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\PcaSp60.sys -- (PcaSp60)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3209533875-1285282057-897017112-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3209533875-1285282057-897017112-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE11SR
IE - HKU\S-1-5-21-3209533875-1285282057-897017112-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7BF003DA68-8256-4b37-A6C4-350FA04494DF%7D:6.5
FF - prefs.js..extensions.enabledAddons: foxmarks%40kei.com:4.3.3
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.1

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Tomáš\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F003DA68-8256-4b37-A6C4-350FA04494DF}: C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014/04/07 09:03:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/02/18 19:08:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2012/12/18 22:44:15 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/02/18 19:08:53 | 000,000,000 | ---D | M]

[2012/12/16 12:54:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tomáš\AppData\Roaming\mozilla\Extensions
[2014/10/24 19:56:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tomáš\AppData\Roaming\mozilla\Firefox\Profiles\ch8uh8as.default\extensions
[2014/10/24 19:44:11 | 000,000,000 | ---D | M] ("Xmarks") -- C:\Users\Tomáš\AppData\Roaming\mozilla\Firefox\Profiles\ch8uh8as.default\extensions\foxmarks@kei.com
[2013/02/18 19:08:41 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/05/22 19:08:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/04/24 19:12:04 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/05/22 19:08:52 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2014/04/07 09:03:35 | 000,000,000 | ---D | M] (Logitech SetPoint) -- C:\PROGRAM FILES\LOGITECH\SETPOINTP\LOGISMOOTHFIREFOXEXT
File not found (No name found) -- C:\USERS\TOMĂˇĹˇ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CH8UH8AS.DEFAULT\EXTENSIONS\FOXMARKS@KEI.COM
[2013/02/18 19:08:53 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/11/29 13:32:34 | 000,002,208 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
[2012/11/29 13:32:34 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2012/11/29 13:32:34 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2012/11/29 13:32:34 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012/11/29 13:32:35 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - plugin: Widevine Content Decryption Module (Enabled) = C:\Users\TomĂˇĹˇ\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.5.671\_platform_specific\win_x86\widevinecdmadapter.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\TomĂˇĹˇ\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll
CHR - Extension: No name found = C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.8_0\
CHR - Extension: No name found = C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla\1.0.28_0\
CHR - Extension: No name found = C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: No name found = C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: No name found = C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_1\
CHR - Extension: No name found = C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\
CHR - Extension: No name found = C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgbogdmdefihhljhfeiklfiedefalcde\3.0.3_0\
CHR - Extension: No name found = C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_1\
CHR - Extension: No name found = C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\edoadhjjfgeniilpmnoaddaihjkkhheb\3.5_0\
CHR - Extension: No name found = C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejafdpedefplpgoacblaboikebhhjlib\1.1.0.0_0\
CHR - Extension: No name found = C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\
CHR - Extension: No name found = C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.0_0\
CHR - Extension: No name found = C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkkaebihfmbofclegkcfkkemepfehibg\1.3_0\
CHR - Extension: No name found = C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkddaofiamhgfjmaccfcfpfolpgbeomj\16_0\
CHR - Extension: No name found = C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\3.1.63_0\
CHR - Extension: No name found = C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\ladlgddeghalkmimaamlhbfaglfcdiep\1.0_0\
CHR - Extension: No name found = C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\7.3.16540.9015_0\
CHR - Extension: No name found = C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfidmkgnfgnkihnjeklbekckimkipmoe\5.14.3_0\
CHR - Extension: No name found = C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlonhgnjdlnjgalpdigmbpfpielpadmc\1.0.8.0_0\
CHR - Extension: No name found = C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_1\
CHR - Extension: No name found = C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb\6.2.2_0\
CHR - Extension: No name found = C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2\

O1 HOSTS File: ([2013/08/22 15:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2:64bit: - BHO: (Logitech SetPoint) - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Logitech SetPoint) - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4 - HKLM..\Run: [vmware-tray.exe] C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe (VMware, Inc.)
O4 - HKLM..\Run: [WTClient] C:\WINDOWS\SysWow64\WTClient.exe (Tablet Driver)
O4 - HKU\S-1-5-21-3209533875-1285282057-897017112-1001..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
O4 - HKU\S-1-5-21-3209533875-1285282057-897017112-1001..\Run: [Seznam Postak] C:\Program Files (x86)\Seznam.cz\bin\postak.exe ()
O4 - HKU\S-1-5-21-3209533875-1285282057-897017112-1001..\Run: [Zoner Photo Studio Autoupdate] C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE (ZONER software)
O4 - HKU\S-1-5-21-3209533875-1285282057-897017112-1001..\Run: [Zoner Photo Studio Service 16] "C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXEC:\Program Files\Zoner\Photo Studio 16\Program32\ZPSService.exe" File not found
O4 - Startup: C:\Users\Tomáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Registrace produktu.lnk = C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe (Leader Technologies/Logitech)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\SysWow64\GPhotos.scr (Google Inc.)
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000012 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000013 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{157E70AE-0B0A-4D86-A34C-EFDCBEE6EFB2}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D9EDA118-3564-4EC1-8C57-91035645FC77}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F460C367-C3E5-4B1F-9981-B8191E5B03A2}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/04/20 07:07:31 | 000,032,482 | ---- | M] () - E:\AutoMapaSetupLog.txt -- [ NTFS ]
O33 - MountPoints2\{710d02c0-59fa-11e3-beec-001e8c5eeede}\Shell - "" = AutoRun
O33 - MountPoints2\{710d02c0-59fa-11e3-beec-001e8c5eeede}\Shell\AutoRun\command - "" = "M:\CallSetup.exe"
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

NetSvcs:64bit: lfsvc - C:\Windows\SysNative\GeofenceMonitorService.dll (Microsoft Corporation)
NetSvcs:64bit: wlidsvc - C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
NetSvcs:64bit: DsmSvc - C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
NetSvcs:64bit: NcaSvc - C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
NetSvcs:64bit: MsKeyboardFilter - C:\Windows\SysNative\KeyboardFilterSvc.dll (Microsoft Corporation)

Drivers32:64bit: msacm.ac3acm - ac3acm.acm (fccHandler)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: msacm.l3codecp - l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FFDS - ff_vfw.dll ()
Drivers32:64bit: vidc.i420 - lvcod64.dll (Logitech Inc.)
Drivers32:64bit: VIDC.LAGS - lagarith.dll ( )
Drivers32:64bit: VIDC.X264 - x264vfw64.dll (x264vfw project)
Drivers32:64bit: VIDC.XVID - xvidvfw.dll ()
Drivers32: msacm.ac3acm - C:\WINDOWS\SysWow64\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\WINDOWS\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\WINDOWS\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\SysWow64\ff_vfw.dll ()
Drivers32: vidc.i420 - C:\WINDOWS\SysWow64\lvcodec2.dll (Logitech Inc.)
Drivers32: VIDC.LAGS - C:\WINDOWS\SysWow64\lagarith.dll ( )
Drivers32: VIDC.X264 - C:\WINDOWS\SysWow64\x264vfw.dll (x264vfw project)
Drivers32: VIDC.XVID - C:\WINDOWS\SysWow64\xvidvfw.dll ()
Unable to save MBR. Invalid drive designation: 0

========== Files/Folders - Created Within 7 Days ==========

[2014/10/24 20:17:47 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Tomáš\Desktop\OTL.exe
[2014/10/24 19:49:36 | 000,000,000 | ---D | C] -- C:\FRST
[2014/10/24 19:44:20 | 000,112,640 | ---- | C] (forum.viry.cz) -- C:\Users\Tomáš\Desktop\FRSTLauncher.exe
[2014/10/24 19:42:38 | 000,112,640 | ---- | C] (forum.viry.cz) -- C:\Users\Tomáš\Desktop\Nepotvrzeno 994661.crdownload
[2014/10/24 19:41:45 | 000,112,640 | ---- | C] (forum.viry.cz) -- C:\Users\Tomáš\Desktop\Nepotvrzeno 656612.crdownload
[2014/10/24 19:41:16 | 002,112,000 | ---- | C] (Farbar) -- C:\Users\Tomáš\Desktop\FRST64 (1).exe
[2014/10/23 10:45:36 | 000,000,000 | ---D | C] -- C:\Users\Tomáš\Desktop\reg
[2014/10/19 19:15:38 | 000,000,000 | ---D | C] -- C:\Users\Tomáš\Desktop\Draci 19.10.14
[2014/02/04 14:25:05 | 013,024,768 | ---- | C] (LastPass) -- C:\Program Files (x86)\Common Files\lpuninstall.exe
[1 C:\WINDOWS\SysNative\*.tmp files -> C:\WINDOWS\SysNative\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2014/10/24 20:18:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Tomáš\Desktop\OTL.exe
[2014/10/24 19:49:00 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014/10/24 19:44:24 | 000,112,640 | ---- | M] (forum.viry.cz) -- C:\Users\Tomáš\Desktop\FRSTLauncher.exe
[2014/10/24 19:43:16 | 002,112,000 | ---- | M] (Farbar) -- C:\Users\Tomáš\Desktop\FRST64 (1).exe
[2014/10/24 19:42:40 | 000,112,640 | ---- | M] (forum.viry.cz) -- C:\Users\Tomáš\Desktop\Nepotvrzeno 994661.crdownload
[2014/10/24 19:41:50 | 000,112,640 | ---- | M] (forum.viry.cz) -- C:\Users\Tomáš\Desktop\Nepotvrzeno 656612.crdownload
[2014/10/24 19:38:26 | 016,578,402 | ---- | M] ( ) -- C:\Users\Tomáš\Desktop\DLLSuite_Setup.exe
[2014/10/24 19:37:04 | 000,000,980 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/10/24 14:44:17 | 001,754,102 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2014/10/24 14:44:17 | 000,741,366 | ---- | M] () -- C:\WINDOWS\SysNative\perfh005.dat
[2014/10/24 14:44:17 | 000,724,962 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2014/10/24 14:44:17 | 000,152,614 | ---- | M] () -- C:\WINDOWS\SysNative\perfc005.dat
[2014/10/24 14:44:17 | 000,136,604 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2014/10/24 13:44:25 | 000,165,659 | ---- | M] () -- C:\MyXML.xml
[2014/10/24 13:44:20 | 000,000,976 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/10/24 13:42:27 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/10/24 13:42:26 | 3435,229,184 | -HS- | M] () -- C:\hiberfil.sys
[2014/10/24 13:21:31 | 416,075,439 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2014/10/23 07:50:43 | 000,267,567 | ---- | M] () -- C:\Users\Tomáš\Desktop\P1010012.jpg
[2014/10/18 20:44:37 | 000,163,899 | ---- | M] () -- C:\Users\Tomáš\Desktop\$_57 (1).JPG
[2014/10/18 20:44:26 | 000,149,409 | ---- | M] () -- C:\Users\Tomáš\Desktop\$_57.JPG
[2014/10/18 20:25:11 | 000,066,154 | ---- | M] () -- C:\Users\Tomáš\Desktop\11960_626363554118439_8693496329808872284_n.jpg
[2014/10/18 20:18:04 | 000,113,221 | ---- | M] () -- C:\Users\Tomáš\Desktop\10307360_628767383878056_8518068901737581366_n.jpg
[1 C:\WINDOWS\SysNative\*.tmp files -> C:\WINDOWS\SysNative\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/10/24 19:25:44 | 016,578,402 | ---- | C] ( ) -- C:\Users\Tomáš\Desktop\DLLSuite_Setup.exe
[2014/10/24 13:48:07 | 000,002,487 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2014/10/24 13:42:27 | 268,435,456 | -HS- | C] () -- C:\swapfile.sys
[2014/10/24 07:29:01 | 416,075,439 | ---- | C] () -- C:\WINDOWS\MEMORY.DMP
[2014/10/23 07:50:29 | 000,267,567 | ---- | C] () -- C:\Users\Tomáš\Desktop\P1010012.jpg
[2014/10/20 13:51:26 | 117,992,986 | ---- | C] () -- C:\Users\Tomáš\Desktop\P1030754.MOV
[2014/10/20 06:32:54 | 000,000,980 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/10/20 06:32:53 | 000,000,976 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/10/18 20:44:32 | 000,163,899 | ---- | C] () -- C:\Users\Tomáš\Desktop\$_57 (1).JPG
[2014/10/18 20:44:22 | 000,149,409 | ---- | C] () -- C:\Users\Tomáš\Desktop\$_57.JPG
[2014/10/18 20:25:06 | 000,066,154 | ---- | C] () -- C:\Users\Tomáš\Desktop\11960_626363554118439_8693496329808872284_n.jpg
[2014/10/18 20:17:50 | 000,113,221 | ---- | C] () -- C:\Users\Tomáš\Desktop\10307360_628767383878056_8518068901737581366_n.jpg
[2014/05/28 09:55:40 | 001,771,058 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2014/04/09 07:31:32 | 000,002,255 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2014/02/13 15:22:54 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2014/02/10 08:12:39 | 000,000,346 | -HS- | C] () -- C:\Users\Tomáš\AppData\Local\70149b02515b3bb20dd492.47983420
[2014/02/05 21:32:24 | 000,000,037 | -HS- | C] () -- C:\Users\Tomáš\AppData\Local\134e6589520e51682091c0.32666518
[2013/10/25 07:39:29 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2013/09/10 13:22:48 | 000,216,064 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\lagarith.dll
[2013/09/10 13:22:47 | 000,650,752 | ---- | C] () -- C:\WINDOWS\SysWow64\xvidcore.dll
[2013/09/10 13:22:47 | 000,243,200 | ---- | C] () -- C:\WINDOWS\SysWow64\xvidvfw.dll
[2013/09/10 13:22:43 | 000,217,176 | ---- | C] () -- C:\WINDOWS\SysWow64\unrar.dll
[2013/09/10 13:22:38 | 000,112,640 | ---- | C] () -- C:\WINDOWS\SysWow64\ff_vfw.dll
[2013/08/22 17:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013/08/22 17:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013/08/22 16:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/08/22 09:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013/08/22 05:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2013/08/22 01:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013/08/22 01:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2012/12/29 23:46:31 | 000,001,769 | ---- | C] () -- C:\WINDOWS\Language_trs.ini
[2012/12/21 23:35:30 | 000,007,600 | ---- | C] () -- C:\Users\Tomáš\AppData\Local\Resmon.ResmonCfg
[2012/12/17 09:00:01 | 000,015,360 | ---- | C] () -- C:\WINDOWS\SysWow64\BASSMOD.dll
[2005/08/12 01:47:17 | 000,000,103 | -H-- | C] () -- C:\Users\Tomáš\AppData\Roaming\logs.dat

Tomas69 · #4 Příspěvek od **Tomas69** » 24 říj 2014 19:55

========== ZeroAccess Check ==========

[2014/02/23 14:09:32 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/08/16 06:08:41 | 021,195,616 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/08/16 05:16:40 | 018,722,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 11:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/22 04:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 11:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/02/23 13:03:38 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\123 Free Solitaire
[2013/02/02 21:56:43 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\aignes
[2013/07/24 21:29:58 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Avery
[2013/11/19 16:30:41 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\CadSoft
[2014/10/08 18:40:29 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Canon
[2012/12/18 22:46:01 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\ESET
[2014/02/21 18:25:51 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\IObit
[2012/12/16 18:18:12 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Leadertech
[2013/02/26 18:17:13 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Mikrotik
[2013/05/12 21:28:14 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Nokia
[2013/05/12 20:50:36 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\PC Suite
[2014/03/04 23:02:19 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\QuickScan
[2013/04/09 14:56:43 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Rovio
[2014/02/07 23:28:49 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\SolSuite
[2013/01/07 22:23:01 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\systweak
[2014/10/16 15:29:02 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Unity
[2014/06/02 12:16:34 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Zoner

========== Purity Check ==========

========== Custom Scans ==========

< REATERESTOREPOINT >
[2013/02/18 18:52:33 | 000,000,914 | ---- | C] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[2013/08/22 16:45:54 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2014/10/20 06:32:53 | 000,000,976 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2014/10/20 06:32:54 | 000,000,980 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

< >

< >

< MD5 for: ATAPI.SYS >
[2013/08/22 14:43:41 | 000,026,464 | ---- | M] (Microsoft Corporation) MD5=74B14192CF79A72F7536B27CB8814FBD -- C:\WINDOWS\SysNative\drivers\atapi.sys
[2013/08/22 14:43:41 | 000,026,464 | ---- | M] (Microsoft Corporation) MD5=74B14192CF79A72F7536B27CB8814FBD -- C:\WINDOWS\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_64aa4354da84c2df\atapi.sys
[2013/08/22 14:43:41 | 000,026,464 | ---- | M] (Microsoft Corporation) MD5=74B14192CF79A72F7536B27CB8814FBD -- C:\Windows\WinSxS\amd64_mshdc.inf_31bf3856ad364e35_6.3.9600.16384_none_cdf68824f580d510\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2014/04/11 09:38:38 | 000,028,249 | ---- | M] () MD5=0CBDE27FB26761852F7B22AFB8C51ACB -- C:\Windows\WinSxS\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.3.9600.16384_none_d2b24d5495b82963\autochk.exe
[2014/04/09 07:31:33 | 000,792,576 | ---- | M] (Microsoft Corporation) MD5=1D31E78ED5C40B5C6CC8D3DE713177A5 -- C:\Windows\SysWOW64\autochk.exe
[2014/04/09 07:31:33 | 000,792,576 | ---- | M] (Microsoft Corporation) MD5=1D31E78ED5C40B5C6CC8D3DE713177A5 -- C:\Windows\WinSxS\x86_microsoft-windows-autochk_31bf3856ad364e35_6.3.9600.17031_none_76c6a414dd35029f\autochk.exe
[2014/04/09 07:30:49 | 000,890,880 | ---- | M] (Microsoft Corporation) MD5=387A1E98BE548E4F199343CBA01E9D6D -- C:\WINDOWS\SysNative\autochk.exe
[2014/04/09 07:30:49 | 000,890,880 | ---- | M] (Microsoft Corporation) MD5=387A1E98BE548E4F199343CBA01E9D6D -- C:\Windows\WinSxS\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.3.9600.17031_none_d2e53f98959273d5\autochk.exe
[2014/04/11 10:21:22 | 000,023,596 | ---- | M] () MD5=83A4C9BE342BC296EC09492FF7594F13 -- C:\Windows\WinSxS\x86_microsoft-windows-autochk_31bf3856ad364e35_6.3.9600.16384_none_7693b1d0dd5ab82d\autochk.exe

< MD5 for: CDROM.SYS >
[2013/08/22 10:46:35 | 000,164,352 | ---- | M] (Microsoft Corporation) MD5=C6796EA22B513E3457514D92DCDB1A3D -- C:\WINDOWS\SysNative\drivers\cdrom.sys
[2013/08/22 10:46:35 | 000,164,352 | ---- | M] (Microsoft Corporation) MD5=C6796EA22B513E3457514D92DCDB1A3D -- C:\WINDOWS\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_42e9c29f0affc440\cdrom.sys
[2013/08/22 10:46:35 | 000,164,352 | ---- | M] (Microsoft Corporation) MD5=C6796EA22B513E3457514D92DCDB1A3D -- C:\Windows\WinSxS\amd64_cdrom.inf_31bf3856ad364e35_6.3.9600.16384_none_5067bbed77be70be\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2014/08/23 09:13:24 | 002,084,520 | ---- | M] (Microsoft Corporation) MD5=195822ACCDAA2B4815DD01BAFC335595 -- C:\Windows\SysWOW64\explorer.exe
[2014/08/23 09:13:24 | 002,084,520 | ---- | M] (Microsoft Corporation) MD5=195822ACCDAA2B4815DD01BAFC335595 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17284_none_4cc798c1821453a8\explorer.exe
[2014/10/17 16:52:47 | 000,270,774 | ---- | M] () MD5=2195687491E604BA42961470EDA7660E -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17238_none_42acff334d876b54\explorer.exe
[2014/10/18 07:10:08 | 000,220,250 | ---- | M] () MD5=286928E00AD34E9F88EB5BFA52660A70 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17238_none_4d01a98581e82d4f\explorer.exe
[2014/04/12 06:55:10 | 000,015,546 | ---- | M] () MD5=347EFF7EC89C3EB4F72F2408E1C4E16D -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17031_none_4cfaa3b381ee81a0\explorer.exe
[2013/11/16 14:46:50 | 000,133,444 | ---- | M] () MD5=3DDF61E1B538A1205612192A61CC2376 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16408_none_42cd898b4d6ef82e\explorer.exe
[2014/10/17 16:52:44 | 000,271,249 | ---- | M] () MD5=667BC926C7CB889BF276A5FEA316CAEE -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17039_none_42adfbb14d868a5d\explorer.exe
[2014/04/12 06:23:01 | 000,169,957 | ---- | M] () MD5=6D919C26DCB567396CD2E119B8E4310E -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17031_none_42a5f9614d8dbfa5\explorer.exe
[2014/04/11 10:10:48 | 000,238,900 | ---- | M] () MD5=7EFB11341AB1805C1B20169B6FEA9C4D -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16441_none_4ceff22781f6788c\explorer.exe
[2013/11/16 14:55:41 | 000,127,825 | ---- | M] () MD5=983D8A3EB94B05A199D3744C0F0C475F -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16408_none_4d2233dd81cfba29\explorer.exe
[2014/08/23 09:48:28 | 002,374,784 | ---- | M] (Microsoft Corporation) MD5=ACDBE1ED38167C8B01B8F63161BB2CEA -- C:\Windows\explorer.exe
[2014/08/23 09:48:28 | 002,374,784 | ---- | M] (Microsoft Corporation) MD5=ACDBE1ED38167C8B01B8F63161BB2CEA -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17284_none_4272ee6f4db391ad\explorer.exe
[2014/10/18 07:10:14 | 000,219,647 | ---- | M] () MD5=B75E9C8434D53F8C187D352FA7F692D4 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17249_none_4cf7d9e381ef6297\explorer.exe
[2014/10/18 07:10:04 | 000,208,662 | ---- | M] () MD5=C131BC6F12417306A9C8469CA49110B1 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17039_none_4d02a60381e74c58\explorer.exe
[2014/10/17 16:52:50 | 000,270,403 | ---- | M] () MD5=C20A0C44E241606430009E7F126A1125 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17249_none_42a32f914d8ea09c\explorer.exe
[2014/04/11 09:42:41 | 000,284,316 | ---- | M] () MD5=C252617200340402DFE4CB9FCA59B193 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16441_none_429b47d54d95b691\explorer.exe

< MD5 for: HAL.DLL >
[2014/06/02 04:10:31 | 000,423,768 | ---- | M] (Microsoft Corporation) MD5=08DCA300264238F9AE941302321F3D54 -- C:\WINDOWS\SysNative\hal.dll
[2014/06/02 04:10:31 | 000,423,768 | ---- | M] (Microsoft Corporation) MD5=08DCA300264238F9AE941302321F3D54 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.3.9600.17196_none_9bde68c32da7abbb\hal.dll
[2014/08/17 09:28:44 | 000,024,467 | ---- | M] () MD5=2635F50EAF3E1B4A8D32B21E1203E130 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.3.9600.17031_none_9c1a44f32d7b883b\hal.dll
[2014/02/15 10:10:32 | 000,014,096 | ---- | M] () MD5=64D2873F32BB723BFFF3F8895032AA35 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.3.9600.16408_none_9c41d51d2d5cc0c4\hal.dll
[2014/04/11 09:43:35 | 000,066,843 | ---- | M] () MD5=D714202F057A317C8E31776EBEA0AEA2 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.3.9600.16500_none_9c39d4b32d63f333\hal.dll

< MD5 for: SCECLI.DLL >
[2013/08/22 04:48:17 | 000,207,360 | ---- | M] (Microsoft Corporation) MD5=1F142D5BD1C3869C5D902779B6FEC3EF -- C:\Windows\SysWOW64\scecli.dll
[2013/08/22 04:48:17 | 000,207,360 | ---- | M] (Microsoft Corporation) MD5=1F142D5BD1C3869C5D902779B6FEC3EF -- C:\Windows\WinSxS\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.3.9600.16384_none_3320ecb8e1733781\scecli.dll
[2013/08/22 11:55:43 | 000,271,360 | ---- | M] (Microsoft Corporation) MD5=1F1B8D07708E40E54C55B392C78ECCE2 -- C:\WINDOWS\SysNative\scecli.dll
[2013/08/22 11:55:43 | 000,271,360 | ---- | M] (Microsoft Corporation) MD5=1F1B8D07708E40E54C55B392C78ECCE2 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.3.9600.16384_none_28cc4266ad127586\scecli.dll

< MD5 for: SERVICES.EXE >
[2014/06/02 06:23:23 | 000,407,016 | ---- | M] (Microsoft Corporation) MD5=067CB90C277DB4A737D5DEABA3055972 -- C:\WINDOWS\SysNative\services.exe
[2014/06/02 06:23:23 | 000,407,016 | ---- | M] (Microsoft Corporation) MD5=067CB90C277DB4A737D5DEABA3055972 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..cecontroller-minwin_31bf3856ad364e35_6.3.9600.17084_none_2fd708ffd09a6815\services.exe
[2014/06/02 20:30:11 | 000,082,895 | ---- | M] () MD5=892D1838D0C77D4734F7E21F064CD06C -- C:\Windows\WinSxS\amd64_microsoft-windows-s..cecontroller-minwin_31bf3856ad364e35_6.3.9600.16384_none_2fd72579d09a45e9\services.exe

< MD5 for: SVCHOST.EXE >
[2013/08/22 07:30:58 | 000,031,552 | ---- | M] (Microsoft Corporation) MD5=425E22D9F5C01616AFC92987791B19E9 -- C:\Windows\SysWOW64\svchost.exe
[2013/08/22 07:30:58 | 000,031,552 | ---- | M] (Microsoft Corporation) MD5=425E22D9F5C01616AFC92987791B19E9 -- C:\Windows\WinSxS\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.3.9600.16384_none_4a5b1e2820e75323\svchost.exe
[2013/08/22 14:45:17 | 000,037,768 | ---- | M] (Microsoft Corporation) MD5=E4CA434F251681590D0538BC21C32D2F -- C:\WINDOWS\SysNative\svchost.exe
[2013/08/22 14:45:17 | 000,037,768 | ---- | M] (Microsoft Corporation) MD5=E4CA434F251681590D0538BC21C32D2F -- C:\Windows\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.3.9600.16384_none_a679b9abd944c459\svchost.exe

< MD5 for: TCPIP.SYS >
[2014/02/15 11:53:18 | 000,210,441 | ---- | M] () MD5=01941724D120729E2B680B22F05D4123 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.16423_none_a41c53813a2d8394\tcpip.sys
[2014/03/16 09:19:54 | 000,271,861 | ---- | M] () MD5=2102610D6FD1D928A3D7155077A78B82 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.16456_none_a3fee49b3a43236c\tcpip.sys
[2014/04/12 06:52:52 | 000,481,295 | ---- | M] () MD5=2F83A7537A9B8CF98E6B4710A3E3D381 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.16521_none_a41a54d33a2f4e0d\tcpip.sys
[2014/10/17 18:32:57 | 000,445,111 | ---- | M] () MD5=5F46548648648BE21060C8DED2B56238 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17238_none_a4166a733a313d8b\tcpip.sys
[2014/08/16 05:57:37 | 002,498,880 | ---- | M] (Microsoft Corporation) MD5=87F3713E620F62D243A82B3CB66CBDDE -- C:\WINDOWS\SysNative\drivers\tcpip.sys
[2014/08/16 05:57:37 | 002,498,880 | ---- | M] (Microsoft Corporation) MD5=87F3713E620F62D243A82B3CB66CBDDE -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17278_none_a3eb2ac33a51ad4f\tcpip.sys
[2014/08/17 09:34:39 | 000,223,198 | ---- | M] () MD5=889B53B7C56665B0277CC00EF4051DE4 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17085_none_a3dd562d3a5c82ed\tcpip.sys
[2014/10/17 18:32:52 | 000,446,400 | ---- | M] () MD5=96F67EB5FD0CF6809C15A9530C68A8B7 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17136_none_a41467f93a330db6\tcpip.sys
[2014/06/02 20:32:45 | 000,234,906 | ---- | M] () MD5=CB44BD6971455D2A4E3C1AF65AB60377 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17039_none_a41766f13a305c94\tcpip.sys
[2013/11/16 14:51:22 | 000,250,257 | ---- | M] () MD5=D051052CB1A286833805C2E0F7710F85 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.16408_none_a436f4cb3a18ca65\tcpip.sys

< MD5 for: USERINIT.EXE >
[2013/08/22 12:03:12 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=08C191B2917862BE90C33E31CB6B6D79 -- C:\WINDOWS\SysNative\userinit.exe
[2013/08/22 12:03:12 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=08C191B2917862BE90C33E31CB6B6D79 -- C:\Windows\WinSxS\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.3.9600.16384_none_cce71a20a5a6fe7f\userinit.exe
[2013/08/22 04:54:12 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=41636F77AD6D9A396EA34E4786B96F2B -- C:\Windows\SysWOW64\userinit.exe
[2013/08/22 04:54:12 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=41636F77AD6D9A396EA34E4786B96F2B -- C:\Windows\WinSxS\x86_microsoft-windows-userinit_31bf3856ad364e35_6.3.9600.16384_none_70c87e9ced498d49\userinit.exe

< MD5 for: WINLOGON.EXE >
[2014/04/09 07:30:54 | 000,562,176 | ---- | M] (Microsoft Corporation) MD5=306EB21E5B480AE9065EA55AC8C35936 -- C:\WINDOWS\SysNative\winlogon.exe
[2014/04/09 07:30:54 | 000,562,176 | ---- | M] (Microsoft Corporation) MD5=306EB21E5B480AE9065EA55AC8C35936 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.3.9600.17031_none_60b45365a8c2ccdb\winlogon.exe
[2014/04/11 10:02:55 | 000,089,459 | ---- | M] () MD5=E40DC8DF924E02F04F3620DBAC1ACE31 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.3.9600.16384_none_60816121a8e88269\winlogon.exe

< >

< %systemroot%*.* /U /s >
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[2 C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[1 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\System32\catroot\*.tmp files -> C:\WINDOWS\System32\catroot\*.tmp -> ]
[4 C:\WINDOWS\System32\Macromed\Flash\*.tmp files -> C:\WINDOWS\System32\Macromed\Flash\*.tmp -> ]
[4 C:\WINDOWS\SysWOW64\Macromed\Flash\*.tmp files -> C:\WINDOWS\SysWOW64\Macromed\Flash\*.tmp -> ]
[21 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2013/02/23 13:03:38 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\123 Free Solitaire
[2013/01/24 11:02:31 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Adobe
[2013/02/02 21:56:43 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\aignes
[2013/02/19 23:34:24 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Apple Computer
[2013/07/24 21:29:58 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Avery
[2013/11/19 16:30:41 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\CadSoft
[2014/10/08 18:40:29 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Canon
[2012/12/18 22:46:01 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\ESET
[2013/10/25 19:01:55 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Identities
[2014/02/21 18:25:51 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\IObit
[2012/12/16 18:18:12 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Leadertech
[2012/12/16 17:50:07 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Logishrd
[2012/12/16 18:35:03 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Logitech
[2012/12/16 10:56:05 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Macromedia
[2014/09/22 18:36:01 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Media Player Classic
[2005/05/27 03:11:27 | 000,000,000 | RHSD | M] -- C:\Users\Tomáš\AppData\Roaming\Microsoft
[2013/02/26 18:17:13 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Mikrotik
[2012/12/16 12:54:23 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Mozilla
[2013/05/12 21:28:14 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Nokia
[2013/05/12 20:50:36 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\PC Suite
[2014/03/04 23:02:19 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\QuickScan
[2013/04/09 14:56:43 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Rovio
[2014/10/24 20:33:14 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Skype
[2014/02/07 23:28:49 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\SolSuite
[2013/01/07 22:23:01 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\systweak
[2014/10/16 15:29:02 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Unity
[2014/06/22 08:24:25 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\VMware
[2014/06/02 12:16:34 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Zoner

< %APPDATA%\*.exe /s >
[2012/03/20 17:32:36 | 002,302,832 | ---- | M] (Avery Dennison Corporation. Envel Informationssysteme GmbH.) -- C:\Users\Tomáš\AppData\Roaming\Avery\Avery Wizard 4.0\AZWizard.exe
[2014/02/21 18:26:31 | 000,588,608 | ---- | M] () -- C:\Users\Tomáš\AppData\Roaming\IObit\IObit Uninstaller\Install_PintoStartMenutemp.exe
[2014/02/21 18:26:31 | 000,629,568 | ---- | M] () -- C:\Users\Tomáš\AppData\Roaming\IObit\IObit Uninstaller\UninstallDisplaytemp.exe
[2014/01/21 12:06:26 | 002,129,728 | ---- | M] (IObit) -- C:\Users\Tomáš\AppData\Roaming\IObit\IObit Uninstaller\UninstallPromotetemp.exe
[2014/04/07 09:04:31 | 000,053,248 | R--- | M] (Acresso Software Inc.) -- C:\Users\Tomáš\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
[2014/03/09 08:28:23 | 000,045,126 | R--- | M] () -- C:\Users\Tomáš\AppData\Roaming\Microsoft\Installer\{45642795-567E-4B46-85E7-5CDBC8B2F697}\_614939BFE59502FEB6CE41.exe
[2014/03/09 08:28:23 | 000,045,126 | R--- | M] () -- C:\Users\Tomáš\AppData\Roaming\Microsoft\Installer\{45642795-567E-4B46-85E7-5CDBC8B2F697}\_64130CAC1AF988588B774B.exe
[2014/03/09 08:28:23 | 000,045,126 | R--- | M] () -- C:\Users\Tomáš\AppData\Roaming\Microsoft\Installer\{45642795-567E-4B46-85E7-5CDBC8B2F697}\_853F67D554F05449430E7E.exe
[2014/02/25 20:05:33 | 000,071,894 | R--- | M] () -- C:\Users\Tomáš\AppData\Roaming\Microsoft\Installer\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}\GPUploader.exe
[2013/07/24 21:09:58 | 000,053,248 | R--- | M] (Flexera Software, Inc.) -- C:\Users\Tomáš\AppData\Roaming\Microsoft\Installer\{F5D84887-8A6F-4993-8560-B3AA44CB620D}\ARPPRODUCTICON.exe
[2014/08/15 09:34:25 | 000,034,360 | ---- | M] () -- C:\Users\Tomáš\AppData\Roaming\QuickScan\chromeqs.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2014/09/26 00:43:38 | 011,807,232 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\ieframe.dll

< %systemroot%\Tasks\*.job >
[2014/10/24 19:49:00 | 000,000,914 | ---- | M] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[2014/10/24 13:44:20 | 000,000,976 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2014/10/24 20:38:11 | 000,000,980 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >
[2014/09/26 00:43:38 | 011,807,232 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\ieframe.dll

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Seznam Postak" = "C:\Program Files (x86)\Seznam.cz\bin\postak.exe" -s -- [2012/01/10 16:16:10 | 000,491,040 | ---- | M] ()
"GoogleDriveSync" = "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart -- [2014/08/08 10:34:04 | 022,734,160 | ---- | M] (Google)
"Zoner Photo Studio Service 16" = "C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXEC:\Program Files\Zoner\Photo Studio 16\Program32\ZPSService.exe"
"Zoner Photo Studio Autoupdate" = "C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE" -- [2014/06/16 17:25:46 | 000,833,024 | ---- | M] (ZONER software)
"Skype" = "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun -- [2014/08/27 09:20:30 | 022,041,192 | R--- | M] (Skype Technologies S.A.)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2013/02/18 19:08:53 | 000,917,400 | ---- | M] (Mozilla Corporation) MD5=D7826A7440444F40E0406CF37FD2FA88 -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2014/09/26 01:27:56 | 000,812,688 | ---- | M] (Microsoft Corporation) MD5=0B219DF6F397F076BC4DF0249156D010 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2014/10/10 04:04:06 | 000,854,344 | ---- | M] (Google Inc.) MD5=B53D59915A356B06C1D7DE5B22B4177C -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >

< >

< *crack* /s >
[2014/04/01 03:39:00 | 000,005,330 | ---- | M] () -- \Users\Tomáš\Desktop\aircrack-ng-1.2-beta3\manpages\aircrack-ng.1
[2014/04/01 04:20:58 | 000,004,636 | ---- | M] () -- \Users\Tomáš\Desktop\aircrack-ng-1.2-beta3\packages\aircrack-ng.spec
[2009/07/22 21:01:36 | 000,000,281 | ---- | M] () -- \Users\Tomáš\Desktop\aircrack-ng-1.2-beta3\patches\old\aicrack-ng-rc2_Intel_macOSX.patch
[2013/05/02 01:46:34 | 000,017,795 | ---- | M] () -- \Users\Tomáš\Desktop\aircrack-ng-1.2-beta3\scripts\dcrack.py
[2011/11/20 06:00:14 | 000,001,164 | ---- | M] () -- \Users\Tomáš\Desktop\aircrack-ng-1.2-beta3\scripts\airoscript-ng\doc\rst\crack.rst
[2012/01/30 17:09:54 | 000,002,062 | ---- | M] () -- \Users\Tomáš\Desktop\aircrack-ng-1.2-beta3\scripts\airoscript-ng\doc\rst\crack.rst.html
[2013/03/17 18:36:30 | 000,000,954 | ---- | M] () -- \Users\Tomáš\Desktop\aircrack-ng-1.2-beta3\scripts\airoscript-ng\src\extras\completions\_aircrack_ng
[2013/08/10 18:04:58 | 000,007,006 | ---- | M] () -- \Users\Tomáš\Desktop\aircrack-ng-1.2-beta3\scripts\airoscript-ng\src\functions\autocrack
[2014/03/31 03:39:16 | 000,134,730 | ---- | M] () -- \Users\Tomáš\Desktop\aircrack-ng-1.2-beta3\src\aircrack-ng.c
[2014/03/22 22:04:58 | 000,008,857 | ---- | M] () -- \Users\Tomáš\Desktop\aircrack-ng-1.2-beta3\src\aircrack-ng.h
[2014/02/04 05:04:18 | 000,022,010 | ---- | M] () -- \Users\Tomáš\Desktop\aircrack-ng-1.2-beta3\src\aircrack-ptw-lib.c
[2013/07/22 00:42:20 | 000,003,863 | ---- | M] () -- \Users\Tomáš\Desktop\aircrack-ng-1.2-beta3\src\aircrack-ptw-lib.h
[2014/01/29 17:46:34 | 000,003,379 | ---- | M] () -- \Users\Tomáš\Desktop\karta\Karta\Android\data\com.gameloft.android.ANMP.GloftDMHM\files\ps\ps_t_dm_mm_tortilla_chip_crack_001.ps

< *keygen* /s >

< *loader* /s >
[2006/10/26 14:40:34 | 000,057,344 | ---- | M] () -- \Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\coloader.dll
[2006/10/26 14:40:34 | 000,005,120 | ---- | M] () -- \Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\coloader.tlb
[2014/01/06 20:47:02 | 000,000,702 | ---- | M] () -- \Program Files (x86)\Google\Picasa3\runtime\gpuploader_advoptions.fen
[2014/01/06 20:47:02 | 000,000,790 | ---- | M] () -- \Program Files (x86)\Google\Picasa3\runtime\gpuploader_debug.fen
[2014/01/06 20:47:02 | 000,000,723 | ---- | M] () -- \Program Files (x86)\Google\Picasa3\runtime\gpuploader_download.fen
[2014/01/06 20:47:02 | 000,000,694 | ---- | M] () -- \Program Files (x86)\Google\Picasa3\runtime\gpuploader_file_errors.fen
[2013/02/09 03:39:28 | 000,000,934 | ---- | M] () -- \Program Files (x86)\Google\Picasa3\runtime\gpuploader_main.fen
[2014/01/06 20:47:04 | 000,000,634 | ---- | M] () -- \Program Files (x86)\Google\Picasa3\runtime\gpuploader_manage_devices.fen
[2014/01/06 20:47:04 | 000,002,283 | ---- | M] () -- \Program Files (x86)\Google\Picasa3\runtime\gpuploader_onboard.fen
[2014/01/06 20:47:04 | 000,001,417 | ---- | M] () -- \Program Files (x86)\Google\Picasa3\runtime\gpuploader_options.fen
[2014/01/06 20:47:04 | 000,001,330 | ---- | M] () -- \Program Files (x86)\Google\Picasa3\runtime\gpuploader_pinwheel_72.png
[2014/01/06 20:47:04 | 000,002,541 | ---- | M] () -- \Program Files (x86)\Google\Picasa3\runtime\gpuploader_pinwheel_72x2.png
[2014/01/06 20:47:04 | 000,002,109 | ---- | M] () -- \Program Files (x86)\Google\Picasa3\runtime\gpuploader_prefs.fen
[2014/01/06 20:47:04 | 000,000,956 | ---- | M] () -- \Program Files (x86)\Google\Picasa3\runtime\gpuploader_quota_error1.fen
[2014/01/06 20:47:04 | 000,001,080 | ---- | M] () -- \Program Files (x86)\Google\Picasa3\runtime\gpuploader_quota_error2.fen
[2014/01/06 20:47:04 | 000,001,139 | ---- | M] () -- \Program Files (x86)\Google\Picasa3\runtime\gpuploader_quota_error_estimate.fen
[2014/01/06 20:47:04 | 000,002,181 | ---- | M] () -- \Program Files (x86)\Google\Picasa3\runtime\gpuploader_welcome.fen
[2013/12/09 17:10:40 | 001,057,600 | ---- | M] () -- \Program Files (x86)\IObit\Start Menu 8\IObitDownloader.exe
[2013/07/30 15:14:52 | 002,256,704 | ---- | M] () -- \Program Files (x86)\IObit\Start Menu 8\Freeware\Start_Menu8_FreeSoftwareDownloader.exe
[2012/06/26 12:36:20 | 000,002,560 | ---- | M] () -- \Program Files (x86)\Nokia\Nokia PC Suite 7\Lang\MapLoader_cze.NLR
[2003/06/30 10:37:32 | 000,002,315 | ---- | M] () -- \Program Files (x86)\Smoky City Design\The Panorama Factory V5\help\loader.js
[2013/12/18 23:58:13 | 000,002,315 | ---- | M] () -- \Program Files (x86)\Smoky City Design\The Panorama Factory V5\help\cs_CZ\loader.js
[2005/06/07 13:25:46 | 000,044,032 | ---- | M] () -- \Program Files (x86)\WinRAR\RarExtLoader.exe
[2010/04/29 15:12:38 | 000,673,160 | ---- | M] () -- \Program Files (x86)\Zoner\Photo Studio 12\Plugins\Facebook\ZPSFacebookUploader.exe
[2010/04/29 15:12:40 | 000,053,640 | ---- | M] () -- \Program Files (x86)\Zoner\Photo Studio 12\Plugins\Facebook\ZPSPluginLoader.exe
[2010/04/29 15:12:42 | 000,686,984 | ---- | M] () -- \Program Files (x86)\Zoner\Photo Studio 12\Plugins\Flickr\ZPSFlickrUploader.exe
[2010/04/29 15:12:42 | 000,053,640 | ---- | M] () -- \Program Files (x86)\Zoner\Photo Studio 12\Plugins\Flickr\ZPSPluginLoader.exe
[2014/02/18 06:37:12 | 000,000,856 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.212_x64__8wekyb3d8bbwe\js\HtmlFileLoader.js
[2013/10/25 19:08:39 | 000,001,160 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\modernpeople\appframe\backgroundloader.js
[2013/10/25 19:08:40 | 000,004,996 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\modernshareanything\sharedataloader.js
[2013/10/25 19:08:40 | 000,002,125 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\modernsharetarget\sharemaildataloader.js
[2013/10/25 19:15:36 | 000,043,128 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe\Framework\imageLoader.js
[2013/03/05 11:11:10 | 000,432,128 | ---- | M] () -- \Program Files\Zoner\Photo Studio 16\Plugins\Facebook\ZPSFacebookUploader.exe
[2010/04/29 15:12:40 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 16\Plugins\Facebook\ZPSPluginLoader.exe
[2013/03/05 14:03:44 | 000,443,904 | ---- | M] () -- \Program Files\Zoner\Photo Studio 16\Plugins\Flickr\ZPSFlickrUploader.exe
[2010/04/29 15:12:42 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 16\Plugins\Flickr\ZPSPluginLoader.exe
[2013/03/05 13:34:20 | 000,192,512 | ---- | M] () -- \Program Files\Zoner\Photo Studio 16\Plugins\Picasa\ZPSPicasaUploader.exe
[2010/04/29 15:12:40 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 16\Plugins\Picasa\ZPSPluginLoader.exe
[2014/06/16 17:25:32 | 000,103,936 | ---- | M] () -- \Program Files\Zoner\Photo Studio 16\Program32\8bfLoader.exe
[2014/06/16 17:25:38 | 000,018,944 | ---- | M] () -- \Program Files\Zoner\Photo Studio 16\Program32\WICLoader.exe
[2014/06/16 17:26:00 | 000,021,504 | ---- | M] () -- \Program Files\Zoner\Photo Studio 16\Program64\WICLoader.exe
[2014/10/24 13:45:23 | 000,266,388 | ---- | M] () -- \ProgramData\IObit\ASCDownloader\Downloader.log
[2014/10/24 13:45:23 | 000,266,388 | ---- | M] () -- \Users\All Users\IObit\ASCDownloader\Downloader.log
[2012/12/01 15:34:24 | 000,117,377 | ---- | M] () -- \Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkddaofiamhgfjmaccfcfpfolpgbeomj\16_0\images\page\loader-bg.jpg
[2012/12/01 15:34:24 | 000,053,492 | ---- | M] () -- \Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkddaofiamhgfjmaccfcfpfolpgbeomj\16_0\images\page\loader-bubble.png
[2012/12/01 15:34:24 | 000,007,078 | ---- | M] () -- \Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkddaofiamhgfjmaccfcfpfolpgbeomj\16_0\images\page\loader-logo.png
[2012/12/01 15:34:24 | 000,002,976 | ---- | M] () -- \Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkddaofiamhgfjmaccfcfpfolpgbeomj\16_0\images\page\loader-numbers.png
[2012/12/01 15:34:24 | 000,019,936 | ---- | M] () -- \Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkddaofiamhgfjmaccfcfpfolpgbeomj\16_0\images\page\loader-smallbubble.png
[2014/10/05 07:21:29 | 000,018,715 | ---- | M] () -- \Users\Tomáš\AppData\Local\Microsoft\Windows\INetCache\IE\68GJ8DJE\AdLoader-a5fa12058ddb9a8919d6906ba95d7c57.min[1].js
[2014/10/05 07:21:29 | 000,001,980 | ---- | M] () -- \Users\Tomáš\AppData\Local\Microsoft\Windows\INetCache\IE\L60D8GSR\AdLoader[1].htm
[2014/10/05 07:21:32 | 000,001,980 | ---- | M] () -- \Users\Tomáš\AppData\Local\Microsoft\Windows\INetCache\IE\L60D8GSR\AdLoader[2].htm
[2014/05/29 22:14:03 | 000,001,980 | ---- | M] () -- \Users\Tomáš\AppData\Local\Microsoft\Windows\INetCache\IE\V9HMFR15\AdLoader[1].htm
[2014/06/12 07:10:20 | 000,001,980 | ---- | M] () -- \Users\Tomáš\AppData\Local\Microsoft\Windows\INetCache\IE\VYDF9EHX\AdLoader[1].htm
[2014/01/06 11:52:30 | 003,244,032 | ---- | M] () -- \Users\Tomáš\AppData\Local\Programs\Google\Google+ Auto Backup\gpuploader_i18n.dll
[2014/01/06 11:47:04 | 000,000,702 | ---- | M] () -- \Users\Tomáš\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_advoptions.fen
[2014/01/06 11:47:04 | 000,000,790 | ---- | M] () -- \Users\Tomáš\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_debug.fen
[2014/01/06 11:47:04 | 000,000,723 | ---- | M] () -- \Users\Tomáš\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_download.fen
[2014/01/06 11:47:04 | 000,000,694 | ---- | M] () -- \Users\Tomáš\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_file_errors.fen
[2014/01/06 11:47:06 | 000,171,541 | ---- | M] () -- \Users\Tomáš\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_icons.psd
[2014/01/06 11:47:06 | 000,000,634 | ---- | M] () -- \Users\Tomáš\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_manage_devices.fen
[2014/01/06 11:47:06 | 000,002,283 | ---- | M] () -- \Users\Tomáš\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_onboard.fen
[2014/01/06 11:47:06 | 000,001,417 | ---- | M] () -- \Users\Tomáš\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_options.fen
[2014/01/06 11:47:06 | 000,002,109 | ---- | M] () -- \Users\Tomáš\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_prefs.fen
[2014/01/06 11:47:06 | 000,000,956 | ---- | M] () -- \Users\Tomáš\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_quota_error1.fen
[2014/01/06 11:47:06 | 000,001,080 | ---- | M] () -- \Users\Tomáš\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_quota_error2.fen
[2014/01/06 11:47:06 | 000,001,139 | ---- | M] () -- \Users\Tomáš\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_quota_error_estimate.fen
[2014/01/06 11:47:06 | 000,002,181 | ---- | M] () -- \Users\Tomáš\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_welcome.fen
[2014/07/24 14:53:16 | 000,072,638 | ---- | M] () -- \Users\Tomáš\AppData\Local\Skype\Apps\login\images\loader.gif
[2014/07/24 14:53:16 | 000,003,032 | ---- | M] () -- \Users\Tomáš\AppData\Local\Skype\Apps\login\images\loader.png
[2014/07/24 14:53:16 | 000,006,012 | ---- | M] () -- \Users\Tomáš\AppData\Local\Skype\Apps\login\images\normal\loader_15fps.gif
[2014/07/24 14:53:16 | 000,021,956 | ---- | M] () -- \Users\Tomáš\AppData\Local\Skype\Apps\login\images\normal\loader_30fps.gif
[2014/07/24 14:53:16 | 000,009,772 | ---- | M] () -- \Users\Tomáš\AppData\Local\Skype\Apps\login\images\retina\loader@2x.png
[2014/06/15 16:57:22 | 000,008,192 | ---- | M] () -- \Users\Tomáš\AppData\Local\Temp\_MEI25722\_win32sysloader.pyd
[2014/06/14 20:36:26 | 000,008,192 | ---- | M] () -- \Users\Tomáš\AppData\Local\Temp\_MEI30322\_win32sysloader.pyd
[2014/10/24 13:45:12 | 000,008,192 | ---- | M] () -- \Users\Tomáš\AppData\Local\Temp\_MEI36482\_win32sysloader.pyd
[2014/06/15 16:47:48 | 000,008,192 | ---- | M] () -- \Users\Tomáš\AppData\Local\Temp\_MEI39642\_win32sysloader.pyd
[2014/02/25 20:05:33 | 000,071,894 | R--- | M] () -- \Users\Tomáš\AppData\Roaming\Microsoft\Installer\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}\GPUploader.exe
[2013/10/25 07:45:19 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2013/08/22 06:17:27 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 06:17:25 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 06:17:24 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-2-0.dll
[2013/08/22 06:17:20 | 000,002,560 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-private-l1-1-0.dll
[2013/08/22 06:17:34 | 000,002,560 | -H-- | M] () -- \Windows\System32\api-ms-win-core-stringloader-l1-1-0.dll
[2013/08/22 06:17:33 | 000,002,560 | -H-- | M] () -- \Windows\System32\api-ms-win-core-stringloader-l1-1-1.dll
[2013/08/22 05:55:19 | 000,036,352 | ---- | M] () -- \Windows\System32\dmloader.dll
[2013/03/15 07:17:34 | 000,012,532 | ---- | M] () -- \Windows\System32\Adobe\Shockwave 12\shockwave_Projector_Loader.dcr
[2013/08/22 15:25:39 | 000,003,584 | ---- | M] () -- \Windows\System32\downlevel\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 15:25:39 | 000,003,072 | ---- | M] () -- \Windows\System32\downlevel\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 15:25:38 | 000,002,560 | ---- | M] () -- \Windows\System32\downlevel\api-ms-win-core-stringloader-l1-1-1.dll
[2013/08/22 06:17:27 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 06:17:25 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 06:17:24 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-2-0.dll
[2013/08/22 06:17:20 | 000,002,560 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-private-l1-1-0.dll
[2013/08/22 06:17:34 | 000,002,560 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-stringloader-l1-1-0.dll
[2013/08/22 06:17:33 | 000,002,560 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-stringloader-l1-1-1.dll
[2013/08/22 05:55:19 | 000,036,352 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2013/03/15 07:17:34 | 000,012,532 | ---- | M] () -- \Windows\SysWOW64\Adobe\Shockwave 12\shockwave_Projector_Loader.dcr
[2013/08/22 15:25:39 | 000,003,584 | ---- | M] () -- \Windows\SysWOW64\downlevel\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 15:25:39 | 000,003,072 | ---- | M] () -- \Windows\SysWOW64\downlevel\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 15:25:38 | 000,002,560 | ---- | M] () -- \Windows\SysWOW64\downlevel\api-ms-win-core-stringloader-l1-1-1.dll
[2014/04/11 20:17:55 | 000,592,677 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.3.9600.16384_none_210fb36c397c4e2b\hvloader.efi
[2014/04/11 20:17:44 | 000,536,051 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.3.9600.16384_none_210fb36c397c4e2b\hvloader.exe
[2014/04/11 09:37:06 | 000,598,463 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.3.9600.17031_none_2142a5b03956989d\hvloader.efi
[2014/04/11 09:37:04 | 000,542,292 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.3.9600.17031_none_2142a5b03956989d\hvloader.exe
[2014/04/11 20:19:35 | 000,598,454 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.3.9600.17039_none_214aa800394f6355\hvloader.efi
[2014/04/11 20:19:09 | 000,542,288 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.3.9600.17039_none_214aa800394f6355\hvloader.exe
[2013/08/22 13:21:30 | 000,046,592 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.3.9600.16384_none_36b27bfc6399d5ce\dmloader.dll
[2013/08/22 15:25:37 | 000,003,584 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_b8233abb5511544f\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 15:25:37 | 000,003,072 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_b8233abb5511544f\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 15:25:36 | 000,002,560 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_b8233abb5511544f\api-ms-win-core-stringloader-l1-1-1.dll
[2013/08/22 13:45:31 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 13:45:33 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 13:45:35 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-libraryloader-l1-2-0.dll
[2013/08/22 13:45:30 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-libraryloader-private-l1-1-0.dll
[2013/08/22 13:45:40 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-stringloader-l1-1-0.dll
[2013/08/22 13:45:44 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-stringloader-l1-1-1.dll
[2014/04/09 07:35:19 | 000,000,465 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.17031_cs-cz_2433c0f8d0dacafb.manifest
[2014/04/11 10:41:44 | 000,009,588 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.17031_cs-cz_2433c0f8d0dacafb_winload.efi.mui_35ee487d
[2014/04/11 10:41:44 | 000,009,604 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.17031_cs-cz_2433c0f8d0dacafb_winload.exe.mui_3bc5b827
[2014/04/11 10:41:45 | 000,007,885 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.17031_cs-cz_2433c0f8d0dacafb_winresume.efi.mui_f412814e
[2014/04/11 10:41:45 | 000,007,900 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.17031_cs-cz_2433c0f8d0dacafb_winresume.exe.mui_ff8b5358
[2014/09/14 20:08:13 | 000,000,547 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.17238_none_4c1f12534071dcdd.manifest
[2014/10/18 07:25:32 | 000,724,249 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.17238_none_4c1f12534071dcdd_winload.efi_75834aa0
[2014/10/18 07:25:34 | 000,660,625 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.17238_none_4c1f12534071dcdd_winload.exe_75835076
[2014/10/18 07:25:35 | 000,646,411 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.17238_none_4c1f12534071dcdd_winresume.efi_85cd069f
[2014/10/18 07:25:37 | 000,587,303 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.17238_none_4c1f12534071dcdd_winresume.exe_85cd1215
[2013/08/22 17:34:52 | 000,000,596 | ---- | M] () -- \Windows\WinSxS\FileMaps\programdata_microsoft_network_downloader_7fafaef6d33e4371.cdf-ms
[2013/09/30 05:55:13 | 000,000,463 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.16384_cs-cz_2400ceb4d1008089.manifest
[2014/04/09 07:25:30 | 000,000,465 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.17031_cs-cz_2433c0f8d0dacafb.manifest
[2013/08/22 17:22:38 | 000,000,542 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.16384_none_4be51a3d409de6bc.manifest
[2013/09/30 06:06:06 | 000,000,545 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.16411_none_4c2dcab94067d447.manifest
[2013/09/30 06:08:19 | 000,000,546 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.16415_none_4c31cbe1406439a3.manifest
[2013/12/15 07:06:04 | 000,000,545 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.16452_none_4c038b5340875d62.manifest
[2014/04/09 07:25:32 | 000,000,545 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.17031_none_4c180c814078312e.manifest
[2014/09/14 19:28:39 | 000,000,547 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.17238_none_4c1f12534071dcdd.manifest
[2013/08/22 05:55:19 | 000,036,352 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.3.9600.16384_none_da93e078ab3c6498\dmloader.dll
[2013/08/22 15:25:39 | 000,003,584 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_5c049f379cb3e319\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 15:25:39 | 000,003,072 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_5c049f379cb3e319\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 15:25:38 | 000,002,560 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_5c049f379cb3e319\api-ms-win-core-stringloader-l1-1-1.dll
[2013/08/22 06:17:27 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 06:17:25 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 06:17:24 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-libraryloader-l1-2-0.dll
[2013/08/22 06:17:20 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-libraryloader-private-l1-1-0.dll
[2013/08/22 06:17:34 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-stringloader-l1-1-0.dll
[2013/08/22 06:17:33 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-stringloader-l1-1-1.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 220 bytes -> C:\Users\Tomáš\SkyDrive:ms-properties
@Alternate Data Stream - 12 bytes -> C:\Windows:{4B9A1497-0817-47C4-9612-D6A1C53ACF57}

< End of report >

#5 Příspěvek od **vyosek** » 25 říj 2014 07:29

Jen se zeptam pouzivate legalni operacni system, nejvyssi licence Ultimate zrovna neni bezna domaci verze

Tomas69 · #6 Příspěvek od **Tomas69** » 25 říj 2014 07:41

Ano mám zakoupen Windows 8 Pro nevim kde je Ultimate verze ??
PS: jo v PC je disk s WIN 7 to asi bude ono nejsou od instalovaný nevěděl jsem jak na to a WIN 8 instaloval na čistý disk

ted jsem si jeste vzpomel ja to resil zrovna tady : http://forum.viry.cz/viewtopic.php?f=4&t=126540

#7 Příspěvek od **vyosek** » 26 říj 2014 17:46

Spustte znovu OTL

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

:otl
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-3209533875-1285282057-897017112-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3209533875-1285282057-897017112-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
[2014/10/24 19:44:11 | 000,000,000 | ---D | M] ("Xmarks") -- C:\Users\Tomáš\AppData\Roaming\mozilla\Firefox\Profiles\ch8uh8as.default\extensions\foxmarks@kei.com
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O33 - MountPoints2\{710d02c0-59fa-11e3-beec-001e8c5eeede}\Shell - "" = AutoRun
[2014/10/24 19:44:20 | 000,112,640 | ---- | C] (forum.viry.cz) -- C:\Users\Tomáš\Desktop\FRSTLauncher.exe
[2014/10/24 19:42:38 | 000,112,640 | ---- | C] (forum.viry.cz) -- C:\Users\Tomáš\Desktop\Nepotvrzeno 994661.crdownload
[2014/10/24 19:41:45 | 000,112,640 | ---- | C] (forum.viry.cz) -- C:\Users\Tomáš\Desktop\Nepotvrzeno 656612.crdownload
[2014/10/24 19:41:16 | 002,112,000 | ---- | C] (Farbar) -- C:\Users\Tomáš\Desktop\FRST64 (1).exe
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[2 C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[1 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\System32\catroot\*.tmp files -> C:\WINDOWS\System32\catroot\*.tmp -> ]
[4 C:\WINDOWS\System32\Macromed\Flash\*.tmp files -> C:\WINDOWS\System32\Macromed\Flash\*.tmp -> ]
[4 C:\WINDOWS\SysWOW64\Macromed\Flash\*.tmp files -> C:\WINDOWS\SysWOW64\Macromed\Flash\*.tmp -> ]
[2014/02/21 18:25:51 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\IObit
[2014/02/21 18:26:31 | 000,588,608 | ---- | M] () -- C:\Users\Tomáš\AppData\Roaming\IObit\IObit Uninstaller\Install_PintoStartMenutemp.exe
[2014/02/21 18:26:31 | 000,629,568 | ---- | M] () -- C:\Users\Tomáš\AppData\Roaming\IObit\IObit Uninstaller\UninstallDisplaytemp.exe
[2014/01/21 12:06:26 | 002,129,728 | ---- | M] (IObit) -- C:\Users\Tomáš\AppData\Roaming\IObit\IObit Uninstaller\UninstallPromotetemp.exe
[2014/04/07 09:04:31 | 000,053,248 | R--- | M] (Acresso Software Inc.) -- C:\Users\Tomáš\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
[2014/03/09 08:28:23 | 000,045,126 | R--- | M] () -- C:\Users\Tomáš\AppData\Roaming\Microsoft\Installer\{45642795-567E-4B46-85E7-5CDBC8B2F697}\_614939BFE59502FEB6CE41.exe
[2014/03/09 08:28:23 | 000,045,126 | R--- | M] () -- C:\Users\Tomáš\AppData\Roaming\Microsoft\Installer\{45642795-567E-4B46-85E7-5CDBC8B2F697}\_64130CAC1AF988588B774B.exe
[2014/03/09 08:28:23 | 000,045,126 | R--- | M] () -- C:\Users\Tomáš\AppData\Roaming\Microsoft\Installer\{45642795-567E-4B46-85E7-5CDBC8B2F697}\_853F67D554F05449430E7E.exe
[2014/02/25 20:05:33 | 000,071,894 | R--- | M] () -- C:\Users\Tomáš\AppData\Roaming\Microsoft\Installer\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}\GPUploader.exe
[2013/07/24 21:09:58 | 000,053,248 | R--- | M] (Flexera Software, Inc.) -- C:\Users\Tomáš\AppData\Roaming\Microsoft\Installer\{F5D84887-8A6F-4993-8560-B3AA44CB620D}\ARPPRODUCTICON.exe
[2014/08/15 09:34:25 | 000,034,360 | ---- | M] () -- C:\Users\Tomáš\AppData\Roaming\QuickScan\chromeqs.exe
[2014/10/24 19:49:00 | 000,000,914 | ---- | M] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[2014/10/24 13:44:20 | 000,000,976 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2014/10/24 20:38:11 | 000,000,980 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

:reg
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Seznam Postak"=-
"Zoner Photo Studio Service 16"=-
"Zoner Photo Studio Autoupdate"=-
"Skype"=-

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
[EMPTYJAVA]

Nasledne kliknete na Opravit
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Tomas69 · #8 Příspěvek od **Tomas69** » 26 říj 2014 18:59

All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_USERS\S-1-5-21-3209533875-1285282057-897017112-1001\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-3209533875-1285282057-897017112-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
C:\Users\Tomáš\AppData\Roaming\mozilla\Firefox\Profiles\ch8uh8as.default\extensions\foxmarks@kei.com\modules folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\mozilla\Firefox\Profiles\ch8uh8as.default\extensions\foxmarks@kei.com\META-INF folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\mozilla\Firefox\Profiles\ch8uh8as.default\extensions\foxmarks@kei.com\defaults\preferences folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\mozilla\Firefox\Profiles\ch8uh8as.default\extensions\foxmarks@kei.com\defaults folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\mozilla\Firefox\Profiles\ch8uh8as.default\extensions\foxmarks@kei.com\components folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\mozilla\Firefox\Profiles\ch8uh8as.default\extensions\foxmarks@kei.com\chrome\skin\modern\images folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\mozilla\Firefox\Profiles\ch8uh8as.default\extensions\foxmarks@kei.com\chrome\skin\modern folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\mozilla\Firefox\Profiles\ch8uh8as.default\extensions\foxmarks@kei.com\chrome\skin folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\mozilla\Firefox\Profiles\ch8uh8as.default\extensions\foxmarks@kei.com\chrome\locale\zh-TW folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\mozilla\Firefox\Profiles\ch8uh8as.default\extensions\foxmarks@kei.com\chrome\locale\zh-CN folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\mozilla\Firefox\Profiles\ch8uh8as.default\extensions\foxmarks@kei.com\chrome\locale\vi folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\mozilla\Firefox\Profiles\ch8uh8as.default\extensions\foxmarks@kei.com\chrome\locale\uk-UA folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\mozilla\Firefox\Profiles\ch8uh8as.default\extensions\foxmarks@kei.com\chrome\locale\tr-TR folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\mozilla\Firefox\Profiles\ch8uh8as.default\extensions\foxmarks@kei.com\chrome\locale\sv-SE folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\mozilla\Firefox\Profiles\ch8uh8as.default\extensions\foxmarks@kei.com\chrome\locale\sk-SK folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\mozilla\Firefox\Profiles\ch8uh8as.default\extensions\foxmarks@kei.com\chrome\locale\ru-RU folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\mozilla\Firefox\Profiles\ch8uh8as.default\extensions\foxmarks@kei.com\chrome\locale\ro folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\mozilla\Firefox\Profiles\ch8uh8as.default\extensions\foxmarks@kei.com\chrome\locale\pt-PT folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\mozilla\Firefox\Profiles\ch8uh8as.default\extensions\foxmarks@kei.com\chrome\locale\pt-BR folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\mozilla\Firefox\Profiles\ch8uh8as.default\extensions\foxmarks@kei.com\chrome\locale\pl-PL folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\mozilla\Firefox\Profiles\ch8uh8as.default\extensions\foxmarks@kei.com\chrome\locale\nn-NO folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\mozilla\Firefox\Profiles\ch8uh8as.default\extensions\foxmarks@kei.com\chrome\locale\nl folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\mozilla\Firefox\Profiles\ch8uh8as.default\extensions\foxmarks@kei.com\chrome\locale\ko-KR folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\mozilla\Firefox\Profiles\ch8uh8as.default\extensions\foxmarks@kei.com\chrome\locale\ja-JP folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\mozilla\Firefox\Profiles\ch8uh8as.default\extensions\foxmarks@kei.com\chrome\locale\it-IT folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\mozilla\Firefox\Profiles\ch8uh8as.default\extensions\foxmarks@kei.com\chrome\locale\hu-HU folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\mozilla\Firefox\Profiles\ch8uh8as.default\extensions\foxmarks@kei.com\chrome\locale\fy-NL folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\mozilla\Firefox\Profiles\ch8uh8as.default\extensions\foxmarks@kei.com\chrome\locale\fr folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\mozilla\Firefox\Profiles\ch8uh8as.default\extensions\foxmarks@kei.com\chrome\locale\fi-FI folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\mozilla\Firefox\Profiles\ch8uh8as.default\extensions\foxmarks@kei.com\chrome\locale\eu-ES folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\mozilla\Firefox\Profiles\ch8uh8as.default\extensions\foxmarks@kei.com\chrome\locale\et-EE folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\mozilla\Firefox\Profiles\ch8uh8as.default\extensions\foxmarks@kei.com\chrome\locale\es-ES folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\mozilla\Firefox\Profiles\ch8uh8as.default\extensions\foxmarks@kei.com\chrome\locale\en-US folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\mozilla\Firefox\Profiles\ch8uh8as.default\extensions\foxmarks@kei.com\chrome\locale\el-GR folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\mozilla\Firefox\Profiles\ch8uh8as.default\extensions\foxmarks@kei.com\chrome\locale\de folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\mozilla\Firefox\Profiles\ch8uh8as.default\extensions\foxmarks@kei.com\chrome\locale\da-DK folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\mozilla\Firefox\Profiles\ch8uh8as.default\extensions\foxmarks@kei.com\chrome\locale\cs-CZ folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\mozilla\Firefox\Profiles\ch8uh8as.default\extensions\foxmarks@kei.com\chrome\locale\bn-IN folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\mozilla\Firefox\Profiles\ch8uh8as.default\extensions\foxmarks@kei.com\chrome\locale\bg-BG folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\mozilla\Firefox\Profiles\ch8uh8as.default\extensions\foxmarks@kei.com\chrome\locale\ar folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\mozilla\Firefox\Profiles\ch8uh8as.default\extensions\foxmarks@kei.com\chrome\locale folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\mozilla\Firefox\Profiles\ch8uh8as.default\extensions\foxmarks@kei.com\chrome\content\shared folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\mozilla\Firefox\Profiles\ch8uh8as.default\extensions\foxmarks@kei.com\chrome\content folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\mozilla\Firefox\Profiles\ch8uh8as.default\extensions\foxmarks@kei.com\chrome folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\mozilla\Firefox\Profiles\ch8uh8as.default\extensions\foxmarks@kei.com folder moved successfully.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Add to Google Photos Screensa&ver\ deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\grooveLocalGWS\ deleted successfully.
File Protocol\Handler\grooveLocalGWS - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
File Protocol\Handler\ms-help - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
File Protocol\Handler\skype4com - No CLSID value found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{710d02c0-59fa-11e3-beec-001e8c5eeede}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{710d02c0-59fa-11e3-beec-001e8c5eeede}\ not found.
C:\Users\Tomáš\Desktop\FRSTLauncher.exe moved successfully.
File C:\Users\Tomáš\Desktop\Nepotvrzeno 994661.crdownload not found.
File C:\Users\Tomáš\Desktop\Nepotvrzeno 656612.crdownload not found.
C:\Users\Tomáš\Desktop\FRST64 (1).exe moved successfully.
C:\WINDOWS\msdownld.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3557.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPBB6F.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAPA0DF.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE0BA.tmp folder deleted successfully.
C:\WINDOWS\Installer\MSIA881.tmp deleted successfully.
C:\WINDOWS\System32\catroot\TMPA475.tmp deleted successfully.
File delete failed. C:\WINDOWS\System32\Macromed\Flash\FLA3D30.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\System32\Macromed\Flash\FLA66F8.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\System32\Macromed\Flash\FLADAAB.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\System32\Macromed\Flash\FLAF7BE.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\SysWOW64\Macromed\Flash\FLA3D30.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\SysWOW64\Macromed\Flash\FLA66F8.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\SysWOW64\Macromed\Flash\FLADAAB.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\SysWOW64\Macromed\Flash\FLAF7BE.tmp scheduled to be deleted on reboot.
C:\Users\Tomáš\AppData\Roaming\IObit\Smart Defrag 3 folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\IObit\IObit Uninstaller\Log folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\IObit\IObit Uninstaller\B77A0CC7-7129-4313-86FE-B10B53285749 folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\IObit\IObit Uninstaller folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\IObit\Driver Booster\Logs folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\IObit\Driver Booster\License folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\IObit\Driver Booster folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\IObit\Advanced SystemCare V7\Startup Manager folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\IObit\Advanced SystemCare V7\SmartRAM folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\IObit\Advanced SystemCare V7\Registrycleaner\backup\Registry folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\IObit\Advanced SystemCare V7\Registrycleaner\backup folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\IObit\Advanced SystemCare V7\Registrycleaner folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\IObit\Advanced SystemCare V7\ProgramDeactivator folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\IObit\Advanced SystemCare V7\Log folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\IObit\Advanced SystemCare V7\Internet Booster folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\IObit\Advanced SystemCare V7\Homepage Protection folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\IObit\Advanced SystemCare V7\EmptyFolder folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\IObit\Advanced SystemCare V7\DiskCleaner folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\IObit\Advanced SystemCare V7\DiskCheck folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\IObit\Advanced SystemCare V7\Boottime folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\IObit\Advanced SystemCare V7\Backup folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\IObit\Advanced SystemCare V7 folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\IObit folder moved successfully.
File C:\Users\Tomáš\AppData\Roaming\IObit\IObit Uninstaller\Install_PintoStartMenutemp.exe not found.
File C:\Users\Tomáš\AppData\Roaming\IObit\IObit Uninstaller\UninstallDisplaytemp.exe not found.
File C:\Users\Tomáš\AppData\Roaming\IObit\IObit Uninstaller\UninstallPromotetemp.exe not found.
C:\Users\Tomáš\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe moved successfully.
C:\Users\Tomáš\AppData\Roaming\Microsoft\Installer\{45642795-567E-4B46-85E7-5CDBC8B2F697}\_614939BFE59502FEB6CE41.exe moved successfully.
C:\Users\Tomáš\AppData\Roaming\Microsoft\Installer\{45642795-567E-4B46-85E7-5CDBC8B2F697}\_64130CAC1AF988588B774B.exe moved successfully.
C:\Users\Tomáš\AppData\Roaming\Microsoft\Installer\{45642795-567E-4B46-85E7-5CDBC8B2F697}\_853F67D554F05449430E7E.exe moved successfully.
C:\Users\Tomáš\AppData\Roaming\Microsoft\Installer\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}\GPUploader.exe moved successfully.
C:\Users\Tomáš\AppData\Roaming\Microsoft\Installer\{F5D84887-8A6F-4993-8560-B3AA44CB620D}\ARPPRODUCTICON.exe moved successfully.
C:\Users\Tomáš\AppData\Roaming\QuickScan\chromeqs.exe moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Seznam Postak deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Zoner Photo Studio Service 16 deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Zoner Photo Studio Autoupdate deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Skype deleted successfully.
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default.migrated

User: Public

User: Tomáš
->Temp folder emptied: 178065891 bytes
->Temporary Internet Files folder emptied: 32703126 bytes
->FireFox cache emptied: 80253598 bytes
->Google Chrome cache emptied: 412318888 bytes
->Flash cache emptied: 1794 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 1793296 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 23018031 bytes
RecycleBin emptied: 18744699805 bytes

Total Files Cleaned = 18 571,00 mb

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Default.migrated

User: Public

User: Tomáš
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Default.migrated

User: Public

User: Tomáš

Total Java Files Cleaned = 0,00 mb

OTL by OldTimer - Version 3.2.69.0 log created on 10262014_184623

Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\System32\Macromed\Flash\FLA3D30.tmp scheduled to be moved on reboot.
File move failed. C:\WINDOWS\System32\Macromed\Flash\FLA66F8.tmp scheduled to be moved on reboot.
File move failed. C:\WINDOWS\System32\Macromed\Flash\FLADAAB.tmp scheduled to be moved on reboot.
File move failed. C:\WINDOWS\System32\Macromed\Flash\FLAF7BE.tmp scheduled to be moved on reboot.
File move failed. C:\WINDOWS\SysWOW64\Macromed\Flash\FLA3D30.tmp scheduled to be moved on reboot.
File move failed. C:\WINDOWS\SysWOW64\Macromed\Flash\FLA66F8.tmp scheduled to be moved on reboot.
File move failed. C:\WINDOWS\SysWOW64\Macromed\Flash\FLADAAB.tmp scheduled to be moved on reboot.
File move failed. C:\WINDOWS\SysWOW64\Macromed\Flash\FLAF7BE.tmp scheduled to be moved on reboot.
File\Folder C:\Users\Tomáš\AppData\Local\Microsoft\Windows\INetCache\Content.Word\~WRS{17C4D209-16C2-4066-BB3F-0EFB137773D3}.tmp not found!
File\Folder C:\Users\Tomáš\AppData\Local\Microsoft\Windows\INetCache\Content.Word\~WRS{39E46E91-ABD6-421E-BF48-D2DEC3EFBAB5}.tmp not found!
File\Folder C:\Users\Tomáš\AppData\Local\Microsoft\Windows\INetCache\Content.Word\~WRS{B523C215-18BD-4BBD-8720-CE02362A124E}.tmp not found!
File\Folder C:\Users\Tomáš\AppData\Local\Microsoft\Windows\INetCache\Content.Word\~WRS{DC3EBE32-BFBC-46CF-9458-5E92AD861C78}.tmp not found!
C:\Users\Tomáš\AppData\Local\Microsoft\Windows\INetCache\counters.dat moved successfully.
File move failed. C:\WINDOWS\SysNative\SET11A1.tmp scheduled to be moved on reboot.
File move failed. C:\WINDOWS\temp\vmware-SYSTEM\vmauthd.log scheduled to be moved on reboot.
C:\WINDOWS\temp\vmware-SYSTEM\vmware-usbarb-1640.log moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

#9 Příspěvek od **vyosek** » 26 říj 2014 19:10

Jak se chova PC?

Tomas69 · #10 Příspěvek od **Tomas69** » 26 říj 2014 19:33

Rozhoně je rychlejší načítání třeba fotek - videa je o 80% lepší, mám dotaz bylo tam něco nebo jen moc spuštěných programů jako Skype Pošťák od Seznamu a pod. ty tam nyní nemám.

#11 Příspěvek od **vyosek** » 26 říj 2014 22:05

Bylo tam hodne reklaminiho nezadouciho SW, chce to cist co se instaluje jako doprovod - vice zde http://www.viry.cz/pozor-na-to-co-vsech ... -pocitace/

DelFix https://toolslib.net/downloads/finish/2/

Stahnete a spustte
Ponechte zatrzitkou pouze u volby Remote disinfection tools
Kliknete na Run

Stahnete Ccleaner https://www.piriform.com/ccleaner/download/standard
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

Programy v PC mate, pouze se nespousti hned po startu = kdyz je potrebujete, zapnete

A pokud nejsou problemy ci dotazy, je to z me strany vse

Tomas69 · #12 Příspěvek od **Tomas69** » 27 říj 2014 21:00

Ok pročtu program nainstaluji a příště si dám pozor co za bordel se instaluje spolu s programy.

Moc děkuji za pomoc a vyřešení problému Tomáš

#13 Příspěvek od **vyosek** » 27 říj 2014 21:24

Nemate zac, rad jsem pomohl

Zase nekdy Obrázek

A na zaklade Pravidla o zamykani temat

VIRY.CZ

Prosím o kontrolu PC je pomalý

Prosím o kontrolu PC je pomalý

Re: Prosím o kontrolu PC je pomalý

Re: Prosím o kontrolu PC je pomalý

Re: Prosím o kontrolu PC je pomalý

Re: Prosím o kontrolu PC je pomalý

Re: Prosím o kontrolu PC je pomalý

Re: Prosím o kontrolu PC je pomalý

Re: Prosím o kontrolu PC je pomalý

Re: Prosím o kontrolu PC je pomalý

Re: Prosím o kontrolu PC je pomalý

Re: Prosím o kontrolu PC je pomalý

Re: Prosím o kontrolu PC je pomalý

Re: Prosím o kontrolu PC je pomalý