Prosím o kontrolu logu

Zpráva

#16 Příspěvek od **Márty84** » 19 led 2015 05:01

MBAM odinstalujte, ebo alespon vypnete jeho stity, pere se s Nodem a nedela to dobrotu.

Dejte novy log z RSIT

Red Fin · #17 Příspěvek od **Red Fin** » 19 led 2015 15:30

Logfile of random's system information tool 1.10 (written by random/random)
Run by Milan Obešlo at 2015-01-19 15:29:38
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 65 GB (31%) free of 211 GB
Total RAM: 3326 MB (27% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:29, on 2015-01-19
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16599)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files\WinFast\WFDTV\WFWIZ_vista.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Qliner Hotkeys\HotKeys.exe
C:\Program Files\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files\Real\realplayer\Update\realsched.exe
C:\Program Files\ZuneLauncher.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Users\Milan Obešlo\AppData\Roaming\uTorrent\uTorrent.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Users\Milan Obešlo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Milan Obešlo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Milan Obešlo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Milan Obešlo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Milan Obešlo\Desktop\RSIT.exe
C:\Program Files\trend micro\Milan Obešlo.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = socks=
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll (file missing)
O1 - Hosts: ::1 localhost
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [00Hotkeys] "C:\Program Files\Qliner Hotkeys\HotKeys.exe"
O4 - HKLM\..\Run: [MSConfig] "C:\Windows\System32\msconfig.exe" /auto
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero BackItUp 4\NBKeyScan.exe"
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\realplayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [Zune Launcher] "C:\Program Files\ZuneLauncher.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [WinFastDTV] C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [Family Tree Builder Update] C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe
O4 - HKLM\..\Run: [sfagent] C:\Program Files\Fighters\SPAMfighter\sfagent.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFTVFM\WFWIZ.exe
O4 - HKLM\..\RunOnce: [WinFast Schedule] C:\Program Files\WinFast\WFDTV\WFWIZ.exe
O4 - HKLM\..\RunOnce: [WinFast Schedule2] C:\Program Files (x86)\WinFast\WFDTV\WFWIZ.exe
O4 - HKLM\..\RunOnce: [WinFast Schedule3] C:\Program Files\WinFast\WFTVFM\WFWIZ.exe
O4 - HKLM\..\RunOnce: [WinFast Schedule4] C:\Program Files (x86)\WinFast\WFTVFM\WFWIZ.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKCU\..\Run: [Google Update] "C:\Users\Milan Obešlo\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Milan Obešlo\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-2124181350-2115944497-1007344975-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2124181350-2115944497-1007344975-1003\..\Run: [Google Update] "C:\Users\Milan Obešlo\AppData\Local\Google\Update\GoogleUpdate.exe" /c (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2124181350-2115944497-1007344975-1003\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe" (User 'UpdatusUser')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: HP Chytrý výběr - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) - http://liveupdate.msi.com.tw/autobios/L ... nstall.cab
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: GEST Service for program management. (GEST Service) - Unknown owner - C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Program Files\Nero\Nero BackItUp 4\IoctlSvc.exe
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SPAMfighter Update Service - Unknown owner - C:\Program Files\Fighters\SPAMfighter\sfus.exe (file missing)
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: Suite Service - Unknown owner - C:\Program Files\Fighters\FighterSuiteService.exe (file missing)
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 10418 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2124181350-2115944497-1007344975-1000Core.job - C:\Users\Milan Obešlo\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2124181350-2115944497-1007344975-1000UA.job - C:\Users\Milan Obešlo\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\User_Feed_Synchronization-{85376FE6-FC64-4267-9B06-0829C1319430}.job - C:\Windows\system32\msfeedssync.exe sync

=========Mozilla firefox=========

ProfilePath - C:\Users\Milan Obešlo\AppData\Roaming\Mozilla\Firefox\Profiles\p3yzb4q6.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz"
prefs.js - "extensions.enabledItems" - "{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6, {097d3191-e6fa-4728-9826-b533d755359d}:0.7.13, {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.2, {c50ca3c4-5656-43c2-a061-13e717f73fc8}:4.0.1, {3112ca9c-de6d-4884-a869-9855de68056c}:7.1.20110316W, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, smartbookmarksbar@remy.juteau:1.4.3, {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.1, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16"

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"smartwebprinting@hp.com"=C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2
"{34712C68-7391-4c47-94F3-8F88D49AD632}"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.257 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_257.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@cuminas.jp/DjVuPlugin]
"Description"=Document Express DjVu Plug-in
"Path"=C:\Program Files\Cuminas\Document Express DjVu Plug-in\npdjvu.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.55.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=16.0.0.282]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=c:\program files\real\realplayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprjplug;version=15.0.2.72]
"Description"=RealJukebox Netscape Plugin
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.0]
"Description"=RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.0]
"Description"=RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.0]
"Description"=RealNetworks(tm) RealDownloader Peppe rFlash Video Shim Plug-In
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.2.72]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.2.72]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=15.0.2.72]
"Description"=15.0.2.72
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpplugin;version=16.0.0.282]
"Description"=RealPlayer Download Plugin
"Path"=c:\program files\real\realplayer\Netscape6\nprpplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@realnetworks.com/npdlplugin;version=1]
"Description"=RealDownloader Plugin
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIBitCometAgent.xpt

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npBitCometAgent.dll
NPOFFICE.DLL
nppdf32.dll
nppl3260.dll
nppl3260.xpt
nprjplug.dll
nprpjplug.dll
nprpplugin.dll
nsjsrealplayerplugin.xpt

C:\Program Files\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
dunaj-sk.xml
eBay.xml
google.xml
slovnik-sk.xml
wikipedia-sk.xml
zoznam-sk.xml

C:\Users\Milan Obešlo\AppData\Roaming\Mozilla\Firefox\Profiles\p3yzb4q6.default\extensions\
ALone-live@ya(44).ru
ALone-live@ya(45).ru
ALone-live@ya(72).ru
{EF522540-89F5-46b9-B6FE-1829E2B572C6}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealNetworks Download and Record Plugin for Internet Explorer - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2012-11-29 539888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2014-03-29 194504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2008-10-15 505136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2014-03-29 194504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2005-08-11 81920]
"00Hotkeys"=C:\Program Files\Qliner Hotkeys\HotKeys.exe [2006-12-02 45056]
"MSConfig"=C:\Windows\System32\msconfig.exe [2008-01-19 227840]
"NBKeyScan"=C:\Program Files\Nero\Nero BackItUp 4\NBKeyScan.exe [2008-09-24 2254120]
"NUSB3MON"=C:\Program Files\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2009-10-21 106496]
"TkBellExe"=C:\Program Files\Real\realplayer\update\realsched.exe [2013-01-12 295072]
"Zune Launcher"=C:\Program Files\ZuneLauncher.exe [2011-08-05 159456]
"seznam-listicka-distribuce"=C:\Program Files\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2000-01-01 12013272]
"WinFastDTV"=C:\Program Files\WinFast\WFDTV\DTVSchdl.exe [2007-05-16 69632]
"IntelliPoint"=C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2010-07-06 1797008]
"Family Tree Builder Update"=C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe [2013-11-12 2532864]
"sfagent"=C:\Program Files\Fighters\SPAMfighter\sfagent.exe []
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2014-10-01 5088456]
"WinFast Schedule"=C:\Program Files\WinFast\WFTVFM\WFWIZ.exe []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"WinFast Schedule"=C:\Program Files\WinFast\WFDTV\WFWIZ.exe [2007-05-22 405504]
"WinFast Schedule2"=C:\Program Files (x86)\WinFast\WFDTV\WFWIZ.exe []
"WinFast Schedule3"=C:\Program Files\WinFast\WFTVFM\WFWIZ.exe []
"WinFast Schedule4"=C:\Program Files (x86)\WinFast\WFTVFM\WFWIZ.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]
"ISUSPM Startup"=C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [2005-08-11 249856]
"Google Update"=C:\Users\Milan Obešlo\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-23 107912]
"RocketDock"=C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]
"uTorrent"=C:\Users\Milan Obešlo\AppData\Roaming\uTorrent\uTorrent.exe [2014-11-26 1385808]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [2005-08-11 249856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2006-04-13 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
C:\Windows\system32\NvCpl.dll [2013-10-23 4318496]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
C:\Windows\system32\NvMcTray.dll [2013-10-23 209184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Orb]
C:\Program Files\Winamp Remote\bin\OrbTray.exe /background []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2005-12-07 30208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminator]
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2007-03-11 210520]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSEXESVC]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PSEXESVC]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoWinKeys"=1
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=i420vfw.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsvid.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-01-18 16:33:22 ----SHD---- C:\Config.Msi
2015-01-17 16:40:23 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2015-01-17 16:40:08 ----D---- C:\Program Files\Malwarebytes Anti-Malware
2015-01-17 16:40:08 ----A---- C:\Windows\system32\drivers\mwac.sys
2015-01-17 16:40:08 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2015-01-17 16:40:08 ----A---- C:\Windows\system32\drivers\mbam.sys
2015-01-17 13:13:24 ----D---- C:\AdwCleaner
2015-01-17 11:21:14 ----D---- C:\Program Files\trend micro
2015-01-15 15:09:34 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2015-01-15 14:59:49 ----A---- C:\Windows\system32\nlasvc.dll
2015-01-15 14:59:49 ----A---- C:\Windows\system32\nlaapi.dll
2015-01-15 14:59:49 ----A---- C:\Windows\system32\ncsi.dll
2015-01-15 14:59:22 ----A---- C:\Windows\system32\profsvc.dll
2015-01-04 10:38:20 ----A---- C:\Program Files\_ISREG32.DLL
2015-01-04 10:38:13 ----A---- C:\Program Files\Zipdll.dll
2015-01-04 10:38:13 ----A---- C:\Program Files\Unzdll.dll
2015-01-04 10:38:12 ----D---- C:\Program Files\ZALOHA
2015-01-04 10:38:12 ----D---- C:\Program Files\DATA
2015-01-04 10:38:12 ----A---- C:\Program Files\Saturnin.exe

======List of files/folders modified in the last 1 month======

2015-01-19 15:29:35 ----D---- C:\Windows\Temp
2015-01-19 15:29:22 ----D---- C:\Users\Milan Obešlo\AppData\Roaming\uTorrent
2015-01-19 15:27:03 ----D---- C:\Windows\Prefetch
2015-01-18 21:21:31 ----D---- C:\Windows\Microsoft.NET
2015-01-18 17:53:43 ----D---- C:\Windows\system32\drivers
2015-01-18 17:53:43 ----D---- C:\Windows\security
2015-01-18 16:47:14 ----SHD---- C:\System Volume Information
2015-01-18 16:39:58 ----SHD---- C:\Windows\Installer
2015-01-18 16:35:28 ----D---- C:\Windows\System32
2015-01-18 16:35:28 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-01-18 16:35:19 ----D---- C:\Windows\inf
2015-01-18 16:28:35 ----D---- C:\Downloads
2015-01-17 16:40:08 ----RD---- C:\Program Files
2015-01-17 13:15:33 ----D---- C:\ProgramData\Fighters
2015-01-17 13:15:23 ----HD---- C:\ProgramData
2015-01-17 09:35:40 ----D---- C:\Program Files\CCleaner
2015-01-17 09:33:56 ----D---- C:\Windows\system32\Tasks
2015-01-15 18:50:14 ----D---- C:\Users\Milan Obešlo\AppData\Roaming\vlc
2015-01-15 15:09:37 ----D---- C:\Windows\winsxs
2015-01-15 15:09:37 ----D---- C:\Windows\system32\catroot
2015-01-15 15:09:33 ----D---- C:\Windows\system32\MRT
2015-01-15 15:00:09 ----A---- C:\Windows\system32\mrt.exe
2015-01-15 14:59:53 ----D---- C:\Windows\system32\catroot2
2015-01-14 17:40:11 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2015-01-11 15:10:43 ----D---- C:\Users\Milan Obešlo\AppData\Roaming\dvdcss
2015-01-06 04:36:02 ----N---- C:\Windows\system32\MpSigStub.exe
2015-01-04 10:38:30 ----D---- C:\Windows

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2007-03-08 43528]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2008-12-23 717296]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2014-10-10 191928]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2014-10-10 135296]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2006-11-06 30988]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\Windows\system32\drivers\sp_rsdrv2.sys [2008-07-20 141312]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2014-10-10 123424]
R2 eusk2par;EUTRON SmartKey Parallel Driver; \??\C:\Windows\system32\Drivers\eusk2par.sys [2003-06-06 16695]
R2 SBKUPNT;SBKUPNT; \??\C:\Windows\system32\Drivers\SBKUPNT.SYS [2001-07-13 14976]
R3 dc3d;MS Hardware Device Detection Driver (USB); C:\Windows\system32\DRIVERS\dc3d.sys [2010-07-01 44432]
R3 Dot4;Ovladač MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-19 131584]
R3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-19 16384]
R3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-19 36864]
R3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2015-01-19 17488]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2000-01-01 2876760]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2015-01-19 114904]
R3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2009-10-26 58240]
R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2009-10-26 136704]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2000-01-01 161056]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2000-01-01 10410272]
R3 Point32;Microsoft IntelliPoint Filter Driver; C:\Windows\system32\DRIVERS\point32.sys [2010-06-30 40848]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2009-09-02 176128]
R3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 35328]
R3 WFIOCTL;WFIOCTL; \??\C:\Program Files\WinFast\WFDTV\WFIOCTL.SYS [2005-01-06 9446]
R3 WFLR6654;WinFast DTV1800 H (XC3028); C:\Windows\system32\drivers\wfeaglxt.sys [2009-10-21 433920]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\WmBEnum.sys [2007-09-13 19352]
R3 WmXlCore;Logitech Translation Layer Driver; C:\Windows\system32\drivers\WmXlCore.sys [2007-09-13 51608]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
S3 busbcrw;USB Card Reader Writer driver; C:\Windows\System32\Drivers\busbcrw.sys [2006-10-27 18944]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-12-05 1476608]
S3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2014-11-21 23256]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2014-11-21 51928]
S3 MSI_DVD_010507;MSI_DVD_010507; \??\C:\Program Files\MSI\Live Update 5\DVDSYS32_100507.sys []
S3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507; \??\C:\Program Files\MSI\Live Update 5\msibios32_100507.sys []
S3 MSI_VGASYS_010507;MSI_VGASYS_010507; \??\C:\Program Files\MSI\Live Update 5\VGASYS32_100507.sys []
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2012-06-11 18560]
S3 NTIOLib_1_0_4;NTIOLib_1_0_4; \??\C:\Program Files\MSI\Live Update 5\NTIOLib.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2012-06-27 19072]
S3 SWDUMon;SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [2013-11-21 13464]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-04-11 27648]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam.sys [2011-02-16 11520]
S3 WinUSB;Ovladač WinUsb; C:\Windows\system32\DRIVERS\WinUSB.sys [2009-07-14 34944]
S3 WmFilter;Logitech Gaming HID Filter Driver; C:\Windows\system32\drivers\WmFilter.sys [2007-09-13 29976]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\Windows\system32\drivers\WmVirHid.sys [2007-09-13 14744]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2014-10-01 1349576]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 GEST Service;GEST Service for program management.; C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe [2009-07-30 68136]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-09-24 935208]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-10-23 664352]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2000-01-01 1914656]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Program Files\Nero\Nero BackItUp 4\IoctlSvc.exe [2008-09-24 81920]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [2012-11-29 38608]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe [2005-08-08 167936]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2008-07-20 606720]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2004-12-13 49152]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-24 107912]
S2 MBAMService;MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [2014-11-21 969016]
S2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-11-21 1871160]
S2 SPAMfighter Update Service;SPAMfighter Update Service; C:\Program Files\Fighters\SPAMfighter\sfus.exe []
S2 Suite Service;Suite Service; C:\Program Files\Fighters\FighterSuiteService.exe []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-14 267440]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2014-04-11 45744]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-24 107912]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-20 194032]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2012-10-03 725400]
S3 WMZuneComm;Zune Windows Mobile Connectivity Service; C:\Program Files\WMZuneComm.exe [2011-08-05 268512]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2014-04-11 772296]
S3 ZuneNetworkSvc;Zune Network Sharing Service; C:\Program Files\ZuneNss.exe [2011-08-05 6363872]
S3 ZuneWlanCfgSvc;Zune Wireless Configuration Service; C:\Program Files\ZuneWlanCfgSvc.exe [2011-08-05 444640]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]

-----------------EOF-----------------

#18 Příspěvek od **Márty84** » 19 led 2015 16:23

Pokud nepouzivate, odinstalujte Seznam Software.

Vypnete trvale Windows Defender.

Dame si jeste jeden sken a budeme mazat.

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

Red Fin · #19 Příspěvek od **Red Fin** » 19 led 2015 18:17

OTL logfile created on: 2015-01-19 17:27:18 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Milan Obešlo\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: yyyy-MM-dd

3.25 Gb Total Physical Memory | 1.38 Gb Available Physical Memory | 42.49% Memory free
6.72 Gb Paging File | 4.80 Gb Available in Paging File | 71.49% Paging File free
Paging file location(s): ?:\pagefile.sys

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 205.68 Gb Total Space | 65.30 Gb Free Space | 31.75% Space Free | Partition Type: NTFS
Drive E: | 725.83 Gb Total Space | 549.69 Gb Free Space | 75.73% Space Free | Partition Type: NTFS
Drive F: | 149.05 Gb Total Space | 29.32 Gb Free Space | 19.67% Space Free | Partition Type: NTFS
Drive N: | 465.76 Gb Total Space | 86.75 Gb Free Space | 18.63% Space Free | Partition Type: NTFS

Computer Name: PCQUAD | User Name: Milan Obešlo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2015-01-19 17:24:12 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Milan Obešlo\Desktop\OTL.exe
PRC - [2014-12-19 08:48:18 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2014-11-26 16:48:19 | 001,385,808 | ---- | M] (BitTorrent Inc.) -- C:\Users\Milan Obešlo\AppData\Roaming\uTorrent\uTorrent.exe
PRC - [2014-11-21 06:12:46 | 007,229,752 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
PRC - [2014-10-01 14:40:28 | 001,349,576 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2014-10-01 14:40:14 | 005,088,456 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2014-04-23 07:51:00 | 004,065,648 | ---- | M] (Ghisler Software GmbH) -- C:\Program Files\totalcmd\TOTALCMD.EXE
PRC - [2013-11-12 15:11:50 | 002,532,864 | ---- | M] (MyHeritage) -- C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe
PRC - [2013-10-23 08:19:06 | 000,932,640 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2013-10-23 08:19:05 | 001,821,984 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2013-01-12 10:51:12 | 000,295,072 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\realplayer\Update\realsched.exe
PRC - [2012-11-29 20:31:04 | 000,038,608 | ---- | M] () -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2011-08-05 12:29:56 | 000,159,456 | ---- | M] (Microsoft Corporation) -- C:\Program Files\ZuneLauncher.exe
PRC - [2009-10-21 05:12:50 | 000,106,496 | ---- | M] (NEC Electronics Corporation) -- C:\Program Files\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2009-07-30 17:51:02 | 000,068,136 | ---- | M] () -- C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe
PRC - [2009-04-11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009-04-11 07:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2008-09-24 13:57:34 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2008-09-24 13:57:14 | 000,081,920 | ---- | M] (Prolific Technology Inc.) -- C:\Program Files\Nero\Nero BackItUp 4\IoctlSvc.exe
PRC - [2008-07-20 17:37:36 | 000,606,720 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\sp_rsser.exe
PRC - [2008-01-19 08:33:37 | 000,397,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Mail\WinMail.exe
PRC - [2007-09-02 12:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.exe
PRC - [2007-05-22 10:14:54 | 000,405,504 | ---- | M] (Leadtek Research Inc.) -- C:\Program Files\WinFast\WFDTV\WFWIZ_vista.exe
PRC - [2007-05-16 14:43:36 | 000,069,632 | ---- | M] (Leadtek Research Inc.) -- C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
PRC - [2006-12-02 01:13:10 | 000,045,056 | ---- | M] (Qliner) -- C:\Program Files\Qliner Hotkeys\HotKeys.exe
PRC - [2004-12-13 04:34:32 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2000-01-01 01:00:00 | 001,914,656 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

========== Modules (No Company Name) ==========

MOD - [2015-01-09 01:35:54 | 009,009,480 | ---- | M] () -- C:\Users\Milan Obešlo\AppData\Local\Google\Chrome\Application\39.0.2171.99\pdf.dll
MOD - [2015-01-09 01:35:48 | 001,677,128 | ---- | M] () -- C:\Users\Milan Obešlo\AppData\Local\Google\Chrome\Application\39.0.2171.99\ffmpegsumo.dll
MOD - [2014-11-12 17:36:25 | 000,774,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\525d2a189e395c60a20cded4d2bfea76\System.Runtime.Remoting.ni.dll
MOD - [2014-10-15 17:06:20 | 000,978,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\a98a13deac020eca5e7dcb5ebb2b7414\System.Configuration.ni.dll
MOD - [2014-10-15 17:04:57 | 005,465,088 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\a224433c0fb9281862f36823e86822fc\System.Xml.ni.dll
MOD - [2014-10-15 17:04:43 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f32d5986039f142f6e4f412de7c8901c\System.Windows.Forms.ni.dll
MOD - [2014-10-15 17:04:35 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\65897bde93bce2462330f19ef677477d\System.Drawing.ni.dll
MOD - [2014-10-15 17:03:21 | 007,977,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\cf2c94955471d68d3708b1fbf613ae46\System.ni.dll
MOD - [2014-09-10 11:58:31 | 011,496,960 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\3444fbefcbd532181c499150ace644a4\mscorlib.ni.dll
MOD - [2010-02-10 17:10:12 | 000,141,824 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2009-03-31 19:04:50 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009-03-31 19:04:50 | 000,204,800 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_cs_b77a5c561934e089\System.resources.dll
MOD - [2008-02-10 14:21:04 | 001,077,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\HotKeysLib\1.0.0.0__71ab1dbd1d36106c\HotKeysLib.dll
MOD - [2008-02-10 14:21:04 | 000,143,360 | ---- | M] () -- C:\Windows\assembly\GAC\ICSharpCode.SharpZipLib\0.84.0.0__1b03e6acf1164f73\ICSharpCode.SharpZipLib.dll
MOD - [2008-02-10 14:21:04 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC\Kennedy.ManagedHooks\1.2.0.10__fddfe5478bd2f105\Kennedy.ManagedHooks.dll
MOD - [2007-09-02 12:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.exe
MOD - [2007-09-02 12:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.dll

========== Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Program Files\Fighters\FighterSuiteService.exe -- (Suite Service)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Fighters\SPAMfighter\sfus.exe -- (SPAMfighter Update Service)
SRV - [2015-01-14 17:40:12 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014-12-19 08:48:18 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014-11-21 06:12:56 | 000,969,016 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2014-11-21 06:12:54 | 001,871,160 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2014-10-01 14:40:28 | 001,349,576 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2012-11-29 20:31:04 | 000,038,608 | ---- | M] () [Auto | Running] -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2012-10-03 15:51:04 | 000,725,400 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011-08-05 12:30:02 | 000,444,640 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
SRV - [2011-08-05 12:30:02 | 000,268,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\WMZuneComm.exe -- (WMZuneComm)
SRV - [2011-08-05 12:29:56 | 006,363,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\ZuneNss.exe -- (ZuneNetworkSvc)
SRV - [2009-07-30 17:51:02 | 000,068,136 | ---- | M] () [Auto | Running] -- C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe -- (GEST Service)
SRV - [2008-09-24 13:57:34 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2008-09-24 13:57:14 | 000,081,920 | ---- | M] (Prolific Technology Inc.) [Auto | Running] -- C:\Program Files\Nero\Nero BackItUp 4\IoctlSvc.exe -- (PLFlash DeviceIoControl Service)
SRV - [2008-07-20 17:37:36 | 000,606,720 | ---- | M] (Crawler.com) [Auto | Running] -- C:\Program Files\Spyware Terminator\sp_rsser.exe -- (sp_rssrv)
SRV - [2008-01-19 08:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2004-12-13 04:34:32 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
SRV - [2000-01-01 01:00:00 | 001,914,656 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\MSI\Live Update 5\NTIOLib.sys -- (NTIOLib_1_0_4)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\MSI\Live Update 5\VGASYS32_100507.sys -- (MSI_VGASYS_010507)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\MSI\Live Update 5\msibios32_100507.sys -- (MSI_MSIBIOS_010507)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\MSI\Live Update 5\DVDSYS32_100507.sys -- (MSI_DVD_010507)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\INSTALL\GMSIPCI.SYS -- (GMSIPCI)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2015-01-19 15:25:14 | 000,114,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV - [2015-01-19 15:25:02 | 000,017,488 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2014-11-21 06:14:16 | 000,051,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV - [2014-11-21 06:14:06 | 000,023,256 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2014-10-10 08:59:12 | 000,191,928 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm)
DRV - [2014-10-10 08:59:12 | 000,135,296 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2014-10-10 08:59:12 | 000,123,424 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV - [2013-11-21 21:11:31 | 000,013,464 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SWDUMon.sys -- (SWDUMon)
DRV - [2012-06-27 15:18:52 | 000,019,072 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2012-06-11 14:17:44 | 000,018,560 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2011-02-16 16:52:46 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2010-07-01 18:52:18 | 000,044,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dc3d.sys -- (dc3d)
DRV - [2009-10-26 16:19:02 | 000,136,704 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV - [2009-10-26 16:19:00 | 000,058,240 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nusb3hub.sys -- (nusb3hub)
DRV - [2009-10-21 18:30:32 | 000,433,920 | ---- | M] (Leadtek Research Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wfeaglxt.sys -- (WFLR6654)
DRV - [2009-09-02 04:09:24 | 000,176,128 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2009-07-14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUSB)
DRV - [2008-12-23 20:42:01 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2008-07-20 17:37:36 | 000,141,312 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\sp_rsdrv2.sys -- (sp_rsdrv2)
DRV - [2007-09-13 20:41:28 | 000,051,608 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WmXlCore.sys -- (WmXlCore)
DRV - [2007-09-13 20:41:20 | 000,014,744 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WmVirHid.sys -- (WmVirHid)
DRV - [2007-09-13 20:41:02 | 000,029,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WmFilter.sys -- (WmFilter)
DRV - [2007-09-13 20:40:54 | 000,019,352 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WmBEnum.sys -- (WmBEnum)
DRV - [2006-11-06 09:28:11 | 000,030,988 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2006-10-27 09:48:42 | 000,018,944 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\busbcrw.sys -- (busbcrw)
DRV - [2005-01-06 16:55:38 | 000,009,446 | ---- | M] (Leadtek Research Inc.) [Kernel | On_Demand | Running] -- C:\Program Files\WinFast\WFDTV\WFIOCTL.sys -- (WFIOCTL)
DRV - [2003-06-06 14:34:56 | 000,016,695 | ---- | M] (EUTRON) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\eusk2par.sys -- (eusk2par)
DRV - [2001-07-13 13:56:14 | 000,014,976 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\SBKUPNT.SYS -- (SBKUPNT)
DRV - [2000-01-01 01:00:00 | 010,410,272 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2000-01-01 01:00:00 | 000,161,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... rer:source?}
IE - HKU\.DEFAULT\..\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}: "URL" = http://www.crawler.com/search/dispatche ... tbid=60327
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... rer:source?}
IE - HKU\S-1-5-18\..\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}: "URL" = http://www.crawler.com/search/dispatche ... tbid=60327
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-21-2124181350-2115944497-1007344975-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
IE - HKU\S-1-5-21-2124181350-2115944497-1007344975-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2124181350-2115944497-1007344975-1000\..\URLSearchHook: {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - SOFTWARE\Classes\CLSID\{BC86E1AB-EDA5-4059-938F-CE307B0C6F0A}\InprocServer32 File not found
IE - HKU\S-1-5-21-2124181350-2115944497-1007344975-1000\..\SearchScopes,DefaultScope = {C7809953-FDE8-44ff-8C3F-88E7488CB898}
IE - HKU\S-1-5-21-2124181350-2115944497-1007344975-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-2124181350-2115944497-1007344975-1000\..\SearchScopes\{C7809953-FDE8-44ff-8C3F-88E7488CB898}: "URL" = http://uk.search.yahoo.com/search?p={se ... &type=IEBD
IE - HKU\S-1-5-21-2124181350-2115944497-1007344975-1000\..\SearchScopes\{DA1676F1-F84B-4812-8AA7-0A14185DA854}: "URL" = http://www.google.com/custom?client=pub ... earchTerms}
IE - HKU\S-1-5-21-2124181350-2115944497-1007344975-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2124181350-2115944497-1007344975-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = socks=

IE - HKU\S-1-5-21-2124181350-2115944497-1007344975-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/
IE - HKU\S-1-5-21-2124181350-2115944497-1007344975-1003\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2124181350-2115944497-1007344975-1003\..\URLSearchHook: {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - SOFTWARE\Classes\CLSID\{BC86E1AB-EDA5-4059-938F-CE307B0C6F0A}\InprocServer32 File not found
IE - HKU\S-1-5-21-2124181350-2115944497-1007344975-1003\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2124181350-2115944497-1007344975-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-2124181350-2115944497-1007344975-1003\..\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}: "URL" = http://www.crawler.com/search/dispatche ... tbid=60327
IE - HKU\S-1-5-21-2124181350-2115944497-1007344975-1003\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB9}: "URL" = http://www.daemon-search.com/search/web?q={searchTerms}
IE - HKU\S-1-5-21-2124181350-2115944497-1007344975-1003\..\SearchScopes\{C7809953-FDE8-44ff-8C3F-88E7488CB898}: "URL" = http://uk.search.yahoo.com/search?p={se ... &type=IEBD
IE - HKU\S-1-5-21-2124181350-2115944497-1007344975-1003\..\SearchScopes\{DA1676F1-F84B-4812-8AA7-0A14185DA854}: "URL" = http://www.google.com/custom?client=pub ... earchTerms}
IE - HKU\S-1-5-21-2124181350-2115944497-1007344975-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2124181350-2115944497-1007344975-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = socks=

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz"
FF - prefs.js..extensions.enabledAddons: compatibility@addons.mozilla.org:1.1
FF - prefs.js..extensions.enabledAddons: {097d3191-e6fa-4728-9826-b533d755359d}:0.7.14
FF - prefs.js..extensions.enabledAddons: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.17
FF - prefs.js..extensions.enabledAddons: {EF522540-89F5-46b9-B6FE-1829E2B572C6}:7.1
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6
FF - prefs.js..extensions.enabledItems: {097d3191-e6fa-4728-9826-b533d755359d}:0.7.13
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.2
FF - prefs.js..extensions.enabledItems: {c50ca3c4-5656-43c2-a061-13e717f73fc8}:4.0.1
FF - prefs.js..extensions.enabledItems: smartbookmarksbar@remy.juteau:1.4.3
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_257.dll ()
FF - HKLM\Software\MozillaPlugins\@cuminas.jp/DjVuPlugin: C:\Program Files\Cuminas\Document Express DjVu Plug-in\npdjvu.dll (Cuminas Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.0.282: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.2.72: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.2.72: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.2.72: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.2.72: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.0.282: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.0: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Milan Obešlo\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Milan Obešlo\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2009-05-06 18:43:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{34712C68-7391-4c47-94F3-8F88D49AD632}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013-01-12 10:52:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-01-12 10:52:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-06-27 19:59:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014-12-12 16:44:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2009-05-06 18:43:35 | 000,000,000 | ---D | M]

[2008-08-28 20:22:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Milan Obešlo\AppData\Roaming\Mozilla\Extensions
[2015-01-17 13:15:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Milan Obešlo\AppData\Roaming\Mozilla\Firefox\Profiles\p3yzb4q6.default\extensions
[2014-05-20 20:15:56 | 000,000,000 | ---D | M] (SearchPreview) -- C:\Users\Milan Obešlo\AppData\Roaming\Mozilla\Firefox\Profiles\p3yzb4q6.default\extensions\{EF522540-89F5-46b9-B6FE-1829E2B572C6}
[2012-06-20 17:10:42 | 000,000,000 | ---D | M] (Roomy Bookmarks Toolbar) -- C:\Users\Milan Obešlo\AppData\Roaming\Mozilla\Firefox\Profiles\p3yzb4q6.default\extensions\ALone-live@ya(44).ru
[2013-06-22 07:22:21 | 000,000,000 | ---D | M] (Roomy Bookmarks Toolbar) -- C:\Users\Milan Obešlo\AppData\Roaming\Mozilla\Firefox\Profiles\p3yzb4q6.default\extensions\ALone-live@ya(45).ru
[2012-05-09 18:05:58 | 000,000,000 | ---D | M] (Roomy Bookmarks Toolbar) -- C:\Users\Milan Obešlo\AppData\Roaming\Mozilla\Firefox\Profiles\p3yzb4q6.default\extensions\ALone-live@ya(72).ru
[2012-02-24 11:08:35 | 000,164,722 | ---- | M] () (No name found) -- C:\Users\Milan Obešlo\AppData\Roaming\Mozilla\Firefox\Profiles\p3yzb4q6.default\extensions\compatibility@addons.mozilla.org.xpi
[2011-06-25 08:57:54 | 000,450,199 | ---- | M] () (No name found) -- C:\Users\Milan Obešlo\AppData\Roaming\Mozilla\Firefox\Profiles\p3yzb4q6.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}.xpi
[2013-02-14 18:53:31 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\Milan Obešlo\AppData\Roaming\Mozilla\Firefox\Profiles\p3yzb4q6.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014-05-04 11:57:09 | 000,731,942 | ---- | M] () (No name found) -- C:\Users\Milan Obešlo\AppData\Roaming\Mozilla\Firefox\Profiles\p3yzb4q6.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
[2012-06-20 17:06:56 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012-06-20 17:17:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\distribution\extensions
[2012-06-20 17:17:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\distribution\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
File not found (No name found) -- C:\USERS\MILAN OBEĹˇLO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P3YZB4Q6.DEFAULT\EXTENSIONS\{097D3191-E6FA-4728-9826-B533D755359D}.XPI
File not found (No name found) -- C:\USERS\MILAN OBEĹˇLO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P3YZB4Q6.DEFAULT\EXTENSIONS\{DDC359D1-844A-42A7-9AA1-88A850A938A8}.XPI
File not found (No name found) -- C:\USERS\MILAN OBEĹˇLO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P3YZB4Q6.DEFAULT\EXTENSIONS\{EF522540-89F5-46B9-B6FE-1829E2B572C6}
File not found (No name found) -- C:\USERS\MILAN OBEĹˇLO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P3YZB4Q6.DEFAULT\EXTENSIONS\COMPATIBILITY@ADDONS.MOZILLA.ORG.XPI
[2012-02-18 10:40:59 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2008-01-23 07:20:30 | 000,491,520 | ---- | M] (BitComet) -- C:\Program Files\mozilla firefox\plugins\npBitCometAgent.dll
[2013-01-12 10:51:30 | 000,124,056 | ---- | M] (RealPlayer) -- C:\Program Files\mozilla firefox\plugins\nprpplugin.dll
[2012-06-15 01:05:47 | 000,001,583 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\atlas-sk.xml
[2012-06-15 01:05:47 | 000,001,380 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\azet-sk.xml
[2012-06-15 01:05:47 | 000,001,479 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\dunaj-sk.xml
[2012-06-15 01:05:48 | 000,001,473 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slovnik-sk.xml
[2012-06-15 01:05:48 | 000,001,104 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-sk.xml
[2012-06-15 01:05:48 | 000,000,830 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\zoznam-sk.xml

========== Chrome ==========

CHR - default_search_provider: (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - plugin: Widevine Content Decryption Module (Enabled) = C:\Users\Milan ObeĹˇlo\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.377\_platform_specific\win_x86\widevinecdmadapter.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Milan ObeĹˇlo\AppData\Local\Google\Chrome\Application\39.0.2171.99\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Milan ObeĹˇlo\AppData\Local\Google\Chrome\Application\39.0.2171.99\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Milan ObeĹˇlo\AppData\Local\Google\Chrome\Application\39.0.2171.99\pdf.dll
CHR - plugin: MicrosoftÂ® Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: BitCometAgent (Disabled) = C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll
CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 7.0.510.13 (Enabled) = C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
CHR - plugin: Java(TM) Platform SE 7 U51 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll
CHR - plugin: RealJukebox NS Plugin (Disabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll
CHR - plugin: VLC Web Plugin (Disabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
CHR - plugin: RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit) (Disabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
CHR - plugin: RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit) (Disabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
CHR - plugin: RealDownloader Plugin (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) (Disabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Milan ObeĹˇlo\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = c:\program files\real\realplayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Download Plugin (Enabled) = c:\program files\real\realplayer\Netscape6\nprpplugin.dll
CHR - Extension: No name found = C:\Users\Milan Obešlo\AppData\Local\Google\Chrome\User Data\Default\Extensions\eeoekjnjgppnaegdjbcafdggilajhpic\2.1_0\
CHR - Extension: No name found = C:\Users\Milan Obešlo\AppData\Local\Google\Chrome\User Data\Default\Extensions\fndlhnanhedoklpdaacidomdnplcjcpj\2.6.4.4_0\
CHR - Extension: No name found = C:\Users\Milan Obešlo\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.0_0\
CHR - Extension: No name found = C:\Users\Milan Obešlo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihmigmmflfcbhdpdgbkkeojchjhhphnh\2.1.2.30_0\
CHR - Extension: No name found = C:\Users\Milan Obešlo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: No name found = C:\Users\Milan Obešlo\AppData\Local\Google\Chrome\User Data\Default\Extensions\oijdcdmnjjgnnhgljmhkjlablaejfeeb\0.2_0\

O1 HOSTS File: ([2007-12-01 10:33:58 | 000,214,260 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 hityou.com
O1 - Hosts: 127.0.0.1 www.hityou.com
O1 - Hosts: 127.0.0.1 180searchassistant.com
O1 - Hosts: 127.0.0.1 www.180searchassistant.com
O1 - Hosts: 127.0.0.1 180solutions.com
O1 - Hosts: 127.0.0.1 www.180solutions.com
O1 - Hosts: 127.0.0.1 bis.180solutions.com
O1 - Hosts: 127.0.0.1 config.180solutions.com
O1 - Hosts: 127.0.0.1 cts.180solutions.com
O1 - Hosts: 127.0.0.1 downloads.180solutions.com
O1 - Hosts: 127.0.0.1 installs.180solutions.com
O1 - Hosts: 127.0.0.1 nowhere.180solutions.com
O1 - Hosts: 127.0.0.1 ping.180solutions.com
O1 - Hosts: 127.0.0.1 tv.180solutions.com
O1 - Hosts: 127.0.0.1 uploads.180solutions.com
O1 - Hosts: 127.0.0.1 public.zangocash.com
O1 - Hosts: 127.0.0.1 www.public.zangocash.com
O1 - Hosts: 127.0.0.1 static.zangocash.com
O1 - Hosts: 127.0.0.1 www.static.zangocash.com
O1 - Hosts: 127.0.0.1 www.zangocash.com
O1 - Hosts: 127.0.0.1 zangocash.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 7537 more lines...
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKU\S-1-5-21-2124181350-2115944497-1007344975-1003\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKU\S-1-5-21-2124181350-2115944497-1007344975-1003\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O4 - HKLM..\Run: [00Hotkeys] C:\Program Files\Qliner Hotkeys\HotKeys.exe (Qliner)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [Family Tree Builder Update] C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe (MyHeritage)
O4 - HKLM..\Run: [MSConfig] C:\Windows\System32\msconfig.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NBKeyScan] C:\Program Files\Nero\Nero BackItUp 4\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation)
O4 - HKLM..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate File not found
O4 - HKLM..\Run: [sfagent] C:\Program Files\Fighters\SPAMfighter\sfagent.exe File not found
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\realplayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFTVFM\WFWIZ.exe File not found
O4 - HKLM..\Run: [WinFastDTV] C:\Program Files\WinFast\WFDTV\DTVSchdl.exe (Leadtek Research Inc.)
O4 - HKLM..\Run: [Zune Launcher] C:\Program Files\ZuneLauncher.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2124181350-2115944497-1007344975-1000..\Run: [RocketDock] C:\Program Files\RocketDock\RocketDock.exe ()
O4 - HKU\S-1-5-21-2124181350-2115944497-1007344975-1000..\Run: [uTorrent] C:\Users\Milan Obešlo\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
O4 - HKU\S-1-5-21-2124181350-2115944497-1007344975-1003..\Run: [RocketDock] C:\Program Files\RocketDock\RocketDock.exe ()
O4 - HKU\S-1-5-21-2124181350-2115944497-1007344975-1003..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [WinFast Schedule] C:\Program Files\WinFast\WFDTV\WFWIZ.exe (Leadtek Research Inc.)
O4 - HKLM..\RunOnce: [WinFast Schedule2] C:\Program Files (x86)\WinFast\WFDTV\WFWIZ.exe File not found
O4 - HKLM..\RunOnce: [WinFast Schedule3] C:\Program Files\WinFast\WFTVFM\WFWIZ.exe File not found
O4 - HKLM..\RunOnce: [WinFast Schedule4] C:\Program Files (x86)\WinFast\WFTVFM\WFWIZ.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWinKeys = 1
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O13 - gopher Prefix: missing
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} http://liveupdate.msi.com.tw/autobios/L ... nstall.cab (WebSDev Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 10.55.2)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0017-0000-0055-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_55)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_55)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.224.254 195.146.100.98
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0509E4BA-D1F0-4C3F-9CBB-7B265B7B4707}: DhcpNameServer = 10.0.224.254 195.146.100.98
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4F258111-011F-47F0-B870-5E893C703D45}: DhcpNameServer = 192.168.1.20
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006-09-18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2006-09-18 22:43:36 | 000,000,024 | ---- | M] () - F:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - C:\Windows\System32\frapsvid.dll (Beepa P/L)
Drivers32: vidc.i420 - C:\Windows\System32\i420vfw.dll (www.helixcommunity.org)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2015-01-19 17:24:10 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Milan Obešlo\Desktop\OTL.exe
[2015-01-18 16:33:22 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2015-01-17 16:40:23 | 000,114,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2015-01-17 16:40:08 | 000,075,480 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamchameleon.sys
[2015-01-17 16:40:08 | 000,051,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mwac.sys
[2015-01-17 16:40:08 | 000,023,256 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2015-01-17 16:40:08 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes Anti-Malware
[2015-01-17 16:38:09 | 020,447,072 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Milan Obešlo\Desktop\mbam-setup-2.0.4.1028.exe
[2015-01-17 13:13:24 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2015-01-17 11:21:14 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2015-01-15 14:59:49 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncsi.dll
[2015-01-04 10:38:20 | 000,049,152 | ---- | C] (Stirling) -- C:\Program Files\_ISREG32.DLL
[2015-01-04 10:38:12 | 000,000,000 | ---D | C] -- C:\Program Files\ZALOHA
[2015-01-04 10:38:12 | 000,000,000 | ---D | C] -- C:\Program Files\DATA
[2011-08-05 12:34:22 | 001,534,688 | ---- | C] (Microsoft Corporation) -- C:\Program Files\UIX.dll
[2011-08-05 12:34:22 | 001,072,864 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneDBApi.dll
[2011-08-05 12:34:22 | 000,645,856 | ---- | C] (Microsoft Corporation) -- C:\Program Files\UIX.renderapi.dll
[2011-08-05 12:34:20 | 001,424,096 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneShell.dll
[2011-08-05 12:34:20 | 001,293,024 | ---- | C] (Microsoft Corporation) -- C:\Program Files\UIXcontrols.dll
[2011-08-05 12:30:02 | 016,921,312 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneShellResources.dll
[2011-08-05 12:30:02 | 003,945,696 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneSetup.exe
[2011-08-05 12:30:02 | 003,889,376 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneResources.dll
[2011-08-05 12:30:02 | 000,850,144 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneService.dll
[2011-08-05 12:30:02 | 000,679,648 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneQP.dll
[2011-08-05 12:30:02 | 000,653,024 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneWmdu.dll
[2011-08-05 12:30:02 | 000,609,504 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneSH.dll
[2011-08-05 12:30:02 | 000,444,640 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneWlanCfgSvc.exe
[2011-08-05 12:30:02 | 000,406,240 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneSP.dll
[2011-08-05 12:30:02 | 000,376,544 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneSE.dll
[2011-08-05 12:30:02 | 000,301,280 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneSrcWrp.dll
[2011-08-05 12:30:02 | 000,268,512 | ---- | C] (Microsoft Corporation) -- C:\Program Files\WMZuneComm.exe
[2011-08-05 12:30:02 | 000,157,408 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneZMDB.Mobile.dll
[2011-08-05 12:30:02 | 000,131,808 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneZMDB.Library.dll
[2011-08-05 12:30:02 | 000,130,784 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneZMDB.ZuneHD.dll
[2011-08-05 12:30:02 | 000,126,176 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneZMDB.Classic.dll
[2011-08-05 12:30:02 | 000,123,104 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneSA.dll
[2011-08-05 12:30:02 | 000,084,704 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneTaskbar.dll
[2011-08-05 12:30:02 | 000,059,616 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneShellExt.dll
[2011-08-05 12:30:02 | 000,026,336 | ---- | C] (Microsoft Corporation) -- C:\Program Files\WMZuneTCP2UDP.dll
[2011-08-05 12:30:02 | 000,019,680 | ---- | C] (Microsoft Corporation) -- C:\Program Files\WMZuneDTPTDNS.dll
[2011-08-05 12:30:02 | 000,017,120 | ---- | C] (Microsoft Corporation) -- C:\Program Files\WMZuneCommProxyStub.dll
[2011-08-05 12:30:02 | 000,016,608 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneShare.exe
[2011-08-05 12:30:02 | 000,009,440 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneWmduResources.dll
[2011-08-05 12:29:56 | 007,459,552 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneNativeLib.dll
[2011-08-05 12:29:56 | 006,363,872 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneNss.exe
[2011-08-05 12:29:56 | 001,716,960 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneEncEng.dll
[2011-08-05 12:29:56 | 001,359,584 | ---- | C] (Microsoft Corporation) -- C:\Program Files\UIXrender.dll
[2011-08-05 12:29:56 | 001,096,928 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneMarketplaceResources.dll
[2011-08-05 12:29:56 | 001,040,096 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneCore.dll
[2011-08-05 12:29:56 | 001,001,184 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneH264Dec.dll
[2011-08-05 12:29:56 | 000,816,864 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneMde.dll
[2011-08-05 12:29:56 | 000,628,960 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZUNEMP4SDECD.dll
[2011-08-05 12:29:56 | 000,627,424 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneMBR.dll
[2011-08-05 12:29:56 | 000,298,720 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneEvr.dll
[2011-08-05 12:29:56 | 000,268,000 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneNssci.dll
[2011-08-05 12:29:56 | 000,207,072 | ---- | C] (Microsoft Corporation) -- C:\Program Files\Zune.exe
[2011-08-05 12:29:56 | 000,176,864 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneHost.exe
[2011-08-05 12:29:56 | 000,173,280 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneDB.dll
[2011-08-05 12:29:56 | 000,159,456 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneLauncher.exe
[2011-08-05 12:29:56 | 000,121,568 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZunePresenter.dll
[2011-08-05 12:29:56 | 000,111,840 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneEffects.dll
[2011-08-05 12:29:56 | 000,110,304 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneAACDec.dll
[2011-08-05 12:29:56 | 000,056,544 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneDXVA2.dll
[2011-08-05 12:29:56 | 000,050,912 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneCfg.dll
[2011-08-05 12:29:56 | 000,044,256 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneConfig.exe
[2011-08-05 12:29:56 | 000,036,064 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneEnc.exe
[2011-08-05 12:29:56 | 000,030,944 | ---- | C] (Microsoft Corporation) -- C:\Program Files\UIXsup.dll
[2011-08-05 12:29:56 | 000,018,656 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZunePS.dll
[2011-08-05 12:19:50 | 000,222,720 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Program Files\l3codecp.acm
[2011-06-06 13:48:50 | 000,655,872 | ---- | C] (Microsoft Corporation) -- C:\Program Files\msvcr90.dll
[2011-06-06 13:48:50 | 000,572,928 | ---- | C] (Microsoft Corporation) -- C:\Program Files\msvcp90.dll
[2011-06-06 13:48:50 | 000,225,280 | ---- | C] (Microsoft Corporation) -- C:\Program Files\msvcm90.dll
[2007-10-28 15:09:04 | 000,581,632 | ---- | C] (Crystal Dew World) -- C:\Users\Milan Obešlo\CrystalMark09.exe
[2007-10-28 15:09:04 | 000,192,512 | ---- | C] (Crystal Dew World) -- C:\Users\Milan Obešlo\SysInfo.dll
[2007-10-28 15:09:04 | 000,065,536 | ---- | C] (Crystal Dew World) -- C:\Users\Milan Obešlo\CrystalMark09.dll
[2007-10-28 15:09:03 | 000,081,920 | ---- | C] (Crystal Dew World) -- C:\Users\Milan Obešlo\CM09D2D.exe
[2007-10-28 15:09:03 | 000,065,536 | ---- | C] (Crystal Dew World) -- C:\Users\Milan Obešlo\CM09GDI.exe
[2007-08-27 15:56:58 | 001,089,440 | ---- | C] (Microsoft Corporation) -- C:\Program Files\msidcrl40.dll
[8 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[8 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[3 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2015-01-19 17:30:00 | 000,000,432 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{85376FE6-FC64-4267-9B06-0829C1319430}.job
[2015-01-19 17:29:49 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2015-01-19 17:24:44 | 000,004,432 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2015-01-19 17:24:44 | 000,004,432 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2015-01-19 17:24:12 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Milan Obešlo\Desktop\OTL.exe
[2015-01-19 16:57:00 | 000,000,990 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2124181350-2115944497-1007344975-1000UA.job
[2015-01-19 16:57:00 | 000,000,938 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2124181350-2115944497-1007344975-1000Core.job
[2015-01-19 16:41:00 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015-01-19 16:40:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015-01-19 15:25:14 | 000,114,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2015-01-19 15:25:02 | 000,017,488 | ---- | M] (Windows (R) 2000 DDK provider) -- C:\Windows\gdrv.sys
[2015-01-19 15:24:46 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015-01-19 15:24:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015-01-19 15:24:40 | 3488,079,872 | -HS- | M] () -- C:\hiberfil.sys
[2015-01-18 16:35:28 | 000,645,076 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2015-01-18 16:35:28 | 000,634,274 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2015-01-18 16:35:28 | 000,137,762 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2015-01-18 16:35:28 | 000,119,840 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2015-01-18 09:27:47 | 008,451,858 | ---- | M] () -- C:\Users\Milan Obešlo\Desktop\Veteran arena - Olomouc.pdf
[2015-01-17 16:40:13 | 000,000,904 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015-01-17 16:38:40 | 020,447,072 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Milan Obešlo\Desktop\mbam-setup-2.0.4.1028.exe
[2015-01-17 13:12:16 | 002,186,752 | ---- | M] () -- C:\Users\Milan Obešlo\Desktop\adwcleaner_4.108.exe
[2015-01-17 11:21:02 | 001,107,968 | ---- | M] () -- C:\Users\Milan Obešlo\Desktop\RSIT.exe
[2015-01-17 09:33:55 | 000,000,809 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2015-01-14 19:54:17 | 000,002,673 | ---- | M] () -- C:\Users\Milan Obešlo\Desktop\Microsoft Office Word 2003.lnk
[2015-01-14 17:40:11 | 000,701,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2015-01-14 17:40:11 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2015-01-14 17:19:22 | 000,249,160 | ---- | M] () -- C:\Users\Milan Obešlo\Desktop\CENIKFruit2015A.pdf
[2015-01-06 04:36:02 | 000,249,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2015-01-04 10:46:45 | 000,013,030 | ---- | M] () -- C:\Users\Public\Documents\PDOXUSRS.NET
[2015-01-04 10:38:29 | 000,010,609 | ---- | M] () -- C:\Program Files\DeIsL1.isu
[2015-01-04 10:38:21 | 000,000,672 | ---- | M] () -- C:\Users\Public\Desktop\Saturnin - RTP.lnk
[2015-01-04 10:38:20 | 000,000,355 | ---- | M] () -- C:\Program Files\_DEISREG.ISR
[2015-01-03 13:36:30 | 000,031,307 | ---- | M] () -- C:\Users\Milan Obešlo\Desktop\chouette_alors.zip
[8 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[8 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[3 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2015-01-19 17:29:49 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2015-01-18 09:27:47 | 008,451,858 | ---- | C] () -- C:\Users\Milan Obešlo\Desktop\Veteran arena - Olomouc.pdf
[2015-01-17 16:40:13 | 000,000,904 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015-01-17 13:12:15 | 002,186,752 | ---- | C] () -- C:\Users\Milan Obešlo\Desktop\adwcleaner_4.108.exe
[2015-01-17 11:21:00 | 001,107,968 | ---- | C] () -- C:\Users\Milan Obešlo\Desktop\RSIT.exe
[2015-01-14 17:19:22 | 000,249,160 | ---- | C] () -- C:\Users\Milan Obešlo\Desktop\CENIKFruit2015A.pdf
[2015-01-04 10:38:21 | 000,000,672 | ---- | C] () -- C:\Users\Public\Desktop\Saturnin - RTP.lnk
[2015-01-04 10:38:20 | 000,000,355 | ---- | C] () -- C:\Program Files\_DEISREG.ISR
[2015-01-04 10:38:13 | 000,097,280 | ---- | C] () -- C:\Program Files\Zipdll.dll
[2015-01-04 10:38:13 | 000,089,088 | ---- | C] ( ) -- C:\Program Files\Unzdll.dll
[2015-01-04 10:38:13 | 000,000,035 | ---- | C] () -- C:\Program Files\Sklad.cfg
[2015-01-04 10:38:12 | 006,648,832 | ---- | C] () -- C:\Program Files\Saturnin.exe
[2015-01-04 10:38:12 | 000,197,622 | ---- | C] () -- C:\Program Files\LOGOJIDEL.bmp
[2015-01-04 10:38:12 | 000,068,966 | ---- | C] () -- C:\Program Files\jidelnicek.bmp
[2015-01-04 10:38:11 | 000,010,609 | ---- | C] () -- C:\Program Files\DeIsL1.isu
[2015-01-03 13:36:29 | 000,031,307 | ---- | C] () -- C:\Users\Milan Obešlo\Desktop\chouette_alors.zip
[2014-07-23 20:24:31 | 000,454,656 | ---- | C] () -- C:\Windows\System32\PaintX.dll
[2014-01-31 18:08:00 | 000,000,004 | ---- | C] () -- C:\Windows\System32\WFSCHDL.dat
[2014-01-31 18:07:49 | 000,003,732 | ---- | C] () -- C:\Windows\System32\FMCodec.dat
[2013-11-20 20:55:58 | 000,217,176 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2013-11-17 19:40:59 | 000,673,037 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT
[2013-11-17 19:19:01 | 000,013,464 | ---- | C] () -- C:\Windows\System32\drivers\SWDUMon.sys
[2013-11-15 18:50:48 | 000,004,096 | -H-- | C] () -- C:\Users\Milan Obešlo\AppData\Local\keyfile3.drm
[2011-08-24 16:04:03 | 000,000,270 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2011-06-21 18:33:50 | 009,532,452 | ---- | C] () -- C:\Program Files\Meiryoz.ttc
[2011-06-06 13:50:40 | 000,000,659 | ---- | C] () -- C:\Program Files\Zune.exe.config
[2011-06-06 13:50:28 | 000,001,922 | ---- | C] () -- C:\Program Files\TopBar.gif
[2011-06-06 13:50:28 | 000,000,988 | ---- | C] () -- C:\Program Files\ZuneLogo.gif
[2011-06-06 13:50:26 | 000,251,333 | ---- | C] () -- C:\Program Files\softwaremap.png
[2011-06-06 13:50:26 | 000,122,458 | ---- | C] () -- C:\Program Files\quickplaymap.png
[2011-06-06 13:50:26 | 000,122,068 | ---- | C] () -- C:\Program Files\quickplaymap_csy.png
[2011-06-06 13:50:26 | 000,121,489 | ---- | C] () -- C:\Program Files\quickplaymap_dan.png
[2011-06-06 13:50:26 | 000,097,298 | ---- | C] () -- C:\Program Files\softwaremap_csy.png
[2011-06-06 13:50:26 | 000,000,631 | ---- | C] () -- C:\Program Files\Background.jpg
[2011-06-06 13:50:26 | 000,000,054 | ---- | C] () -- C:\Program Files\Arrow.gif
[2010-12-08 11:01:57 | 000,000,680 | ---- | C] () -- C:\Users\Milan Obešlo\AppData\Local\d3d9caps.dat
[2009-09-24 20:27:52 | 000,000,833 | ---- | C] () -- C:\Users\Milan Obešlo\.recently-used.xbel
[2009-08-11 18:58:21 | 000,000,005 | ---- | C] () -- C:\Program Files\trl.trl
[2009-03-22 17:47:42 | 000,000,573 | ---- | C] () -- C:\Users\Milan Obešlo\AppData\Roaming\AutoGK.ini
[2007-11-10 19:30:47 | 022,490,112 | ---- | C] () -- C:\Program Files\CZDC.pdb
[2007-11-10 19:30:44 | 004,108,288 | ---- | C] () -- C:\Program Files\CZDC.exe
[2007-11-10 19:30:39 | 000,061,817 | ---- | C] () -- C:\Program Files\CZ.xml
[2007-11-10 19:30:39 | 000,000,558 | ---- | C] () -- C:\Program Files\boot.xml.example
[2007-11-03 13:35:34 | 000,183,296 | ---- | C] () -- C:\Program Files\Core Temp.exe
[2007-10-28 15:15:26 | 000,000,174 | ---- | C] () -- C:\Users\Milan Obešlo\CM09D2D.ini
[2007-10-28 15:14:42 | 000,000,168 | ---- | C] () -- C:\Users\Milan Obešlo\CM09GDI.ini
[2007-10-28 15:11:29 | 000,000,094 | ---- | C] () -- C:\Users\Milan Obešlo\CM09OGL.ini
[2007-10-28 15:09:06 | 000,010,240 | ---- | C] () -- C:\Users\Milan Obešlo\SysInfoX64.sys
[2007-10-28 15:09:06 | 000,008,883 | ---- | C] () -- C:\Users\Milan Obešlo\SysInfo.vxd
[2007-10-28 15:09:06 | 000,007,263 | ---- | C] () -- C:\Users\Milan Obešlo\SysInfo.sys
[2007-10-28 15:09:06 | 000,007,039 | ---- | C] () -- C:\Users\Milan Obešlo\SysInfoNT4.sys
[2007-10-28 15:09:06 | 000,000,159 | ---- | C] () -- C:\Users\Milan Obešlo\CrystalMark09.ini
[2007-10-28 15:09:05 | 000,583,756 | ---- | C] () -- C:\Users\Milan Obešlo\HIYOLOGO.GC2
[2007-10-28 15:09:05 | 000,581,204 | ---- | C] () -- C:\Users\Milan Obešlo\PALOMINO.GLD
[2007-10-28 15:09:05 | 000,462,170 | ---- | C] () -- C:\Users\Milan Obešlo\PENTIUM4.GLD
[2007-10-28 15:09:05 | 000,237,568 | ---- | C] () -- C:\Users\Milan Obešlo\GLUT32.DLL
[2007-10-28 15:09:04 | 000,381,647 | ---- | C] () -- C:\Users\Milan Obešlo\REDCONE.GLD
[2007-10-28 15:09:04 | 000,380,857 | ---- | C] () -- C:\Users\Milan Obešlo\GRENCONE.GLD
[2007-10-28 15:09:04 | 000,373,745 | ---- | C] () -- C:\Users\Milan Obešlo\BLUECONE.GLD
[2007-10-28 15:09:04 | 000,066,632 | ---- | C] () -- C:\Users\Milan Obešlo\WIREBACK.GLD
[2007-10-28 15:09:03 | 000,077,824 | ---- | C] () -- C:\Users\Milan Obešlo\CM09OGL.exe
[2007-10-06 10:21:39 | 000,227,328 | ---- | C] () -- C:\Users\Milan Obešlo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2003-11-28 09:02:38 | 000,027,981 | ---- | C] () -- C:\Program Files\Readme.html

========== ZeroAccess Check ==========

[2006-11-02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014-03-25 14:26:04 | 011,587,584 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009-04-11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009-04-11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013-04-09 10:24:10 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\Acronis
[2008-11-09 11:40:04 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\Any Video Converter
[2008-10-10 18:56:10 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\Ashampoo
[2010-06-29 19:06:17 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\avidemux
[2011-04-07 17:20:56 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\Azureus
[2008-12-23 20:41:46 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\DAEMON Tools
[2009-03-28 15:15:41 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\esmska
[2009-11-20 18:35:26 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\FarmingSimulator2008
[2008-05-04 20:48:57 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\FDRLab
[2010-06-03 20:12:01 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\GetRightToGo
[2013-11-18 20:56:30 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\GHISLER
[2008-09-09 13:56:56 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\GlarySoft
[2009-09-24 20:27:52 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\gtk-2.0
[2013-03-21 19:14:30 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\Hard Disk Sentinel
[2008-06-11 20:51:22 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\Hide IP NG
[2012-09-18 19:41:38 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\IGC
[2009-08-30 19:15:21 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\IrfanView
[2013-03-20 17:29:33 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\Jpeg Resampler
[2013-12-14 10:48:10 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\Kastner software
[2009-01-11 10:40:01 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\Leadertech
[2014-08-05 16:56:47 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\LiveKit
[2009-06-28 18:23:15 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\MAGIX
[2011-01-04 20:09:01 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\MechCAD
[2009-08-23 18:09:12 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\MMToolz
[2014-07-24 20:42:02 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\MyHeritage
[2011-08-07 18:56:35 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\Nokia
[2009-06-27 09:39:22 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\Opera
[2014-04-19 18:00:50 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\Oracle
[2010-04-09 17:28:26 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\PC Suite
[2011-05-02 18:44:30 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\Posta
[2008-02-10 14:22:41 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\qliner
[2011-12-30 13:09:41 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\Samsung
[2013-11-18 19:37:52 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\Seznam.cz
[2014-09-14 19:56:51 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\SketchUp
[2009-11-15 11:18:37 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\Spyware Terminator
[2014-07-23 20:24:31 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\The Complete Genealogy Reporter - FTB
[2015-01-19 17:34:33 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\uTorrent
[2014-07-26 08:58:15 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\VeskrnaMartin
[2009-05-24 16:32:54 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\Zoner

========== Purity Check ==========

========== Custom Scans ==========

< >
[2006-11-02 14:01:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2006-11-02 14:01:49 | 000,032,608 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2007-09-28 10:09:36 | 000,000,432 | -H-- | C] () -- C:\Windows\Tasks\User_Feed_Synchronization-{85376FE6-FC64-4267-9B06-0829C1319430}.job
[2012-03-31 09:06:14 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012-09-15 08:02:03 | 000,000,936 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012-09-15 08:02:04 | 000,000,940 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012-09-15 17:55:14 | 000,000,938 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2124181350-2115944497-1007344975-1000Core.job
[2012-09-15 17:55:14 | 000,000,990 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2124181350-2115944497-1007344975-1000UA.job

< >

< MD5 for: AGP440.SYS >
[2008-01-19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008-01-19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008-01-19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008-01-19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006-11-02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys
[2006-11-02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009-04-11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Users\Milan Obešlo\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20131117T182859357781\internal_ide_channel\atapi.sys
[2009-04-11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Users\Milan Obešlo\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20131117T182859357781\pci\cc_0101\atapi.sys
[2009-04-11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Users\Milan Obešlo\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20131117T185523077455\internal_ide_channel\atapi.sys
[2009-04-11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Users\Milan Obešlo\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20131117T185523077455\pci\cc_0101\atapi.sys
[2009-04-11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Users\Milan Obešlo\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20131119T201603202379\internal_ide_channel\atapi.sys
[2009-04-11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Users\Milan Obešlo\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20131119T201603202379\pci\cc_0101\atapi.sys
[2009-04-11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009-04-11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009-04-11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008-01-19 08:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008-01-19 08:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006-11-02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008-02-13 18:48:47 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2008-02-13 18:48:47 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2008-02-13 18:48:46 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009-04-11 07:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\System32\autochk.exe
[2009-04-11 07:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6002.18005_none_e3df6655bee2ee3b\autochk.exe
[2008-01-19 08:33:01 | 000,642,560 | ---- | M] (Microsoft Corporation) MD5=2FC5BE79B51714B479809358E4908FC3 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.18000_none_e1f3ed49c1c122ef\autochk.exe
[2006-11-02 10:44:50 | 000,640,000 | ---- | M] (Microsoft Corporation) MD5=C08D1FE284C3330934E45D6E5F5B768B -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6000.16386_none_dfbd2b4dc4d6121b\autochk.exe

< MD5 for: CDROM.SYS >
[2008-01-19 06:49:51 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys
[2008-01-19 06:49:51 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[2009-04-11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Users\Milan Obešlo\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20131117T182859357781\gencdrom\cdrom.sys
[2009-04-11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Users\Milan Obešlo\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20131117T185523077455\gencdrom\cdrom.sys
[2009-04-11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Users\Milan Obešlo\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20131119T201603202379\gencdrom\cdrom.sys
[2009-04-11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\drivers\cdrom.sys
[2009-04-11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys
[2009-04-11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys
[2006-11-02 09:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2006-11-02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006-11-02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2013-10-03 14:16:48 | 000,135,168 | ---- | M] (Microsoft Corporation) MD5=165E9D93A84A7F55EBEEB1B554110680 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.23235_none_78542a95b127239a\cryptsvc.dll
[2006-11-02 10:46:03 | 000,123,392 | ---- | M] (Microsoft Corporation) MD5=1C26FB097170A2A91066D1E3A24366E3 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6000.16386_none_73c8d7689de43d15\cryptsvc.dll
[2013-04-24 05:00:30 | 000,133,120 | ---- | M] (Microsoft Corporation) MD5=3EDE4C1F9672C972479201544969ADCB -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18831_none_77c6b0b4980cf0e4\cryptsvc.dll
[2013-04-17 13:30:06 | 000,133,120 | ---- | M] (Microsoft Corporation) MD5=58CEF2D243575512657452B9E89A2E1F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18827_none_77d7825c97ff6cfd\cryptsvc.dll
[2013-07-08 05:16:55 | 000,133,120 | ---- | M] (Microsoft Corporation) MD5=684C130BBC6DB681BAD4920A4C944AA5 -- C:\Windows\System32\cryptsvc.dll
[2013-07-08 05:16:55 | 000,133,120 | ---- | M] (Microsoft Corporation) MD5=684C130BBC6DB681BAD4920A4C944AA5 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18881_none_7790a11898357c99\cryptsvc.dll
[2008-01-19 08:34:00 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=6DE363F9F99334514C46AEC02D3E3678 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_75ff99649acf4de9\cryptsvc.dll
[2012-04-23 17:00:53 | 000,133,120 | ---- | M] (Microsoft Corporation) MD5=75C6A297E364014840B48ECCD7525E30 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18618_none_77e34ec697f67015\cryptsvc.dll
[2013-07-08 03:50:53 | 000,135,168 | ---- | M] (Microsoft Corporation) MD5=828805E2E7F529B24849AD52740288DA -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.23154_none_783d888db13844fe\cryptsvc.dll
[2012-04-23 15:48:06 | 000,135,168 | ---- | M] (Microsoft Corporation) MD5=C979AEA8C4D8F875CD25507D08980006 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.22840_none_78447b63b1339621\cryptsvc.dll
[2013-04-17 12:28:51 | 000,135,168 | ---- | M] (Microsoft Corporation) MD5=CC8E2C87016A07892B5448D764BF8A30 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.23097_none_781547d5b15603a0\cryptsvc.dll
[2012-06-02 12:09:26 | 000,135,168 | ---- | M] (Microsoft Corporation) MD5=DD9CCF40ED80DD0D62F1B607A1EA4449 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.22869_none_7837de25b13bb212\cryptsvc.dll
[2012-06-02 01:02:32 | 000,133,120 | ---- | M] (Microsoft Corporation) MD5=F1E8C34892336D33EDDCDFE44E474F64 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18643_none_77bddd9098134535\cryptsvc.dll
[2009-04-11 07:28:18 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_77eb127097f11935\cryptsvc.dll
[2013-04-24 04:46:45 | 000,135,168 | ---- | M] (Microsoft Corporation) MD5=FBE051C07C3D2B9011ECB1C7A73120C1 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.23101_none_7870974bb1126d44\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2008-10-29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008-10-29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008-10-30 04:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2007-11-14 21:30:17 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[2007-11-14 21:30:17 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[2009-04-11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009-04-11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008-10-28 03:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2006-11-02 10:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
[2008-01-19 08:33:10 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

< MD5 for: HAL.DLL >
[2009-04-11 07:32:46 | 000,177,128 | ---- | M] (Microsoft Corporation) MD5=B8D52005181A15D7D1470CBF2AF214DD -- C:\Users\Milan Obešlo\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20131117T182859357781\acpiapic\hal.dll
[2009-04-11 07:32:46 | 000,177,128 | ---- | M] (Microsoft Corporation) MD5=B8D52005181A15D7D1470CBF2AF214DD -- C:\Users\Milan Obešlo\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20131117T185523077455\acpiapic\hal.dll
[2009-04-11 07:32:46 | 000,177,128 | ---- | M] (Microsoft Corporation) MD5=B8D52005181A15D7D1470CBF2AF214DD -- C:\Users\Milan Obešlo\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20131119T201603202379\acpiapic\hal.dll
[2009-04-11 07:32:46 | 000,177,128 | ---- | M] (Microsoft Corporation) MD5=B8D52005181A15D7D1470CBF2AF214DD -- C:\Windows\System32\hal.dll

< MD5 for: IASTORV.SYS >
[2008-01-19 08:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008-01-19 08:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006-11-02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys
[2006-11-02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2006-11-02 10:50:24 | 000,047,208 | ---- | M] (Microsoft Corporation) MD5=350FCA7E73CF65BCEF43FAE1E4E91293 -- C:\Windows\System32\drivers\isapnp.sys
[2006-11-02 10:50:24 | 000,047,208 | ---- | M] (Microsoft Corporation) MD5=350FCA7E73CF65BCEF43FAE1E4E91293 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\isapnp.sys
[2008-01-19 08:42:15 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\isapnp.sys
[2008-01-19 08:42:15 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\isapnp.sys
[2008-01-19 08:42:15 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\isapnp.sys
[2008-01-19 08:42:15 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\isapnp.sys

< MD5 for: LSASS.EXE >
[2009-06-15 13:51:56 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=203D86EBD6D8E4C8501B222421E81506 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_a886901f7335e2fc\lsass.exe
[2009-09-10 15:44:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=2D3AC5E7AC01E905F3ABD2D745FE3A9B -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_a8a80213731ca5a7\lsass.exe
[2009-06-15 13:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_a7fbf30a5a1929db\lsass.exe
[2009-02-13 08:26:04 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=59DE082968FDD257FFF0D209B9A5B460 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_a44eb0105fb4d975\lsass.exe
[2012-06-01 23:37:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=613DEB66A91820F0A41915B40BB8833F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22869_none_a882cf8373379c5f\lsass.exe
[2006-11-02 10:45:21 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=6A0E382E74280E4CC0DF17FE2661D003 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16386_none_a413c8c65fe02762\lsass.exe
[2009-06-15 14:03:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=6F1F23D3599EAE17734451936B7F17C6 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_a69e1da376115b2a\lsass.exe
[2014-10-11 00:21:41 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=86C519D59C70327434641E862A70B52B -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.23521_none_a8a5f069731e840f\lsass.exe
[2011-11-16 15:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A3E186B4B935905B829219502557314E -- C:\Windows\System32\lsass.exe
[2011-11-16 15:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A3E186B4B935905B829219502557314E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18541_none_a806cc745a10ffad\lsass.exe
[2011-11-16 15:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A3E186B4B935905B829219502557314E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18643_none_a808ceee5a0f2f82\lsass.exe
[2011-11-16 15:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A3E186B4B935905B829219502557314E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.19214_none_a82a209c59f61a0b\lsass.exe
[2009-06-15 13:57:59 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A911ECAC81F94ADEAFBE8E3F7873EDB0 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_a600dfae5d0228c9\lsass.exe
[2009-02-13 05:58:37 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=AFF8A58280863629CA4FFA9E0B259F1E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_a4e2f4e978ca9090\lsass.exe
[2009-06-15 13:59:08 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=BA9A67672E025078C77967731BCFC560 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_a4b3e75378eccda6\lsass.exe
[2014-12-03 01:23:58 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=C4AA089041242987308AE2A7B30E910A -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.23555_none_a88981cd73333d3e\lsass.exe
[2009-06-15 14:10:12 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=C731B1FE449D4E9CEA358C9D55B69BE9 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_a418a0745fdd652a\lsass.exe
[2009-09-09 12:09:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=CB7E838C140B4087B2DA323F2D4523C5 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_a6d1618975e9b345\lsass.exe
[2009-09-10 15:47:51 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=D09A5DA84B7C9CA9B02EBCD7FAE41C8D -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_a4dd285578ce285b\lsass.exe
[2008-01-19 08:33:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_a64a8ac25ccb3836\lsass.exe
[2008-01-19 08:33:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_a644c0145ccecd28\lsass.exe
[2008-01-19 08:33:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_none_a83603ce59ed0382\lsass.exe
[2011-11-16 14:57:04 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=EBFAEB786C46B407930811F94F08877D -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22742_none_a8916b6f732db5f5\lsass.exe
[2009-02-13 09:20:29 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=F4C62B07E5BF96F1FDCA9DB393ECED22 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_a68e7da1761c2def\lsass.exe

< MD5 for: NDIS.SYS >
[2009-04-11 07:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\System32\drivers\ndis.sys
[2009-04-11 07:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys
[2006-11-02 10:51:42 | 000,500,840 | ---- | M] (Microsoft Corporation) MD5=227C11E1E7CF6EF8AFB2A238D209760C -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6000.16386_none_a59069cb1f23fc44\ndis.sys
[2008-01-19 08:43:31 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys

< MD5 for: NETLOGON.DLL >
[2006-11-02 10:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
[2009-04-11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009-04-11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008-01-19 08:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

< MD5 for: NVRAID.SYS >
[2008-01-19 08:43:01 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvraid.sys
[2008-01-19 08:43:01 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvraid.sys
[2006-11-02 10:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) MD5=E69E946F80C1C31C53003BFBF50CBB7C -- C:\Windows\System32\drivers\nvraid.sys
[2006-11-02 10:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) MD5=E69E946F80C1C31C53003BFBF50CBB7C -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2006-11-02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys
[2006-11-02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008-01-19 08:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008-01-19 08:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

< MD5 for: SCECLI.DLL >
[2008-01-19 08:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2006-11-02 10:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
[2009-04-11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009-04-11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

< MD5 for: SMSS.EXE >
[2013-07-08 02:18:50 | 000,064,512 | ---- | M] (Microsoft Corporation) MD5=18CE0D0DCB7AF0D3E67ECF12BDE1382D -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.23154_none_ae7897262f9a96cf\smss.exe
[2013-03-09 02:16:53 | 000,064,512 | ---- | M] (Microsoft Corporation) MD5=44A40B18D9F6315D35F4539A41ECDE0D -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.23076_none_ae64f5fc2fa90438\smss.exe
[2008-01-19 08:33:31 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=6701DDAF68BEDE6BBEEA9D514D73A35B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6001.18000_none_ac3aa7fd19319fba\smss.exe
[2009-04-11 07:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=98AF15A94CD6AC37248E72E5FE789B35 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.18005_none_ae26210916536b06\smss.exe
[2013-05-02 02:27:42 | 000,064,512 | ---- | M] (Microsoft Corporation) MD5=AF2F8F104F119DD10AFA8B54A006F1B6 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.23103_none_aeada6782f72f1c3\smss.exe
[2013-03-09 02:28:08 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=BE7480C91E89EB82FC080F772C220AE4 -- C:\Windows\System32\smss.exe
[2013-03-09 02:28:08 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=BE7480C91E89EB82FC080F772C220AE4 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.18805_none_ae2630391653543e\smss.exe
[2006-11-02 10:45:45 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=CAA75757BB3695478C23CB0624342A61 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6000.16386_none_aa03e6011c468ee6\smss.exe

< MD5 for: SVCHOST.EXE >
[2006-11-02 10:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6000.16386_none_b38497a50862ad11\svchost.exe
[2008-01-19 08:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008-01-19 08:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
[2014-11-21 06:12:42 | 000,761,656 | ---- | M] (MalwareBytes) MD5=625BB08813743947985B0DEEFC35ED12 -- C:\Program Files\Malwarebytes Anti-Malware\Chameleon\Windows\svchost.exe

Red Fin · #20 Příspěvek od **Red Fin** » 19 led 2015 18:22

< MD5 for: TCPIP.SYS >
[2008-04-26 09:08:16 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=01EC1E92595F839BEE70D439C46796E3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys
[2008-01-09 17:11:58 | 000,802,816 | ---- | M] (Microsoft Corporation) MD5=028061C7F6D2D03068C72E2A27E4228A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16567_none_5f6577ce925d75a7\tcpip.sys
[2013-05-08 04:40:36 | 000,914,792 | ---- | M] (Microsoft Corporation) MD5=078218D74C4EFC2CE7E4C6DF22A94F2F -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.23106_none_b59411ab7ca4df04\tcpip.sys
[2009-04-11 07:33:02 | 000,897,000 | ---- | M] (Microsoft Corporation) MD5=0E6B0885C3D5E4643ED2D043DE3433D8 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_b5098b5e63880c42\tcpip.sys
[2011-09-20 22:02:55 | 000,913,280 | ---- | M] (Microsoft Corporation) MD5=16731B631F28F63CD9F4CB60940E7DDD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22719_none_b58c64c97caa1c43\tcpip.sys
[2009-12-08 21:52:30 | 000,897,624 | ---- | M] (Microsoft Corporation) MD5=1ACBB7A47E78F4CC82D2EFFB72901528 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18377_none_b2d96a966698ad63\tcpip.sys
[2009-08-15 22:30:53 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=2512B4D1353370D6688B1AF1F5AFA1CF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys
[2009-08-14 18:01:55 | 000,900,168 | ---- | M] (Microsoft Corporation) MD5=2608E71AAD54564647D4BB984E1925AA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys
[2011-06-17 21:13:55 | 000,905,104 | ---- | M] (Microsoft Corporation) MD5=2756186E287139310997090797E0182B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18484_none_b4b2134c63c9c70f\tcpip.sys
[2012-03-30 13:39:11 | 000,905,600 | ---- | M] (Microsoft Corporation) MD5=27D470DABC77BC60D0A3B0E4DEB6CB91 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18604_none_b50896786388e1d5\tcpip.sys
[2010-02-18 12:51:51 | 000,818,688 | ---- | M] (Microsoft Corporation) MD5=2C1F7005AA3B62721BFDB307BD5F5010 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\tcpip.sys
[2010-02-18 15:49:38 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=2EAE4500984C2F8DACFB977060300A15 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys
[2009-08-14 15:24:47 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=300208927321066EA53761FDC98747C6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys
[2013-01-04 12:28:19 | 000,914,792 | ---- | M] (Microsoft Corporation) MD5=3535CD93F944C00F098E73E12EE7FEB6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.23013_none_b5863efb7cafb1c9\tcpip.sys
[2008-01-09 17:11:58 | 000,804,352 | ---- | M] (Microsoft Corporation) MD5=43EAE40B50FE3E60D194DD9C97EBB1FD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.20689_none_5fdb7555ab898001\tcpip.sys
[2009-12-08 21:15:00 | 000,907,832 | ---- | M] (Microsoft Corporation) MD5=46E6685F3E92AEC743773ADD4CD54F57 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22283_none_b53aaa1b7ce8560d\tcpip.sys
[2010-02-18 15:07:16 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_b50d905263846bec\tcpip.sys
[2010-02-18 13:05:37 | 000,815,104 | ---- | M] (Microsoft Corporation) MD5=4A82FA8F0DF67AA354580C3FAAF8BDE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\tcpip.sys
[2008-02-13 18:48:29 | 000,806,400 | ---- | M] (Microsoft Corporation) MD5=52A8BD6294F7D1443C6184C67AE13AF4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.20752_none_5ff4e4f9ab7777f4\tcpip.sys
[2013-05-08 05:37:21 | 000,905,576 | ---- | M] (Microsoft Corporation) MD5=548E198BAE21EFC21F8B5F0C1728AD27 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18835_none_b4e92aca63a0494d\tcpip.sys
[2009-12-08 21:37:09 | 000,900,696 | ---- | M] (Microsoft Corporation) MD5=5653230D480A9C54D169E1B080B72CF5 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_b36309477fb64a54\tcpip.sys
[2008-02-13 18:48:29 | 000,803,328 | ---- | M] (Microsoft Corporation) MD5=5DF77458AA92FDB36FCE79C60F74AB5D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16627_none_5f90b964923d030a\tcpip.sys
[2010-06-16 16:55:58 | 000,902,032 | ---- | M] (Microsoft Corporation) MD5=6216A954ED7045B62880A92D6C9B9FC7 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys
[2009-08-14 17:27:34 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=65877AA1B6A7CB797488E831698973E9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys
[2011-06-17 21:13:55 | 000,913,296 | ---- | M] (Microsoft Corporation) MD5=6647FCE6FC4970DAAFE5C64C794513D3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22662_none_b54f51417cd8f970\tcpip.sys
[2010-06-16 17:39:32 | 000,912,776 | ---- | M] (Microsoft Corporation) MD5=6A10AFCE0B38371064BE41C1FBFD3C6B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_b57d8e037cb5db63\tcpip.sys
[2013-07-05 04:20:37 | 000,914,880 | ---- | M] (Microsoft Corporation) MD5=6D0D344F643E28B31262AC2682109A3C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.23152_none_b55a00e77cd1055d\tcpip.sys
[2013-01-04 12:28:18 | 000,905,576 | ---- | M] (Microsoft Corporation) MD5=74E2D020C47BB2B2FCCBA29A518A7EB4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18764_none_b4c7b8d663b986a2\tcpip.sys
[2010-06-16 16:59:54 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=782568AB6A43160A159B6215B70BCCE9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_b2bfcb7c66ac7d10\tcpip.sys
[2011-09-20 22:02:55 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=814A1C66FBD4E1B310A517221F1456BF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18519_none_b502c618638c7f52\tcpip.sys
[2008-04-26 09:26:49 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=82E266BEE5F0167E41C6ECFDD2A79C02 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys
[2009-12-08 18:58:13 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=8734BD051FFDCBF8425CF222141C3741 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16973_none_5f56ae52926920d8\tcpip.sys
[2009-08-14 18:07:56 | 000,897,608 | ---- | M] (Microsoft Corporation) MD5=8A7AD2A214233F684242F289ED83EBC3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys
[2010-02-18 18:36:50 | 000,902,024 | ---- | M] (Microsoft Corporation) MD5=93A5655CD9CD2F080EF1CB71A3666215 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys
[2014-04-05 04:23:10 | 000,915,392 | ---- | M] (Microsoft Corporation) MD5=A4196D394207369E1431E8681B373312 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.23370_none_b54264477ce304df\tcpip.sys
[2010-06-16 17:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=A474879AFA4A596B3A531F3E69730DBF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_b4baded863c37e22\tcpip.sys
[2014-04-05 03:42:27 | 000,905,664 | ---- | M] (Microsoft Corporation) MD5=C7B0746FCD576D7EEBA6A2530B0B2966 -- C:\Windows\System32\drivers\tcpip.sys
[2014-04-05 03:42:27 | 000,905,664 | ---- | M] (Microsoft Corporation) MD5=C7B0746FCD576D7EEBA6A2530B0B2966 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.19080_none_b4adf3c463cd86b8\tcpip.sys
[2009-12-08 18:45:32 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=CA3A5756672013A66BB9D547A5A62DCA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21175_none_5fe223d3ab852692\tcpip.sys
[2013-07-05 05:53:33 | 000,905,664 | ---- | M] (Microsoft Corporation) MD5=D18D53974FD715D50FC76F9FFE1C830D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18880_none_b4ae19bc63cd564f\tcpip.sys
[2006-11-02 09:58:38 | 000,802,816 | ---- | M] (Microsoft Corporation) MD5=D944522B048A5FEB7700B5170D3D9423 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16386_none_5f4ed3e0926e99e4\tcpip.sys
[2010-02-18 15:22:11 | 000,910,216 | ---- | M] (Microsoft Corporation) MD5=D9F5DD5BBC8348E8F8220CCBF14C022E -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_b563eb1d7cc9b0c2\tcpip.sys
[2009-12-08 21:01:08 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=DA467E7619AE5F4588E6262C13C8940A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18160_none_b4c3ac4a63bd325c\tcpip.sys
[2012-03-30 13:39:11 | 000,914,304 | ---- | M] (Microsoft Corporation) MD5=EE7E10BED85C312C1D5D30C435BDDA9F -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22828_none_b58096797cb31c04\tcpip.sys
[2008-01-19 08:43:39 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=FC6E2835D667774D409C7C7021EAF9C4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys
[2009-08-14 17:33:50 | 000,905,784 | ---- | M] (Microsoft Corporation) MD5=FF71856BD4CD6D4367F9FD84BE79A874 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008-01-19 08:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008-01-19 08:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2006-11-02 10:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe

< MD5 for: VIAMRAID.SYS >
[2007-03-19 15:13:46 | 000,118,120 | ---- | M] (VIA Technologies inc,.ltd) MD5=503F50BF170661A23C2D50C423011469 -- C:\_Install\System\Chipset\VIA 4in1\VIA_HyperionPro_V512A\VRAIDDrv\drvdisk\x86\NT4\viamraid.sys
[2007-03-19 15:13:46 | 000,118,120 | ---- | M] (VIA Technologies inc,.ltd) MD5=503F50BF170661A23C2D50C423011469 -- C:\_Install\System\Chipset\VIA 4in1\VIA_HyperionPro_V512A\VRAIDDrv\NT4\viamraid.sys
[2007-03-19 15:18:12 | 000,104,064 | ---- | M] (VIA Technologies inc,.ltd) MD5=85E9421C8A99D1291B43B9B59A669AC3 -- C:\_Install\System\Chipset\VIA 4in1\VIA_HyperionPro_V512A\VRAIDDrv\2K\viamraid.sys
[2007-03-19 15:18:12 | 000,104,064 | ---- | M] (VIA Technologies inc,.ltd) MD5=85E9421C8A99D1291B43B9B59A669AC3 -- C:\_Install\System\Chipset\VIA 4in1\VIA_HyperionPro_V512A\VRAIDDrv\drvdisk\x86\NT5\viamraid.sys
[2007-03-19 15:18:12 | 000,104,064 | ---- | M] (VIA Technologies inc,.ltd) MD5=85E9421C8A99D1291B43B9B59A669AC3 -- C:\_Install\System\Chipset\VIA 4in1\VIA_HyperionPro_V512A\VRAIDDrv\SRV2003\x86\viamraid.sys
[2007-03-19 15:18:12 | 000,104,064 | ---- | M] (VIA Technologies inc,.ltd) MD5=85E9421C8A99D1291B43B9B59A669AC3 -- C:\_Install\System\Chipset\VIA 4in1\VIA_HyperionPro_V512A\VRAIDDrv\XP\x86\viamraid.sys
[2007-03-21 16:35:38 | 000,113,152 | ---- | M] (VIA Technologies Inc.,Ltd) MD5=8C7E7769643D3D17B8B67F99A6416C5B -- C:\_Install\System\Chipset\VIA 4in1\VIA_HyperionPro_V512A\VRAIDDrv\drvdisk\VISTA\x86\viamraid.sys
[2007-03-21 16:35:38 | 000,113,152 | ---- | M] (VIA Technologies Inc.,Ltd) MD5=8C7E7769643D3D17B8B67F99A6416C5B -- C:\_Install\System\Chipset\VIA 4in1\VIA_HyperionPro_V512A\VRAIDDrv\VISTA\x86\viamraid.sys

< MD5 for: VIPRT.SYS >
[2007-03-26 14:26:00 | 000,052,224 | ---- | M] (VIA Technologies, Inc.) MD5=7C69B1B6DEC5F8584AA352E522AF1476 -- C:\_Install\System\Chipset\VIA 4in1\VIA_HyperionPro_V512A\SATAIDE\W2K\ViPrt.sys
[2007-03-26 14:26:00 | 000,052,224 | ---- | M] (VIA Technologies, Inc.) MD5=7C69B1B6DEC5F8584AA352E522AF1476 -- C:\_Install\System\Chipset\VIA 4in1\VIA_HyperionPro_V512A\SATAIDE\WNET\ViPrt.sys
[2007-03-26 14:26:00 | 000,052,224 | ---- | M] (VIA Technologies, Inc.) MD5=7C69B1B6DEC5F8584AA352E522AF1476 -- C:\_Install\System\Chipset\VIA 4in1\VIA_HyperionPro_V512A\SATAIDE\WXP\ViPrt.sys
[2007-03-26 14:26:00 | 000,052,224 | ---- | M] (VIA Technologies, Inc.) MD5=A1B7CFFE5F09B825FBA506C4DE9FDAC7 -- C:\_Install\System\Chipset\VIA 4in1\VIA_HyperionPro_V512A\SATAIDE\WLH\ViPrt.sys

< MD5 for: WINLOGON.EXE >
[2014-11-21 06:12:42 | 000,761,656 | ---- | M] (MalwareBytes) MD5=625BB08813743947985B0DEEFC35ED12 -- C:\Program Files\Malwarebytes Anti-Malware\Chameleon\Windows\winlogon.exe
[2009-04-11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009-04-11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2006-11-02 10:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2008-01-19 08:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< MD5 for: WS2_32.DLL >
[2008-01-19 08:37:09 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows\System32\ws2_32.dll
[2008-01-19 08:37:09 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_f2b7b0c2ce5605c4\ws2_32.dll
[2006-11-02 10:46:14 | 000,178,688 | ---- | M] (Microsoft Corporation) MD5=D99A071C1018BB3D4ABAAD4B62048AC2 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6000.16386_none_f080eec6d16af4f0\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[16 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[11 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[4 C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\*.tmp files -> C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\*.tmp -> ]
[3 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[240 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
[1 C:\Windows\twain_32\*.tmp files -> C:\Windows\twain_32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2013-04-09 10:24:10 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\Acronis
[2011-12-30 16:34:38 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\Adobe
[2007-09-28 16:18:43 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\AdobeUM
[2007-09-26 19:16:41 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\Ahead
[2008-11-09 11:40:04 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\Any Video Converter
[2013-11-21 21:18:58 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\ArcSoft
[2008-10-10 18:56:10 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\Ashampoo
[2010-06-29 19:06:17 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\avidemux
[2011-04-07 17:20:56 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\Azureus
[2008-04-24 19:08:25 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\Corel
[2008-05-05 18:24:45 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\CyberLink
[2008-12-23 20:41:46 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\DAEMON Tools
[2015-01-11 15:10:43 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\dvdcss
[2009-03-28 15:15:41 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\esmska
[2009-11-20 18:35:26 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\FarmingSimulator2008
[2013-09-26 20:26:59 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\FastStone
[2008-05-04 20:48:57 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\FDRLab
[2010-06-03 20:12:01 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\GetRightToGo
[2013-11-18 20:56:30 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\GHISLER
[2008-09-09 13:56:56 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\GlarySoft
[2012-07-14 12:56:50 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\Google
[2009-09-24 20:27:52 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\gtk-2.0
[2013-03-21 19:14:30 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\Hard Disk Sentinel
[2008-06-11 20:51:22 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\Hide IP NG
[2008-03-29 17:50:23 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\HP
[2007-09-20 13:41:37 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\Identities
[2012-09-18 19:41:38 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\IGC
[2008-01-05 10:11:29 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\InstallShield
[2013-11-21 20:13:31 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\InstallShield Installation Information
[2009-08-30 19:15:21 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\IrfanView
[2013-03-20 17:29:33 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\Jpeg Resampler
[2013-12-14 10:48:10 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\Kastner software
[2009-01-11 10:40:01 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\Leadertech
[2014-08-05 16:56:47 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\LiveKit
[2007-09-28 13:39:01 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\Macromedia
[2009-06-28 18:23:15 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\MAGIX
[2011-01-04 20:09:01 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\MechCAD
[2006-11-02 13:37:34 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\Media Center Programs
[2011-04-07 17:20:59 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\Media Player Classic
[2013-11-26 20:17:32 | 000,000,000 | --SD | M] -- C:\Users\Milan Obešlo\AppData\Roaming\Microsoft
[2009-08-23 18:09:12 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\MMToolz
[2008-08-28 20:22:28 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\Mozilla
[2014-07-24 20:42:02 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\MyHeritage
[2010-02-20 20:19:39 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\Nero
[2011-08-07 18:56:35 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\Nokia
[2013-10-25 12:04:29 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\NVIDIA
[2009-06-27 09:39:22 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\Opera
[2014-04-19 18:00:50 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\Oracle
[2010-04-09 17:28:26 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\PC Suite
[2011-05-02 18:44:30 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\Posta
[2008-02-10 14:22:41 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\qliner
[2012-06-27 20:00:57 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\Real
[2013-01-12 10:53:27 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\RealNetworks
[2011-12-30 13:09:41 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\Samsung
[2009-01-11 10:46:55 | 000,000,000 | RH-D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\SecuROM
[2013-11-18 19:37:52 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\Seznam.cz
[2014-09-14 19:56:51 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\SketchUp
[2009-11-15 11:18:37 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\Spyware Terminator
[2014-07-23 20:24:31 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\The Complete Genealogy Reporter - FTB
[2015-01-19 17:52:20 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\uTorrent
[2014-07-26 08:58:15 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\VeskrnaMartin
[2015-01-15 18:50:14 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\vlc
[2009-09-07 19:37:14 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\WinRAR
[2009-05-24 16:32:54 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\Zoner

< %APPDATA%\*.exe /s >
[2013-11-22 17:55:14 | 000,455,600 | ---- | M] (Macrovision Corporation) -- C:\Users\Milan Obešlo\AppData\Roaming\InstallShield Installation Information\{C92C584E-C781-475E-A8E2-C67D993A6B95}\setup.exe
[2014-02-26 17:05:10 | 025,004,760 | ---- | M] (KASTNER software s.r.o. ) -- C:\Users\Milan Obešlo\AppData\Roaming\Kastner software\Form Studio CZ\Update\Prg04\fsupd.exe
[2013-01-17 17:14:26 | 000,003,262 | R--- | M] () -- C:\Users\Milan Obešlo\AppData\Roaming\Microsoft\Installer\{BA58C040-B206-41BB-92CF-D0A2975477BB}\_1B28C0C449723C3D9967EA.exe
[2008-04-24 19:06:46 | 000,010,134 | R--- | M] () -- C:\Users\Milan Obešlo\AppData\Roaming\Microsoft\Installer\{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}\ARPPRODUCTICON.exe
[2008-04-24 19:06:46 | 000,065,536 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Milan Obešlo\AppData\Roaming\Microsoft\Installer\{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}\Shortcut0.C3A146F5_4B48_11D5_A819_00B0D0428C0C.exe
[2013-11-12 15:26:20 | 000,113,696 | ---- | M] () -- C:\Users\Milan Obešlo\AppData\Roaming\MyHeritage\Bin\Convert\Convertor.exe
[2013-11-12 15:26:22 | 000,113,696 | ---- | M] () -- C:\Users\Milan Obešlo\AppData\Roaming\MyHeritage\Bin\Convert\ConvertorFDB.exe
[2013-11-12 15:26:24 | 000,047,120 | ---- | M] () -- C:\Users\Milan Obešlo\AppData\Roaming\MyHeritage\Bin\Convert\depcheck.exe
[2013-11-12 14:20:16 | 000,110,592 | ---- | M] () -- C:\Users\Milan Obešlo\AppData\Roaming\MyHeritage\Bin\Convert\gbtest.exe
[2013-11-12 14:20:00 | 000,058,896 | ---- | M] () -- C:\Users\Milan Obešlo\AppData\Roaming\MyHeritage\Bin\Detect\Detect.exe
[2009-07-15 16:36:36 | 000,390,664 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Milan Obešlo\AppData\Roaming\Real\RealPlayer\Update\realplayer11gold.exe
[2010-02-25 17:34:28 | 000,439,816 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Milan Obešlo\AppData\Roaming\Real\Update\setup3.09\setup.exe
[2009-11-19 11:12:01 | 000,079,368 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Milan Obešlo\AppData\Roaming\Real\Update\setup3.09\RUP\vista.exe
[2010-06-28 14:11:00 | 000,439,816 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Milan Obešlo\AppData\Roaming\Real\Update\setup3.10\setup.exe
[2010-09-17 14:45:47 | 000,452,104 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Milan Obešlo\AppData\Roaming\Real\Update\setup3.12\setup.exe
[2010-12-15 16:08:18 | 000,506,024 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Milan Obešlo\AppData\Roaming\Real\Update\setup3.13\setup.exe
[2011-01-29 16:08:43 | 000,510,120 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Milan Obešlo\AppData\Roaming\Real\Update\setup3.14\setup.exe
[2009-06-16 15:57:52 | 000,390,664 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Milan Obešlo\AppData\Roaming\Real\Update\temp\~Upg0\realplayer11gold.exe
[2009-06-26 15:57:56 | 000,390,664 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Milan Obešlo\AppData\Roaming\Real\Update\temp\~Upg1\realplayer11gold.exe
[2012-12-19 18:24:28 | 000,449,176 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Milan Obešlo\AppData\Roaming\Real\Update\temp\~Upg10\rnupgagent.exe
[2012-12-28 18:24:38 | 000,449,176 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Milan Obešlo\AppData\Roaming\Real\Update\temp\~Upg11\rnupgagent.exe
[2013-01-04 18:24:41 | 000,449,176 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Milan Obešlo\AppData\Roaming\Real\Update\temp\~Upg12\rnupgagent.exe
[2013-03-27 18:26:09 | 000,448,592 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Milan Obešlo\AppData\Roaming\Real\Update\temp\~Upg13\rnupgagent.exe
[2013-05-06 17:47:39 | 000,448,592 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Milan Obešlo\AppData\Roaming\Real\Update\temp\~Upg14\rnupgagent.exe
[2013-06-18 18:55:30 | 000,468,560 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Milan Obešlo\AppData\Roaming\Real\Update\temp\~Upg15\rnupgagent.exe
[2013-09-04 19:16:23 | 000,469,072 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Milan Obešlo\AppData\Roaming\Real\Update\temp\~Upg16\rnupgagent.exe
[2013-09-30 19:16:28 | 000,469,072 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Milan Obešlo\AppData\Roaming\Real\Update\temp\~Upg17\rnupgagent.exe
[2013-10-10 19:16:38 | 000,469,072 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Milan Obešlo\AppData\Roaming\Real\Update\temp\~Upg18\rnupgagent.exe
[2013-10-31 17:47:06 | 000,469,072 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Milan Obešlo\AppData\Roaming\Real\Update\temp\~Upg19\rnupgagent.exe
[2009-07-08 15:58:01 | 000,390,664 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Milan Obešlo\AppData\Roaming\Real\Update\temp\~Upg2\realplayer11gold.exe
[2013-11-25 17:46:50 | 000,469,072 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Milan Obešlo\AppData\Roaming\Real\Update\temp\~Upg20\rnupgagent.exe
[2013-12-06 17:46:42 | 000,469,072 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Milan Obešlo\AppData\Roaming\Real\Update\temp\~Upg21\rnupgagent.exe
[2014-09-15 18:28:20 | 000,504,912 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Milan Obešlo\AppData\Roaming\Real\Update\temp\~Upg22\rnupgagent.exe
[2014-09-27 18:28:24 | 000,504,912 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Milan Obešlo\AppData\Roaming\Real\Update\temp\~Upg23\rnupgagent.exe
[2014-10-04 18:28:28 | 000,504,912 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Milan Obešlo\AppData\Roaming\Real\Update\temp\~Upg24\rnupgagent.exe
[2009-07-15 16:36:26 | 000,390,664 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Milan Obešlo\AppData\Roaming\Real\Update\temp\~Upg3\realplayer11gold.exe
[2012-08-15 20:07:11 | 000,449,176 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Milan Obešlo\AppData\Roaming\Real\Update\temp\~Upg4\rnupgagent.exe
[2012-09-30 07:32:52 | 000,449,176 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Milan Obešlo\AppData\Roaming\Real\Update\temp\~Upg5\rnupgagent.exe
[2012-10-09 16:23:43 | 000,449,176 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Milan Obešlo\AppData\Roaming\Real\Update\temp\~Upg6\rnupgagent.exe
[2012-10-16 16:23:46 | 000,449,176 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Milan Obešlo\AppData\Roaming\Real\Update\temp\~Upg7\rnupgagent.exe
[2012-10-27 16:23:52 | 000,449,176 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Milan Obešlo\AppData\Roaming\Real\Update\temp\~Upg8\rnupgagent.exe
[2012-11-03 18:23:58 | 000,449,176 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Milan Obešlo\AppData\Roaming\Real\Update\temp\~Upg9\rnupgagent.exe
[2014-09-15 18:28:20 | 000,504,912 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Milan Obešlo\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe
[2014-09-16 17:41:37 | 001,067,216 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Milan Obešlo\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\stub_exe\RealPlayerCloud.exe
[2011-12-30 13:11:46 | 037,351,744 | ---- | M] (Samsung Electronics Co., Ltd. ) -- C:\Users\Milan Obešlo\AppData\Roaming\Samsung\AllShare\AllShare_2.1.0.11123_8.exe
[2014-11-26 16:48:19 | 001,385,808 | ---- | M] (BitTorrent Inc.) -- C:\Users\Milan Obešlo\AppData\Roaming\uTorrent\uTorrent.exe
[2014-02-08 10:37:44 | 000,905,296 | ---- | M] (BitTorrent Inc.) -- C:\Users\Milan Obešlo\AppData\Roaming\uTorrent\updates\3.3.2_30488.exe
[2014-04-29 16:28:46 | 001,270,352 | ---- | M] (BitTorrent Inc.) -- C:\Users\Milan Obešlo\AppData\Roaming\uTorrent\updates\3.4.1_30888.exe
[2014-05-15 16:32:09 | 001,272,400 | ---- | M] (BitTorrent Inc.) -- C:\Users\Milan Obešlo\AppData\Roaming\uTorrent\updates\3.4.1_31139.exe
[2014-06-13 16:51:16 | 001,267,536 | ---- | M] (BitTorrent Inc.) -- C:\Users\Milan Obešlo\AppData\Roaming\uTorrent\updates\3.4.1_31395.exe
[2014-07-02 17:22:58 | 001,322,832 | ---- | M] (BitTorrent Inc.) -- C:\Users\Milan Obešlo\AppData\Roaming\uTorrent\updates\3.4.2_32126.exe
[2014-09-18 16:59:42 | 001,414,992 | ---- | M] (BitTorrent Inc.) -- C:\Users\Milan Obešlo\AppData\Roaming\uTorrent\updates\3.4.2_33870.exe
[2014-09-23 17:27:27 | 001,416,016 | ---- | M] (BitTorrent Inc.) -- C:\Users\Milan Obešlo\AppData\Roaming\uTorrent\updates\3.4.2_34024.exe
[2014-10-08 18:29:22 | 001,385,808 | ---- | M] (BitTorrent Inc.) -- C:\Users\Milan Obešlo\AppData\Roaming\uTorrent\updates\3.4.2_34309.exe
[2014-10-28 09:44:59 | 001,385,808 | ---- | M] (BitTorrent Inc.) -- C:\Users\Milan Obešlo\AppData\Roaming\uTorrent\updates\3.4.2_34944.exe
[2014-11-26 16:48:19 | 001,385,808 | ---- | M] (BitTorrent Inc.) -- C:\Users\Milan Obešlo\AppData\Roaming\uTorrent\updates\3.4.2_35702.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[3 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2008-12-23 20:42:01 | 000,717,296 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >
[2006-11-02 11:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2006-11-02 11:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2006-11-02 11:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006-11-02 11:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006-11-02 11:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

< %systemroot%\system32\*.dll /lockedfiles >
[3 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >
[2015-01-19 15:25:14 | 000,114,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\system32\drivers\MBAMSwissArmy.sys

< %systemroot%\system32\*.* /3 >
[2015-01-19 17:24:44 | 000,004,432 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2015-01-19 17:24:44 | 000,004,432 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2015-01-18 16:35:28 | 000,137,762 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2015-01-18 16:35:28 | 000,119,840 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2015-01-18 16:35:28 | 000,645,076 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2015-01-18 16:35:28 | 000,634,274 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2015-01-18 16:35:28 | 001,509,614 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI
[3 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2009-04-11 07:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation)
"ehTray.exe" = C:\Windows\ehome\ehTray.exe -- [2008-01-19 08:33:09 | 000,125,952 | ---- | M] (Microsoft Corporation)
"ISUSPM Startup" = "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup -- [2005-08-11 15:30:30 | 000,249,856 | ---- | M] (Macrovision Corporation)
"Google Update" = "C:\Users\Milan Obešlo\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2014-10-23 15:24:07 | 000,107,912 | ---- | M] (Google Inc.)
"RocketDock" = "C:\Program Files\RocketDock\RocketDock.exe" -- [2007-09-02 12:58:52 | 000,495,616 | ---- | M] ()
"uTorrent" = "C:\Users\Milan Obešlo\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED -- [2014-11-26 16:48:19 | 001,385,808 | ---- | M] (BitTorrent Inc.)

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
No captured output from command...

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
No captured output from command...

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
No captured output from command...

< >

< type c:\boot.ini >> test.txt /c >
No captured output from command...

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2015-01-19 17:29:49 | 000,000,512 | ---- | M] () MD5=D0CC59BE4D65B90D1BEC9FF9014B4419 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2005-03-08 10:30:56 | 000,092,827 | ---- | M] () -- \Program Files\Corel\CorelDRAW Graphics Suite 13\Custom Data\Bumpmap\Cracks.cpt
[2005-03-08 10:30:58 | 000,016,068 | ---- | M] () -- \Program Files\Corel\CorelDRAW Graphics Suite 13\Custom Data\Canvas\cracks2c.pcx
[2005-03-08 10:31:08 | 000,010,560 | ---- | M] () -- \Program Files\Corel\CorelDRAW Graphics Suite 13\Custom Data\Tiles\CRACKS2M.CPT
[2002-12-18 16:10:46 | 000,092,827 | ---- | M] () -- \Program Files\Custom Data\Bumpmap\Cracks.cpt
[2002-12-16 17:44:50 | 000,016,068 | ---- | M] () -- \Program Files\Custom Data\Canvas\cracks2c.pcx
[2002-12-16 17:44:30 | 000,010,560 | ---- | M] () -- \Program Files\Custom Data\Tiles\CRACKS2M.CPT
[2004-06-01 18:21:38 | 000,002,394 | ---- | M] () -- \ProgramData\IMSIDesign\TurboFLOORPLAN Dum & Interiér & Zahrada Pro\Textury\Natures Gallery Greige Crackle.jpg
[2004-06-01 18:21:38 | 000,002,394 | ---- | M] () -- \Users\All Users\IMSIDesign\TurboFLOORPLAN Dum & Interiér & Zahrada Pro\Textury\Natures Gallery Greige Crackle.jpg
[2009-03-08 16:43:40 | 000,011,538 | ---- | M] () -- \Users\Milan Obešlo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihmigmmflfcbhdpdgbkkeojchjhhphnh\2.1.2.30_0\audio\Tchaikovsky - Arabian Dance (Nutcracker).mid
[2009-03-08 16:43:40 | 000,004,947 | ---- | M] () -- \Users\Milan Obešlo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihmigmmflfcbhdpdgbkkeojchjhhphnh\2.1.2.30_0\audio\Tchaikovsky - Chinese Dance (Nutcracker).mid
[2009-03-08 16:43:42 | 000,009,773 | ---- | M] () -- \Users\Milan Obešlo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihmigmmflfcbhdpdgbkkeojchjhhphnh\2.1.2.30_0\audio\Tchaikovsky - Dance of the Reed Flutes (Nutcracker).mid
[2009-03-08 16:43:40 | 000,007,726 | ---- | M] () -- \Users\Milan Obešlo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihmigmmflfcbhdpdgbkkeojchjhhphnh\2.1.2.30_0\audio\Tchaikovsky - Dance of the Sugar-Plum Fairy (Nutcracker).mid
[2009-10-04 17:56:04 | 000,127,171 | ---- | M] () -- \Users\Milan Obešlo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihmigmmflfcbhdpdgbkkeojchjhhphnh\2.1.2.30_0\audio\Tchaikovsky - from Nutcracker Suite March Intermezzo Trepak & Andante Maestoso (Sychev02).mid
[2009-03-08 16:43:40 | 000,011,355 | ---- | M] () -- \Users\Milan Obešlo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihmigmmflfcbhdpdgbkkeojchjhhphnh\2.1.2.30_0\audio\Tchaikovsky - March (Nutcracker).mid
[2010-04-29 07:58:54 | 000,117,860 | ---- | M] () -- \Users\Milan Obešlo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihmigmmflfcbhdpdgbkkeojchjhhphnh\2.1.2.30_0\audio\Tchaikovsky - Nutcracker Suite Op-71a.mid
[2009-03-08 16:43:40 | 000,016,276 | ---- | M] () -- \Users\Milan Obešlo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihmigmmflfcbhdpdgbkkeojchjhhphnh\2.1.2.30_0\audio\Tchaikovsky - Overture (Nutcracker).mid
[2009-03-08 16:43:40 | 000,007,163 | ---- | M] () -- \Users\Milan Obešlo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihmigmmflfcbhdpdgbkkeojchjhhphnh\2.1.2.30_0\audio\Tchaikovsky - Russian Dance (Nutcracker).mid
[2010-04-29 08:01:40 | 000,088,841 | ---- | M] () -- \Users\Milan Obešlo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihmigmmflfcbhdpdgbkkeojchjhhphnh\2.1.2.30_0\audio\Tchaikovsky - The Nutcracker for Solo Piano.mid
[2009-03-08 16:43:42 | 000,025,917 | ---- | M] () -- \Users\Milan Obešlo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihmigmmflfcbhdpdgbkkeojchjhhphnh\2.1.2.30_0\audio\Tchaikovsky - Waltz of the Flowers (Nutcracker).mid
[2010-04-12 20:05:20 | 000,029,068 | ---- | M] () -- \Users\Milan Obešlo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihmigmmflfcbhdpdgbkkeojchjhhphnh\2.1.2.30_0\audio\Tchaikovsky - Waltz Of The Flowers From The Nutcracker.mid
[2009-05-13 18:24:19 | 000,006,186 | R--- | M] () -- \Users\Milan Obešlo\AppData\Local\VirtualStore\Program Files\BitComet\torrents\Easy.CD-DA.Extractor.10.5.1 + CRACK.torrent
[2009-05-12 18:25:24 | 000,004,925 | R--- | M] () -- \Users\Milan Obešlo\AppData\Local\VirtualStore\Program Files\BitComet\torrents\EASY.CD.-.DA.EXTRACTOR.Vers.10.0.4.2.MULTILANGUAGE.+.Crack.[www.miragetorrent.com].torrent
[2009-04-13 12:52:28 | 000,032,380 | R--- | M] () -- \Users\Milan Obešlo\AppData\Local\VirtualStore\Program Files\BitComet\torrents\KitchenDraw 5.0 + catalogo formas + crack.programa_de_dibujo.by sanmi.torrent
[2008-12-27 14:09:12 | 000,012,982 | R--- | M] () -- \Users\Milan Obešlo\AppData\Local\VirtualStore\Program Files\BitComet\torrents\Pro.100.v.4.16.ISO.incl.Crack-WOyTHeCK.torrent

< *keygen* /s >

< *AntiWPA* /s >

< *loader* /s >
[2007-06-27 18:03:00 | 000,177,448 | ---- | M] () -- \Program Files\Common Files\Ahead\Lib\NeGuideStoreLoader.dll
[2005-11-10 13:28:10 | 000,126,976 | ---- | M] () -- \Program Files\Corel\CorelDRAW Graphics Suite 13\Programs\PCULoader.exe
[2007-11-06 17:43:54 | 000,007,380 | ---- | M] () -- \Program Files\EA SPORTS\FIFA 09\osdkdata\external\ion_sports07\fw\commonLoader.big
[2007-10-23 09:57:06 | 000,000,288 | ---- | M] () -- \Program Files\EA SPORTS\FIFA 09\osdkdata\game\globalClasses\classLoader.big
[2008-10-15 13:35:34 | 000,030,000 | ---- | M] () -- \Program Files\HP\Digital Imaging\Smart Web Printing\RsrcLoaderLib.dll
[2000-01-01 01:00:00 | 001,168,672 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.GFExperience.{419C0B05-A79E-44AD-8BAD-6E9F9FB400DA}\ExtensionLoader.dll
[2012-11-01 09:32:14 | 000,057,224 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2012-09-04 23:34:12 | 000,083,848 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2008-10-08 18:16:46 | 000,291,840 | ---- | M] () -- \Program Files\RajcePhotoDownloader\RajcePhotoDownloader.exe
[2012-11-30 14:22:10 | 000,251,793 | ---- | M] () -- \Program Files\RealNetworks\RealDownloader\downloader.vs
[2010-02-10 17:10:14 | 000,045,056 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2013-01-12 10:52:43 | 000,002,535 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks\RealDownloader.lnk
[2012-06-27 20:00:21 | 000,007,715 | ---- | M] () -- \ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.js
[2012-06-27 20:00:21 | 000,000,319 | ---- | M] () -- \ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.xul
[2012-11-29 20:30:58 | 000,013,246 | ---- | M] () -- \ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\Chrome\Content\browserrecordloader.js
[2012-11-29 20:10:16 | 000,000,319 | ---- | M] () -- \ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\Chrome\Content\browserrecordloader.xul
[2012-11-29 20:35:38 | 000,002,584 | ---- | M] () -- \ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx
[2013-01-12 10:52:43 | 000,002,535 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\RealNetworks\RealDownloader.lnk
[2012-06-27 20:00:21 | 000,007,715 | ---- | M] () -- \Users\All Users\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.js
[2012-06-27 20:00:21 | 000,000,319 | ---- | M] () -- \Users\All Users\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.xul
[2012-11-29 20:30:58 | 000,013,246 | ---- | M] () -- \Users\All Users\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\Chrome\Content\browserrecordloader.js
[2012-11-29 20:10:16 | 000,000,319 | ---- | M] () -- \Users\All Users\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\Chrome\Content\browserrecordloader.xul
[2012-11-29 20:35:38 | 000,002,584 | ---- | M] () -- \Users\All Users\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx
[2012-07-11 20:23:10 | 000,005,085 | ---- | M] () -- \Users\Milan Obešlo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\MLMDGK23\preloader[1].gif
[2014-09-14 19:57:32 | 000,000,404 | ---- | M] () -- \Users\Milan Obešlo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PVI4EC8T\loader[1].gif
[2000-01-01 01:00:00 | 001,168,672 | ---- | M] () -- \Users\Milan Obešlo\AppData\Local\Temp\7zS711.tmp\GFExperience\ExtensionLoader.dll
[2010-05-22 19:28:48 | 000,000,679 | ---- | M] () -- \Users\Milan Obešlo\AppData\Roaming\Microsoft\Windows\Start Menu\Rajce Photo Downloader.lnk
[2010-05-22 19:28:48 | 000,001,927 | ---- | M] () -- \Users\Public\Desktop\Rajce Photo Downloader.lnk
[2008-01-19 08:34:04 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[3 \Windows\System32\*.tmp files -> \Windows\System32\*.tmp -> ]
[2008-04-19 11:58:21 | 000,003,402 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15.manifest
[2008-04-19 11:58:21 | 000,027,648 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15_winload.exe.mui_3bc5b827
[2008-04-19 11:58:21 | 000,019,968 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15_winresume.exe.mui_ff8b5358
[2009-07-01 16:40:46 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94.manifest
[2009-07-01 16:40:48 | 000,986,600 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94_winload.exe_75835076
[2009-07-01 16:40:50 | 000,926,184 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94_winresume.exe_85cd1215
[2008-04-19 11:57:01 | 000,003,885 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2.manifest
[2008-04-19 11:57:01 | 000,021,048 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2_spldr.sys_98bd87a0
[2008-02-29 08:26:23 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_de-de_cb9c6772f81a418b.manifest
[2008-02-29 08:19:08 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_en-us_748d3d6be6f84d50.manifest
[2008-02-29 11:05:29 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_es-es_74589a4fe71f3ef5.manifest
[2008-02-29 11:07:01 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_fr-fr_1710104ed9f15557.manifest
[2008-02-29 11:05:17 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_it-it_01380695b1233ad5.manifest
[2008-02-29 09:14:00 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_ja-jp_a35d85a2a43e4cb0.manifest
[2008-02-29 11:02:51 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_nl-nl_2d992eca70004957.manifest
[2008-02-29 08:19:24 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_de-de_cbf6c366115bebbd.manifest
[2008-02-29 08:21:05 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_en-us_74e7995f0039f782.manifest
[2008-02-29 10:56:53 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_es-es_74b2f6430060e927.manifest
[2008-02-29 11:12:24 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_fr-fr_176a6c41f332ff89.manifest
[2008-02-29 11:01:15 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_it-it_01926288ca64e507.manifest
[2008-02-29 08:46:06 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_ja-jp_a3b7e195bd7ff6e2.manifest
[2008-02-29 10:17:45 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_nl-nl_2df38abd8941f389.manifest
[2008-01-19 03:14:52 | 000,003,402 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15.manifest
[2008-02-29 08:17:27 | 000,004,858 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6000.16646_none_591b3d986f9b5725.manifest
[2008-02-29 08:13:09 | 000,004,858 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6000.20782_none_5975998b88dd0157.manifest
[2008-01-18 23:00:00 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18000_none_5b26ba326ca6e048.manifest
[2008-02-29 09:08:07 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18027_none_5b181c606cb0c98b.manifest
[2008-02-29 08:37:27 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.22125_none_5b9fb89785d036a7.manifest
[2009-04-10 23:12:44 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94.manifest
[2006-11-02 11:13:06 | 000,003,970 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6000.16386_none_68fc663d5430d3de.manifest
[2008-01-18 23:05:22 | 000,003,885 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2.manifest
[2006-11-02 13:34:33 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6000.16386_none_43bd59f592b7be86\dmloader.dll
[2008-01-19 08:34:04 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6001.18000_none_45f41bf18fa2cf5a\dmloader.dll
[2008-01-19 08:34:04 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6002.18005_none_47df94fd8cc49aa6\dmloader.dll

< *minodlogin* /s >

< *tnod* /s >
[2009-06-06 16:07:45 | 000,039,760 | ---- | M] () -- \Users\Milan Obešlo\AppData\Local\VirtualStore\Program Files\BitComet\rules\dhtnodes.dat

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2012-01-19 20:33:35 | 001,631,906 | ---- | M] () -- \!!!Filmy 1\01-bijouterrier-intro_uryvok_zo_serialu_doma_na_poradku.mp3
[2006-06-05 23:18:29 | 006,493,959 | ---- | M] () -- \!!!Filmy 1\13 - Serial killer.mp3
[2005-06-07 20:11:18 | 000,000,018 | ---- | M] () -- \_Install\Grafika\AcdSEE.31\_serial.txt
[2003-11-07 14:44:04 | 000,006,844 | ---- | M] () -- \_Install\Office\SERIAL.NFO
[2011-01-19 14:28:48 | 000,270,336 | ---- | M] () -- \Program Files\KASTNER software\FORM studio CZ\ManagerISDS.XmlSerializers.dll
[2014-05-13 22:17:02 | 000,434,368 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.30514.0\System.Runtime.Serialization.dll
[2014-07-24 19:01:46 | 001,164,288 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.30514.0\System.Runtime.Serialization.ni.dll
[2014-07-09 23:14:57 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2009-02-19 02:11:23 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2009-03-31 19:04:50 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014-06-23 23:18:10 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2009-02-19 02:11:23 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2014-07-09 23:14:57 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2014-10-15 17:06:37 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\0c230d2ecb6492180563ea1811cae3d6\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014-10-15 17:07:00 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\0da6b8070bd799d25d8a0add408201e8\System.Runtime.Serialization.ni.dll
[2015-01-18 16:36:34 | 000,306,176 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\a94049de665f1854ea5df1a857b2c68f\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2015-01-18 16:36:34 | 000,000,440 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\a94049de665f1854ea5df1a857b2c68f\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2015-01-18 16:39:05 | 002,855,424 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\187177229c00aec6dec613ea4b9ff209\System.Runtime.Serialization.ni.dll
[2015-01-18 16:39:05 | 000,000,996 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\187177229c00aec6dec613ea4b9ff209\System.Runtime.Serialization.ni.dll.aux
[2015-01-18 21:20:30 | 000,025,600 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\ad0261438ff8f46e093faa717226ebef\System.Xml.Serialization.ni.dll
[2015-01-18 21:20:30 | 000,000,284 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\ad0261438ff8f46e093faa717226ebef\System.Xml.Serialization.ni.dll.aux
[2014-04-12 00:48:40 | 001,051,888 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\65FC11932FE9AB9348A62CB73DDC6058\4.5.51209\System.Runtime.Serialization.dll.x86
[2014-04-12 00:48:40 | 001,051,888 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\65FC11932FE9AB9348A62CB73DDC6058\4.5.51209\System.Runtime.Serialization.dll_gac_x86
[2013-09-11 22:33:38 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014-04-12 00:48:40 | 000,133,432 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2014-04-11 23:08:06 | 000,029,472 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Json\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Json.dll
[2014-04-11 23:08:06 | 000,029,512 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Primitives\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Primitives.dll
[2013-09-11 22:33:38 | 000,113,864 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2014-04-11 23:08:06 | 000,029,976 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Xml\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Xml.dll
[2014-07-23 00:17:44 | 001,050,840 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2014-04-11 23:08:06 | 000,045,800 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2014-04-11 23:08:06 | 000,029,928 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.XmlSerializer\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Xml.XmlSerializer.dll
[2014-06-23 23:18:10 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2009-03-31 19:04:50 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014-07-09 23:14:57 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2014-07-23 00:17:44 | 001,050,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2014-04-12 00:48:40 | 000,133,432 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2014-04-11 23:08:06 | 000,029,472 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Json.dll
[2014-04-11 23:08:06 | 000,029,512 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2014-04-11 23:08:06 | 000,029,976 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2014-04-11 23:08:06 | 000,045,800 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2014-04-11 23:08:06 | 000,029,928 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.XmlSerializer.dll
[2013-09-11 22:33:38 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013-09-11 22:33:38 | 000,113,864 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2008-01-19 08:36:21 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[3 \Windows\System32\*.tmp files -> \Windows\System32\*.tmp -> ]
[2007-01-08 22:04:49 | 000,005,632 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2008-01-19 06:49:35 | 000,083,456 | ---- | M] () -- \Windows\System32\drivers\serial.sys
[2007-01-08 22:04:55 | 000,004,096 | ---- | M] () -- \Windows\System32\drivers\cs-CZ\grserial.sys.mui
[2007-01-08 22:04:55 | 000,010,240 | ---- | M] () -- \Windows\System32\drivers\cs-CZ\serial.sys.mui
[2008-01-19 06:49:35 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\hiddigi.inf_33048ac2\serial.sys
[2006-11-02 09:51:30 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\hiddigi.inf_9d4661e2\serial.sys
[2006-11-02 08:41:49 | 001,010,560 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\mdmmotsm.inf_91bbdacd\smserial.sys
[2008-01-19 06:49:35 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_44880ea7\serial.sys
[2006-11-02 09:51:30 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_ac874de4\serial.sys
[2006-11-02 09:51:28 | 000,031,232 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_a24cc104\grserial.sys
[2008-01-19 06:49:33 | 000,031,232 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_bec36faa\grserial.sys
[2009-07-01 16:40:54 | 000,003,462 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.0.6002.18005_none_13a1062aa9ccba61.manifest
[2009-07-01 16:40:54 | 000,017,384 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.0.6002.18005_none_13a1062aa9ccba61_kdcom.dll_db5e7744
[2008-04-19 11:57:07 | 000,005,632 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_4e6ae191e3aac47c_serialui.dll.mui_7d29d2a3
[2009-07-01 16:41:49 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.0.6002.18005_none_f6ed1a9a1bcc8805_serialui.dll_bea29328
[2006-11-02 13:33:50 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6000.16386_none_d24e4473b7df83f3.manifest
[2008-06-23 03:05:53 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6000.16708_none_d2461403b7e6edc1.manifest
[2008-06-23 03:02:26 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6000.20864_none_bb7eca1fd1887f4d.manifest
[2008-01-18 23:05:26 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.18000_none_d222c62fb8372cbf.manifest
[2008-06-23 03:40:19 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.18096_none_d22b4019b82faa94.manifest
[2008-06-23 02:58:46 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.22208_none_bb54690bd1df5a1e.manifest
[2009-04-10 23:16:00 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.18005_none_d1fe4b6bb888c0d3.manifest
[2010-04-12 19:29:50 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.18239_none_d200f0e1b88673fe.manifest
[2012-10-08 17:24:13 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.18707_none_d1fe1cdfb888f64c.manifest
[2014-07-01 23:20:17 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.19134_none_d20164d3b885f0af.manifest
[2014-07-14 02:48:49 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.19142_none_d20292adb884d6c4.manifest
[2010-04-12 20:40:05 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.22380_none_bb39189bd2286c0e.manifest
[2012-10-08 16:03:48 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.22945_none_bb34a4b3d22c88bd.manifest
[2014-07-01 22:23:31 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.23436_none_bb33903bd22d8499.manifest
[2014-07-14 01:50:45 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.23445_none_bb34a74dd22c844f.manifest
[2007-01-08 22:01:12 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16386_cs-cz_5ff98b2cc72ba40d.manifest
[2006-11-02 13:39:55 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16386_en-us_bb16054302d6ef1f.manifest
[2008-06-23 03:30:17 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16708_en-us_bb0dd4d302de58ed.manifest
[2008-08-14 06:39:56 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16730_cs-cz_5ff511dac72f8cd8.manifest
[2008-06-23 03:23:53 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.20864_en-us_a4468aef1c7fea79.manifest
[2008-08-14 06:23:06 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.20895_cs-cz_492cfaeee0d2050d.manifest
[2008-01-19 03:14:26 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.18000_cs-cz_5fce0ce8c7834cd9.manifest
[2008-06-23 03:32:13 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.18096_en-us_baf300e9032715c0.manifest
[2008-08-14 09:36:16 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.18121_cs-cz_5fcff690c7819979.manifest
[2008-06-23 03:09:44 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.22208_en-us_a41c29db1cd6c54a.manifest
[2008-08-14 08:03:05 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.22243_cs-cz_490422d4e1275f6f.manifest
[2009-04-11 10:04:50 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18005_cs-cz_5fa99224c7d4e0ed.manifest
[2010-04-12 23:15:50 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18239_cs-cz_5fac379ac7d29418.manifest
[2010-04-12 18:44:55 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18239_en-us_bac8b1b1037ddf2a.manifest
[2012-10-08 20:37:20 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18707_cs-cz_5fa96398c7d51666.manifest
[2012-10-08 17:20:22 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18707_en-us_bac5ddaf03806178.manifest
[2014-07-02 00:14:29 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.19134_cs-cz_5facab8cc7d210c9.manifest
[2014-07-01 23:10:09 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.19134_en-us_bac925a3037d5bdb.manifest
[2014-07-14 04:31:05 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.19142_cs-cz_5fadd966c7d0f6de.manifest
[2014-07-14 02:42:29 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.19142_en-us_baca537d037c41f0.manifest
[2010-04-12 23:51:48 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.22380_cs-cz_48e45f54e1748c28.manifest
[2010-04-12 19:41:31 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.22380_en-us_a400d96b1d1fd73a.manifest
[2012-10-08 17:22:39 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.22945_cs-cz_48dfeb6ce178a8d7.manifest
[2012-10-08 16:00:20 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.22945_en-us_a3fc65831d23f3e9.manifest
[2014-07-02 00:23:06 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.23436_cs-cz_48ded6f4e179a4b3.manifest
[2014-07-01 22:17:43 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.23436_en-us_a3fb510b1d24efc5.manifest
[2014-07-14 04:15:40 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.23445_cs-cz_48dfee06e178a469.manifest
[2014-07-14 01:39:45 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.23445_en-us_a3fc681d1d23ef7b.manifest
[2006-11-02 13:33:50 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6000.16386_none_02917a0ddf868526.manifest
[2008-06-23 03:05:31 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6000.16708_none_0289499ddf8deef4.manifest
[2008-06-23 03:02:01 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6000.20864_none_ebc1ffb9f92f8080.manifest
[2008-01-18 23:04:20 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.18000_none_0265fbc9dfde2df2.manifest
[2008-06-23 03:39:55 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.18096_none_026e75b3dfd6abc7.manifest
[2008-06-23 02:58:14 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.22208_none_eb979ea5f9865b51.manifest
[2009-04-10 23:15:32 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.18005_none_02418105e02fc206.manifest
[2010-04-12 19:29:29 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.18239_none_0244267be02d7531.manifest
[2012-10-08 17:23:59 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.18707_none_02415279e02ff77f.manifest
[2014-07-01 23:20:09 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.19134_none_02449a6de02cf1e2.manifest
[2014-07-14 02:48:41 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.19142_none_0245c847e02bd7f7.manifest
[2010-04-12 20:39:45 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.22380_none_eb7c4e35f9cf6d41.manifest
[2012-10-08 16:03:34 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.22945_none_eb77da4df9d389f0.manifest
[2014-07-01 22:23:24 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.23436_none_eb76c5d5f9d485cc.manifest
[2014-07-14 01:50:38 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.23445_none_eb77dce7f9d38582.manifest
[2006-11-02 11:18:20 | 000,003,462 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.0.6000.16386_none_0f7ecb22afbfde41.manifest
[2008-01-18 23:01:04 | 000,003,462 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.0.6001.18000_none_11b58d1eacaaef15.manifest
[2009-04-10 23:13:32 | 000,003,462 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.0.6002.18005_none_13a1062aa9ccba61.manifest
[2006-11-02 11:02:09 | 000,001,406 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.0.6000.16386_none_2a8610ec098ae6c4.manifest
[2006-11-02 13:33:50 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6000.16386_none_076c25db205d1f68.manifest
[2008-06-23 03:08:38 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6000.16708_none_0763f56b20648936.manifest
[2008-06-23 03:05:46 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6000.20864_none_f09cab873a061ac2.manifest
[2008-01-18 23:13:44 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.18000_none_0740a79720b4c834.manifest
[2008-06-23 03:43:41 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.18096_none_0749218120ad4609.manifest
[2008-06-23 03:02:24 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.22208_none_f0724a733a5cf593.manifest
[2009-04-10 23:18:56 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.18005_none_071c2cd321065c48.manifest
[2010-04-12 19:32:33 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.18239_none_071ed24921040f73.manifest
[2012-10-08 17:26:11 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.18707_none_071bfe47210691c1.manifest
[2014-07-01 23:21:17 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.19134_none_071f463b21038c24.manifest
[2014-07-14 02:49:45 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.19142_none_0720741521027239.manifest
[2010-04-12 20:42:39 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.22380_none_f056fa033aa60783.manifest
[2012-10-08 16:05:32 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.22945_none_f052861b3aaa2432.manifest
[2014-07-01 22:24:24 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.23436_none_f05171a33aab200e.manifest
[2014-07-14 01:51:36 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.23445_none_f05288b53aaa1fc4.manifest
[2006-10-20 02:14:53 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6000.16386_none_483e6ea12378b3a8\System.Runtime.Serialization.Formatters.Soap.dll
[2008-07-27 19:00:27 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6000.16720_none_4838f505237d831c\System.Runtime.Serialization.Formatters.Soap.dll
[2008-07-27 18:55:55 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6000.20883_none_31710ba93d1fc80f\System.Runtime.Serialization.Formatters.Soap.dll
[2008-01-05 12:26:58 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6001.18000_none_4812f05d23d05c74\System.Runtime.Serialization.Formatters.Soap.dll
[2008-07-27 19:03:15 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6001.18111_none_4813d9bb23cf8fbd\System.Runtime.Serialization.Formatters.Soap.dll
[2008-07-27 18:58:35 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6001.22230_none_31484a573d7508d0\System.Runtime.Serialization.Formatters.Soap.dll
[2009-03-30 05:42:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6002.18005_none_47ee75992421f088\System.Runtime.Serialization.Formatters.Soap.dll
[2014-06-23 23:18:10 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6002.19134_none_47f18f01241f2064\System.Runtime.Serialization.Formatters.Soap.dll
[2014-06-23 23:18:07 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6002.23436_none_3123ba693dc6b44e\System.Runtime.Serialization.Formatters.Soap.dll
[2007-01-08 22:03:07 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.0.6000.16386_cs-cz_0167850d1d10bca1\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008-09-12 23:57:47 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.0.6000.16754_cs-cz_0164b12f1d133e9e\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008-09-12 23:56:42 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.0.6000.20921_cs-cz_ea944dc536bd060d\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008-01-05 12:27:19 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.0.6001.18000_cs-cz_013c06c91d68656d\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008-09-15 23:24:37 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.0.6001.18145_cs-cz_013f95e51d654b3f\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008-09-15 23:25:16 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.0.6001.22269_cs-cz_ea739499370b4477\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009-03-31 19:04:50 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.0.6002.18005_cs-cz_01178c051db9f981\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009-03-31 19:04:50 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.0.6002.19134_cs-cz_011aa56d1db7295d\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009-03-31 19:04:50 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.0.6002.23436_cs-cz_ea4cd0d5375ebd47\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2006-11-02 13:36:03 | 000,888,832 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6000.16386_none_d24e4473b7df83f3\System.Runtime.Serialization.dll
[2008-06-20 02:17:50 | 000,966,656 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6000.16708_none_d2461403b7e6edc1\System.Runtime.Serialization.dll
[2008-06-20 02:12:45 | 000,966,656 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6000.20864_none_bb7eca1fd1887f4d\System.Runtime.Serialization.dll
[2008-01-05 12:21:39 | 000,929,792 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.18000_none_d222c62fb8372cbf\System.Runtime.Serialization.dll
[2008-06-20 02:14:31 | 000,966,656 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.18096_none_d22b4019b82faa94\System.Runtime.Serialization.dll
[2008-06-20 02:13:19 | 000,966,656 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.22208_none_bb54690bd1df5a1e\System.Runtime.Serialization.dll
[2009-02-18 19:38:43 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.18005_none_d1fe4b6bb888c0d3\System.Runtime.Serialization.dll
[2010-04-12 13:21:15 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.18239_none_d200f0e1b88673fe\System.Runtime.Serialization.dll
[2012-10-08 12:01:09 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.18707_none_d1fe1cdfb888f64c\System.Runtime.Serialization.dll
[2014-06-26 23:17:19 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.19134_none_d20164d3b885f0af\System.Runtime.Serialization.dll
[2014-07-09 23:14:57 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.19142_none_d20292adb884d6c4\System.Runtime.Serialization.dll
[2010-04-12 13:22:49 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.22380_none_bb39189bd2286c0e\System.Runtime.Serialization.dll
[2012-10-08 11:59:43 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.22945_none_bb34a4b3d22c88bd\System.Runtime.Serialization.dll
[2014-06-20 23:17:55 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.23436_none_bb33903bd22d8499\System.Runtime.Serialization.dll
[2014-07-10 23:16:50 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.23445_none_bb34a74dd22c844f\System.Runtime.Serialization.dll
[2007-01-08 22:05:25 | 000,081,920 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16386_cs-cz_5ff98b2cc72ba40d\System.RunTime.Serialization.Resources.dll
[2008-08-12 23:12:07 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16730_cs-cz_5ff511dac72f8cd8\System.RunTime.Serialization.Resources.dll
[2008-08-12 23:12:26 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.20895_cs-cz_492cfaeee0d2050d\System.RunTime.Serialization.Resources.dll
[2008-01-05 12:27:23 | 000,086,016 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.18000_cs-cz_5fce0ce8c7834cd9\System.RunTime.Serialization.Resources.dll
[2008-08-12 23:15:53 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.18121_cs-cz_5fcff690c7819979\System.RunTime.Serialization.Resources.dll
[2008-08-12 23:16:19 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.22243_cs-cz_490422d4e1275f6f\System.RunTime.Serialization.Resources.dll
[2009-02-19 02:11:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18005_cs-cz_5fa99224c7d4e0ed\System.RunTime.Serialization.Resources.dll
[2009-02-19 02:11:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18239_cs-cz_5fac379ac7d29418\System.RunTime.Serialization.Resources.dll
[2009-02-19 02:11:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18707_cs-cz_5fa96398c7d51666\System.RunTime.Serialization.Resources.dll
[2009-02-19 02:11:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.19134_cs-cz_5facab8cc7d210c9\System.RunTime.Serialization.Resources.dll
[2009-02-19 02:11:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.19142_cs-cz_5fadd966c7d0f6de\System.RunTime.Serialization.Resources.dll
[2009-02-19 02:11:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.22380_cs-cz_48e45f54e1748c28\System.RunTime.Serialization.Resources.dll
[2009-02-19 02:11:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.22945_cs-cz_48dfeb6ce178a8d7\System.RunTime.Serialization.Resources.dll
[2009-02-19 02:11:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.23436_cs-cz_48ded6f4e179a4b3\System.RunTime.Serialization.Resources.dll
[2009-02-19 02:11:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.23445_cs-cz_48dfee06e178a469\System.RunTime.Serialization.Resources.dll
[2006-11-02 13:36:03 | 000,888,832 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6000.16386_none_02917a0ddf868526\System.Runtime.Serialization.dll
[2008-06-20 02:17:48 | 000,966,656 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6000.16708_none_0289499ddf8deef4\System.Runtime.Serialization.dll
[2008-06-20 02:12:43 | 000,966,656 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6000.20864_none_ebc1ffb9f92f8080\System.Runtime.Serialization.dll
[2008-01-05 12:21:38 | 000,929,792 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.18000_none_0265fbc9dfde2df2\System.Runtime.Serialization.dll
[2008-06-20 02:14:29 | 000,966,656 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.18096_none_026e75b3dfd6abc7\System.Runtime.Serialization.dll
[2008-06-20 02:13:17 | 000,966,656 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.22208_none_eb979ea5f9865b51\System.Runtime.Serialization.dll
[2009-02-18 19:38:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.18005_none_02418105e02fc206\System.Runtime.Serialization.dll
[2010-04-12 13:21:01 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.18239_none_0244267be02d7531\System.Runtime.Serialization.dll
[2012-10-08 12:01:03 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.18707_none_02415279e02ff77f\System.Runtime.Serialization.dll
[2014-06-26 23:17:18 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.19134_none_02449a6de02cf1e2\System.Runtime.Serialization.dll
[2014-07-09 23:14:57 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.19142_none_0245c847e02bd7f7\System.Runtime.Serialization.dll
[2010-04-12 13:22:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.22380_none_eb7c4e35f9cf6d41\System.Runtime.Serialization.dll
[2012-10-08 11:59:29 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.22945_none_eb77da4df9d389f0\System.Runtime.Serialization.dll
[2014-06-20 23:17:55 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.23436_none_eb76c5d5f9d485cc\System.Runtime.Serialization.dll
[2014-07-10 23:16:50 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.23445_none_eb77dce7f9d38582\System.Runtime.Serialization.dll
[2007-01-08 22:04:55 | 000,010,240 | ---- | M] () -- \Windows\winsxs\x86_hiddigi.inf.resources_31bf3856ad364e35_6.0.6000.16386_cs-cz_f15fa7f9f28d5343\serial.sys.mui
[2008-01-19 06:49:35 | 000,083,456 | ---- | M] () -- \Windows\winsxs\x86_hiddigi.inf_31bf3856ad364e35_6.0.6001.18000_none_955c449145dbf667\serial.sys
[2007-01-08 22:04:20 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.0.6000.16386_cs-cz_bdf5a8f7ae6b024a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008-09-12 23:57:47 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.0.6000.16754_cs-cz_be141fbfae547065\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008-09-12 23:56:42 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.0.6000.20921_cs-cz_bebb2d56c75c6d7e\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008-01-05 12:27:19 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_c02c6af3ab56131e\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008-09-15 23:24:37 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.0.6001.18145_cs-cz_c0062e9bab71febc\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008-09-15 23:25:16 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.0.6001.22269_cs-cz_c07e2cb6c49c3bc4\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009-03-31 19:04:50 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.0.6002.18005_cs-cz_c217e3ffa877de6a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009-03-31 19:04:50 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.0.6002.19134_cs-cz_c1f65f0fa8912fae\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009-03-31 19:04:50 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.0.6002.23436_cs-cz_c282003ac1acfc74\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2007-01-08 22:04:49 | 000,005,632 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.0.6000.16386_cs-cz_4c341f95e6bfb3a8\serialui.dll.mui
[2007-01-08 22:04:49 | 000,005,632 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_4e6ae191e3aac47c\serialui.dll.mui
[2006-11-02 10:46:12 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.0.6000.16386_none_f2cadf9221bfabe5\serialui.dll
[2008-01-19 08:36:21 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.0.6001.18000_none_f501a18e1eaabcb9\serialui.dll
[2008-01-19 08:36:21 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.0.6002.18005_none_f6ed1a9a1bcc8805\serialui.dll
[2007-01-08 22:05:22 | 000,081,920 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6000.16386_cs-cz_5b3d50955593c887\System.RunTime.Serialization.Resources.dll
[2008-08-12 23:12:07 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6000.16730_cs-cz_5b6d660d55709964\System.RunTime.Serialization.Resources.dll
[2008-08-12 23:12:26 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6000.20895_cs-cz_5bbb24c26eba5f87\System.RunTime.Serialization.Resources.dll
[2008-01-05 12:27:23 | 000,086,016 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_5d741291527ed95b\System.RunTime.Serialization.Resources.dll
[2008-08-12 23:15:53 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6001.18121_cs-cz_5d5f74e9528e27bb\System.RunTime.Serialization.Resources.dll
[2008-08-12 23:16:19 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6001.22243_cs-cz_5dd572706bba3215\System.RunTime.Serialization.Resources.dll
[2009-02-19 02:11:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6002.18005_cs-cz_5f5f8b9d4fa0a4a7\System.RunTime.Serialization.Resources.dll
[2009-02-19 02:11:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6002.19134_cs-cz_5f3e06ad4fb9f5eb\System.RunTime.Serialization.Resources.dll
[2009-02-19 02:11:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6002.23436_cs-cz_5fc9a7d868d5c2b1\System.RunTime.Serialization.Resources.dll
[2007-01-08 22:03:22 | 000,010,240 | ---- | M] () -- \Windows\winsxs\x86_msports.inf.resources_31bf3856ad364e35_6.0.6000.16386_cs-cz_c27f608a4f515351\serial.sys.mui
[2008-01-19 06:49:35 | 000,083,456 | ---- | M] () -- \Windows\winsxs\x86_msports.inf_31bf3856ad364e35_6.0.6001.18000_none_f897b0b1b85e4433\serial.sys
[2007-01-08 22:04:55 | 000,004,096 | ---- | M] () -- \Windows\winsxs\x86_smartcrd.inf.resources_31bf3856ad364e35_6.0.6000.16386_cs-cz_b4070b50f198e261\grserial.sys.mui
[2008-01-19 06:49:33 | 000,031,232 | ---- | M] () -- \Windows\winsxs\x86_smartcrd.inf_31bf3856ad364e35_6.0.6001.18000_none_72a9e15f343dcd03\grserial.sys
[2006-11-02 13:36:02 | 000,888,832 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6000.16386_none_076c25db205d1f68\System.Runtime.Serialization.dll
[2008-06-20 02:17:48 | 000,966,656 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6000.16708_none_0763f56b20648936\System.Runtime.Serialization.dll
[2008-06-20 02:12:43 | 000,966,656 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6000.20864_none_f09cab873a061ac2\System.Runtime.Serialization.dll
[2008-01-05 12:21:38 | 000,929,792 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.18000_none_0740a79720b4c834\System.Runtime.Serialization.dll
[2008-06-20 02:14:29 | 000,966,656 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.18096_none_0749218120ad4609\System.Runtime.Serialization.dll
[2008-06-20 02:13:17 | 000,966,656 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.22208_none_f0724a733a5cf593\System.Runtime.Serialization.dll
[2009-02-18 19:38:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.18005_none_071c2cd321065c48\System.Runtime.Serialization.dll
[2010-04-12 13:21:01 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.18239_none_071ed24921040f73\System.Runtime.Serialization.dll
[2012-10-08 12:01:03 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.18707_none_071bfe47210691c1\System.Runtime.Serialization.dll
[2014-06-26 23:17:18 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.19134_none_071f463b21038c24\System.Runtime.Serialization.dll
[2014-07-09 23:14:57 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.19142_none_0720741521027239\System.Runtime.Serialization.dll
[2010-04-12 13:22:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.22380_none_f056fa033aa60783\System.Runtime.Serialization.dll
[2012-10-08 11:59:29 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.22945_none_f052861b3aaa2432\System.Runtime.Serialization.dll
[2014-06-20 23:17:55 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.23436_none_f05171a33aab200e\System.Runtime.Serialization.dll
[2014-07-10 23:16:50 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.23445_none_f05288b53aaa1fc4\System.Runtime.Serialization.dll

< *w7lxe* /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 5384 bytes -> C:\Windows\winsxs\x86_microsoft-windows-p..rastructureconsumer_31bf3856ad364e35_6.0.6002.18005_none_b5c807ab2d93d829\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh
@Alternate Data Stream - 5384 bytes -> C:\Windows\winsxs\x86_microsoft-windows-p..rastructureconsumer_31bf3856ad364e35_6.0.6001.18000_none_b3dc8e9f30720cdd\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh
@Alternate Data Stream - 5384 bytes -> C:\Windows\winsxs\x86_microsoft-windows-p..rastructureconsumer_31bf3856ad364e35_6.0.6000.16386_none_b1a5cca33386fc09\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh
@Alternate Data Stream - 5384 bytes -> C:\Windows\PLA\System\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh
@Alternate Data Stream - 231 bytes -> C:\ProgramData\TEMP:15B79D44
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:59756FA4

< End of report >

Red Fin · #21 Příspěvek od **Red Fin** » 19 led 2015 18:23

OTL Extras logfile created on: 2015-01-19 17:27:18 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Milan Obešlo\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: yyyy-MM-dd

3.25 Gb Total Physical Memory | 1.38 Gb Available Physical Memory | 42.49% Memory free
6.72 Gb Paging File | 4.80 Gb Available in Paging File | 71.49% Paging File free
Paging file location(s): ?:\pagefile.sys

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 205.68 Gb Total Space | 65.30 Gb Free Space | 31.75% Space Free | Partition Type: NTFS
Drive E: | 725.83 Gb Total Space | 549.69 Gb Free Space | 75.73% Space Free | Partition Type: NTFS
Drive F: | 149.05 Gb Total Space | 29.32 Gb Free Space | 19.67% Space Free | Partition Type: NTFS
Drive N: | 465.76 Gb Total Space | 86.75 Gb Free Space | 18.63% Space Free | Partition Type: NTFS

Computer Name: PCQUAD | User Name: Milan Obešlo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 1
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{599894EB-0FD9-4ACC-82C3-83382AD91F94}" = lport=4114 | protocol=6 | dir=in | name=dccz++ |
"{FE52E829-EFEB-444C-843B-49EAA6024801}" = lport=1158 | protocol=6 | dir=in | name=dccz++ |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{16931813-74FB-47C0-8910-5FF6A96A91C6}" = protocol=17 | dir=in | app=c:\program files\opera\pluginwrapper\opera_plugin_wrapper.exe |
"{8A9F125F-FC49-4C55-A038-D2DA6F98F5A8}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{978B8ABD-3C53-48B7-BC58-D4A89CC23AF8}" = protocol=6 | dir=in | app=c:\users\milan obešlo\appdata\roaming\utorrent\utorrent.exe |
"{A5C33381-3D1D-4154-8FDC-1538015CF1C0}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{BE4F8BF8-DA27-4FB5-B52C-A3602E62A865}" = protocol=6 | dir=in | app=c:\program files\opera\pluginwrapper\opera_plugin_wrapper.exe |
"{DA61A606-27B1-490A-8A03-4DA8F45E9F35}" = protocol=6 | dir=in | app=c:\users\milan obešlo\appdata\roaming\utorrent\utorrent.exe |
"{E8E69E9C-E02C-4713-B5AF-E93B5E12323F}" = protocol=17 | dir=in | app=c:\users\milan obešlo\appdata\roaming\utorrent\utorrent.exe |
"{FEB1E834-2484-415A-B475-9E7F7C7423D5}" = protocol=17 | dir=in | app=c:\users\milan obešlo\appdata\roaming\utorrent\utorrent.exe |
"TCP Query User{2EC74109-786D-4A3C-9C86-1B8D726E5E22}C:\program files\winfast\wfdtv\dvbtap.exe" = protocol=6 | dir=in | app=c:\program files\winfast\wfdtv\dvbtap.exe |
"TCP Query User{4961EDF6-285C-4EA4-B712-0B8B6BFE9B61}C:\program files\gigabyte\energysaver\gbtupd.exe" = protocol=6 | dir=in | app=c:\program files\gigabyte\energysaver\gbtupd.exe |
"TCP Query User{4DEF16DB-4570-4E43-A6D6-2AE24A1BB83D}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{71F88F4C-8560-479E-B903-2EED35A0E91B}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{8FD6D9EE-B13C-47EA-BEA5-DDD6F5217151}C:\program files\winfast\wfdtv\dvbtap.exe" = protocol=6 | dir=in | app=c:\program files\winfast\wfdtv\dvbtap.exe |
"TCP Query User{A0112181-9719-4772-A29A-66C68CB01870}C:\program files\totalcmd\totalcmd.exe" = protocol=6 | dir=in | app=c:\program files\totalcmd\totalcmd.exe |
"TCP Query User{C280CCA3-43E6-4D8A-9A23-4DE127FBA2F8}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{D9139E33-8618-47EF-810A-063A50BE67C3}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"UDP Query User{2A99A56B-777C-426E-A3E3-744EC6547D7C}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{2B460883-5C5D-464F-86FA-8BC53B04D433}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"UDP Query User{3599B9A6-EB1B-49D9-8EB2-9BB6BD21FBBC}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{37551712-14F6-4B7F-A0C9-35B73B561AFD}C:\program files\gigabyte\energysaver\gbtupd.exe" = protocol=17 | dir=in | app=c:\program files\gigabyte\energysaver\gbtupd.exe |
"UDP Query User{55424CA2-84D0-4728-BCFB-B05BFE6E5E71}C:\program files\totalcmd\totalcmd.exe" = protocol=17 | dir=in | app=c:\program files\totalcmd\totalcmd.exe |
"UDP Query User{AD4891B2-449F-4F20-BC28-1A9188E7AB05}C:\program files\winfast\wfdtv\dvbtap.exe" = protocol=17 | dir=in | app=c:\program files\winfast\wfdtv\dvbtap.exe |
"UDP Query User{B96F546C-B60E-4DA0-B796-D49F0DFF13AB}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{DDFD1507-8984-438A-B81A-19A8B15B38A4}C:\program files\winfast\wfdtv\dvbtap.exe" = protocol=17 | dir=in | app=c:\program files\winfast\wfdtv\dvbtap.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{001E7FB6-BB6B-4ED0-BEDC-B5404ED96D4E}" = DocProc
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00F93853-D9D3-4795-A89E-84CCBA0205C9}" = Microsoft IntelliPoint 8.0
"{0673654C-5296-453B-9798-B61CD7E03FEB}" = SES Driver
"{07EEE598-5F21-4B57-B40B-46592625B3D9}" = Zune Language Pack (PTB)
"{0906982B-A432-4C06-8F01-C01BE1143779}" = Nokia Connectivity Cable Driver
"{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}" = OpenOffice.org Installer 1.0
"{10E1E87C-656C-4D08-86D6-5443D28583BE}" = TrayApp
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{123F4E9B-80E6-3A84-BDD4-3CB3AC59ABF0}" = Microsoft .NET Framework 4.5.1 (CSY)
"{13F00518-807A-4B3A-83B0-A7CD90F3A398}" = MarketResearch
"{1753255A-0AEB-4220-8C75-607B73F0C133}" = Copy
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{22466889-7642-488d-AA0E-F619704CF7AB}" = DeviceDiscovery
"{2315B23D-3E21-4920-837D-AE6460934ECB}" = FIFA 09
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 55
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{29FA38B4-0AE4-4D0D-8A51-6165BB990BB0}" = WebReg
"{2A9DFFD8-4E09-4B91-B957-454805B0D7C4}" = Zune Language Pack (CHS)
"{2F28B3C9-2C89-4206-8B33-8ADC9577C49B}" = Scan
"{3589A659-F732-4E65-A89A-5438C332E59D}" = Zune Language Pack (ELL)
"{3911CF56-9EF2-39BA-846A-C27BD3CD0685}" = Microsoft .NET Framework 4.5.2
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{418EC9DD-25EE-4C3F-8827-B7AA9B26405B}" = WinFast Multimedia Driver Installation
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}" = FontNav
"{505AFDC0-5E72-4928-8368-5DEA385E3647}" = CorelDRAW Graphics Suite 12
"{51C839E1-2BE4-4E77-A1BA-CCEA5DAFA741}" = Zune Language Pack (KOR)
"{543E938C-BDC4-4933-A612-01293996845F}" = UnloadSupport
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57C51D56-B287-4C11-9192-EC3C46EF76A4}" = Zune Language Pack (RUS)
"{5C93E291-A1CC-4E51-85C6-E194209FCDB4}" = Zune Language Pack (PTG)
"{5DEFD397-4012-46C3-B6DA-E8013E660772}" = Zune Language Pack (NOR)
"{636C0A11-5367-4A50-B311-98EE1889341C}" = Pro100 v4.51
"{65883ddf-2152-4cb7-8e13-b99194b13498}" = Nero BackItUp
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{6740BCB0-5863-47F4-80F4-44F394DE4FE2}" = Zune Language Pack (NLD)
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6B33492E-FBBC-4EC3-8738-09E16E395A10}" = Zune Language Pack (ESP)
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6EB931CD-A7DA-4A44-B74A-89C8EB50086F}" = Zune Language Pack (SVE)
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{74F541C8-EB78-4606-8234-0955ED803787}" = TurboFLOORPLAN Dum & Interiér & Zahrada Pro v12
"{75c53f52-398b-4d66-b28a-f9ef170b3b34}" = Nero BackItUp
"{76BA306B-2AA0-47C0-AB6B-F313AB56C136}" = Zune Language Pack (MSL)
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{7C5123A9-30A8-4C44-89CA-A8C87A1FCC91}" = CorelDRAW Graphics Suite X3
"{7ED169D4-5053-4166-93DF-53B12AE6C539}" = Energy Saver Advance B9.0904.1
"{824D3839-DAA1-4315-A822-7AE3E620E528}" = VideoToolkit01
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8389382B-53BA-4A87-8854-91E3D80A5AC7}" = HP Photosmart Essential2.01
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows Vista and Later
"{8960A0A1-BB5A-479E-92CF-65AB9D684B43}" = Zune Language Pack (PLK)
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B112338-2B08-4851-AF84-E7CAD74CEB32}" = Zune Language Pack (DAN)
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{8E9E145D-ACC5-47D4-9EB9-BAE9A1892A7D}" = Tajima DG/ML By Pulse Ambassador
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0405-0000-0000000FF1CE}" = Sada Compatibility Pack pro systém Office 2007
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91C0B95B-B83A-4828-A775-BBE2DD421029}" = Nero 7 Essentials
"{92ECE3F9-591E-4C12-8A62-B9FCE38BF646}" = Zune Language Pack (IND)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.5.1 (čeština)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.2
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B75648B-6C30-4A0D-9DE6-0D09D20AF5A5}" = Zune
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A5457401-D56A-43F2-9524-78E54A7FC07A}" = SlimDrivers
"{A5A53EA8-A11E-49F0-BDF5-AE536426A31A}" = Zune Language Pack (CHT)
"{A8F2E50B-86E2-4D96-9BD2-9758BCC6F9B3}" = Zune Language Pack (CSY)
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime
"{AB40272D-92AB-4F30-B36B-22EDE16F8FE5}" = HP Update
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-0804-1033-1959-001802114130}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.13) - Czech
"{ACA85783-8EEA-4f0a-B2A3-A8173F30209F}" = C4200_doccd
"{ADB1EEBA-43DD-40C5-B753-F476158EA85E}" = WinFast DTV1800 H Driver
"{AEA07F97-9088-497c-8821-0F36BD5DC251}" = HPProductAssistant
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AF7EBCA4-9FAF-4DC8-8D09-67854BB84D34}" = RealDownloader
"{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan
"{B09BCBF6-87EE-4403-A336-3A9510856535}" = HP Photosmart All-In-One Software 9.0
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 331.65
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 331.65
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Ovladač řídící jednotky 3D Vision 310.90
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.12.1031
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B4870774-5F3A-46D9-9DFE-06FB5599E26B}" = Zune Language Pack (FIN)
"{B74C2C9C-53F5-42C7-AC99-A581B7B0684C}" = ESET NOD32 Antivirus
"{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}" = HPSSupply
"{BA52A7B6-4068-4B4A-A215-1A97482FA645}" = Document Express DjVu Plug-in
"{BA58C040-B206-41BB-92CF-D0A2975477BB}" = Mariáš 3.1
"{BA77F9D2-CD35-41EB-9BC9-769879DFF8A6}" = PC Connectivity Solution
"{BCD6CD1A-0DBE-412E-9F25-3B500D1E6BA1}" = SolutionCenter
"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
"{BE236D9A-52EC-4A17-82DA-84B5EAD31E3E}" = Zune Language Pack (DEU)
"{BE9880CD-73A9-4EFD-83E5-4BB38D48E2BD}" = Tisk HP Smart Web
"{BFDE4176-5DFE-4db9-AA00-8F30CB001BDA}" = c4200_Help
"{C39E671D-0528-4c5e-A034-8470C5BC393A}" = C4200
"{C5961323-A2E5-4FAB-B92D-DBF6C282F0F5}" = Logitech Gaming Software 5.01
"{C5D37FFA-7483-410B-982B-91E93FD3B7DA}" = Zune Language Pack (ITA)
"{C68D33B1-0204-4EBE-BC45-A6E432B1D13A}" = Zune Language Pack (FRA)
"{C6BE19C6-B102-4038-B2A6-1C313872DBB4}" = Zune Language Pack (HUN)
"{C92C584E-C781-475E-A8E2-C67D993A6B95}" = WinFast PVR2
"{C94E45B0-6AA6-4FB9-9AAE-22085F631880}" = VBA
"{C9C98621-6BFB-4C21-B64D-ACBDE49C2208}" = PE-DESIGN Ver7
"{CAAB0192-5704-469F-A0BE-2D842D70E93B}_is1" = Sothink FLV Player
"{CB4AA454-DCF6-47EB-B1EC-3CBFFDBFC96D}" = SPAMfighter
"{CCF7074B-BE72-44E1-9CAC-3FFAC582C692}" = CZ
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E}" = Destination Component
"{D72601C5-3960-4093-8DC0-6A4C44553A56}" = VideoMate X-Series Driver
"{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"{D8A781C9-3892-4E2E-9320-480CF896CFBB}" = Zune Language Pack (JPN)
"{D8B7A682-20DA-4797-8415-B1FB14D4D32B}" = PS_AIO_Software
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{E2662C24-B31E-4349-A084-32EB76E8B760}" = BufferChm
"{E28750A2-45F2-4b63-99F7-9F81A94B1E2D}" = PS_AIO_Software_min
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
"{E9C18EBD-85BE-47D0-AA73-3FEDCC976B04}" = Toolbox
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F2CB8C3C-9C9E-4FAB-9067-655601C5F748}" = Windows Mobile Device Updater Component
"{f4041dce-3fe1-4e18-8a9e-9de65231ee36}" = Nero ControlCenter
"{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}" = Update Manager
"{F72E2DDC-3DB8-4190-A21D-63883D955FE7}" = PSSWCORE
"{fb3afdce-bca3-46a8-bd1b-83473d7ef62a}" = Nero BackItUp 4 Essentials
"{FD7F242B-9AA0-40c3-941E-3A9821D19C09}" = PS_AIO_ProductContext
"{FD8D8B04-BEAD-4A55-AA1D-62D2373E7DEA}" = Status
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382" = Balíček ovladače systému Windows - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0)
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player NPAPI" = Adobe Flash Player 16 NPAPI
"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE
"Avidemux 2.5" = Avidemux 2.5
"CCleaner" = CCleaner
"DVDx_is1" = DVDx
"Easy CD-DA Extractor 16" = Easy CD-DA Extractor 16
"Easy CD-DA Extractor 2010" = Easy CD-DA Extractor 2010
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Family Tree Builder" = MyHeritage Family Tree Builder
"Free MP3 Cutter and Editor_is1" = Free MP3 Cutter and Editor 2.6
"FSCZ_is1" = FORM studio
"Gadwin PrintScreen" = Gadwin PrintScreen
"Hard Disk Sentinel_is1" = Hard Disk Sentinel PRO
"HijackThis" = HijackThis 2.0.2
"HP Imaging Device Functions" = HP Imaging Device Functions 9.0
"HP Photosmart Essential" = HP Photosmart Essential 2.01
"HP Smart Web Printing" = HP Smart Web Printing
"HP Solution Center & Imaging Support Tools" = HP Solution Center 9.0
"HPExtendedCapabilities" = HP Customer Participation Program 9.0
"HPOCR" = HP OCR Software 9.0
"InstallShield_{8E9E145D-ACC5-47D4-9EB9-BAE9A1892A7D}" = Tajima DG/ML By Pulse Ambassador
"InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"IrfanView" = IrfanView (remove only)
"JPEG Resampler_is1" = JPEG Resampler Vs 5.0
"KitchenDraw 4.5" = KitchenDraw 4.5
"KLiteCodecPack_is1" = K-Lite Codec Pack 10.0.5 Basic
"KWorld DVBT 100 BDA Driver_is1" = KWorld DVBT 100 BDA Driver
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware verze 2.0.4.1028
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 10.0.2 (x86 cs)" = Mozilla Firefox 10.0.2 (x86 cs)
"MPEG Video Wizard DVD" = MPEG Video Wizard DVD
"MSConfig CleanUp_is1" = MSConfig CleanUp 1.2
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"Opera 12.00.1467" = Opera 12.00
"Pošta a kancelář 3_is1" = Pošta a kancelář 3.8
"PowerISO" = PowerISO
"PRO100 Demo verze 5_is1" = PRO100 verze 5.20 Demo
"Qliner Hotkeys" = Qliner Hotkeys 2.0
"RajcePhotoDownloader_is1" = RajcePhotoDownloader
"RealPlayer 16.0" = RealPlayer
"Recepturní systém SATURNIN - RTP" = Recepturní systém SATURNIN - RTP
"Revo Uninstaller" = Revo Uninstaller 1.95
"RocketDock_is1" = RocketDock 1.3.5
"Rodokmen Pro_is1" = Rodokmen Pro 2.1.1
"Shop for HP Supplies" = Shop for HP Supplies
"SPAMfighter" = SPAMfighter
"Totalcmd" = Total Commander (Remove or Repair)
"TSR Watermark Image - Free version_is1" = TSR Watermark Image software version 2.3.1.7 - Free version
"VLC media player" = VLC media player 2.1.3
"WinRAR archiver" = WinRAR
"XviD MPEG4 Video Codec" = XviD MPEG4 Video Codec (remove only)
"ZonerPhotoStudio11_CZ_is1" = Zoner Photo Studio 11
"Zune" = Zune

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2124181350-2115944497-1007344975-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"uTorrent" = µTorrent

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2124181350-2115944497-1007344975-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"uTorrent" = µTorrent

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 2015-01-16 11:46:55 | Computer Name = PCquad | Source = WinDefendRtp | ID = 3003
Description = Kontrolní bod ochrany v reálném čase programu %%827 zjistil chybu
a nepodařilo se jej spustit. Uživatel: PCquad\Milan Obešlo Kontrolní bod: 1 Kód chyby:
0x80070005 Popis chyby: Přístup byl odepřen.

Error - 2015-01-16 11:47:06 | Computer Name = PCquad | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Windows\Installer\{AF7EBCA4-9FAF-4DC8-8D09-67854BB84D34}\recordingmanager.exe
se nezdařilo. Závislé sestavení rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 2015-01-17 03:19:10 | Computer Name = PCquad | Source = WinDefendRtp | ID = 3003
Description = Kontrolní bod ochrany v reálném čase programu %%827 zjistil chybu
a nepodařilo se jej spustit. Uživatel: PCquad\Milan Obešlo Kontrolní bod: 1 Kód chyby:
0x80070005 Popis chyby: Přístup byl odepřen.

Error - 2015-01-17 03:19:20 | Computer Name = PCquad | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Windows\Installer\{AF7EBCA4-9FAF-4DC8-8D09-67854BB84D34}\recordingmanager.exe
se nezdařilo. Závislé sestavení rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 2015-01-17 08:17:18 | Computer Name = PCquad | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Windows\Installer\{AF7EBCA4-9FAF-4DC8-8D09-67854BB84D34}\recordingmanager.exe
se nezdařilo. Závislé sestavení rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 2015-01-18 03:22:42 | Computer Name = PCquad | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Windows\Installer\{AF7EBCA4-9FAF-4DC8-8D09-67854BB84D34}\recordingmanager.exe
se nezdařilo. Závislé sestavení rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 2015-01-18 12:52:34 | Computer Name = PCquad | Source = EventSystem | ID = 4621
Description =

Error - 2015-01-18 12:55:56 | Computer Name = PCquad | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Windows\Installer\{AF7EBCA4-9FAF-4DC8-8D09-67854BB84D34}\recordingmanager.exe
se nezdařilo. Závislé sestavení rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 2015-01-18 13:36:02 | Computer Name = PCquad | Source = Application Hang | ID = 1002
Description = Program WinMail.exe verze 6.0.6001.18000 přestal spolupracovat se
systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Oznámení a řešení
problémů. ID procesu: 1300 Čas zahájení: 01d03344f33eb42d Čas ukončení: 11

Error - 2015-01-19 10:26:30 | Computer Name = PCquad | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Windows\Installer\{AF7EBCA4-9FAF-4DC8-8D09-67854BB84D34}\recordingmanager.exe
se nezdařilo. Závislé sestavení rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

[ Media Center Events ]
Error - 2015-01-13 10:44:24 | Computer Name = PCquad | Source = ehRecvr | ID = 4
Description =

Error - 2015-01-14 10:35:47 | Computer Name = PCquad | Source = ehRecvr | ID = 4
Description =

Error - 2015-01-15 09:58:25 | Computer Name = PCquad | Source = ehRecvr | ID = 4
Description =

Error - 2015-01-15 10:31:59 | Computer Name = PCquad | Source = ehRecvr | ID = 4
Description =

Error - 2015-01-16 11:47:21 | Computer Name = PCquad | Source = ehRecvr | ID = 4
Description =

Error - 2015-01-17 03:20:12 | Computer Name = PCquad | Source = ehRecvr | ID = 4
Description =

Error - 2015-01-17 08:18:11 | Computer Name = PCquad | Source = ehRecvr | ID = 4
Description =

Error - 2015-01-18 03:23:23 | Computer Name = PCquad | Source = ehRecvr | ID = 4
Description =

Error - 2015-01-18 12:56:49 | Computer Name = PCquad | Source = ehRecvr | ID = 4
Description =

Error - 2015-01-19 10:27:19 | Computer Name = PCquad | Source = ehRecvr | ID = 4
Description =

[ System Events ]
Error - 2015-01-17 08:15:33 | Computer Name = PCquad | Source = Service Control Manager | ID = 7031
Description =

Error - 2015-01-17 08:15:33 | Computer Name = PCquad | Source = Service Control Manager | ID = 7031
Description =

Error - 2015-01-17 08:17:13 | Computer Name = PCquad | Source = Service Control Manager | ID = 7000
Description =

Error - 2015-01-17 08:17:13 | Computer Name = PCquad | Source = Service Control Manager | ID = 7000
Description =

Error - 2015-01-18 03:22:18 | Computer Name = PCquad | Source = Service Control Manager | ID = 7000
Description =

Error - 2015-01-18 03:22:18 | Computer Name = PCquad | Source = Service Control Manager | ID = 7000
Description =

Error - 2015-01-18 12:55:34 | Computer Name = PCquad | Source = Service Control Manager | ID = 7000
Description =

Error - 2015-01-18 12:55:34 | Computer Name = PCquad | Source = Service Control Manager | ID = 7000
Description =

Error - 2015-01-19 10:26:17 | Computer Name = PCquad | Source = Service Control Manager | ID = 7000
Description =

Error - 2015-01-19 10:26:17 | Computer Name = PCquad | Source = Service Control Manager | ID = 7000
Description =

< End of report >

#22 Příspěvek od **Márty84** » 19 led 2015 19:07

Napiste mi velikost adresare plochy (C:\Users\Milan Obešlo\Plocha)

Vypnete antivir, at nebrani programu v praci.

Znovu spustte OTL jako spravce
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[RESETHOSTS]
[Purity]
[CreateRestorePoint]

:services
sp_rsdrv2
AdobeARMservice
Nero BackItUp Scheduler 4.0
sp_rssrv
gupdate
AdobeFlashPlayerUpdateSvc
gupdatem
gusvc

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2124181350-2115944497-1007344975-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2124181350-2115944497-1007344975-1000UA.job
C:\Windows\tasks\User_Feed_Synchronization-{85376FE6-FC64-4267-9B06-0829C1319430}.job
C:\Windows\system32\drivers\sp_rsdrv2.sys
C:\Program Files\Spyware Terminator

:otl
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\.DEFAULT\..\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}: "URL" = http://www.crawler.com/search/dispatche ... tp=bs&qkw={searchTerms}&tbid=60327
IE - HKU\S-1-5-18\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-18\..\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}: "URL" = http://www.crawler.com/search/dispatche ... tp=bs&qkw={searchTerms}&tbid=60327
IE - HKU\S-1-5-21-2124181350-2115944497-1007344975-1000\..\URLSearchHook: {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - SOFTWARE\Classes\CLSID\{BC86E1AB-EDA5-4059-938F-CE307B0C6F0A}\InprocServer32 File not found
IE - HKU\S-1-5-21-2124181350-2115944497-1007344975-1000\..\SearchScopes,DefaultScope = {C7809953-FDE8-44ff-8C3F-88E7488CB898}
IE - HKU\S-1-5-21-2124181350-2115944497-1007344975-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-2124181350-2115944497-1007344975-1000\..\SearchScopes\{C7809953-FDE8-44ff-8C3F-88E7488CB898}: "URL" = http://uk.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBD
IE - HKU\S-1-5-21-2124181350-2115944497-1007344975-1003\..\URLSearchHook: {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - SOFTWARE\Classes\CLSID\{BC86E1AB-EDA5-4059-938F-CE307B0C6F0A}\InprocServer32 File not found
IE - HKU\S-1-5-21-2124181350-2115944497-1007344975-1003\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2124181350-2115944497-1007344975-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-2124181350-2115944497-1007344975-1003\..\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}: "URL" = http://www.crawler.com/search/dispatche ... tp=bs&qkw={searchTerms}&tbid=60327
IE - HKU\S-1-5-21-2124181350-2115944497-1007344975-1003\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB9}: "URL" = http://www.daemon-search.com/search/web?q={searchTerms}
IE - HKU\S-1-5-21-2124181350-2115944497-1007344975-1003\..\SearchScopes\{C7809953-FDE8-44ff-8C3F-88E7488CB898}: "URL" = http://uk.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBD
FF - prefs.js..extensions.enabledItems: {c50ca3c4-5656-43c2-a061-13e717f73fc8}:4.0.1
[2012-06-20 17:10:42 | 000,000,000 | ---D | M] (Roomy Bookmarks Toolbar) -- C:\Users\Milan Obešlo\AppData\Roaming\Mozilla\Firefox\Profiles\p3yzb4q6.default\extensions\ALone-live@ya(44).ru
[2013-06-22 07:22:21 | 000,000,000 | ---D | M] (Roomy Bookmarks Toolbar) -- C:\Users\Milan Obešlo\AppData\Roaming\Mozilla\Firefox\Profiles\p3yzb4q6.default\extensions\ALone-live@ya(45).ru
[2012-05-09 18:05:58 | 000,000,000 | ---D | M] (Roomy Bookmarks Toolbar) -- C:\Users\Milan Obešlo\AppData\Roaming\Mozilla\Firefox\Profiles\p3yzb4q6.default\extensions\ALone-live@ya(72).ru
[2008-01-23 07:20:30 | 000,491,520 | ---- | M] (BitComet) -- C:\Program Files\mozilla firefox\plugins\npBitCometAgent.dll
CHR - plugin: BitCometAgent (Disabled) = C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKU\S-1-5-21-2124181350-2115944497-1007344975-1003\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKU\S-1-5-21-2124181350-2115944497-1007344975-1003\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
[2015-01-17 16:38:09 | 020,447,072 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Milan Obešlo\Desktop\mbam-setup-2.0.4.1028.exe
[8 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[8 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[3 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[2009-11-15 11:18:37 | 000,000,000 | ---D | M] -- C:\Users\Milan Obešlo\AppData\Roaming\Spyware Terminator
[16 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[11 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[4 C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\*.tmp files -> C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\*.tmp -> ]
[3 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[240 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
[1 C:\Windows\twain_32\*.tmp files -> C:\Windows\twain_32\*.tmp -> ]
@Alternate Data Stream - 5384 bytes -> C:\Windows\winsxs\x86_microsoft-windows-p..rastructureconsumer_31bf3856ad364e35_6.0.6002.18005_none_b5c807ab2d93d829\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh
@Alternate Data Stream - 5384 bytes -> C:\Windows\winsxs\x86_microsoft-windows-p..rastructureconsumer_31bf3856ad364e35_6.0.6001.18000_none_b3dc8e9f30720cdd\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh
@Alternate Data Stream - 5384 bytes -> C:\Windows\winsxs\x86_microsoft-windows-p..rastructureconsumer_31bf3856ad364e35_6.0.6000.16386_none_b1a5cca33386fc09\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh
@Alternate Data Stream - 5384 bytes -> C:\Windows\PLA\System\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh
@Alternate Data Stream - 231 bytes -> C:\ProgramData\TEMP:15B79D44
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:59756FA4

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=-
"NBKeyScan"=-
"TkBellExe"=-
"seznam-listicka-distribuce"=-
"sfagent"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=-
"uTorrent"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Orb]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminator]

Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

Red Fin · #23 Příspěvek od **Red Fin** » 19 led 2015 19:19

Plocha 264 MB

#24 Příspěvek od **Márty84** » 19 led 2015 19:20

OK, to jde.

Red Fin · #25 Příspěvek od **Red Fin** » 19 led 2015 19:30

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes

User: Desktop

User: Milan Obealo

User: Milan Obešlo
->Temp folder emptied: 1561537634 bytes
->Java cache emptied: 319942 bytes
->FireFox cache emptied: 184491386 bytes
->Google Chrome cache emptied: 415140947 bytes
->Opera cache emptied: 14500584 bytes
->Flash cache emptied: 134050 bytes

User: Public

User: UpdatusUser
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 30277096 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 5168599382 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 7183237885 bytes

Total Files Cleaned = 13,884.00 mb

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Desktop

User: Milan Obealo

User: Milan Obešlo
->Flash cache emptied: 0 bytes

User: Public

User: UpdatusUser

Total Flash Files Cleaned = 0.00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTL Restore Point
========== SERVICES/DRIVERS ==========
Service sp_rsdrv2 stopped successfully!
Service sp_rsdrv2 deleted successfully!
Service AdobeARMservice stopped successfully!
Service AdobeARMservice deleted successfully!
Service Nero BackItUp Scheduler 4.0 stopped successfully!
Service Nero BackItUp Scheduler 4.0 deleted successfully!
Service sp_rssrv stopped successfully!
Service sp_rssrv deleted successfully!
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
Service gusvc stopped successfully!
Service gusvc deleted successfully!
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
C:\Windows\tasks\Adobe Flash Player Updater.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2124181350-2115944497-1007344975-1000Core.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2124181350-2115944497-1007344975-1000UA.job moved successfully.
C:\Windows\tasks\User_Feed_Synchronization-{85376FE6-FC64-4267-9B06-0829C1319430}.job moved successfully.
C:\Windows\system32\drivers\sp_rsdrv2.sys moved successfully.
C:\Program Files\Spyware Terminator folder moved successfully.
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}\ not found.
Registry key HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}\ not found.
Registry value HKEY_USERS\S-1-5-21-2124181350-2115944497-1007344975-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BC86E1AB-EDA5-4059-938F-CE307B0C6F0A}\ deleted successfully.
HKEY_USERS\S-1-5-21-2124181350-2115944497-1007344975-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-2124181350-2115944497-1007344975-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-2124181350-2115944497-1007344975-1000\Software\Microsoft\Internet Explorer\SearchScopes\{C7809953-FDE8-44ff-8C3F-88E7488CB898}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C7809953-FDE8-44ff-8C3F-88E7488CB898}\ not found.
Registry value HKEY_USERS\S-1-5-21-2124181350-2115944497-1007344975-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\\{BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BC86E1AB-EDA5-4059-938F-CE307B0C6F0A}\ not found.
HKEY_USERS\S-1-5-21-2124181350-2115944497-1007344975-1003\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-2124181350-2115944497-1007344975-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-2124181350-2115944497-1007344975-1003\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}\ not found.
Registry key HKEY_USERS\S-1-5-21-2124181350-2115944497-1007344975-1003\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB9}\ not found.
Registry key HKEY_USERS\S-1-5-21-2124181350-2115944497-1007344975-1003\Software\Microsoft\Internet Explorer\SearchScopes\{C7809953-FDE8-44ff-8C3F-88E7488CB898}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C7809953-FDE8-44ff-8C3F-88E7488CB898}\ not found.
Prefs.js: {c50ca3c4-5656-43c2-a061-13e717f73fc8}:4.0.1 removed from extensions.enabledItems
C:\Users\Milan Obešlo\AppData\Roaming\Mozilla\Firefox\Profiles\p3yzb4q6.default\extensions\ALone-live@ya(44).ru\skin\css folder moved successfully.
C:\Users\Milan Obešlo\AppData\Roaming\Mozilla\Firefox\Profiles\p3yzb4q6.default\extensions\ALone-live@ya(44).ru\skin folder moved successfully.
C:\Users\Milan Obešlo\AppData\Roaming\Mozilla\Firefox\Profiles\p3yzb4q6.default\extensions\ALone-live@ya(44).ru\locale\zh-CN folder moved successfully.
C:\Users\Milan Obešlo\AppData\Roaming\Mozilla\Firefox\Profiles\p3yzb4q6.default\extensions\ALone-live@ya(44).ru\locale\tr-TR folder moved successfully.
C:\Users\Milan Obešlo\AppData\Roaming\Mozilla\Firefox\Profiles\p3yzb4q6.default\extensions\ALone-live@ya(44).ru\locale\sv-SE folder moved successfully.
C:\Users\Milan Obešlo\AppData\Roaming\Mozilla\Firefox\Profiles\p3yzb4q6.default\extensions\ALone-live@ya(44).ru\locale\sr folder moved successfully.
C:\Users\Milan Obešlo\AppData\Roaming\Mozilla\Firefox\Profiles\p3yzb4q6.default\extensions\ALone-live@ya(44).ru\locale\ru folder moved successfully.
C:\Users\Milan Obešlo\AppData\Roaming\Mozilla\Firefox\Profiles\p3yzb4q6.default\extensions\ALone-live@ya(44).ru\locale\ro folder moved successfully.
C:\Users\Milan Obešlo\AppData\Roaming\Mozilla\Firefox\Profiles\p3yzb4q6.default\extensions\ALone-live@ya(44).ru\locale\pt-BR folder moved successfully.
C:\Users\Milan Obešlo\AppData\Roaming\Mozilla\Firefox\Profiles\p3yzb4q6.default\extensions\ALone-live@ya(44).ru\locale\pl folder moved successfully.
C:\Users\Milan Obešlo\AppData\Roaming\Mozilla\Firefox\Profiles\p3yzb4q6.default\extensions\ALone-live@ya(44).ru\locale\fr folder moved successfully.
C:\Users\Milan Obešlo\AppData\Roaming\Mozilla\Firefox\Profiles\p3yzb4q6.default\extensions\ALone-live@ya(44).ru\locale\en folder moved successfully.
C:\Users\Milan Obešlo\AppData\Roaming\Mozilla\Firefox\Profiles\p3yzb4q6.default\extensions\ALone-live@ya(44).ru\locale\de folder moved successfully.
C:\Users\Milan Obešlo\AppData\Roaming\Mozilla\Firefox\Profiles\p3yzb4q6.default\extensions\ALone-live@ya(44).ru\locale folder moved successfully.
C:\Users\Milan Obešlo\AppData\Roaming\Mozilla\Firefox\Profiles\p3yzb4q6.default\extensions\ALone-live@ya(44).ru\content folder moved successfully.
C:\Users\Milan Obešlo\AppData\Roaming\Mozilla\Firefox\Profiles\p3yzb4q6.default\extensions\ALone-live@ya(44).ru folder moved successfully.
C:\Users\Milan Obešlo\AppData\Roaming\Mozilla\Firefox\Profiles\p3yzb4q6.default\extensions\ALone-live@ya(45).ru\skin\css folder moved successfully.
C:\Users\Milan Obešlo\AppData\Roaming\Mozilla\Firefox\Profiles\p3yzb4q6.default\extensions\ALone-live@ya(45).ru\skin folder moved successfully.
C:\Users\Milan Obešlo\AppData\Roaming\Mozilla\Firefox\Profiles\p3yzb4q6.default\extensions\ALone-live@ya(45).ru\locale\zh-CN folder moved successfully.
C:\Users\Milan Obešlo\AppData\Roaming\Mozilla\Firefox\Profiles\p3yzb4q6.default\extensions\ALone-live@ya(45).ru\locale\tr-TR folder moved successfully.
C:\Users\Milan Obešlo\AppData\Roaming\Mozilla\Firefox\Profiles\p3yzb4q6.default\extensions\ALone-live@ya(45).ru\locale\sv-SE folder moved successfully.
C:\Users\Milan Obešlo\AppData\Roaming\Mozilla\Firefox\Profiles\p3yzb4q6.default\extensions\ALone-live@ya(45).ru\locale\sr folder moved successfully.
C:\Users\Milan Obešlo\AppData\Roaming\Mozilla\Firefox\Profiles\p3yzb4q6.default\extensions\ALone-live@ya(45).ru\locale\ru folder moved successfully.
C:\Users\Milan Obešlo\AppData\Roaming\Mozilla\Firefox\Profiles\p3yzb4q6.default\extensions\ALone-live@ya(45).ru\locale\ro folder moved successfully.
C:\Users\Milan Obešlo\AppData\Roaming\Mozilla\Firefox\Profiles\p3yzb4q6.default\extensions\ALone-live@ya(45).ru\locale\pt-BR folder moved successfully.
C:\Users\Milan Obešlo\AppData\Roaming\Mozilla\Firefox\Profiles\p3yzb4q6.default\extensions\ALone-live@ya(45).ru\locale\pl folder moved successfully.
C:\Users\Milan Obešlo\AppData\Roaming\Mozilla\Firefox\Profiles\p3yzb4q6.default\extensions\ALone-live@ya(45).ru\locale\fr folder moved successfully.
C:\Users\Milan Obešlo\AppData\Roaming\Mozilla\Firefox\Profiles\p3yzb4q6.default\extensions\ALone-live@ya(45).ru\locale\en folder moved successfully.
C:\Users\Milan Obešlo\AppData\Roaming\Mozilla\Firefox\Profiles\p3yzb4q6.default\extensions\ALone-live@ya(45).ru\locale\de folder moved successfully.
C:\Users\Milan Obešlo\AppData\Roaming\Mozilla\Firefox\Profiles\p3yzb4q6.default\extensions\ALone-live@ya(45).ru\locale folder moved successfully.
C:\Users\Milan Obešlo\AppData\Roaming\Mozilla\Firefox\Profiles\p3yzb4q6.default\extensions\ALone-live@ya(45).ru\content folder moved successfully.
C:\Users\Milan Obešlo\AppData\Roaming\Mozilla\Firefox\Profiles\p3yzb4q6.default\extensions\ALone-live@ya(45).ru folder moved successfully.
C:\Users\Milan Obešlo\AppData\Roaming\Mozilla\Firefox\Profiles\p3yzb4q6.default\extensions\ALone-live@ya(72).ru\skin\css folder moved successfully.
C:\Users\Milan Obešlo\AppData\Roaming\Mozilla\Firefox\Profiles\p3yzb4q6.default\extensions\ALone-live@ya(72).ru\skin folder moved successfully.
C:\Users\Milan Obešlo\AppData\Roaming\Mozilla\Firefox\Profiles\p3yzb4q6.default\extensions\ALone-live@ya(72).ru\locale\zh-CN folder moved successfully.
C:\Users\Milan Obešlo\AppData\Roaming\Mozilla\Firefox\Profiles\p3yzb4q6.default\extensions\ALone-live@ya(72).ru\locale\tr-TR folder moved successfully.
C:\Users\Milan Obešlo\AppData\Roaming\Mozilla\Firefox\Profiles\p3yzb4q6.default\extensions\ALone-live@ya(72).ru\locale\sv-SE folder moved successfully.
C:\Users\Milan Obešlo\AppData\Roaming\Mozilla\Firefox\Profiles\p3yzb4q6.default\extensions\ALone-live@ya(72).ru\locale\sr folder moved successfully.
C:\Users\Milan Obešlo\AppData\Roaming\Mozilla\Firefox\Profiles\p3yzb4q6.default\extensions\ALone-live@ya(72).ru\locale\ru folder moved successfully.
C:\Users\Milan Obešlo\AppData\Roaming\Mozilla\Firefox\Profiles\p3yzb4q6.default\extensions\ALone-live@ya(72).ru\locale\ro folder moved successfully.
C:\Users\Milan Obešlo\AppData\Roaming\Mozilla\Firefox\Profiles\p3yzb4q6.default\extensions\ALone-live@ya(72).ru\locale\pt-BR folder moved successfully.
C:\Users\Milan Obešlo\AppData\Roaming\Mozilla\Firefox\Profiles\p3yzb4q6.default\extensions\ALone-live@ya(72).ru\locale\pl folder moved successfully.
C:\Users\Milan Obešlo\AppData\Roaming\Mozilla\Firefox\Profiles\p3yzb4q6.default\extensions\ALone-live@ya(72).ru\locale\fr folder moved successfully.
C:\Users\Milan Obešlo\AppData\Roaming\Mozilla\Firefox\Profiles\p3yzb4q6.default\extensions\ALone-live@ya(72).ru\locale\en folder moved successfully.
C:\Users\Milan Obešlo\AppData\Roaming\Mozilla\Firefox\Profiles\p3yzb4q6.default\extensions\ALone-live@ya(72).ru\locale\de folder moved successfully.
C:\Users\Milan Obešlo\AppData\Roaming\Mozilla\Firefox\Profiles\p3yzb4q6.default\extensions\ALone-live@ya(72).ru\locale folder moved successfully.
C:\Users\Milan Obešlo\AppData\Roaming\Mozilla\Firefox\Profiles\p3yzb4q6.default\extensions\ALone-live@ya(72).ru\content folder moved successfully.
C:\Users\Milan Obešlo\AppData\Roaming\Mozilla\Firefox\Profiles\p3yzb4q6.default\extensions\ALone-live@ya(72).ru folder moved successfully.
C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll moved successfully.
File C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}\ not found.
Registry value HKEY_USERS\S-1-5-21-2124181350-2115944497-1007344975-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
Registry value HKEY_USERS\S-1-5-21-2124181350-2115944497-1007344975-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xportovat do aplikace Microsoft Excel\ deleted successfully.
Starting removal of ActiveX control {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
C:\Windows\Downloaded Program Files\erma.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
C:\Users\Milan Obešlo\Desktop\mbam-setup-2.0.4.1028.exe moved successfully.
C:\ProgramData\xml3018.tmp deleted successfully.
C:\ProgramData\xml30C6.tmp deleted successfully.
C:\ProgramData\xmlD42F.tmp deleted successfully.
C:\ProgramData\xmlD802.tmp deleted successfully.
C:\ProgramData\xmlD8CF.tmp deleted successfully.
C:\ProgramData\xmlE2D3.tmp deleted successfully.
C:\ProgramData\xmlE5F2.tmp deleted successfully.
C:\ProgramData\xmlE680.tmp deleted successfully.
C:\Users\Milan Obešlo\AppData\Roaming\Spyware Terminator\Reports folder moved successfully.
C:\Users\Milan Obešlo\AppData\Roaming\Spyware Terminator\LanguageAct folder moved successfully.
C:\Users\Milan Obešlo\AppData\Roaming\Spyware Terminator folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP217E.tmp\System.ServiceModel.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP217E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2710.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2DF2.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP386A.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4EEA.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6F9A.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP81A.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP85A4.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB2C8.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB74D.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB9DC.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPBE65.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPD7D4.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE752.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPEB76.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPEEF0.tmp folder deleted successfully.
C:\Windows\Installer\MSI19A0.tmp deleted successfully.
C:\Windows\Installer\MSI1DB4.tmp deleted successfully.
C:\Windows\Installer\MSI36F6.tmp deleted successfully.
C:\Windows\Installer\MSI37C1.tmp deleted successfully.
C:\Windows\Installer\MSI390B.tmp deleted successfully.
C:\Windows\Installer\MSI485D.tmp deleted successfully.
C:\Windows\Installer\MSI52FC.tmp deleted successfully.
C:\Windows\Installer\MSI5805.tmp deleted successfully.
C:\Windows\Installer\MSID6D1.tmp deleted successfully.
C:\Windows\Installer\MSIE352.tmp deleted successfully.
C:\Windows\Installer\MSIE5DC.tmp deleted successfully.
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\IH1BE1.tmp deleted successfully.
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\IH9527.tmp deleted successfully.
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\IHF202.tmp deleted successfully.
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\IHF58C.tmp deleted successfully.
C:\Windows\twain_32\hpqgnds2.tmp deleted successfully.
ADS C:\Windows\winsxs\x86_microsoft-windows-p..rastructureconsumer_31bf3856ad364e35_6.0.6002.18005_none_b5c807ab2d93d829\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh deleted successfully.
Unable to delete ADS C:\Windows\winsxs\x86_microsoft-windows-p..rastructureconsumer_31bf3856ad364e35_6.0.6001.18000_none_b3dc8e9f30720cdd\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh .
Unable to delete ADS C:\Windows\winsxs\x86_microsoft-windows-p..rastructureconsumer_31bf3856ad364e35_6.0.6000.16386_none_b1a5cca33386fc09\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh .
Unable to delete ADS C:\Windows\PLA\System\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh .
ADS C:\ProgramData\TEMP:15B79D44 deleted successfully.
ADS C:\ProgramData\TEMP:59756FA4 deleted successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Windows Defender deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NBKeyScan deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\TkBellExe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\seznam-listicka-distribuce deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\sfagent deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\uTorrent deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Orb\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminator\ deleted successfully.

OTL by OldTimer - Version 3.2.69.0 log created on 01192015_192115

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

#26 Příspěvek od **Márty84** » 19 led 2015 19:43

Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

vyosek píše: DelFix https://toolslib.net/downloads/finish/2/
Stahnete a spustte

Ponechte zatrzitkou pouze u volby Remote disinfection tools

Kliknete na Run

Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)

Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.

Pak napiste, jak je na tom pc.

Red Fin · #27 Příspěvek od **Red Fin** » 19 led 2015 20:19

Zatím ještě defragmentuje, co s karanténou v malweru ?
Nebo odinstalovat a neřešit to a ty zbylé nástroje taky odinstalovat ? mám revo unistaller.

#28 Příspěvek od **Márty84** » 20 led 2015 11:01

Karantenu muzete nechat tak, nebo vymazat. Pripadne MBAM odinstalovat, tim se vymaze i karantena s jejim obsahem.

Co tam jeste zbylo k odinstalovani?

Red Fin · #29 Příspěvek od **Red Fin** » 20 led 2015 15:33

OK, zbyl tam jen del fix, ale ten už jsem odstranil.
Jinak PC vypadá v kondici, tak díky za ochotu a trpělivost.

#30 Příspěvek od **Márty84** » 20 led 2015 19:40

Nemate zac!

Mejte se a treba zase nekdy

VIRY.CZ

Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu