Vypínání antiviru a zpomalení PC

Zpráva

kokopraise · #1 Příspěvek od **kokopraise** » 30 led 2015 02:39

Zdravím,

povedlo se mi natáhnout do PC nějakou havěť, která mi teď vypíná antivir, firewall a ještě navíc zpomaluje Pc.
Přikládám Log . díky předem

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 2:25:08, on 30.1.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Unable to get Internet Explorer version!

FIREFOX: 34.0.5 (x86 cs)
Boot mode: Normal

Running processes:
C:\Users\Pavel\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\msiexec.exe
C:\Users\Pavel\Downloads\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://securedsearch.lavasoft.com/?pr=v ... net_150130
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.dosearches.com/web/?utm_s ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Pavel\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - Global Startup: TP-LINK Wireless Configuration Utility.lnk = C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Garmin Core Update Service - Garmin Ltd or its subsidiaries - C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Update Manager (iumsvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LavasoftTcpService - Lavasoft Limited - C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.1.4\LavasoftTcpService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 x64 (PSI_SVC_2_x64) - arvato digital services llc - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: IE Search Set (SearchProtectionService) - Unknown owner - C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Spyware Terminator 2012 Realtime Shield Service (ST2012_Svc) - Crawler.com - C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9630 bytes

kokopraise · #2 Příspěvek od **kokopraise** » 30 led 2015 02:48

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-01-2015
Ran by Pavel (administrator) on PAVEL-PC on 30-01-2015 02:45:45
Running from C:\Users\Pavel\Desktop
Loaded Profiles: Pavel (Available profiles: Pavel)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(BitTorrent Inc.) C:\Users\Pavel\AppData\Roaming\uTorrent\uTorrent.exe
() C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Lavasoft Limited) C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.1.4\LavasoftTcpService.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
(Crawler.com) C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(forum.viry.cz) C:\Users\Pavel\Desktop\FRSTLauncher(1).exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5595336 2014-10-01] (ESET)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-07-31] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1652633647-405593163-2038319680-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1652633647-405593163-2038319680-1000\...\Run: [uTorrent] => C:\Users\Pavel\AppData\Roaming\uTorrent\uTorrent.exe [1374032 2015-01-21] (BitTorrent Inc.)
HKU\S-1-5-21-1652633647-405593163-2038319680-1000\...\MountPoints2: {737d350d-26cc-11e3-9141-902b34957c42} - J:\autorun\autorun.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk
ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-1652633647-405593163-2038319680-1000] => :0
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.dosearches.com/web/?utm_s ... earchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://search.dosearches.com/web/?utm_s ... earchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.dosearches.com/web/?utm_s ... earchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.dosearches.com/web/?utm_s ... earchTerms}
HKU\S-1-5-21-1652633647-405593163-2038319680-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://securedsearch.lavasoft.com/?pr=v ... net_150130
SearchScopes: HKU\S-1-5-21-1652633647-405593163-2038319680-1000 -> DefaultScope {BDF61FAE-9D19-40F0-8F34-688DEB334CA9} URL = http://securedsearch.lavasoft.com/resul ... earchTerms}
SearchScopes: HKU\S-1-5-21-1652633647-405593163-2038319680-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.buenosearch.com/?q={searchTe ... 3&tsp=5205
SearchScopes: HKU\S-1-5-21-1652633647-405593163-2038319680-1000 -> {BDF61FAE-9D19-40F0-8F34-688DEB334CA9} URL = http://securedsearch.lavasoft.com/resul ... earchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKU\S-1-5-21-1652633647-405593163-2038319680-1000 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Winsock: Catalog9 01 C:\Windows\SysWOW64\LavasoftTcpService.dll [332216] (Lavasoft Limited)
Winsock: Catalog9 02 C:\Windows\SysWOW64\LavasoftTcpService.dll [332216] (Lavasoft Limited)
Winsock: Catalog9 03 C:\Windows\SysWOW64\LavasoftTcpService.dll [332216] (Lavasoft Limited)
Winsock: Catalog9 04 C:\Windows\SysWOW64\LavasoftTcpService.dll [332216] (Lavasoft Limited)
Winsock: Catalog9 15 C:\Windows\SysWOW64\LavasoftTcpService.dll [332216] (Lavasoft Limited)
Winsock: Catalog9-x64 01 C:\Windows\system32\LavasoftTcpService64.dll [378832] (Lavasoft Limited)
Winsock: Catalog9-x64 02 C:\Windows\system32\LavasoftTcpService64.dll [378832] (Lavasoft Limited)
Winsock: Catalog9-x64 03 C:\Windows\system32\LavasoftTcpService64.dll [378832] (Lavasoft Limited)
Winsock: Catalog9-x64 04 C:\Windows\system32\LavasoftTcpService64.dll [378832] (Lavasoft Limited)
Winsock: Catalog9-x64 15 C:\Windows\system32\LavasoftTcpService64.dll [378832] (Lavasoft Limited)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\tije5ak8.default
FF NewTab: hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10088_cnet_150130
FF DefaultSearchEngine: Ad-Aware SecureSearch
FF DefaultSearchUrl: https://www.google.com/search
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Ad-Aware SecureSearch
FF Homepage: hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10088_cnet_150130
FF Keyword.URL: https://www.google.com/search
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_110.dll ()
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll ()
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.9.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.9.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF SearchPlugin: C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\tije5ak8.default\searchplugins\securesearch.xml
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-11-30]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-02-04]
FF HKU\S-1-5-21-1652633647-405593163-2038319680-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome:
=======
CHR Profile: C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Avast SafePrice) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2014-08-04]
CHR Extension: (Avast Online Security) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-07-20]
CHR Extension: (Peněženka Google) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-16]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx [2014-08-04]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-20]
CHR HKLM-x32\...\Chrome\Extension: [mciekghplkkgcmofonmkmlomhkamochd] - C:\Program Files (x86)\Kozaka\mciekghplkkgcmofonmkmlomhkamochd.crx [Not Found]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-20] (AVAST Software)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1349576 2014-10-01] (ESET)
S2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [438616 2014-07-23] (Garmin Ltd or its subsidiaries)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1037824 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-07-05] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-07-05] (Intel Corporation)
R2 LavasoftTcpService; C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.1.4\LavasoftTcpService.exe [1364392 2015-01-23] (Lavasoft Limited)
S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [336824 2010-11-30] (arvato digital services llc)
R2 SearchProtectionService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [15208 2015-01-23] ()
R2 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [1146272 2014-11-04] (Crawler.com)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-20] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-20] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-20] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-20] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-11-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-21] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-20] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-20] ()
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [243440 2014-10-10] (ESET)
S0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [241368 2014-10-10] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [169280 2014-10-10] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [158968 2014-10-10] (ESET)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-10-01] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-11] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-10-01] (Malwarebytes Corporation)
R2 sp_rsdrv2; C:\Windows\System32\DRIVERS\stflt.sys [51496 2013-11-08] (Windows (R) Win 7 DDK provider)
S1 SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-30 02:45 - 2015-01-30 02:45 - 00018871 _____ () C:\Users\Pavel\Desktop\FRST.txt
2015-01-30 02:45 - 2015-01-30 02:45 - 00000000 ____D () C:\FRST
2015-01-30 02:44 - 2015-01-30 02:44 - 00112640 _____ (forum.viry.cz) C:\Users\Pavel\Desktop\FRSTLauncher(1).exe
2015-01-30 02:43 - 2015-01-30 02:43 - 00112640 _____ (forum.viry.cz) C:\Users\Pavel\Downloads\FRSTLauncher.exe
2015-01-30 02:43 - 2015-01-30 02:43 - 00112640 _____ (forum.viry.cz) C:\Users\Pavel\Desktop\Nepotvrzeno 998776.crdownload
2015-01-30 02:42 - 2015-01-30 02:42 - 00112640 _____ (forum.viry.cz) C:\Users\Pavel\Downloads\Nepotvrzeno 557693.crdownload
2015-01-30 02:41 - 2015-01-30 02:41 - 02130432 _____ (Farbar) C:\Users\Pavel\Desktop\FRST64.exe
2015-01-30 02:31 - 2015-01-30 02:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2015-01-30 02:31 - 2015-01-30 02:31 - 00000000 ____D () C:\ProgramData\ESET
2015-01-30 02:31 - 2015-01-30 02:31 - 00000000 ____D () C:\Program Files\ESET
2015-01-30 02:27 - 2015-01-30 02:30 - 00001634 _____ () C:\Users\Pavel\Desktop\Rkill.txt
2015-01-30 02:27 - 2015-01-30 02:27 - 01943800 _____ (Bleeping Computer, LLC) C:\Users\Pavel\Downloads\rkill.com
2015-01-30 02:25 - 2015-01-30 02:25 - 00009631 _____ () C:\Users\Pavel\Downloads\hijackthis.log
2015-01-30 02:24 - 2015-01-30 02:24 - 00388608 _____ (Trend Micro Inc.) C:\Users\Pavel\Downloads\HijackThis.exe
2015-01-30 02:16 - 2015-01-30 02:18 - 73400320 _____ () C:\Users\Pavel\Downloads\eav_nt64_csy.msi
2015-01-30 02:01 - 2015-01-30 02:01 - 00000708 _____ () C:\Users\Pavel\Desktop\focení vlak – zástupce.lnk
2015-01-30 01:07 - 2015-01-30 01:07 - 00005096 _____ () C:\Windows\SysWOW64\LavasoftTcpService.ini
2015-01-30 01:07 - 2015-01-30 01:07 - 00002792 _____ () C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini
2015-01-30 01:07 - 2015-01-30 01:07 - 00002792 _____ () C:\Windows\system32\LavasoftTcpServiceOff.ini
2015-01-30 01:07 - 2015-01-30 01:07 - 00000000 ____D () C:\Users\Pavel\AppData\Local\Lavasoft
2015-01-30 01:07 - 2015-01-23 06:39 - 00378832 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService64.dll
2015-01-30 01:07 - 2015-01-23 06:39 - 00332216 _____ (Lavasoft Limited) C:\Windows\SysWOW64\LavasoftTcpService.dll
2015-01-30 01:06 - 2015-01-30 01:49 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\Lavasoft
2015-01-30 01:06 - 2015-01-30 01:06 - 00000000 ____D () C:\Program Files (x86)\Lavasoft
2015-01-30 01:05 - 2015-01-30 01:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2015-01-30 01:00 - 2015-01-30 01:07 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\LavasoftStatistics
2015-01-30 01:00 - 2015-01-30 01:00 - 00001038 _____ () C:\Users\Public\Desktop\Spyware Terminator 2012.lnk
2015-01-30 00:58 - 2015-01-30 00:58 - 00937208 _____ (Crawler.com ) C:\Users\Pavel\Downloads\SpywareTerminatorSetup.exe
2015-01-30 00:57 - 2015-01-30 00:57 - 01924232 _____ () C:\Users\Pavel\Downloads\Adaware_Installer.exe
2015-01-30 00:52 - 2015-01-30 00:52 - 00880784 _____ (Google Inc.) C:\Users\Pavel\Downloads\ChromeSetup.exe
2015-01-30 00:42 - 2015-01-30 00:42 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\Simply Super Software
2015-01-30 00:38 - 2015-01-30 00:38 - 00001109 _____ () C:\Users\Public\Desktop\Trojan Remover.lnk
2015-01-30 00:38 - 2015-01-30 00:38 - 00000000 ____D () C:\Users\Pavel\Documents\Simply Super Software
2015-01-30 00:38 - 2015-01-30 00:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trojan Remover
2015-01-30 00:38 - 2015-01-30 00:38 - 00000000 ____D () C:\ProgramData\Licenses
2015-01-30 00:37 - 2015-01-30 00:38 - 00000000 ____D () C:\Program Files (x86)\Trojan Remover
2015-01-30 00:37 - 2015-01-30 00:37 - 00000000 ____D () C:\ProgramData\Simply Super Software
2015-01-30 00:36 - 2015-01-30 00:36 - 21657592 _____ (Simply Super Software ) C:\Users\Pavel\Downloads\trjsetup.exe
2015-01-29 23:24 - 2015-01-29 23:24 - 00080021 _____ () C:\Users\Pavel\Downloads\Dragons.Dogma.Dark.Arisen.XBOX360-iMARS.torrent
2015-01-29 23:22 - 2015-01-29 23:22 - 00105695 _____ () C:\Users\Pavel\Downloads\EA_SPORTS_MMA_360-CCCLX.torrent
2015-01-29 23:22 - 2015-01-29 23:22 - 00105628 _____ () C:\Users\Pavel\Downloads\F9B56521B074C00D52CDB81E1D76AD938E79B204.torrent
2015-01-29 23:15 - 2015-01-29 23:15 - 00072878 _____ () C:\Users\Pavel\Downloads\Project_gotham_racing_4_xbox360 ccclx.torrent
2015-01-29 23:07 - 2015-01-29 23:07 - 00038936 _____ () C:\Users\Pavel\Downloads\Pure USA XBOX360 iMARS.torrent
2015-01-29 23:05 - 2015-01-29 23:05 - 00527257 _____ () C:\Users\Pavel\Downloads\Dark.Souls.II.XBOX360-iMARS.torrent
2015-01-29 23:04 - 2015-01-29 23:04 - 00167583 _____ () C:\Users\Pavel\Downloads\Arcania.The.Complete.Tale.XBOX360-COMPLEX.torrent
2015-01-29 22:59 - 2015-01-29 22:59 - 00667933 _____ () C:\Users\Pavel\Downloads\Sleeping.Dogs.XBOX360-SWAG.torrent
2015-01-29 21:26 - 2015-01-29 21:26 - 00070399 _____ () C:\Users\Pavel\Downloads\mostlymono.zip
2015-01-29 20:36 - 2015-01-29 20:36 - 00037708 _____ () C:\Users\Pavel\Downloads\short-stack.zip
2015-01-28 18:06 - 2015-01-28 18:06 - 03655511 _____ () C:\Users\Pavel\Downloads\2147499535 (1).zip
2015-01-28 18:01 - 2015-01-28 18:02 - 01116815 _____ () C:\Users\Pavel\Downloads\2147498593.zip
2015-01-28 18:00 - 2015-01-28 18:01 - 01741931 _____ () C:\Users\Pavel\Downloads\2147488856.zip
2015-01-28 17:59 - 2015-01-28 17:59 - 03655511 _____ () C:\Users\Pavel\Downloads\2147499535.zip
2015-01-28 17:44 - 2015-01-28 17:44 - 01945541 _____ () C:\Users\Pavel\Downloads\2147498594.zip
2015-01-28 17:34 - 2015-01-28 17:35 - 04761973 _____ () C:\Users\Pavel\Downloads\2147491427.zip
2015-01-27 10:48 - 2015-01-27 10:56 - 23495416 _____ () C:\Users\Pavel\Downloads\1276103136400_zcool.com.cn.rar
2015-01-27 10:39 - 2015-01-27 10:39 - 03390087 _____ () C:\Users\Pavel\Downloads\2147496323.zip
2015-01-25 12:39 - 2015-01-25 12:39 - 07787149 _____ () C:\Users\Pavel\Downloads\hitchcock.ai
2015-01-24 21:08 - 2015-01-24 21:08 - 01537076 _____ () C:\Users\Pavel\Downloads\2147500285 (1).zip
2015-01-24 21:05 - 2015-01-24 21:05 - 01537076 _____ () C:\Users\Pavel\Downloads\2147500285.zip
2015-01-24 19:53 - 2015-01-24 19:54 - 03906844 _____ () C:\Users\Pavel\Downloads\2147493159.zip
2015-01-24 17:47 - 2015-01-24 17:47 - 01026511 _____ () C:\Users\Pavel\Downloads\umbrella-vector-set.zip
2015-01-24 17:27 - 2015-01-24 17:29 - 01446158 _____ () C:\Users\Pavel\Downloads\1321242296456_zcool.com.cn.rar
2015-01-24 17:16 - 2015-01-24 17:16 - 01623795 _____ () C:\Users\Pavel\Downloads\trendy-dark-mens-suit-vector-graphic (1).zip
2015-01-24 17:14 - 2015-01-24 17:15 - 01623795 _____ () C:\Users\Pavel\Downloads\trendy-dark-mens-suit-vector-graphic.zip
2015-01-24 17:08 - 2015-01-24 17:08 - 00188600 _____ () C:\Users\Pavel\Downloads\businessman-character-set.zip
2015-01-24 17:00 - 2015-01-24 17:00 - 00719995 _____ () C:\Users\Pavel\Downloads\2147486538.zip
2015-01-24 16:56 - 2015-01-24 16:56 - 00003894 _____ () C:\Users\Pavel\Downloads\charlie.eps
2015-01-24 16:47 - 2015-01-24 16:47 - 00057598 _____ () C:\Users\Pavel\Downloads\2009100647.zip
2015-01-24 12:37 - 2015-01-24 12:37 - 02027115 _____ () C:\Users\Pavel\Downloads\cute-olws.zip
2015-01-24 12:34 - 2015-01-24 12:34 - 01007391 _____ () C:\Users\Pavel\Downloads\Halloween_02.zip
2015-01-23 19:28 - 2015-01-23 19:28 - 00025283 _____ () C:\Users\Pavel\Downloads\atmahoganyscript.zip
2015-01-23 19:20 - 2015-01-23 19:20 - 09401556 _____ () C:\Users\Pavel\Downloads\mtf_allfonts (3).zip
2015-01-23 19:19 - 2015-01-23 19:20 - 09401556 _____ () C:\Users\Pavel\Downloads\mtf_allfonts (2).zip
2015-01-23 19:19 - 2015-01-23 19:19 - 00099485 _____ () C:\Users\Pavel\Downloads\mtf_baseoutline_ttf.zip
2015-01-23 00:58 - 2015-01-23 00:59 - 00088369 _____ () C:\Users\Pavel\Downloads\fwd-_preklad_a_korektura.eml
2015-01-22 22:09 - 2015-01-22 22:09 - 04038864 _____ () C:\Users\Pavel\Downloads\2147492457.zip
2015-01-22 20:57 - 2015-01-22 20:57 - 01282574 _____ () C:\Users\Pavel\Downloads\2147490130.zip
2015-01-22 20:54 - 2015-01-22 20:54 - 01516662 _____ () C:\Users\Pavel\Downloads\2147498109.zip
2015-01-22 18:59 - 2015-01-22 18:59 - 01296811 _____ () C:\Users\Pavel\Downloads\2147500240 (1).zip
2015-01-22 18:54 - 2015-01-22 18:54 - 01296811 _____ () C:\Users\Pavel\Downloads\2147500240.zip
2015-01-22 18:54 - 2015-01-22 18:54 - 01030028 _____ () C:\Users\Pavel\Downloads\BIRD_IN_NEST.zip
2015-01-22 16:59 - 2015-01-22 16:59 - 18219168 _____ () C:\Users\Pavel\Downloads\BOTANICALSVINTAGE.zip
2015-01-21 00:30 - 2015-01-21 00:30 - 02412587 _____ () C:\Users\Pavel\Downloads\2147500647.zip
2015-01-21 00:27 - 2015-01-21 00:27 - 00939318 _____ () C:\Users\Pavel\Downloads\6336715.zip
2015-01-21 00:26 - 2015-01-21 00:26 - 01968684 _____ () C:\Users\Pavel\Downloads\7-tree-silhouettes.zip
2015-01-21 00:24 - 2015-01-21 00:24 - 05240278 _____ () C:\Users\Pavel\Downloads\2147496927.zip
2015-01-20 21:10 - 2015-01-20 21:10 - 03454354 _____ () C:\Users\Pavel\Downloads\2147492092.zip
2015-01-20 21:02 - 2015-01-20 21:02 - 00779500 _____ () C:\Users\Pavel\Downloads\2147493522.zip
2015-01-20 20:29 - 2015-01-20 20:29 - 02221571 _____ () C:\Users\Pavel\Downloads\682818.zip
2015-01-20 19:48 - 2015-01-20 19:48 - 02193320 _____ () C:\Users\Pavel\Downloads\2147496782.zip
2015-01-20 19:46 - 2015-01-20 19:46 - 02185465 _____ () C:\Users\Pavel\Downloads\2147486617.zip
2015-01-20 16:54 - 2015-01-20 16:56 - 59133100 _____ () C:\Users\Pavel\Downloads\Volume 01.rar
2015-01-20 16:50 - 2015-01-20 16:50 - 05060023 _____ () C:\Users\Pavel\Downloads\Guvernérove akváriá.rar
2015-01-20 16:43 - 2015-01-20 16:43 - 00012569 _____ () C:\Users\Pavel\Downloads\The_Walking_Dead.torrent
2015-01-20 16:42 - 2015-01-20 16:42 - 00059698 _____ () C:\Users\Pavel\Downloads\The_Walking_Dead.ep.1-5.torrent
2015-01-20 10:34 - 2015-01-20 10:34 - 01024405 _____ () C:\Users\Pavel\Downloads\2147493788.zip
2015-01-19 23:41 - 2015-01-19 23:41 - 00003490 _____ () C:\Users\Pavel\Downloads\phone37.eps
2015-01-19 23:38 - 2015-01-19 23:38 - 01886327 _____ () C:\Users\Pavel\Downloads\2147490624.zip
2015-01-19 23:29 - 2015-01-19 23:29 - 02058993 _____ () C:\Users\Pavel\Downloads\intro.zip
2015-01-19 23:15 - 2015-01-19 23:15 - 00196606 _____ () C:\Users\Pavel\Downloads\saf.zip
2015-01-18 19:53 - 2015-01-18 19:53 - 03988669 _____ () C:\Users\Pavel\Downloads\2147497421.zip
2015-01-18 19:51 - 2015-01-18 19:52 - 05860297 _____ () C:\Users\Pavel\Downloads\2147502750.zip
2015-01-18 19:46 - 2015-01-18 19:46 - 02383210 _____ () C:\Users\Pavel\Downloads\FreeVector.com-Amy-Winehouse-Vector-Graphics.zip
2015-01-18 19:39 - 2015-01-18 19:39 - 03170978 _____ () C:\Users\Pavel\Downloads\2147495385.zip
2015-01-18 19:31 - 2015-01-18 19:31 - 04598577 _____ () C:\Users\Pavel\Downloads\FreeVector-Amy-Winehouse-Vector.zip
2015-01-18 19:27 - 2015-01-18 19:27 - 00728457 _____ () C:\Users\Pavel\Downloads\682815.zip
2015-01-18 19:22 - 2015-01-18 19:22 - 00188019 _____ () C:\Users\Pavel\Downloads\afro1.zip
2015-01-18 19:04 - 2015-01-18 19:04 - 04035373 _____ () C:\Users\Pavel\Downloads\FreeVector-Free-Elvis-Presley-Vector.zip
2015-01-18 15:48 - 2015-01-18 15:48 - 00186229 _____ () C:\Users\Pavel\Downloads\watercolor-grunge-000119-light-blue (2).zip
2015-01-18 15:19 - 2015-01-18 15:19 - 02325727 _____ () C:\Users\Pavel\Downloads\2147496443 (1).zip
2015-01-18 14:57 - 2015-01-18 14:57 - 03733428 _____ () C:\Users\Pavel\Downloads\2147502810.zip
2015-01-17 23:13 - 2015-01-17 23:13 - 00045832 _____ () C:\Users\Pavel\Desktop\Splň si sny v SABANERO.html
2015-01-17 23:13 - 2015-01-17 23:13 - 00000000 ____D () C:\Users\Pavel\Desktop\Splň si sny v SABANERO_files
2015-01-17 22:54 - 2015-01-17 22:54 - 00037985 _____ () C:\Users\Pavel\Desktop\Práce Grafik, pracovník reklamy - Karel Fukala - Atelier eye - Havířov Indeed.com.html
2015-01-17 22:54 - 2015-01-17 22:54 - 00000000 ____D () C:\Users\Pavel\Desktop\Práce Grafik, pracovník reklamy - Karel Fukala - Atelier eye - Havířov Indeed.com_files
2015-01-17 22:20 - 2015-01-17 22:20 - 00019966 _____ () C:\Users\Pavel\Desktop\Prace.cz - GRAFIK - ADMINISTRATIVNÍ PRACOVNÍK.html
2015-01-17 22:20 - 2015-01-17 22:20 - 00000000 ____D () C:\Users\Pavel\Desktop\Prace.cz - GRAFIK - ADMINISTRATIVNÍ PRACOVNÍK_files
2015-01-17 22:15 - 2015-01-17 22:15 - 00019530 _____ () C:\Users\Pavel\Desktop\Prace.cz - TECHNICKÝ GRAFIK GRAFIČKA.html
2015-01-17 22:15 - 2015-01-17 22:15 - 00000000 ____D () C:\Users\Pavel\Desktop\Prace.cz - TECHNICKÝ GRAFIK GRAFIČKA_files
2015-01-16 21:50 - 2015-01-16 21:50 - 00707485 _____ () C:\Users\Pavel\Downloads\714364.zip
2015-01-16 21:48 - 2015-01-16 21:49 - 09229557 _____ () C:\Users\Pavel\Downloads\2147502872.zip
2015-01-16 13:57 - 2015-01-16 13:57 - 04790680 _____ () C:\Users\Pavel\Downloads\2147502874 (1).zip
2015-01-16 13:56 - 2015-01-16 13:56 - 04790680 _____ () C:\Users\Pavel\Downloads\2147502874.zip
2015-01-16 13:08 - 2015-01-16 13:08 - 00018944 _____ () C:\Users\Pavel\Downloads\faktura.xls
2015-01-16 10:54 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-16 10:54 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-16 10:54 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-16 10:54 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-16 10:54 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-16 10:54 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-16 10:54 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-15 23:03 - 2015-01-15 23:03 - 01616461 _____ () C:\Users\Pavel\Downloads\2147502858.zip
2015-01-15 21:29 - 2015-01-15 21:29 - 02758008 _____ () C:\Users\Pavel\Downloads\2147498125.zip
2015-01-15 21:29 - 2015-01-15 21:29 - 02758008 _____ () C:\Users\Pavel\Downloads\2147498125 (1).zip
2015-01-15 21:26 - 2015-01-15 21:26 - 05887127 _____ () C:\Users\Pavel\Downloads\2147493161.zip
2015-01-15 21:23 - 2015-01-15 21:23 - 00209197 _____ () C:\Users\Pavel\Downloads\watercolor-grunge-000011-maroon-copper.zip
2015-01-15 21:21 - 2015-01-15 21:21 - 00123768 _____ () C:\Users\Pavel\Downloads\watercolor-grunge-000002-gray-black (1).zip
2015-01-15 21:18 - 2015-01-15 21:18 - 00214778 _____ () C:\Users\Pavel\Downloads\watercolor-grunge-000057-sandy-burnt-umber.zip
2015-01-15 21:17 - 2015-01-15 21:17 - 00181022 _____ () C:\Users\Pavel\Downloads\watercolor-grunge-000096-golden-yellow.zip
2015-01-15 21:16 - 2015-01-15 21:16 - 00208647 _____ () C:\Users\Pavel\Downloads\watercolor-grunge-000108-medium-tea-rose.zip
2015-01-15 21:16 - 2015-01-15 21:16 - 00195635 _____ () C:\Users\Pavel\Downloads\watercolor-grunge-000029-orange-red-violet.zip
2015-01-15 21:09 - 2015-01-15 21:09 - 00123768 _____ () C:\Users\Pavel\Downloads\watercolor-grunge-000002-gray-black.zip
2015-01-15 21:08 - 2015-01-15 21:08 - 00189056 _____ () C:\Users\Pavel\Downloads\watercolor-grunge-000042-gradient-dark-blue.zip
2015-01-15 21:08 - 2015-01-15 21:08 - 00171708 _____ () C:\Users\Pavel\Downloads\watercolor-grunge-000055-melted-chocolate.zip
2015-01-15 21:07 - 2015-01-15 21:07 - 00134513 _____ () C:\Users\Pavel\Downloads\watercolor-grunge-000040-dark-midnight-blue.zip
2015-01-15 21:07 - 2015-01-15 21:07 - 00081050 _____ () C:\Users\Pavel\Downloads\watercolor-grunge-000023-midnight-blue.zip
2015-01-15 21:06 - 2015-01-15 21:06 - 00187153 _____ () C:\Users\Pavel\Downloads\watercolor-grunge-000054-deep-green.zip
2015-01-15 21:06 - 2015-01-15 21:06 - 00186229 _____ () C:\Users\Pavel\Downloads\watercolor-grunge-000119-light-blue.zip
2015-01-15 21:06 - 2015-01-15 21:06 - 00186229 _____ () C:\Users\Pavel\Downloads\watercolor-grunge-000119-light-blue (1).zip
2015-01-15 21:01 - 2015-01-15 21:01 - 01098375 _____ () C:\Users\Pavel\Downloads\2147502125.zip
2015-01-15 20:59 - 2015-01-15 20:59 - 01601845 _____ () C:\Users\Pavel\Downloads\2147500767.zip
2015-01-15 15:14 - 2015-01-15 15:14 - 01471273 _____ () C:\Users\Pavel\Downloads\2147494480.zip
2015-01-15 14:36 - 2015-01-15 14:36 - 00452281 _____ () C:\Users\Pavel\Downloads\2147486282.zip
2015-01-15 14:34 - 2015-01-15 14:34 - 01649092 _____ () C:\Users\Pavel\Downloads\2147491234.zip
2015-01-15 12:29 - 2015-01-15 12:31 - 00047104 _____ () C:\Users\Pavel\Desktop\Pinďondírov bonami naskladneni.xls
2015-01-14 17:11 - 2015-01-14 17:11 - 00997050 _____ () C:\Users\Pavel\Downloads\oksf4.zip
2015-01-14 17:05 - 2015-01-14 17:05 - 04233283 _____ () C:\Users\Pavel\Downloads\2147495994.zip
2015-01-14 17:04 - 2015-01-14 17:04 - 01867023 _____ () C:\Users\Pavel\Downloads\2147496853.zip
2015-01-14 17:03 - 2015-01-14 17:03 - 03447521 _____ () C:\Users\Pavel\Downloads\2147495964.zip
2015-01-14 16:20 - 2015-01-14 16:21 - 04055590 _____ () C:\Users\Pavel\Downloads\2147496378.zip
2015-01-14 10:01 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 10:01 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 10:01 - 2014-12-11 18:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 10:01 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 10:01 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 10:01 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-14 10:01 - 2012-10-03 18:44 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-01-14 10:01 - 2012-10-03 18:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-01-13 19:14 - 2015-01-13 19:14 - 00038400 _____ () C:\Users\Pavel\Downloads\startovka_2015.xls
2015-01-13 09:31 - 2015-01-13 09:31 - 01059547 _____ () C:\Users\Pavel\Downloads\2147488790.zip
2015-01-12 21:49 - 2015-01-12 21:49 - 00085320 _____ () C:\Users\Pavel\Downloads\character_sketch-logs.zip
2015-01-12 21:47 - 2015-01-12 21:47 - 01382282 _____ () C:\Users\Pavel\Downloads\Wood-Background-vector-EPS (1).zip
2015-01-12 21:46 - 2015-01-12 21:46 - 01382282 _____ () C:\Users\Pavel\Downloads\Wood-Background-vector-EPS.zip
2015-01-12 21:45 - 2015-01-12 21:45 - 01449434 _____ () C:\Users\Pavel\Downloads\Wood-background-Texture.zip
2015-01-12 21:18 - 2015-01-12 21:18 - 05803396 _____ () C:\Users\Pavel\Downloads\2147499402 (1).zip
2015-01-12 21:17 - 2015-01-12 21:17 - 05803396 _____ () C:\Users\Pavel\Downloads\2147499402.zip
2015-01-12 21:13 - 2015-01-12 21:13 - 03477678 _____ () C:\Users\Pavel\Downloads\2147499894.zip
2015-01-12 21:03 - 2015-01-12 21:03 - 05076668 _____ () C:\Users\Pavel\Downloads\2147500177.zip
2015-01-12 11:47 - 2015-01-12 11:47 - 00000000 ____D () C:\Users\Pavel\Desktop\Byt Bohumín
2015-01-12 11:40 - 2015-01-12 11:42 - 00000000 ____D () C:\Users\Pavel\Desktop\Zajímavé
2015-01-12 11:38 - 2015-01-12 11:39 - 00000000 ____D () C:\Users\Pavel\Desktop\Pičus z el. společnosti
2015-01-10 00:05 - 2015-01-10 00:05 - 00011138 _____ () C:\Users\Pavel\Desktop\Lindex Central Europe - Sales Assistant Prodavačka.html
2015-01-10 00:05 - 2015-01-10 00:05 - 00000000 ____D () C:\Users\Pavel\Desktop\Lindex Central Europe - Sales Assistant Prodavačka_files
2015-01-09 22:41 - 2015-01-09 22:41 - 02327218 _____ () C:\Users\Pavel\Downloads\2147502551.zip
2015-01-09 22:39 - 2015-01-09 22:39 - 01460256 _____ () C:\Users\Pavel\Downloads\2147502071 (2).zip
2015-01-09 22:23 - 2015-01-09 22:24 - 09401556 _____ () C:\Users\Pavel\Downloads\mtf_allfonts (1).zip
2015-01-09 22:20 - 2015-01-09 22:21 - 09401556 _____ () C:\Users\Pavel\Downloads\mtf_allfonts.zip
2015-01-09 22:11 - 2015-01-09 22:11 - 02011063 _____ () C:\Users\Pavel\Downloads\2147502045.zip
2015-01-09 21:39 - 2015-01-09 21:39 - 03659560 _____ () C:\Users\Pavel\Downloads\2147492518 (1).zip
2015-01-09 21:38 - 2015-01-09 21:38 - 02008273 _____ () C:\Users\Pavel\Downloads\2147499561.zip
2015-01-09 21:01 - 2015-01-09 21:01 - 01792804 _____ () C:\Users\Pavel\Downloads\2147493784 (2).zip
2015-01-09 20:36 - 2015-01-09 20:36 - 01180747 _____ () C:\Users\Pavel\Downloads\cute-vector-patterns.zip
2015-01-09 20:29 - 2015-01-09 20:29 - 08790885 _____ () C:\Users\Pavel\Downloads\2147502395.zip
2015-01-09 20:27 - 2015-01-09 20:28 - 01520529 _____ () C:\Users\Pavel\Downloads\2147496953 (1).zip
2015-01-09 19:23 - 2015-01-09 19:24 - 13165236 _____ () C:\Users\Pavel\Downloads\DD_Floral_Frames_67675.zip
2015-01-09 19:19 - 2015-01-09 19:20 - 02435535 _____ () C:\Users\Pavel\Downloads\indian_card_05_ai.zip
2015-01-09 17:39 - 2015-01-09 17:39 - 04854320 _____ () C:\Users\Pavel\Downloads\2147492779 (1).zip
2015-01-09 17:36 - 2015-01-09 17:37 - 03306629 _____ () C:\Users\Pavel\Downloads\2147493214.zip
2015-01-09 17:34 - 2015-01-09 17:34 - 06469438 _____ () C:\Users\Pavel\Downloads\2147491777.zip
2015-01-09 16:40 - 2015-01-09 16:40 - 01250513 _____ () C:\Users\Pavel\Downloads\2147497692.zip
2015-01-08 23:31 - 2015-01-08 23:31 - 00003276 _____ () C:\Windows\System32\Tasks\avastBCLRestartS-1-5-21-1652633647-405593163-2038319680-1000
2015-01-08 21:11 - 2015-01-08 21:11 - 00025592 _____ () C:\Users\Pavel\Downloads\The.Walking.Dead.S04E02.1080p.WEB-DL.AAC2.0.H.264-Cyphanix.srt
2015-01-07 14:42 - 2015-01-07 14:42 - 00403056 _____ () C:\Users\Pavel\Downloads\tree-silhouette-pack.zip
2015-01-07 14:38 - 2015-01-07 14:38 - 00022256 _____ () C:\Users\Pavel\Downloads\deer5.eps
2015-01-07 14:37 - 2015-01-07 14:37 - 02037575 _____ () C:\Users\Pavel\Downloads\2147501607.zip
2015-01-07 13:45 - 2015-01-07 13:46 - 02560341 _____ () C:\Users\Pavel\Downloads\2147499528.zip
2015-01-07 12:46 - 2015-01-07 12:46 - 01313446 _____ () C:\Users\Pavel\Downloads\2147496662.zip
2015-01-07 10:22 - 2015-01-07 10:22 - 03652619 _____ () C:\Users\Pavel\Downloads\2147499043 (1).zip
2015-01-07 10:09 - 2015-01-07 10:09 - 00976818 _____ () C:\Users\Pavel\Downloads\2147496399.zip
2015-01-07 09:57 - 2015-01-07 09:57 - 00180571 _____ () C:\Users\Pavel\Downloads\father-s-day-riding-bike-with-son.zip
2015-01-07 09:46 - 2015-01-07 09:46 - 00184136 _____ () C:\Users\Pavel\Downloads\delivery-character-set.zip
2015-01-06 23:18 - 2015-01-06 23:19 - 03652619 _____ () C:\Users\Pavel\Downloads\2147499043.zip
2015-01-06 20:04 - 2015-01-06 20:04 - 00052751 _____ () C:\Users\Pavel\Downloads\typesetit_great-vibes.zip
2015-01-06 20:03 - 2015-01-06 20:03 - 00564594 _____ () C:\Users\Pavel\Downloads\måns-grebäck_respective.zip
2015-01-06 19:57 - 2015-01-06 19:57 - 00027602 _____ () C:\Users\Pavel\Downloads\alex-brush.zip
2015-01-06 19:35 - 2015-01-06 19:35 - 02869330 _____ () C:\Users\Pavel\Downloads\2147498302.zip
2015-01-06 19:30 - 2015-01-06 19:30 - 01479398 _____ () C:\Users\Pavel\Downloads\2147493763.zip
2015-01-06 19:18 - 2015-01-06 19:18 - 01509625 _____ () C:\Users\Pavel\Downloads\2147496900 (1).zip
2015-01-06 18:05 - 2015-01-06 18:05 - 04779285 _____ () C:\Users\Pavel\Downloads\pretty-winter-birds-in-tree-background.zip
2015-01-06 18:05 - 2015-01-06 18:05 - 02632684 _____ () C:\Users\Pavel\Downloads\2147499373 (2).zip
2015-01-06 18:03 - 2015-01-06 18:03 - 02632684 _____ () C:\Users\Pavel\Downloads\2147499373.zip
2015-01-06 18:03 - 2015-01-06 18:03 - 02632684 _____ () C:\Users\Pavel\Downloads\2147499373 (1).zip
2015-01-06 18:03 - 2015-01-06 18:03 - 00900318 _____ () C:\Users\Pavel\Downloads\2147496923.zip
2015-01-06 17:48 - 2015-01-06 17:48 - 00895851 _____ () C:\Users\Pavel\Downloads\2147496928.zip
2015-01-05 23:02 - 2015-01-05 23:03 - 02739321 _____ () C:\Users\Pavel\Downloads\2147500187 (1).zip
2015-01-05 23:02 - 2015-01-05 23:02 - 02739321 _____ () C:\Users\Pavel\Downloads\2147500187.zip
2015-01-05 22:55 - 2015-01-05 22:56 - 07977056 _____ () C:\Users\Pavel\Downloads\2147501410.zip
2015-01-05 19:39 - 2015-01-05 19:39 - 00575350 _____ () C:\Users\Pavel\Downloads\painting_birds_vector_293485.zip
2015-01-05 19:37 - 2015-01-05 19:37 - 00578175 _____ () C:\Users\Pavel\Downloads\chinese_painting_bird_vector_293486.zip
2015-01-05 19:35 - 2015-01-05 19:35 - 00178753 _____ () C:\Users\Pavel\Downloads\vector-lovebirds_2012_03_19.zip
2015-01-05 19:34 - 2015-01-05 19:35 - 08416220 _____ () C:\Users\Pavel\Downloads\European-retro-bird-and-flower-painting004.rar
2015-01-05 19:32 - 2015-01-05 19:32 - 04277656 _____ () C:\Users\Pavel\Downloads\127_animals.zip
2015-01-05 19:29 - 2015-01-05 19:29 - 00743614 _____ () C:\Users\Pavel\Downloads\realistic-colorful-bird-pack.zip
2015-01-05 10:05 - 2015-01-05 10:05 - 00038912 _____ () C:\Users\Pavel\Downloads\dodaci-list bonami.xls
2015-01-04 20:50 - 2015-01-04 20:51 - 02954904 _____ () C:\Users\Pavel\Downloads\2147498051.zip
2015-01-04 20:25 - 2015-01-04 20:25 - 01520529 _____ () C:\Users\Pavel\Downloads\2147496953.zip
2015-01-04 20:12 - 2015-01-04 20:12 - 00589532 _____ () C:\Users\Pavel\Downloads\sverige_script.zip
2015-01-04 20:10 - 2015-01-04 20:10 - 01180564 _____ () C:\Users\Pavel\Downloads\florence_regular.zip
2015-01-04 20:07 - 2015-01-04 20:07 - 00021868 _____ () C:\Users\Pavel\Downloads\monty.ttf
2015-01-04 18:14 - 2015-01-04 18:14 - 01460256 _____ () C:\Users\Pavel\Downloads\2147502071 (1).zip
2015-01-04 18:13 - 2015-01-04 18:13 - 01460256 _____ () C:\Users\Pavel\Downloads\2147502071.zip
2015-01-04 18:06 - 2015-01-04 18:06 - 01599463 _____ () C:\Users\Pavel\Downloads\2147499955.zip
2015-01-04 18:02 - 2015-01-04 18:03 - 22308043 _____ () C:\Users\Pavel\Downloads\2147501868.zip
2015-01-04 17:51 - 2015-01-04 17:52 - 03306629 _____ () C:\Users\Pavel\Downloads\2147493214 (1).zip
2015-01-04 17:49 - 2015-01-04 17:49 - 03217199 _____ () C:\Users\Pavel\Downloads\2147493765.zip
2015-01-04 17:48 - 2015-01-04 17:48 - 06961509 _____ () C:\Users\Pavel\Downloads\2147491449.zip
2015-01-04 17:45 - 2015-01-04 17:45 - 01592798 _____ () C:\Users\Pavel\Downloads\2147491436.zip
2015-01-04 17:39 - 2015-01-04 17:39 - 02796884 _____ () C:\Users\Pavel\Downloads\2147489627.zip
2015-01-03 20:08 - 2015-01-03 20:08 - 01771150 _____ () C:\Users\Pavel\Downloads\2147497436.zip
2015-01-03 19:53 - 2015-01-03 19:53 - 01696626 _____ () C:\Users\Pavel\Downloads\2147492556.zip
2015-01-03 19:51 - 2015-01-03 19:51 - 02996535 _____ () C:\Users\Pavel\Downloads\pixel77-free-vector-watercolor-lips-1008.zip
2015-01-03 19:38 - 2015-01-03 19:38 - 00219165 _____ () C:\Users\Pavel\Downloads\a_woman39s_eyes_color_vector_161767.zip

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-30 02:45 - 2013-11-08 19:04 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\uTorrent
2015-01-30 02:36 - 2014-04-16 00:51 - 01914213 _____ () C:\Windows\WindowsUpdate.log
2015-01-30 02:35 - 2013-11-08 20:33 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-30 02:05 - 2009-07-14 05:45 - 00026768 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-30 02:05 - 2009-07-14 05:45 - 00026768 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-30 01:51 - 2013-11-08 20:33 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-30 01:51 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-30 01:49 - 2013-10-21 15:54 - 00000000 ____D () C:\ProgramData\Lavasoft
2015-01-30 01:21 - 2013-11-08 20:48 - 00000000 ____D () C:\ProgramData\Spyware Terminator
2015-01-30 01:00 - 2013-11-08 20:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware Terminator 2012
2015-01-30 01:00 - 2013-11-08 20:47 - 00000000 ____D () C:\Program Files (x86)\Spyware Terminator
2015-01-30 00:49 - 2013-09-26 15:44 - 00000000 ____D () C:\ProgramData\TEMP
2015-01-29 23:58 - 2012-11-30 18:44 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-01-29 23:56 - 2012-11-20 22:31 - 00185016 _____ () C:\Users\Pavel\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-29 23:55 - 2009-07-14 05:45 - 05287208 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-29 21:03 - 2013-09-08 12:26 - 00000000 ____D () C:\Users\Pavel\Desktop\KU
2015-01-29 10:49 - 2011-04-12 09:34 - 00666320 _____ () C:\Windows\system32\perfh005.dat
2015-01-29 10:49 - 2011-04-12 09:34 - 00140016 _____ () C:\Windows\system32\perfc005.dat
2015-01-29 10:49 - 2009-07-14 06:13 - 01577062 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-27 16:02 - 2014-10-24 18:13 - 00000099 _____ () C:\Users\Public\LMDebug.log
2015-01-26 17:29 - 2013-09-19 08:58 - 00000000 ____D () C:\Users\Pavel\Desktop\práce
2015-01-24 15:41 - 2013-12-19 22:10 - 00000000 ____D () C:\Users\Pavel\Desktop\byt
2015-01-20 21:28 - 2014-11-22 10:59 - 00000000 ____D () C:\Users\Pavel\Desktop\zivotopis
2015-01-19 13:43 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\LiveKernelReports
2015-01-18 18:46 - 2014-06-19 12:12 - 00000000 ____D () C:\Users\Pavel\Desktop\osu, prodekanka, vedouci katedry
2015-01-14 14:33 - 2013-08-14 22:34 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-14 14:30 - 2012-11-20 22:45 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-12 11:45 - 2013-10-22 07:54 - 00000000 ____D () C:\Users\Pavel\Desktop\Pozemky
2015-01-12 11:44 - 2014-12-13 11:03 - 00000000 ____D () C:\Users\Pavel\Desktop\Passat
2015-01-12 11:41 - 2013-09-09 21:06 - 00000000 ____D () C:\Users\Pavel\Desktop\likvidace
2015-01-08 23:31 - 2014-12-23 14:00 - 00001135 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-01-06 04:36 - 2010-11-21 04:27 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Files in the root of some directories =======

2014-12-19 08:12 - 2014-12-19 08:12 - 0000132 _____ () C:\Users\Pavel\AppData\Roaming\Adobe Formát GIF CS6 – předvolby
2014-06-21 11:58 - 2014-06-21 13:52 - 0000132 _____ () C:\Users\Pavel\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2014-11-15 19:44 - 2014-11-15 19:44 - 181974983 _____ () C:\Users\Pavel\AppData\Local\ACCCx2_8_1_451.zip.aamdownload
2014-11-15 19:44 - 2014-11-15 19:44 - 0002174 _____ () C:\Users\Pavel\AppData\Local\ACCCx2_8_1_451.zip.aamdownload.aamd
2012-12-21 23:09 - 2014-11-15 22:15 - 0001480 _____ () C:\Users\Pavel\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2013-02-04 10:51 - 2013-11-08 18:36 - 0003249 _____ () C:\ProgramData\hpzinstall.log

Some content of TEMP:
====================
C:\Users\Pavel\AppData\Local\Temp\e5b08f4a-2ddc-453e-b231-12b1d61fcf21.exe
C:\Users\Pavel\AppData\Local\Temp\InstHelper.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-01-24 00:53

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:108.3 GB) (Free:24.78 GB) NTFS
Drive d: () (Fixed) (Total:823.11 GB) (Free:231.47 GB) NTFS

Available physical RAM: 5132.04 MB
Total physical RAM: 8067.64 MB
Percentage of memory in use: 36%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: D10729AB)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=108.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=823.1 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9
AlternateDataStreams: C:\Users\Pavel\Downloads\fwd-_preklad_a_korektura.eml:OECustomProperty

==================== Security Center ==================

AV: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
AS: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Pavel\Desktop" je 7244 MB.

***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\20131121
C:\Program Files\AVAST Software\Avast\setup\emupdate\7fb2eaf7-f5be-4ce4-a98f-1feaac3774c8.exe /check [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdAwareTray
"C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareTray.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCEPServiceManager
"C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe" -launchedbylogin [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5.5ServiceManager
"C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager
"C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS6ServiceManager
"C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnUpdater
"C:\Program Files (x86)\Ask.com\Updater\Updater.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppsHat
C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync
"C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CDAServer
C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate
"C:\Users\Pavel\AppData\Roaming\Seznam.cz\szninstall.exe" -c [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop
"C:\Users\Pavel\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GarminExpressTrayApp
"C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds
C:\Windows\system32\hkcmd.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update
C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\icq
C:\Users\Pavel\AppData\Roaming\ICQM\icq.exe -CU [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray
C:\Windows\system32\igfxtray.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMSS
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Optimizer Pro
C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence
C:\Windows\system32\igfxpers.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDP
C:\Users\Pavel\AppData\Local\FilesFrog Update Checker\update_checker.exe /auto [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce
"C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar
C:\Program Files\Windows Sidebar\sidebar.exe /autoRun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorShield
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorUpdater
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard
C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrojanScanner
C:\Program Files (x86)\Trojan Remover\Trjscan.exe /boot [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USB3MON
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent
"C:\Users\Pavel\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Web Companion
C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk
C:\PROGRA~2\HP\DIGITA~1\bin\hpqtra08.exe

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

#3 Příspěvek od **altrok** » 30 led 2015 02:56

Dobry vecer

dejte log z rkillu - C:\Users\Pavel\Desktop\Rkill.txt

Ulozte na plochu OTL http://oldtimer.geekstogo.com/OTL.exe

kliknete pravym na ikonu OTL a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
zatrhnete moznosti Pro vsechny uzivatele, Kontrola na havet "LOP", Kontrola na havěť "Purity"
do okna dole (Custom Scans/Fixes) zkopirujte script, ktery je nize
zbytek ponechte, jak je a kliknete na Prohledat
vysledne logy (OTL.txt a Extras.txt) budou dlouhe, takze je rozdelte do vice prispevku (odpovedi)

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

kokopraise · #4 Příspěvek od **kokopraise** » 30 led 2015 03:01

Rkill 2.7.0 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2015 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 01/30/2015 02:27:25 AM in x64 mode.
Windows Version: Windows 7 Ultimate Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\Users\Pavel\Downloads\HijackThis.exe (PID: 5272) [UP-HEUR]

1 proccess terminated!

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
* HKLM\Software\Classes\.exe\shell found and deleted!

Performing miscellaneous checks:

kokopraise · #5 Příspěvek od **kokopraise** » 30 led 2015 11:09

a OTL se mi nedaří provést, sekne se to a přestane scanovat po asi hodince

#6 Příspěvek od **altrok** » 30 led 2015 12:49

OK, upravime skript. Ulozte na plochu OTL http://oldtimer.geekstogo.com/OTL.exe

kliknete pravym na ikonu OTL a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
zatrhnete moznosti Pro vsechny uzivatele, Kontrola na havet "LOP", Kontrola na havěť "Purity"
do okna dole (Custom Scans/Fixes) zkopirujte script, ktery je nize
zbytek ponechte, jak je a kliknete na Prohledat
vysledne logy (OTL.txt a Extras.txt) budou dlouhe, takze je rozdelte do vice prispevku (odpovedi)

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

kokopraise · #7 Příspěvek od **kokopraise** » 30 led 2015 13:00

můžu na pc během toho co běží OTL pracovat? Ráno to běželo minimálně hodinku než se to seklo

#8 Příspěvek od **altrok** » 30 led 2015 13:03

Jedna se o skenovaci utilitu a ja pri jeji cinnosti nechavam PC radeji v klidu, ale myslim, ze na PC po cas skenu muzete pracovat... sken trva cca 15 min.

kokopraise · #9 Příspěvek od **kokopraise** » 30 led 2015 13:10

když jsem to nechal běžet prvně , kolem té 3tí ráno, tak to běželo dobré 2 hodinky do záseku

v 8 ráno jsem to zapl znova, ale na rychlé vyhledávání a seklo se to zhruba za hodinu

#10 Příspěvek od **altrok** » 30 led 2015 13:12

Ve skriptu byla chyba, kterou obcas PC neprekousne... proto jsme skript upravili. Ted by mel projit bez problemu.

kokopraise · #11 Příspěvek od **kokopraise** » 30 led 2015 13:43

OTL logfile created on: 30.1.2015 12:57:21 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Pavel\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17501)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

7,88 Gb Total Physical Memory | 5,97 Gb Available Physical Memory | 75,77% Memory free
15,76 Gb Paging File | 13,81 Gb Available in Paging File | 87,67% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 108,30 Gb Total Space | 30,96 Gb Free Space | 28,59% Space Free | Partition Type: NTFS
Drive D: | 823,11 Gb Total Space | 224,68 Gb Free Space | 27,30% Space Free | Partition Type: NTFS

Computer Name: PAVEL-PC | User Name: Pavel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2015.01.30 03:02:16 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Pavel\Desktop\OTL.exe
PRC - [2015.01.25 22:08:43 | 000,843,592 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2015.01.23 06:39:54 | 001,364,392 | ---- | M] (Lavasoft Limited) -- C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.1.4\LavasoftTcpService.exe
PRC - [2015.01.21 09:46:39 | 001,374,032 | ---- | M] (BitTorrent Inc.) -- C:\Users\Pavel\AppData\Roaming\uTorrent\uTorrent.exe
PRC - [2014.10.01 14:40:28 | 001,349,576 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
PRC - [2014.07.31 19:34:37 | 004,085,896 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\avastui.exe
PRC - [2014.07.20 15:34:31 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.09.23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.07.19 09:53:10 | 000,277,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012.07.05 13:23:34 | 000,166,720 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
PRC - [2012.07.05 13:23:18 | 000,129,856 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
PRC - [2011.11.18 17:14:48 | 000,788,992 | ---- | M] () -- C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
PRC - [2009.07.20 10:51:52 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe

========== Modules (No Company Name) ==========

MOD - [2015.01.25 22:08:40 | 009,170,760 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\pdf.dll
MOD - [2015.01.25 22:08:35 | 001,117,512 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\libglesv2.dll
MOD - [2015.01.25 22:08:34 | 000,211,272 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\libegl.dll
MOD - [2014.07.20 15:34:32 | 019,329,904 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2014.07.20 15:34:32 | 000,301,152 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\aswProperty.dll
MOD - [2011.11.18 17:14:48 | 000,788,992 | ---- | M] () -- C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
MOD - [2011.08.25 14:02:18 | 001,425,920 | ---- | M] () -- C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\nicLan.dll
MOD - [2011.03.31 15:36:56 | 000,128,000 | ---- | M] () -- C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WJWF\WJWF.dll
MOD - [2011.03.31 15:36:56 | 000,111,616 | ---- | M] () -- C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WJWF\WJWF_WPS_WIN7.dll
MOD - [2011.03.31 15:36:46 | 000,167,424 | ---- | M] () -- C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\DC_WFF.dll

========== Services (SafeList) ==========

SRV:64bit: - [2014.11.22 03:35:29 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014.10.01 14:40:28 | 001,349,576 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2014.07.20 15:34:31 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2013.05.27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2012.06.19 19:10:34 | 000,634,632 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV:64bit: - [2010.11.30 13:27:58 | 000,336,824 | ---- | M] (arvato digital services llc) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2_x64)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2015.01.23 06:39:54 | 001,364,392 | ---- | M] (Lavasoft Limited) [Auto | Running] -- C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.1.4\LavasoftTcpService.exe -- (LavasoftTcpService)
SRV - [2015.01.23 06:38:32 | 000,015,208 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe -- (SearchProtectionService)
SRV - [2014.11.26 17:40:36 | 000,114,800 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014.11.04 23:48:46 | 001,146,272 | ---- | M] (Crawler.com) [Auto | Running] -- C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe -- (ST2012_Svc)
SRV - [2014.10.01 11:09:30 | 000,968,504 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2014.10.01 11:09:28 | 001,871,160 | ---- | M] (Malwarebytes Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2014.07.23 07:44:16 | 000,438,616 | ---- | M] (Garmin Ltd or its subsidiaries) [Auto | Stopped] -- C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe -- (Garmin Core Update Service)
SRV - [2014.03.20 23:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2014.02.28 10:32:36 | 000,174,368 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe -- (iumsvc)
SRV - [2012.09.23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.08.25 03:54:25 | 000,276,288 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012.07.19 09:53:16 | 000,365,376 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012.07.19 09:53:10 | 000,277,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012.07.05 13:23:34 | 000,166,720 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012.07.05 13:23:18 | 000,129,856 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe -- (Intel(R)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.09.20 11:55:20 | 001,037,824 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2009.07.20 10:51:52 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2014.12.11 20:59:13 | 000,129,752 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV:64bit: - [2014.11.22 08:54:41 | 001,041,168 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsnx.sys -- (aswSnx)
DRV:64bit: - [2014.10.10 08:59:12 | 000,243,440 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2014.10.10 08:59:12 | 000,169,280 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2014.10.10 08:59:12 | 000,158,968 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV:64bit: - [2014.10.01 11:11:26 | 000,063,704 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV:64bit: - [2014.10.01 11:11:12 | 000,025,816 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2014.07.21 07:45:24 | 000,427,360 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsp.sys -- (aswSP)
DRV:64bit: - [2014.07.20 15:34:32 | 000,224,896 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2014.07.20 15:34:32 | 000,093,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2014.07.20 15:34:32 | 000,092,008 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm)
DRV:64bit: - [2014.07.20 15:34:32 | 000,079,184 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2014.07.20 15:34:32 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2014.07.20 15:34:32 | 000,029,208 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:64bit: - [2013.11.08 20:48:06 | 000,051,496 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\stflt.sys -- (sp_rsdrv2)
DRV:64bit: - [2013.04.10 10:38:18 | 000,011,576 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\SSPORT.SYS -- (SSPORT)
DRV:64bit: - [2012.08.24 00:07:42 | 009,000,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012.07.02 15:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012.06.19 15:40:51 | 000,342,528 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2012.04.18 09:05:16 | 000,019,304 | ---- | M] (GARMIN Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\grmnusb.sys -- (grmnusb)
DRV:64bit: - [2012.03.27 01:13:20 | 000,789,272 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012.03.27 01:13:20 | 000,356,632 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012.03.27 01:13:18 | 000,019,224 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.11.03 03:01:00 | 000,056,208 | ---- | M] (Rovi Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2011.09.29 10:30:34 | 000,646,248 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.04.20 03:07:48 | 001,930,240 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athurx.sys -- (athur)
DRV:64bit: - [2010.11.21 04:24:43 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010.11.21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 04:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2010.11.21 04:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2010.11.21 04:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010.11.21 04:23:48 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2010.11.21 04:23:47 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010.11.21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.11.21 04:23:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.12.30 09:21:26 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.dosearches.com/web/?utm_s ... earchTerms}
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.dosearches.com/web/?utm_s ... earchTerms}
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.dosearches.com/web/?utm_s ... earchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.dosearches.com/web/?utm_s ... earchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1652633647-405593163-2038319680-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKU\S-1-5-21-1652633647-405593163-2038319680-1000\SOFTWARE\Microsoft\Internet Explorer\Main,NewTabPageShow = 1
IE - HKU\S-1-5-21-1652633647-405593163-2038319680-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKU\S-1-5-21-1652633647-405593163-2038319680-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1652633647-405593163-2038319680-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securedsearch.lavasoft.com/?pr=v ... net_150130
IE - HKU\S-1-5-21-1652633647-405593163-2038319680-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.google.com
IE - HKU\S-1-5-21-1652633647-405593163-2038319680-1000\..\SearchScopes,DefaultScope = {BDF61FAE-9D19-40F0-8F34-688DEB334CA9}
IE - HKU\S-1-5-21-1652633647-405593163-2038319680-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE11SR
IE - HKU\S-1-5-21-1652633647-405593163-2038319680-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www.buenosearch.com/?q={searchTe ... 3&tsp=5205
IE - HKU\S-1-5-21-1652633647-405593163-2038319680-1000\..\SearchScopes\{67C334C0-408D-4E6D-B5A7-0ADD6AFFA252}: "URL" = http://www.google.com/search?q={searchT ... utEncoding?}
IE - HKU\S-1-5-21-1652633647-405593163-2038319680-1000\..\SearchScopes\{BDF61FAE-9D19-40F0-8F34-688DEB334CA9}: "URL" = http://securedsearch.lavasoft.com/resul ... earchTerms}
IE - HKU\S-1-5-21-1652633647-405593163-2038319680-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1652633647-405593163-2038319680-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = :0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.defaultenginename: "Ad-Aware SecureSearch"
FF - prefs.js..browser.search.defaultthis.engineName: "Google"
FF - prefs.js..browser.search.defaulturl: "https://www.google.com/search"
FF - prefs.js..browser.search.isUS: false
FF - prefs.js..browser.search.order.1: "Google"
FF - prefs.js..browser.search.selectedEngine: "Ad-Aware SecureSearch"
FF - prefs.js..browser.startup.homepage: "http://securedsearch.lavasoft.com/?pr=v ... net_150130"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:34.0.5
FF - prefs.js..keyword.URL: "https://www.google.com/search"
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_110.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll ()
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014.07.20 15:34:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013.02.04 10:56:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 34.0.5\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 34.0.5\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013.02.04 10:56:31 | 000,000,000 | ---D | M]

[2014.12.23 14:07:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions
[2015.01.30 01:07:31 | 000,001,644 | ---- | M] () -- C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\tije5ak8.default\searchplugins\securesearch.xml
[2014.04.02 19:59:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2014.12.23 14:00:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014.12.23 14:00:19 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

kokopraise · #12 Příspěvek od **kokopraise** » 30 led 2015 13:44

========== Chrome ==========

CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\10.0.2502.149_0\
CHR - Extension: No name found = C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.0.2502.149_0\
CHR - Extension: No name found = C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_1\

O1 HOSTS File: ([2012.11.22 17:44:21 | 000,002,617 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 3dns-1.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-4.adobe.com
O1 - Hosts: 127.0.0.1 3dns.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip1.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip2.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip4.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-1.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-4.adobe.com
O1 - Hosts: 33 more lines...
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found.
O3 - HKU\S-1-5-21-1652633647-405593163-2038319680-1000\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1652633647-405593163-2038319680-1000..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-21-1652633647-405593163-2038319680-1000..\Run: [uTorrent] C:\Users\Pavel\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\LavasoftTcpService64.dll (Lavasoft Limited)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\LavasoftTcpService64.dll (Lavasoft Limited)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\LavasoftTcpService64.dll (Lavasoft Limited)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\LavasoftTcpService64.dll (Lavasoft Limited)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000015 - C:\Windows\SysNative\LavasoftTcpService64.dll (Lavasoft Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWow64\LavasoftTcpService.dll (Lavasoft Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWow64\LavasoftTcpService.dll (Lavasoft Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWow64\LavasoftTcpService.dll (Lavasoft Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWow64\LavasoftTcpService.dll (Lavasoft Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\SysWow64\LavasoftTcpService.dll (Lavasoft Limited)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-1652633647-405593163-2038319680-1000\..Trusted Domains: localhost ([]http in Internet)
O16:64bit: - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{56506EA1-D205-421B-87DC-785E6365A5E0}: DhcpNameServer = 192.168.15.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FE9DDF3F-111E-4ACA-96E8-3008D95C9375}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{737d350d-26cc-11e3-9141-902b34957c42}\Shell - "" = AutoRun
O33 - MountPoints2\{737d350d-26cc-11e3-9141-902b34957c42}\Shell\AutoRun\command - "" = J:\autorun\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2015.01.30 03:01:59 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Pavel\Desktop\OTL.exe
[2015.01.30 02:53:22 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\ESET
[2015.01.30 02:45:26 | 000,000,000 | ---D | C] -- C:\FRST
[2015.01.30 02:44:42 | 000,112,640 | ---- | C] (forum.viry.cz) -- C:\Users\Pavel\Desktop\FRSTLauncher(1).exe
[2015.01.30 02:41:14 | 002,130,432 | ---- | C] (Farbar) -- C:\Users\Pavel\Desktop\FRST64.exe
[2015.01.30 02:31:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
[2015.01.30 02:31:57 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2015.01.30 02:31:57 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2015.01.30 01:07:22 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\Lavasoft
[2015.01.30 01:07:14 | 000,378,832 | ---- | C] (Lavasoft Limited) -- C:\Windows\SysNative\LavasoftTcpService64.dll
[2015.01.30 01:07:10 | 000,332,216 | ---- | C] (Lavasoft Limited) -- C:\Windows\SysWow64\LavasoftTcpService.dll
[2015.01.30 01:06:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lavasoft
[2015.01.30 01:06:12 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Roaming\Lavasoft
[2015.01.30 01:05:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
[2015.01.30 01:00:50 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Roaming\LavasoftStatistics
[2015.01.30 00:42:38 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Roaming\Simply Super Software
[2015.01.30 00:38:13 | 000,000,000 | ---D | C] -- C:\Users\Pavel\Documents\Simply Super Software
[2015.01.30 00:38:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Licenses
[2015.01.30 00:38:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trojan Remover
[2015.01.30 00:37:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trojan Remover
[2015.01.30 00:37:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Simply Super Software
[2015.01.17 23:13:24 | 000,000,000 | ---D | C] -- C:\Users\Pavel\Desktop\Splň si sny v SABANERO_files
[2015.01.17 22:54:30 | 000,000,000 | ---D | C] -- C:\Users\Pavel\Desktop\Práce Grafik, pracovník reklamy - Karel Fukala - Atelier eye - Havířov Indeed.com_files
[2015.01.17 22:20:31 | 000,000,000 | ---D | C] -- C:\Users\Pavel\Desktop\Prace.cz - GRAFIK - ADMINISTRATIVNÍ PRACOVNÍK_files
[2015.01.17 22:15:40 | 000,000,000 | ---D | C] -- C:\Users\Pavel\Desktop\Prace.cz - TECHNICKÝ GRAFIK GRAFIČKA_files
[2015.01.16 10:54:30 | 005,553,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2015.01.16 10:54:30 | 003,971,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2015.01.16 10:54:29 | 003,916,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2015.01.16 10:54:29 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2015.01.16 10:54:29 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe
[2015.01.16 10:54:29 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srclient.dll
[2015.01.14 10:01:01 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll
[2015.01.14 10:01:01 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll
[2015.01.14 10:01:01 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe
[2015.01.12 11:47:24 | 000,000,000 | ---D | C] -- C:\Users\Pavel\Desktop\Byt Bohumín
[2015.01.12 11:40:46 | 000,000,000 | ---D | C] -- C:\Users\Pavel\Desktop\Zajímavé
[2015.01.12 11:38:55 | 000,000,000 | ---D | C] -- C:\Users\Pavel\Desktop\Pičus z el. společnosti
[2015.01.10 00:05:19 | 000,000,000 | ---D | C] -- C:\Users\Pavel\Desktop\Lindex Central Europe - Sales Assistant Prodavačka_files
[1 C:\Users\Pavel\Desktop\*.tmp files -> C:\Users\Pavel\Desktop\*.tmp -> ]
[1 C:\Users\Pavel\AppData\Local\*.tmp files -> C:\Users\Pavel\AppData\Local\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2015.01.30 13:00:45 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2015.01.30 12:53:26 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015.01.30 12:52:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015.01.30 12:52:45 | 2049,683,455 | -HS- | M] () -- C:\hiberfil.sys
[2015.01.30 12:48:23 | 000,000,000 | ---- | M] () -- C:\Users\Pavel\AppData\Local\{D00617FA-3E29-4D22-A084-EDC5C21D78A1}
[2015.01.30 12:35:01 | 000,000,952 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015.01.30 03:16:10 | 000,000,681 | ---- | M] () -- C:\Users\Pavel\Desktop\trutriko – zástupce.lnk
[2015.01.30 03:02:16 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Pavel\Desktop\OTL.exe
[2015.01.30 02:44:45 | 000,112,640 | ---- | M] (forum.viry.cz) -- C:\Users\Pavel\Desktop\FRSTLauncher(1).exe
[2015.01.30 02:41:32 | 002,130,432 | ---- | M] (Farbar) -- C:\Users\Pavel\Desktop\FRST64.exe
[2015.01.30 02:05:04 | 000,026,768 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015.01.30 02:05:03 | 000,026,768 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015.01.30 02:01:03 | 000,000,708 | ---- | M] () -- C:\Users\Pavel\Desktop\focení vlak – zástupce.lnk
[2015.01.30 01:07:18 | 000,005,096 | ---- | M] () -- C:\Windows\SysWow64\LavasoftTcpService.ini
[2015.01.30 01:07:18 | 000,002,792 | ---- | M] () -- C:\Windows\SysWow64\LavasoftTcpServiceOff.ini
[2015.01.30 01:07:18 | 000,002,792 | ---- | M] () -- C:\Windows\SysNative\LavasoftTcpServiceOff.ini
[2015.01.30 01:00:11 | 000,001,038 | ---- | M] () -- C:\Users\Public\Desktop\Spyware Terminator 2012.lnk
[2015.01.30 00:38:03 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Trojan Remover.lnk
[2015.01.29 23:55:58 | 005,287,208 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2015.01.29 10:49:43 | 001,577,062 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2015.01.29 10:49:43 | 000,666,320 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2015.01.29 10:49:43 | 000,652,064 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2015.01.29 10:49:43 | 000,140,016 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2015.01.29 10:49:43 | 000,120,996 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2015.01.28 15:21:24 | 000,024,417 | ---- | M] () -- C:\Users\Pavel\Desktop\43119748.jpg
[2015.01.27 14:01:17 | 000,069,645 | ---- | M] () -- C:\Users\Pavel\Desktop\10929545_862991227075361_7024254972959069837_n.jpg
[2015.01.27 13:56:21 | 000,043,945 | ---- | M] () -- C:\Users\Pavel\Desktop\10940406_1523609031254194_3522214267458710924_n.jpg
[2015.01.27 13:56:03 | 000,101,164 | ---- | M] () -- C:\Users\Pavel\Desktop\19295_928755240468860_5431682751960507622_n.jpg
[2015.01.26 23:37:51 | 000,008,283 | ---- | M] () -- C:\Users\Pavel\Desktop\10689829_855346311178079_6100436613737316383_n.jpg
[2015.01.26 23:37:35 | 000,023,341 | ---- | M] () -- C:\Users\Pavel\Desktop\10922807_777870252304464_562394177313138864_n.jpg
[2015.01.23 06:39:54 | 000,378,832 | ---- | M] (Lavasoft Limited) -- C:\Windows\SysNative\LavasoftTcpService64.dll
[2015.01.23 06:39:52 | 000,332,216 | ---- | M] (Lavasoft Limited) -- C:\Windows\SysWow64\LavasoftTcpService.dll
[2015.01.21 01:56:52 | 000,039,854 | ---- | M] () -- C:\Users\Pavel\Desktop\7_545_129210__2014-12-29_12-16-09_6.jpg
[2015.01.19 20:32:57 | 000,180,433 | ---- | M] () -- C:\Users\Pavel\Desktop\1395591278img_9785-.jpg
[2015.01.17 23:13:24 | 000,045,832 | ---- | M] () -- C:\Users\Pavel\Desktop\Splň si sny v SABANERO.html
[2015.01.17 22:54:30 | 000,037,985 | ---- | M] () -- C:\Users\Pavel\Desktop\Práce Grafik, pracovník reklamy - Karel Fukala - Atelier eye - Havířov Indeed.com.html
[2015.01.17 22:20:31 | 000,019,966 | ---- | M] () -- C:\Users\Pavel\Desktop\Prace.cz - GRAFIK - ADMINISTRATIVNÍ PRACOVNÍK.html
[2015.01.17 22:15:40 | 000,019,530 | ---- | M] () -- C:\Users\Pavel\Desktop\Prace.cz - TECHNICKÝ GRAFIK GRAFIČKA.html
[2015.01.16 13:40:29 | 000,121,353 | ---- | M] () -- C:\Users\Pavel\Desktop\faktura.pdf
[2015.01.16 13:36:26 | 000,122,460 | ---- | M] () -- C:\Users\Pavel\Desktop\faktura bonami,machotova.pdf
[2015.01.14 11:48:14 | 000,281,028 | ---- | M] () -- C:\Users\Pavel\Desktop\kolo guma.jpg
[2015.01.12 22:41:36 | 000,240,184 | ---- | M] () -- C:\Users\Pavel\Desktop\gigi limbac.jpg
[2015.01.10 00:05:19 | 000,011,138 | ---- | M] () -- C:\Users\Pavel\Desktop\Lindex Central Europe - Sales Assistant Prodavačka.html
[1 C:\Users\Pavel\Desktop\*.tmp files -> C:\Users\Pavel\Desktop\*.tmp -> ]
[1 C:\Users\Pavel\AppData\Local\*.tmp files -> C:\Users\Pavel\AppData\Local\*.tmp -> ]

========== Files Created - No Company Name ==========

[2015.01.30 12:48:23 | 000,000,000 | ---- | C] () -- C:\Users\Pavel\AppData\Local\{D00617FA-3E29-4D22-A084-EDC5C21D78A1}
[2015.01.30 03:16:10 | 000,000,681 | ---- | C] () -- C:\Users\Pavel\Desktop\trutriko – zástupce.lnk
[2015.01.30 03:06:44 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2015.01.30 02:01:04 | 000,000,708 | ---- | C] () -- C:\Users\Pavel\Desktop\focení vlak – zástupce.lnk
[2015.01.30 01:07:18 | 000,005,096 | ---- | C] () -- C:\Windows\SysWow64\LavasoftTcpService.ini
[2015.01.30 01:07:18 | 000,002,792 | ---- | C] () -- C:\Windows\SysWow64\LavasoftTcpServiceOff.ini
[2015.01.30 01:07:18 | 000,002,792 | ---- | C] () -- C:\Windows\SysNative\LavasoftTcpServiceOff.ini
[2015.01.30 01:00:11 | 000,001,038 | ---- | C] () -- C:\Users\Public\Desktop\Spyware Terminator 2012.lnk
[2015.01.30 00:38:03 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Trojan Remover.lnk
[2015.01.28 15:21:24 | 000,024,417 | ---- | C] () -- C:\Users\Pavel\Desktop\43119748.jpg
[2015.01.27 14:01:16 | 000,069,645 | ---- | C] () -- C:\Users\Pavel\Desktop\10929545_862991227075361_7024254972959069837_n.jpg
[2015.01.27 13:56:20 | 000,043,945 | ---- | C] () -- C:\Users\Pavel\Desktop\10940406_1523609031254194_3522214267458710924_n.jpg
[2015.01.27 13:56:03 | 000,101,164 | ---- | C] () -- C:\Users\Pavel\Desktop\19295_928755240468860_5431682751960507622_n.jpg
[2015.01.26 23:37:49 | 000,008,283 | ---- | C] () -- C:\Users\Pavel\Desktop\10689829_855346311178079_6100436613737316383_n.jpg
[2015.01.26 23:37:33 | 000,023,341 | ---- | C] () -- C:\Users\Pavel\Desktop\10922807_777870252304464_562394177313138864_n.jpg
[2015.01.21 01:56:51 | 000,039,854 | ---- | C] () -- C:\Users\Pavel\Desktop\7_545_129210__2014-12-29_12-16-09_6.jpg
[2015.01.19 20:32:57 | 000,180,433 | ---- | C] () -- C:\Users\Pavel\Desktop\1395591278img_9785-.jpg
[2015.01.17 23:13:23 | 000,045,832 | ---- | C] () -- C:\Users\Pavel\Desktop\Splň si sny v SABANERO.html
[2015.01.17 22:54:30 | 000,037,985 | ---- | C] () -- C:\Users\Pavel\Desktop\Práce Grafik, pracovník reklamy - Karel Fukala - Atelier eye - Havířov Indeed.com.html
[2015.01.17 22:20:30 | 000,019,966 | ---- | C] () -- C:\Users\Pavel\Desktop\Prace.cz - GRAFIK - ADMINISTRATIVNÍ PRACOVNÍK.html
[2015.01.17 22:15:39 | 000,019,530 | ---- | C] () -- C:\Users\Pavel\Desktop\Prace.cz - TECHNICKÝ GRAFIK GRAFIČKA.html
[2015.01.16 13:37:40 | 000,121,353 | ---- | C] () -- C:\Users\Pavel\Desktop\faktura.pdf
[2015.01.16 13:36:26 | 000,122,460 | ---- | C] () -- C:\Users\Pavel\Desktop\faktura bonami,machotova.pdf
[2015.01.14 11:48:13 | 000,281,028 | ---- | C] () -- C:\Users\Pavel\Desktop\kolo guma.jpg
[2015.01.12 22:35:25 | 000,240,184 | ---- | C] () -- C:\Users\Pavel\Desktop\gigi limbac.jpg
[2015.01.10 00:05:18 | 000,011,138 | ---- | C] () -- C:\Users\Pavel\Desktop\Lindex Central Europe - Sales Assistant Prodavačka.html
[2014.12.19 08:12:16 | 000,000,132 | ---- | C] () -- C:\Users\Pavel\AppData\Roaming\Adobe Formát GIF CS6 – předvolby
[2014.11.15 19:44:48 | 181,974,983 | ---- | C] () -- C:\Users\Pavel\AppData\Local\ACCCx2_8_1_451.zip.aamdownload
[2014.11.15 19:44:48 | 000,002,174 | ---- | C] () -- C:\Users\Pavel\AppData\Local\ACCCx2_8_1_451.zip.aamdownload.aamd
[2014.10.24 18:06:31 | 001,571,160 | ---- | C] () -- C:\Windows\TotalUninstaller.exe
[2014.06.21 11:58:11 | 000,000,132 | ---- | C] () -- C:\Users\Pavel\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
[2013.09.28 22:48:38 | 000,000,085 | ---- | C] () -- C:\Windows\wininit.ini
[2013.04.10 10:37:16 | 000,094,208 | ---- | C] () -- C:\Windows\SysWow64\ssdevm.dll
[2013.02.04 10:51:37 | 000,242,551 | ---- | C] () -- C:\Windows\hpoins19.dat
[2013.02.04 10:51:37 | 000,013,898 | ---- | C] () -- C:\Windows\hpomdl19.dat
[2012.12.21 23:09:14 | 000,001,480 | ---- | C] () -- C:\Users\Pavel\AppData\Local\Adobe Uložit pro web 13.0 Prefs

========== ZeroAccess Check ==========

[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014.03.25 03:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014.03.25 03:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2014.11.15 22:53:51 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\abgx360
[2013.09.29 22:49:58 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Anthropics
[2012.11.20 23:14:15 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Ashampoo
[2014.07.20 18:46:41 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\AVAST Software
[2013.05.15 23:02:46 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2013.09.28 23:50:14 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Garmin
[2013.11.08 22:09:02 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\GoforFiles
[2013.09.26 15:44:09 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Optimizer Pro
[2013.12.18 01:08:45 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\PDAppFlex
[2014.10.24 18:07:06 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Samsung
[2013.10.01 10:09:21 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Seznam.cz
[2015.01.30 00:42:38 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Simply Super Software
[2013.11.08 20:48:05 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Spyware Terminator
[2013.03.11 13:28:08 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2013.10.22 08:16:35 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\systweak
[2012.12.10 12:57:20 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\TP-LINK
[2015.01.30 13:19:58 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\uTorrent
[2012.12.11 00:24:43 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\VitySoft
[2013.04.10 14:04:44 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Zoner

========== Purity Check ==========

========== Custom Scans ==========

< >
[2009.07.14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 06:08:49 | 000,032,666 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2013.11.08 20:33:10 | 000,000,948 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.11.08 20:33:12 | 000,000,952 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.21 04:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.21 04:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010.11.21 04:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.21 04:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2010.11.21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2010.11.21 04:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\SysWOW64\explorer.exe
[2010.11.21 04:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2010.11.21 04:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\explorer.exe
[2010.11.21 04:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: HAL.DLL >
[2010.11.21 04:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.21 04:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: SCECLI.DLL >
[2010.11.21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.07.14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009.07.14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2014.10.01 11:09:16 | 000,761,656 | ---- | M] (MalwareBytes) MD5=C0AFB3C7E6C7CA3F6E42FF242BBBCB1F -- C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2014.04.05 03:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\SysNative\drivers\tcpip.sys
[2014.04.05 03:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18438_none_113260637d1284ef\tcpip.sys
[2013.05.08 07:14:42 | 001,900,392 | ---- | M] (Microsoft Corporation) MD5=3E94650745D4DAB67E161F5F32CEA597 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22319_none_11d29984961f0be0\tcpip.sys
[2013.11.12 14:08:34 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_1118bb977d265d27\tcpip.sys
[2014.04.05 03:37:43 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=4F80944B03112F486212DC20BE166079 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22648_none_11b12f2896383dd1\tcpip.sys
[2010.11.21 04:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2013.11.12 14:08:34 | 001,896,896 | ---- | M] (Microsoft Corporation) MD5=75F9106B74585D38C8FF6BB5CAD262D7 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_11ad2a34963bde27\tcpip.sys
[2012.08.22 19:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2012.03.30 11:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2013.05.08 07:39:01 | 001,910,632 | ---- | M] (Microsoft Corporation) MD5=9849EA3843A2ADBDD1497E97A85D8CAE -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18148_none_11278ac57d1aa96b\tcpip.sys
[2012.03.30 12:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2013.07.06 06:20:38 | 001,900,992 | ---- | M] (Microsoft Corporation) MD5=B27F13153343BC37A27EAE01634D94E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_1190b9b296509a2f\tcpip.sys
[2013.01.03 07:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2013.01.04 06:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys
[2013.07.06 07:03:53 | 001,910,208 | ---- | M] (Microsoft Corporation) MD5=DB74544B75566C974815E79A62433F29 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_114dcae97cfeb81b\tcpip.sys
[2012.08.22 19:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2014.03.04 12:08:14 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=6CE2AE073BD21C542FC2C707CAE944CC -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce748d1d04acf24f\winlogon.exe
[2014.03.04 10:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8bf35eb848572\winlogon.exe
[2014.07.17 03:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\SysNative\winlogon.exe
[2014.07.17 03:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18540_none_cdc47ed1ebad0e4e\winlogon.exe
[2014.07.16 04:23:23 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=98AA0BFEE089C7E5DADB94190D93456C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22750_none_ce434d9704d2c730\winlogon.exe
[2014.10.01 11:09:16 | 000,761,656 | ---- | M] (MalwareBytes) MD5=C0AFB3C7E6C7CA3F6E42FF242BBBCB1F -- C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\winlogon.exe

< >

< %systemroot%*.* /U /s >
[4 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[4 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[17 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[6 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
[1 C:\Windows\twain_32\*.tmp files -> C:\Windows\twain_32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >
[2005.10.24 16:10:32 | 000,097,792 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\RootkitRevealer.exe

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2014.11.15 22:53:51 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\abgx360
[2014.07.20 21:00:56 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Adobe
[2013.09.29 22:49:58 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Anthropics
[2012.11.20 23:14:15 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Ashampoo
[2014.07.20 18:46:41 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\AVAST Software
[2013.05.15 23:02:46 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012.11.22 18:11:51 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Corel
[2013.09.28 23:50:14 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Garmin
[2013.11.08 22:09:02 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\GoforFiles
[2013.02.04 11:28:01 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\HP
[2012.11.20 22:11:09 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Identities
[2012.11.20 22:30:41 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\InstallShield
[2015.01.30 01:49:26 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Lavasoft
[2015.01.30 01:07:35 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\LavasoftStatistics
[2012.11.20 23:01:22 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Macromedia
[2014.04.22 15:26:15 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Malwarebytes
[2011.04.12 09:45:27 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Media Center Programs
[2015.01.30 01:07:33 | 000,000,000 | --SD | M] -- C:\Users\Pavel\AppData\Roaming\Microsoft
[2014.12.23 14:07:26 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Mozilla
[2013.04.04 22:20:52 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Nero
[2013.09.26 15:44:09 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Optimizer Pro
[2013.12.18 01:08:45 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\PDAppFlex
[2014.10.24 18:07:06 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Samsung
[2013.10.01 10:09:21 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Seznam.cz
[2015.01.30 00:42:38 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Simply Super Software
[2013.11.08 20:48:05 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Spyware Terminator
[2013.03.11 13:28:08 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2013.10.22 08:16:35 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\systweak
[2012.12.10 12:57:20 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\TP-LINK
[2015.01.30 13:33:09 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\uTorrent
[2012.12.11 00:24:43 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\VitySoft
[2012.11.20 23:11:19 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\WinRAR
[2013.04.10 14:04:44 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Zoner

< %APPDATA%\*.exe /s >
[2013.01.13 12:22:37 | 000,038,784 | ---- | M] () -- C:\Users\Pavel\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2015.01.21 09:46:39 | 001,374,032 | ---- | M] (BitTorrent Inc.) -- C:\Users\Pavel\AppData\Roaming\uTorrent\uTorrent.exe
[2013.11.08 19:05:33 | 001,141,328 | ---- | M] (BitTorrent Inc.) -- C:\Users\Pavel\AppData\Roaming\uTorrent\updates\3.3.2_30180.exe
[2013.11.15 19:07:42 | 000,900,440 | ---- | M] (BitTorrent Inc.) -- C:\Users\Pavel\AppData\Roaming\uTorrent\updates\3.3.2_30303.exe
[2014.02.06 10:22:04 | 000,905,296 | ---- | M] (BitTorrent Inc.) -- C:\Users\Pavel\AppData\Roaming\uTorrent\updates\3.3.2_30488.exe
[2014.04.28 22:41:00 | 001,270,352 | ---- | M] (BitTorrent Inc.) -- C:\Users\Pavel\AppData\Roaming\uTorrent\updates\3.4.1_30888.exe
[2014.10.19 08:05:25 | 001,385,808 | ---- | M] (BitTorrent Inc.) -- C:\Users\Pavel\AppData\Roaming\uTorrent\updates\3.4.2_34309.exe
[2014.10.28 07:50:32 | 001,385,808 | ---- | M] (BitTorrent Inc.) -- C:\Users\Pavel\AppData\Roaming\uTorrent\updates\3.4.2_34944.exe
[2014.11.25 20:52:17 | 001,385,808 | ---- | M] (BitTorrent Inc.) -- C:\Users\Pavel\AppData\Roaming\uTorrent\updates\3.4.2_35702.exe
[2015.01.21 09:46:39 | 001,374,032 | ---- | M] (BitTorrent Inc.) -- C:\Users\Pavel\AppData\Roaming\uTorrent\updates\3

kokopraise · #13 Příspěvek od **kokopraise** » 30 led 2015 13:45

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2015.01.30 12:53:26 | 000,000,948 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2015.01.30 13:35:09 | 000,000,952 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2015.01.30 01:07:18 | 000,005,096 | ---- | M] () -- C:\Windows\system32\LavasoftTcpService.ini
[2015.01.30 01:07:18 | 000,002,792 | ---- | M] () -- C:\Windows\system32\LavasoftTcpServiceOff.ini
[2015.01.30 12:56:23 | 000,000,044 | ---- | M] () -- C:\Windows\system32\log.txt

< %SYSTEMDRIVE%\*.exe >
[2005.10.24 16:10:32 | 000,097,792 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\RootkitRevealer.exe

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"AdobeBridge" =
"uTorrent" = "C:\Users\Pavel\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED -- [2015.01.21 09:46:39 | 001,374,032 | ---- | M] (BitTorrent Inc.)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2014.11.26 17:40:18 | 000,337,520 | ---- | M] (Mozilla Corporation) MD5=DADDD62BEDC91BC96CFC794A2CA0D94A -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2014.11.27 02:10:46 | 000,815,280 | ---- | M] (Microsoft Corporation) MD5=A24BFBAE8B50A6780B68FF3673FAB52F -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2015.01.25 22:08:43 | 000,843,592 | ---- | M] (Google Inc.) MD5=41F0E411F79B90CD3D500E44BABC854D -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2015.01.30 13:00:45 | 000,000,512 | ---- | M] () MD5=33B6CC506380941A537144F896CD1667 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2012.02.27 21:36:42 | 000,092,827 | ---- | M] () -- \Program Files\Corel\CorelDRAW Graphics Suite X6\Custom Data\Bumpmap\Cracks.cpt
[2012.02.27 21:36:42 | 000,017,870 | ---- | M] () -- \Program Files\Corel\CorelDRAW Graphics Suite X6\Custom Data\Canvas\cracks2c.bmp
[2014.07.20 14:45:19 | 000,137,709 | ---- | M] () -- \Users\Pavel\AppData\Roaming\uTorrent\Adobe Photoshop CS6 13.0.1 Final Multilanguage (cracked dll) [ChingLiu].torrent
[2014.04.17 18:58:49 | 000,118,769 | ---- | M] () -- \Users\Pavel\AppData\Roaming\uTorrent\Adobe Premiere Pro CS6 v6.0.0.LS7 Multilanguage + Crack (32 bit and 64 bit)---PMS.torrent
[2013.12.16 20:01:52 | 000,005,592 | ---- | M] () -- \Users\Pavel\AppData\Roaming\VitySoft\FRD\plugins\crackle.frp
[2014.04.17 18:58:49 | 000,118,769 | ---- | M] () -- \Users\Pavel\Downloads\Adobe.Premiere.Pro.CS6.v6.0.0.LS7.Multilanguage.+.Crack.(32.bit.and.64.bit)---PMS.torrent
[2013.09.18 09:41:55 | 019,652,737 | ---- | M] () -- \Users\Pavel\Downloads\123\Photoshop CS6 Crack-Serial Number-Keygen 2013\Photoshop CS6 Crack-Serial Number-Keygen 2013.rar

< *keygen* /s >
[2014.06.03 19:00:39 | 000,237,219 | ---- | M] () -- \Users\Pavel\Downloads\Universal-Keygen-Generator.rar
[2013.09.18 09:41:55 | 019,652,737 | ---- | M] () -- \Users\Pavel\Downloads\123\Photoshop CS6 Crack-Serial Number-Keygen 2013\Photoshop CS6 Crack-Serial Number-Keygen 2013.rar
[2013.02.22 21:59:59 | 001,530,368 | ---- | M] () -- \Users\Pavel\Downloads\Universal-Keygen-Generator\Universal_KeyGen_Generator.exe

< *AntiWPA* /s >

< *loader* /s >
[2012.02.22 22:11:56 | 000,078,336 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_BinaryLoader_4.4.3.dll
[2012.02.22 22:11:56 | 000,155,136 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_XSDLoader2_4.4.3.dll
[2012.02.22 22:11:56 | 000,117,248 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_XSDLoader_4.4.3.dll
[2008.07.30 10:06:58 | 000,072,192 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7Debug\coloader80.dll
[2008.07.29 03:43:16 | 000,004,096 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7Debug\coloader80.tlb
[2010.03.24 20:12:34 | 000,249,680 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2010.03.24 20:12:34 | 000,018,264 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2014.07.23 07:43:16 | 000,042,496 | ---- | M] () -- \Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MyDownloader.Core.dll
[2009.05.21 20:21:18 | 000,007,507 | ---- | M] () -- \Program Files (x86)\HP\Digital Imaging\HelpViewer\Resources\Loader.swf
[2009.09.20 12:15:26 | 000,030,776 | ---- | M] () -- \Program Files (x86)\HP\Digital Imaging\smart web printing\RsrcLoaderLib.dll
[2009.09.20 12:15:26 | 000,002,713 | ---- | M] () -- \Program Files (x86)\HP\Digital Imaging\smart web printing\MozillaAddOn3\xre\components\uriloader.xpt
[2014.02.28 10:33:32 | 000,015,136 | ---- | M] () -- \Program Files (x86)\Intel\Intel(R) Update Manager\bin\_win32sysloader.pyd
[2012.01.16 20:13:36 | 000,917,736 | ---- | M] () -- \Program Files (x86)\Portrait Professional Studio 10\ZRawLoader.exe
[2011.12.06 12:06:24 | 000,429,568 | ---- | M] () -- \Program Files (x86)\Zoner\Photo Studio 14\Plugins\Facebook\ZPSFacebookUploader.exe
[2010.04.29 13:12:40 | 000,053,640 | ---- | M] () -- \Program Files (x86)\Zoner\Photo Studio 14\Plugins\Facebook\ZPSPluginLoader.exe
[2011.12.06 12:06:24 | 000,319,488 | ---- | M] () -- \Program Files (x86)\Zoner\Photo Studio 14\Plugins\Facebook\en\ZPSFacebookUploader.resources.dll
[2011.12.06 12:06:40 | 000,444,416 | ---- | M] () -- \Program Files (x86)\Zoner\Photo Studio 14\Plugins\Flickr\ZPSFlickrUploader.exe
[2010.04.29 13:12:42 | 000,053,640 | ---- | M] () -- \Program Files (x86)\Zoner\Photo Studio 14\Plugins\Flickr\ZPSPluginLoader.exe
[2011.12.06 12:06:40 | 000,323,584 | ---- | M] () -- \Program Files (x86)\Zoner\Photo Studio 14\Plugins\Flickr\en\ZPSFlickrUploader.resources.dll
[2011.03.08 16:09:04 | 000,194,048 | ---- | M] () -- \Program Files (x86)\Zoner\Photo Studio 14\Plugins\Picasa\ZPSPicasaUploader.exe
[2010.04.29 13:12:40 | 000,053,640 | ---- | M] () -- \Program Files (x86)\Zoner\Photo Studio 14\Plugins\Picasa\ZPSPluginLoader.exe
[2010.11.11 11:07:12 | 000,323,584 | ---- | M] () -- \Program Files (x86)\Zoner\Photo Studio 14\Plugins\Picasa\en\ZPSPicasaUploader.resources.dll
[2011.12.21 17:07:52 | 000,102,792 | ---- | M] () -- \Program Files (x86)\Zoner\Photo Studio 14\Program32\8bfLoader.exe
[2011.12.21 17:08:06 | 000,016,776 | ---- | M] () -- \Program Files (x86)\Zoner\Photo Studio 14\Program32\WICLoader.exe
[2012.03.13 11:10:54 | 003,297,128 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\Photodownloader.exe
[2012.03.13 09:42:26 | 000,011,161 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2012.03.13 09:42:28 | 000,011,161 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\combined_bitmaps\main_window\C_LoadError.png
[2012.03.13 09:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2012.03.13 09:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\de_de\Photodownloader.ini
[2012.03.13 09:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\en_us\Photodownloader.ini
[2012.03.13 09:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\es_es\Photodownloader.ini
[2012.03.13 09:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2012.03.13 09:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2012.03.13 09:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\it_it\Photodownloader.ini
[2012.03.13 09:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2012.03.13 09:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2012.03.13 09:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2012.03.13 09:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\no_no\Photodownloader.ini
[2012.03.13 09:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2012.03.13 09:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2012.03.13 09:42:30 | 000,000,324 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2012.03.13 09:42:30 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2014.07.20 15:34:31 | 000,071,968 | ---- | M] () -- \Program Files\AVAST Software\Avast\aswWrcIELoader32.exe
[2014.07.20 15:34:31 | 000,085,376 | ---- | M] () -- \Program Files\AVAST Software\Avast\aswWrcIELoader64.exe
[2010.03.24 20:35:48 | 000,370,512 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2010.03.24 20:35:48 | 000,018,264 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2012.02.28 05:00:12 | 000,012,704 | ---- | M] () -- \Program Files\Corel\CorelDRAW Graphics Suite X6\Programs64\Reflectionloader.dll
[2011.05.28 22:04:04 | 000,054,784 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2009.07.20 10:52:26 | 000,000,232 | ---- | M] () -- \ProgramData\Nero\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2009.07.20 10:52:26 | 000,000,232 | ---- | M] () -- \Users\All Users\Nero\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2014.09.17 11:13:34 | 000,002,435 | ---- | M] () -- \Users\Pavel\Desktop\boty soshi\DC Serial Černá od 1 337 Kč - Heureka.cz_files\19-1-deferred-loader.js
[2014.09.17 11:13:34 | 000,226,793 | ---- | M] () -- \Users\Pavel\Desktop\boty soshi\DC Serial Černá od 1 337 Kč - Heureka.cz_files\19-1-loader.js,prototype.js,scriptaculous.js,builder.js,effects.js,controls.js,basic.js,functions.js,fashion.js,product.js
[2014.10.31 22:37:25 | 000,000,723 | ---- | M] () -- \Users\Pavel\Desktop\Gray Chevron Original - rock the drops_files\ajax-loader.gif
[2014.02.09 23:30:56 | 000,002,435 | ---- | M] () -- \Users\Pavel\Desktop\Hama Traveller Compact Pro od 1 084 Kč - Heureka.cz_files\77-1-deferred-loader.js
[2014.02.09 23:30:56 | 000,000,940 | ---- | M] () -- \Users\Pavel\Desktop\Hama Traveller Compact Pro od 1 084 Kč - Heureka.cz_files\77-1-loader.js
[2013.10.02 10:57:47 | 000,008,481 | ---- | M] () -- \Users\Pavel\Desktop\Pozemky\bohumín,rolnícká 20 - Mapy.cz_files\loader.js
[2013.11.03 18:19:29 | 000,008,599 | ---- | M] () -- \Users\Pavel\Desktop\Pozemky\Prodej, kancelář, 408 m² Sreality.cz_files\loader.js
[2013.09.18 20:20:20 | 000,008,441 | ---- | M] () -- \Users\Pavel\Desktop\práce\Prace.cz - Manažer kvality_files\loader.js
[2014.01.14 17:54:11 | 000,007,253 | ---- | M] () -- \Users\Pavel\Desktop\práce\Prace.cz - Technik kvality (zástupce vedoucího kvality)_files\loader.js
[2013.12.16 19:56:36 | 000,061,619 | ---- | M] () -- \Users\Pavel\Desktop\speciální efekty v ADOBE PREMIERE PRO 2.0_files\yuiloader-dom-event.js
[2014.04.16 00:03:51 | 000,001,109 | ---- | M] () -- \Users\Pavel\Desktop\videostřih\Zásady střihu Stříháme v Adobe Premiere Pro_files\loader.js
[2014.11.20 23:39:05 | 000,005,757 | ---- | M] () -- \Users\Pavel\Desktop\zivotopis\Prace.cz - Visual Merchandiser Mohito Frýdek-Místek_files\loader.js
[2013.08.02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2013.08.02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 02:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 02:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:38:48 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 03:12:19 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_68d20a7192733a4d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:32:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.08 06:11:20 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22379_none_692597a0abb965cc\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 07:20:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_695e76beab8ff095\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.11.12 14:08:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_694dd858ab9ba72a\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.04 12:03:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_69637bfcab8b6996\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.12 03:28:21 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_69353b6eabae8d55\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.10.15 10:59:45 | 000,004,141 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_cs-cz_915f8df913af6c96.manifest
[2014.10.15 10:59:45 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_cs-cz_915f8df913af6c96_winload.efi.mui_35ee487d
[2014.10.15 10:59:45 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_cs-cz_915f8df913af6c96_winload.exe.mui_3bc5b827
[2014.10.15 10:59:45 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_cs-cz_915f8df913af6c96_winresume.efi.mui_f412814e
[2014.10.15 10:59:45 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_cs-cz_915f8df913af6c96_winresume.exe.mui_ff8b5358
[2014.10.15 10:59:45 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18574_none_b90bc95183772bd0.manifest
[2014.10.15 10:59:45 | 000,693,176 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18574_none_b90bc95183772bd0_winload.efi_75834aa0
[2014.10.15 10:59:45 | 000,619,056 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18574_none_b90bc95183772bd0_winload.exe_75835076
[2014.10.15 10:59:45 | 000,616,352 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18574_none_b90bc95183772bd0_winresume.efi_85cd069f
[2014.10.15 10:59:45 | 000,532,176 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18574_none_b90bc95183772bd0_winresume.exe_85cd1215
[2009.07.14 03:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2011.04.12 09:33:23 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2014.07.08 22:51:46 | 000,004,141 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_cs-cz_915f8df913af6c96.manifest
[2014.07.08 22:52:03 | 000,004,141 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_cs-cz_91de5cbe2cd52578.manifest
[2014.12.13 02:57:48 | 000,004,141 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22908_cs-cz_9200d0e22cbafea1.manifest
[2010.11.21 04:16:35 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 18:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2014.08.19 04:35:45 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18574_none_b90bc95183772bd0.manifest
[2011.02.05 14:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2014.08.19 04:26:49 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22780_none_b98696ee9ca07f56.manifest
[2014.12.12 07:29:00 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22908_none_b9e51c6a9c5864d4.manifest
[2009.07.14 03:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.08 05:59:24 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22379_none_0d06fc1cf35bf496\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 06:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.11.12 14:08:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_0d2f3cd4f33e35f4\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.04 11:35:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_0d44e078f32df860\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.12 03:03:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_0d169feaf3511c1f\api-ms-win-core-libraryloader-l1-1-0.dll

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >
[2012.12.11 13:38:35 | 000,000,749 | ---- | M] () -- \Windows\AutoKMS\AutoKMS.ini
[2013.10.09 14:57:37 | 000,264,869 | ---- | M] () -- \Windows\AutoKMS\AutoKMS.log

< *activator* /s >
[2013.06.23 22:10:12 | 000,000,302 | ---- | M] () -- \Users\Pavel\Desktop\Pc\ASRock MB Sc AM2, N68C-GS FX, GeForce 7025, 2xDDR2+2xDDR3, VGA, GBLAN, mATX ASRock N68C-GS FX Základní desky_files\activator.js

< *serial* /s >
[2013.04.19 04:17:00 | 000,828,816 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Illustrator CC\Support Files\Contents\Windows\boost_serialization.dll
[2006.01.27 00:44:04 | 000,000,612 | ---- | M] () -- \Program Files (x86)\Microsoft Visual Studio 9.0\VB\Snippets\1033\other\connectivity\EnumerateSerialPorts.snippet
[2006.01.27 00:44:04 | 000,001,198 | ---- | M] () -- \Program Files (x86)\Microsoft Visual Studio 9.0\VB\Snippets\1033\other\connectivity\ReadDatafromaSerialPort.snippet
[2006.01.27 00:44:04 | 000,001,512 | ---- | M] () -- \Program Files (x86)\Microsoft Visual Studio 9.0\VB\Snippets\1033\other\connectivity\UseaSerialPorttoDialaPhoneNumber.snippet
[2014.07.10 23:24:10 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2011.04.12 09:34:17 | 000,090,112 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2008.06.14 01:32:10 | 000,285,032 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\en\System.Runtime.Serialization.xml
[2013.04.10 10:37:28 | 000,236,032 | ---- | M] () -- \Program Files (x86)\Samsung\Easy Printer Manager\SmartScreenPrint\W2PSerializer.dll
[2013.04.19 03:58:14 | 000,813,456 | ---- | M] () -- \Program Files\Adobe\Adobe Illustrator CC (64 Bit)\Support Files\Contents\Windows\boost_serialization.dll
[2012.02.28 06:13:52 | 000,045,488 | ---- | M] () -- \Program Files\Corel\CorelDRAW Graphics Suite X6\Connect64\Connect.XmlSerializers.dll
[2012.02.28 06:13:50 | 000,017,840 | ---- | M] () -- \Program Files\Corel\CorelDRAW Graphics Suite X6\Connect64\CrlUtlWPF.XmlSerializers.dll
[2012.02.28 05:01:02 | 000,017,840 | ---- | M] () -- \Program Files\Corel\CorelDRAW Graphics Suite X6\Programs64\CrlUtlWPF.XmlSerializers.dll
[2012.02.28 07:10:34 | 000,017,840 | ---- | M] () -- \Program Files\Corel\CorelDRAW Graphics Suite X6\VideoBrowser64\CrlUtlWPF.XmlSerializers.dll
[2014.07.10 23:24:01 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2011.04.12 09:34:17 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2009.09.20 10:42:24 | 000,004,185 | ---- | M] () -- \ProgramData\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009.09.20 10:42:24 | 000,004,185 | ---- | M] () -- \Users\All Users\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2014.09.17 11:13:36 | 000,098,246 | ---- | M] () -- \Users\Pavel\Desktop\boty soshi\DC Serial Černá od 1 337 Kč - Heureka.cz.htm
[2014.09.10 11:25:24 | 000,109,950 | ---- | M] () -- \Users\Pavel\Desktop\boty soshi\DC Shoes Serial Graf pánské Skate Shoes – Black Soft Lime - BezvaSport.htm
[2014.09.17 10:54:40 | 000,112,259 | ---- | M] () -- \Users\Pavel\Desktop\boty soshi\DC Shoes Serial Graf pánské Skate Shoes – Blk Fluo Orange - BezvaSport.htm
[2013.09.18 09:41:55 | 019,652,737 | ---- | M] () -- \Users\Pavel\Downloads\123\Photoshop CS6 Crack-Serial Number-Keygen 2013\Photoshop CS6 Crack-Serial Number-Keygen 2013.rar
[2013.07.08 13:43:52 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014.06.24 00:43:20 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.13 03:37:37 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2014.07.10 23:24:10 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2014.10.15 15:19:45 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\91eb4f41130c65ef17f0fee1d3ab48fb\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.10.15 16:40:50 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\b1e0939384cc320d6ac7b8921ccc2877\System.Runtime.Serialization.ni.dll
[2014.10.15 15:17:49 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\2a07bf9a29a64827bf06e7853214fc0f\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.10.15 16:33:05 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\5015b90fbd31c9ba4fff989b2c79711b\System.Runtime.Serialization.ni.dll
[2014.10.15 16:42:39 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\8c4fe3e44341707d99100b07b6a259ef\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.10.15 16:42:46 | 002,656,768 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\c9614599d9cc883cb6d8682a901c6a01\System.Runtime.Serialization.ni.dll
[2014.09.11 08:40:03 | 000,009,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\1fcf609cac2b1ce3b6efaf0c822cee24\System.Xml.Serialization.ni.dll
[2014.10.15 16:38:08 | 000,376,832 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\1f06ca2b506418656888651575666d67\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.10.15 16:37:21 | 003,423,232 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\c753056daf1120cd582ce50faa73e5b8\System.Runtime.Serialization.ni.dll
[2014.09.11 15:45:12 | 000,010,240 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.Serializ#\879bcaaf5fa7addd208633119194532d\System.Xml.Serialization.ni.dll
[2010.03.18 13:16:28 | 001,026,936 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\DFC90B5F2B0FFA63D84FD16F6BF37C4B\4.0.30319\System.Runtime.Serialization.dll.amd64
[2010.03.18 13:16:28 | 001,026,936 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\DFC90B5F2B0FFA63D84FD16F6BF37C4B\4.0.30319\System.Runtime.Serialization.dll.x86
[2013.09.28 23:43:56 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014.11.13 00:53:09 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.09.28 23:43:56 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2014.11.13 00:53:09 | 001,038,016 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2014.11.13 00:53:13 | 000,012,080 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2014.06.24 00:43:20 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.12 09:34:11 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.06.02 08:01:28 | 000,009,272 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\en\System.Runtime.Serialization.Formatters.Soap.xml
[2014.07.10 23:24:11 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2014.07.03 06:17:44 | 001,038,016 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2012.01.21 16:40:04 | 000,012,080 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2010.06.15 02:33:16 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 02:33:16 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2014.06.24 00:43:09 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.12 09:34:10 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2014.07.10 23:24:02 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2014.07.03 06:17:44 | 001,038,016 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2012.01.21 16:40:04 | 000,012,080 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2010.06.15 02:48:20 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 02:48:20 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2011.04.12 09:34:07 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 01:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009.06.10 21:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2011.04.12 09:34:07 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\cs-CZ\serialui.dll.mui
[2011.04.12 09:34:10 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_1e527062c1f59d5f\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2011.04.12 09:34:10 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.18523_cs-cz_1e468964c1feb99a\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2011.04.12 09:34:10 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.22731_cs-cz_1ec35795db263fce\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2011.04.12 09:34:12 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23\serialui.dll.mui
[2009.07.14 02:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2011.04.12 09:34:17 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_bb9a1800691e639c\System.RunTime.Serialization.Resources.dll
[2011.04.12 09:34:17 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.18523_cs-cz_bb8e310269277fd7\System.RunTime.Serialization.Resources.dll
[2011.04.12 09:34:17 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.22733_cs-cz_bc0cffc7824d38b9\System.RunTime.Serialization.Resources.dll
[2011.04.12 09:34:13 | 000,009,728 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_20ab142d65ed6acc\serial.sys.mui
[2009.07.14 01:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009.06.10 21:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2014.06.24 00:43:09 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7601.18523_none_a9a7e561157d82e9\System.Runtime.Serialization.Formatters.Soap.dll
[2014.06.24 00:43:05 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7601.22733_none_92db3ec72f23fc97\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.10 21:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2010.11.21 04:24:53 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722\System.Runtime.Serialization.dll
[2012.10.05 11:52:38 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b\System.Runtime.Serialization.dll
[2014.03.09 22:48:51 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.18523_none_5919d8d674e2f3ff\System.Runtime.Serialization.dll
[2014.07.10 23:24:02 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.18532_none_591aefe874e1f3b5\System.Runtime.Serialization.dll
[2012.10.05 11:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53\System.Runtime.Serialization.dll
[2014.03.17 15:38:51 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22733_none_424d323c8e896dad\System.Runtime.Serialization.dll
[2014.07.08 00:36:29 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22743_none_424e32868e888704\System.Runtime.Serialization.dll
[2010.11.21 04:24:53 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb\System.Runtime.Serialization.dll
[2012.10.05 11:52:37 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4\System.Runtime.Serialization.dll
[2014.03.09 22:48:50 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18523_none_93f0e5a0c8daee98\System.Runtime.Serialization.dll
[2014.07.10 23:24:01 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18532_none_93f1fcb2c8d9ee4e\System.Runtime.Serialization.dll
[2012.10.05 11:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec\System.Runtime.Serialization.dll
[2014.03.17 15:38:51 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22733_none_7d243f06e2816846\System.Runtime.Serialization.dll
[2014.07.08 00:36:29 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22743_none_7d253f50e280819d\System.Runtime.Serialization.dll
[2012.11.20 22:45:03 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2012.11.20 22:45:03 | 000,017,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8_kdcom.dll_db5e7744
[2011.04.12 09:34:36 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23_serialui.dll.mui_7d29d2a3
[2009.07.14 03:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2011.04.12 09:34:35 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009.07.14 03:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009.07.14 03:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2011.02.05 18:35:45 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011.02.05 14:11:05 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009.07.14 03:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2010.11.21 04:17:50 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722.manifest
[2012.10.05 19:18:30 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b.manifest
[2014.07.02 07:30:52 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.18523_none_5919d8d674e2f3ff.manifest
[2014.07.14 03:24:48 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.18532_none_591aefe874e1f3b5.manifest
[2012.10.05 19:10:31 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53.manifest
[2014.07.02 07:30:44 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22733_none_424d323c8e896dad.manifest
[2014.07.14 03:13:57 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22743_none_424e32868e888704.manifest
[2010.11.21 04:17:50 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb.manifest
[2012.10.05 19:19:07 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4.manifest
[2014.07.02 07:31:00 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18523_none_93f0e5a0c8daee98.manifest
[2014.07.14 03:24:58 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18532_none_93f1fcb2c8d9ee4e.manifest
[2012.10.05 19:11:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec.manifest
[2014.07.02 07:30:53 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22733_none_7d243f06e2816846.manifest
[2014.07.14 03:14:06 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22743_none_7d253f50e280819d.manifest
[2010.11.21 04:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2012.10.05 18:15:39 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285.manifest
[2014.07.02 06:57:49 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.18523_none_a6803b1074d97c29.manifest
[2014.07.14 03:04:09 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.18532_none_a681522274d87bdf.manifest
[2012.10.05 18:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d.manifest
[2014.07.02 07:07:46 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22733_none_8fb394768e7ff5d7.manifest
[2014.07.14 03:04:27 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22743_none_8fb494c08e7f0f2e.manifest
[2011.04.12 09:33:41 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2012.10.05 21:12:17 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f.manifest
[2014.07.02 08:46:46 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18523_cs-cz_342b81c984259c43.manifest
[2014.07.14 05:02:27 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_cs-cz_342c98db84249bf9.manifest
[2012.10.05 20:59:28 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797.manifest
[2014.07.02 09:08:13 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22733_cs-cz_1d5edb2f9dcc15f1.manifest
[2014.07.14 05:06:58 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_cs-cz_1d5fdb799dcb2f48.manifest
[2010.11.21 04:17:50 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2012.10.05 18:15:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8.manifest
[2014.07.02 07:00:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.18523_none_d6c370aa9c807d5c.manifest
[2014.07.14 03:06:40 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.18532_none_d6c487bc9c7f7d12.manifest
[2012.10.05 18:17:15 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0.manifest
[2014.07.02 07:10:04 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22733_none_bff6ca10b626f70a.manifest
[2014.07.14 03:06:53 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22743_none_bff7ca5ab6261061.manifest
[2010.11.21 04:18:20 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2012.10.05 18:19:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa.manifest
[2014.07.02 06:58:58 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18523_none_db9e1c77dd57179e.manifest
[2014.07.14 03:05:25 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18532_none_db9f3389dd561754.manifest
[2012.10.05 18:22:10 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2.manifest
[2014.07.02 07:08:55 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22733_none_c4d175ddf6fd914c.manifest
[2014.07.14 03:05:41 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22743_none_c4d27627f6fcaaa3.manifest
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2014.06.24 00:43:20 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7601.18523_none_1c70653de072abde\System.Runtime.Serialization.Formatters.Soap.dll
[2014.06.24 00:43:36 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7601.22733_none_05a3bea3fa19258c\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.12 09:34:11 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.07.08 13:43:52 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7601.18523_cs-cz_d5997ba9da0ab4d7\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.21 04:24:53 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2012.10.05 11:53:24 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285\System.Runtime.Serialization.dll
[2014.03.09 22:47:42 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.18523_none_a6803b1074d97c29\System.Runtime.Serialization.dll
[2014.07.10 23:24:11 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.18532_none_a681522274d87bdf\System.Runtime.Serialization.dll
[2012.10.05 11:56:07 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d\System.Runtime.Serialization.dll
[2014.03.17 15:38:28 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22733_none_8fb394768e7ff5d7\System.Runtime.Serialization.dll
[2014.07.08 00:27:52 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22743_none_8fb494c08e7f0f2e\System.Runtime.Serialization.dll
[2011.04.12 09:34:17 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2010.11.13 03:02:06 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f\System.RunTime.Serialization.Resources.dll
[2010.11.13 03:37:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18523_cs-cz_342b81c984259c43\System.RunTime.Serialization.Resources.dll
[2010.11.13 03:37:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_cs-cz_342c98db84249bf9\System.RunTime.Serialization.Resources.dll
[2010.11.13 03:37:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797\System.RunTime.Serialization.Resources.dll
[2010.11.13 03:37:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22733_cs-cz_1d5edb2f9dcc15f1\System.RunTime.Serialization.Resources.dll
[2010.11.13 03:37:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_cs-cz_1d5fdb799dcb2f48\System.RunTime.Serialization.Resources.dll
[2010.11.21 04:24:53 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2012.10.05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8\System.Runtime.Serialization.dll
[2014.03.09 22:47:42 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.18523_none_d6c370aa9c807d5c\System.Runtime.Serialization.dll
[2014.07.10 23:24:10 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.18532_none_d6c487bc9c7f7d12\System.Runtime.Serialization.dll
[2012.10.05 11:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0\System.Runtime.Serialization.dll
[2014.03.17 15:38:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22733_none_bff6ca10b626f70a\System.Runtime.Serialization.dll
[2014.07.08 00:27:52 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22743_none_bff7ca5ab6261061\System.Runtime.Serialization.dll
[2011.04.12 09:34:11 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_28a71ab4f6565f5a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2011.04.12 09:34:11 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.18523_cs-cz_289b33b6f65f7b95\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2011.04.12 09:34:11 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.22731_cs-cz_291801e80f8701c9\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2011.04.12 09:34:07 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2011.04.12 09:34:17 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2011.04.12 09:34:17 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.18523_cs-cz_5f6f957eb0ca0ea1\System.RunTime.Serialization.Resources.dll
[2011.04.12 09:34:17 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.22733_cs-cz_5fee6443c9efc783\System.RunTime.Serialization.Resources.dll
[2010.11.21 04:25:11 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2012.10.05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa\System.Runtime.Serialization.dll
[2014.03.09 22:47:42 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18523_none_db9e1c77dd57179e\System.Runtime.Serialization.dll
[2014.07.10 23:24:10 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18532_none_db9f3389dd561754\System.Runtime.Serialization.dll
[2012.10.05 11:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2\System.Runtime.Serialization.dll
[2014.03.17 15:38:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22733_none_c4d175ddf6fd914c\System.Runtime.Serialization.dll
[2014.07.08 00:27:52 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22743_none_c4d27627f6fcaaa3\System.Runtime.Serialization.dll

< *w7lxe* /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 150 bytes -> C:\ProgramData\TEMP:CB0AACC9

< End of report >

kokopraise · #14 Příspěvek od **kokopraise** » 30 led 2015 13:47

OTL Extras logfile created on: 30.1.2015 12:57:21 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Pavel\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17501)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

7,88 Gb Total Physical Memory | 5,97 Gb Available Physical Memory | 75,77% Memory free
15,76 Gb Paging File | 13,81 Gb Available in Paging File | 87,67% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 108,30 Gb Total Space | 30,96 Gb Free Space | 28,59% Space Free | Partition Type: NTFS
Drive D: | 823,11 Gb Total Space | 224,68 Gb Free Space | 27,30% Space Free | Partition Type: NTFS

Computer Name: PAVEL-PC | User Name: Pavel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-1652633647-405593163-2038319680-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Scan with Trojan Remover] -- C:\Program Files (x86)\Trojan Remover\rmvtrjan.exe /d "%1" (Simply Super Software)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Scan with Trojan Remover] -- C:\Program Files (x86)\Trojan Remover\rmvtrjan.exe /d "%1" (Simply Super Software)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{133493DF-8698-4BAC-A67D-523EF74EC0F9}" = rport=138 | protocol=17 | dir=out | app=system |
"{199C068E-0A1D-4EB1-A697-75E0F17F6B5B}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{22CD6F37-79C9-437C-A622-43BE4A467BFD}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{24ECC13B-32DD-4F60-885F-3463184D044D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2FB360EC-B908-43EB-B609-105A9986C595}" = lport=2869 | protocol=6 | dir=in | app=system |
"{334D0930-BAA4-42DB-8D60-5BAFB08CF57C}" = rport=137 | protocol=17 | dir=out | app=system |
"{3C33442C-ED48-4323-943E-5C9302779D83}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{56875251-FD06-4744-B2C0-230B793656C9}" = lport=138 | protocol=17 | dir=in | app=system |
"{5FDC1B14-A7FE-40A4-8563-8496F8EF4BB8}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{60182991-5C61-4326-9084-3784702DCC03}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{61B077DC-DDEB-4F09-802C-B46BE2D8D9B2}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{6A4AFF16-18F4-4661-8C83-E9E5D2A8EA0D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6D605F7F-7B31-4F58-8645-B7E5DC7E6042}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{74251CDC-27F9-4E52-B2FD-B4F1A953658F}" = rport=445 | protocol=6 | dir=out | app=system |
"{74F9EEF4-5AFF-403A-BDD0-22DE61B11581}" = lport=139 | protocol=6 | dir=in | app=system |
"{81705627-5179-4BCB-90A5-33F23E041094}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{89AE256B-7DC0-4E04-9A74-7AC4848B4C4D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9F2DF5FA-4EB6-43F7-972E-E9844A09DCF3}" = lport=10243 | protocol=6 | dir=in | app=system |
"{A4D58480-A1AF-4A6E-A836-C026A04789C1}" = lport=137 | protocol=17 | dir=in | app=system |
"{A623D31E-8206-4F87-BD4E-DB6808068112}" = rport=10243 | protocol=6 | dir=out | app=system |
"{D1993309-8E82-4802-851B-4E6FD46E7F16}" = rport=139 | protocol=6 | dir=out | app=system |
"{D9663B3A-E834-4288-AAD7-39DC962BC695}" = lport=445 | protocol=6 | dir=in | app=system |
"{F2C82662-0839-4453-A17E-908076A9ADBB}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0E90E3BD-A2CA-428D-A8DD-F7889F6B8874}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{15094A7A-6375-45F6-8982-3FBEB7872DB6}" = protocol=17 | dir=in | app=c:\program files (x86)\spyware terminator\spywareterminator.exe |
"{1F3E0A00-8079-4543-A05D-A80487237C74}" = protocol=6 | dir=out | app=system |
"{21469760-8E1A-4674-A27B-6EB5BD3A84F8}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{2E66ACC0-25AE-479A-A833-7676913348B8}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{30A72E6D-81C9-47C2-B06B-8143E2FC3106}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\easy printer manager\uninstall.exe |
"{3226E94A-1F91-4F5A-BFA3-647D3A402B09}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{38E98C83-5C16-4344-9500-E27B0ED3187B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{3B7D584E-D936-42B0-978A-1CFAB458EE24}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{3C8DDE2D-6181-4C08-AC6E-A6A80B4AB238}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqcopy2.exe |
"{41CD25EC-DB66-4007-AEE9-645AA108C1B8}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\easy printer manager\ordersupplies.exe |
"{42252F1E-A8F6-4008-B506-22457C803588}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{44DF9573-42FB-4BE2-9C36-D44AACB8747D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{4F21B873-E9DB-44A9-A0D1-705EDA9EF065}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqsudi.exe |
"{52E3AF66-3062-4DB1-ACC5-F95E48171814}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\easy printer manager\uninstall.exe |
"{54738B6D-1C10-4896-8CA7-2908733BCA74}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\easy printer manager\cdas2pc\cdas2pc.exe |
"{57B19DFB-28AB-46FB-8AA9-E64C83F29A21}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\easy printer manager\idsalert.exe |
"{5DD1D03C-C0AA-4D7B-9A5D-C6EEDA2DE0F2}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\easy printer manager\ids.application.exe |
"{5E105ADD-DC5A-4E8D-85E0-0506E9733670}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqfxt08.exe |
"{6512DE4A-26E4-4286-AE4F-D094E1F92F70}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6A49DDB0-81C5-4904-9965-98AFC59E76E5}" = protocol=17 | dir=in | app=c:\users\pavel\appdata\roaming\utorrent\utorrent.exe |
"{748CF2CF-4267-49A1-B8D5-22F26759C9DF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{74CF0DF8-C044-4B24-B567-B84044140F87}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{7AEF1784-4130-44D2-B15C-7A5F548BBFB4}" = protocol=6 | dir=in | app=c:\program files\common files\common desktop agent\cdasrv.exe |
"{84047555-BD23-4DD0-9D7C-B68BCA9EE957}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{84CBF3B8-09EE-4067-AB9F-7334AD6C0070}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{8E27E036-7817-462D-A348-025787B66BE9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{925A0B67-15AF-4185-8712-4532BEDD80CC}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\easy printer manager\idsalert.exe |
"{A052A045-9091-4D90-9709-8E5934E78804}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{A1C7A375-C7A5-435B-AE8F-59800295453C}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\easy printer manager\cdas2pc\cdas2pc.exe |
"{A2594EF2-FD81-4F77-961B-9485C8BBD705}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A2EAA855-7B7C-4B15-9809-C510B18764BD}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A2FCD9DA-5421-4D01-B7D3-7E422F4BD885}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{A54807E4-FA3B-4306-9B18-64283BEAAB36}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposfx08.exe |
"{A87E8771-FF6F-4EC6-84E1-AC3DCF1E190B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpsapp.exe |
"{AA07AB4B-54D4-49F6-A58B-B709FCCB2AA0}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\easy printer manager\ordersupplies.exe |
"{AB244922-85E0-4EF9-B3D4-05CFEA47688B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{AC3B17EF-5F3A-488F-A485-4971516262BA}" = protocol=6 | dir=in | app=c:\program files (x86)\spyware terminator\spywareterminatorupdate.exe |
"{AF22B336-F752-4909-95C3-02259FB9F2FB}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxm08.exe |
"{B1147167-8765-4D2A-AF15-570B5FCFB9DD}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{B1808898-67DE-45AD-8D1F-82BA0CE6285E}" = protocol=6 | dir=in | app=c:\users\pavel\appdata\roaming\utorrent\utorrent.exe |
"{B1D271EA-9BD3-4083-84FE-6CBAD5419FAA}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\easy printer manager\ids.application.exe |
"{BCFDB043-6127-4F10-904E-2612DC803B4F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C14394CD-B4DB-47CA-95E0-125E83FDCF60}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C184F58A-488A-4D3A-9E5C-CC8474945D51}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxs08.exe |
"{C8012E6B-A1E3-4427-9159-0D8F9636CD79}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpse.exe |
"{C8F1AEC5-E5AC-4EF5-84F7-C98A4A03E74B}" = protocol=17 | dir=in | app=c:\program files\common files\common desktop agent\cdasrv.exe |
"{C9B0C5D4-F82F-4B3E-AE28-632821CBDE4D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpzwiz01.exe |
"{D024D7DA-9A85-4067-BC46-9C09F06F9182}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{D2803FFD-0BE0-47DB-9D7E-1F82E982D11B}" = protocol=17 | dir=in | app=c:\program files (x86)\spyware terminator\spywareterminatorupdate.exe |
"{DA7ACFE8-46C7-43DE-BE72-20B0668E041B}" = dir=in | app=e:\setup.exe |
"{DC00467C-22E4-4D56-B277-E67FBE8C7D60}" = protocol=6 | dir=in | app=c:\program files (x86)\spyware terminator\spywareterminator.exe |
"{DC04D321-38F5-4974-B894-1678C3C3EBF0}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{DC7322A7-3796-404A-83AC-E85FFE2FC181}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E738B32C-5060-4FE6-9666-5131E2439ACA}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{EC06FDD4-B193-40B5-A1C3-E896DD2C6D79}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{EE564481-1046-488B-856C-CBC24B61E12B}" = dir=in | app=e:\setup.exe |
"{F1DE00F9-822D-47CD-8193-12C5C3816D3F}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F35BED6E-1E6E-4FC0-9565-FA1C66E4BE32}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{F46DE966-AFC9-4825-AACB-94128FBCBB6E}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqnrs08.exe |
"{F4D15B3E-1D64-452C-AF49-ABA57A1E5A84}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{FED71793-178A-4C70-8643-95D1A12C620C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"TCP Query User{00D55303-90F6-403A-B26D-89ABD5986DA9}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=6 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe |
"TCP Query User{3375E428-B6FA-4DA8-847E-ECAFE54294D9}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{2AD51F7F-F6DE-4F4C-8A74-DE74C3F02814}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{2FC01A27-F4AE-4DF5-9D95-CC00E8721DA5}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=17 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{BDBFAC49-8877-472F-876B-75ADB7DBC955}" = CorelDRAW Graphics Suite X6 (64-Bit)
"_{EBDC2D0D-1E26-4EF2-BB48-C7E18F7800C6}" = Corel Graphics - Windows Shell Extension
"{031A0E14-0413-4C97-9772-2639B782F46F}" = Common Desktop Agent
"{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}" = Network64
"{10762393-1B90-4AC2-AF1A-4C0C04AE303F}" = CorelDRAW Graphics Suite X6 - VBA (x64)
"{1967EF95-E00B-4669-8B1C-A589BE8BF24F}" = CorelDRAW Graphics Suite X6 - Capture (x64)
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1E3A578C-0A7D-4820-990F-B7545C0B2303}" = CorelDRAW Graphics Suite X6 - VSTA (x64)
"{27AE72A4-B217-4CDC-B82B-3311E9D7460E}" = CorelDRAW Graphics Suite X6 - Draw (x64)
"{2C72B5E4-AA34-4F1A-8C7E-468530F9F6A3}" = CorelDRAW Graphics Suite X6 - Photozoom Plugin (x64)
"{35869A6C-BA31-4F23-B52D-BC1B1E41EC1B}" = CorelDRAW Graphics Suite X6 - Common (x64)
"{3933C06C-8239-432B-87FC-F2BDC5B49A10}" = CorelDRAW Graphics Suite X6 - FontNav (x64)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{6099F026-0A98-4D40-9B3D-ED2123A8CBD0}" = CorelDRAW Graphics Suite X6 - Redist (x64)
"{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 3.0.8
"{7386B5FA-8715-481D-821F-7785110506DF}" = CorelDRAW Graphics Suite X6 - Custom Data (x64)
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{79899C6B-E315-4A3F-8904-02DEAB8D660D}" = Corel Graphics - Windows Shell Extension 32 Bit
"{7B79AE44-9B76-4815-84E5-ACAC3F0F0278}" = CorelDRAW Graphics Suite X6 - VideoBrowser (x64)
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120064-0070-0000-0000-4000000FF1CE}" = Microsoft Visual Basic for Applications 7.1 (x64)
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2010
"{90F60409-7000-11D3-8CFE-0150048383C9}" = Microsoft Visual Basic for Applications 7.1 (x64) English
"{96AAAB95-AEBE-437A-B7CA-37C7BE13FFE9}" = CorelDRAW Graphics Suite X6 - Connect (x64)
"{977D1ABF-4089-4CA7-BA33-CC75808B7ACE}" = Intel® Trusted Connect Service Client
"{A02609EB-395E-4638-8DD7-30CE043014E5}" = ANT Drivers Installer x64
"{A324DC11-FF02-3CE8-9D6F-67EBC006D970}" = Microsoft .NET Framework 4 Extended CSY Language Pack
"{AB1AA952-0F66-42B2-B8B0-6B94FC500132}" = ESET NOD32 Antivirus
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{AFA301E1-B410-4F1B-B1C0-2E92FDCD94AD}" = Garmin Communicator Plugin x64
"{B61ED343-0B14-4241-999C-490CB1A20DA4}" = HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B
"{B6294D78-AFAA-48DF-8243-B41902D7F236}" = CorelDRAW Graphics Suite X6 - CZ (x64)
"{B6DF7031-2843-44FD-9CAB-DECAB4257456}" = CorelDRAW Graphics Suite X6 - IPM
"{BDBFAC49-8877-472F-876B-75ADB7DBC955}" = CorelDRAW Graphics Suite X6 - Setup Files (x64)
"{CCE7423E-1D84-4CD3-9E32-220EC9358D97}" = CorelDRAW Graphics Suite X6 (x64)
"{D7C2687D-924E-4485-B367-C7D95CBF8DDD}" = CorelDRAW Graphics Suite X6 - PHOTO-PAINT (x64)
"{DDE82E3D-20C4-48E1-AE1D-B1F10E42CA44}" = CorelDRAW Graphics Suite X6 - Writing Tools (x64)
"{E699230D-4B5E-411E-9F45-FF50789B18DD}" = CorelDRAW Graphics Suite X6 - Filters (x64)
"{EBDC2D0D-1E26-4EF2-BB48-C7E18F7800C6}" = Corel Graphics - Windows Shell Extension
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"98157A226B40B173301B0F53C8E98C47805D5152" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0)
"CCleaner" = CCleaner
"D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2" = Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1)
"F9D2A789F9CFF8CEC36B544F53877C80F1F73C46" = Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201)
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.51
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended CSY Language Pack" = Microsoft .NET Framework 4 Extended CSY Language Pack
"Windows Movie Maker" = Windows Movie Maker
"WinRAR archiver" = WinRAR 4.01 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{032A13FF-D26D-4844-9597-7EF698627985}" = Garmin Communicator Plugin
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{104066F4-5897-4067-85D3-4C88B67CCF75}" = AIO_Scan
"{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}" = Intel(R) Update Manager
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{185F9795-9663-4F13-9EF9-307A282ADB5A}" = ph
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBAE18D-4DE4-47AA-83EC-D1B046F262DC}" = PDF Settings CC
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{2605461E-AB2E-49F5-8A16-64B7F3595030}" = 5600Trb
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime
"{2A075BB4-E976-4278-BF3F-E5C6945D84C0}" = bl
"{2CA2E1CC-2491-45BF-908D-7E7CE8DF3063}" = LavasoftTcpService
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{319D91C6-3D44-436C-9F79-36C0D22372DC}" = TP-LINK Wireless Configuration Utility
"{38A1E3ED-D913-41D2-9953-A93D5ACE3ADF}" = TL-WN721N/TL-WN722N Driver
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}" = Garmin USB Drivers
"{42442BC6-5A92-4BC2-9E0C-3D359D548A21}_is1" = Pazera Free MP4 to AVI Converter 1.6
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4D43D635-6FDA-4fa5-AA9B-23CF73D058EA}" = Nero StartSmart OEM
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{560D64A9-BDFD-44B7-90D1-8FBBED7F4A19}" = Garmin Express
"{56736259-613E-4A3B-B428-6235F2E76F44}_is1" = Spyware Terminator 2012
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6D181996-F404-4639-9B95-15012541CB7C}" = Garmin Express Tray
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}" = Adobe Photoshop CS6
"{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart
"{7DCBC3D8-8954-491D-A1B9-8C61C563B004}" = 5600_Help
"{817c6bb8-ea2d-4e12-abbc-e33c3de43f64}" = Garmin Express
"{82f3b1b4-2a5d-4ff3-b951-368f2ba905b0}" = Nero 9 Essentials
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8BC95771-8634-499F-9EA5-1498A2701C7A}" = Ad-Aware Web Companion
"{8BC95771-8634-499F-9EA5-1498A2701C7A}_WebCompanion" = Web Companion
"{90140000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F6B13E2-B93F-4203-9BD4-5DC18C9F9DEB}" = AIO_CDB_Software
"{A39EA3C8-7BF3-4FA7-9A67-3D3611BAE59E}_is1" = Convert MOV to AVI 1.0
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{AB95979D-85EF-484A-9805-EB28E676E201}_is1" = Iso2God v1.3.6
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI - Czech
"{AF37176A-78CA-545B-34EF-8B6A21514DD1}" = Adobe Help Manager
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{ce085a78-074e-4823-8dc1-8a721b94b76d}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{D968FBF3-E4A6-4D82-981D-D7FF9B7BFC30}" = Elevated Installer
"{dba84796-8503-4ff0-af57-1747dd9a166d}" = Nero Online Upgrade
"{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E7112940-5F8E-4918-B9FE-251F2F8DC81F}" = AIO_CDB_ProductContext
"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2321021-08A2-44D6-B1DF-BDB415F23EC3}" = Adobe Illustrator CC
"{F2DC2589-C894-43DD-BA70-8FDCA7360584}" = 5600
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) SDK for OpenCL - CPU Only Runtime Package
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Ashampoo Burning Studio 11_is1" = Ashampoo Burning Studio 11 v.11.0.4
"avast" = avast! Free Antivirus
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Easy Wireless Setup" = Samsung Easy Wireless Setup
"Google Chrome" = Google Chrome
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Help Manager
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware verze 2.0.3.1025
"Might and Magic® VI" = Might and Magic® VI
"Mozilla Firefox 34.0.5 (x86 cs)" = Mozilla Firefox 34.0.5 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"PortraitProfessionalStudio10_is1" = Portrait Professional Studio 10.9
"Revo Uninstaller" = Revo Uninstaller 1.95
"Samsung C410 Series" = Samsung C410 Series
"Samsung Easy Printer Manager" = Samsung Easy Printer Manager
"Samsung Printer Live Update" = Samsung Printer Live Update
"Trojan Remover_is1" = Trojan Remover 6.9.1
"View User Guide" = Zobrazit uživatelskou příručku
"WinX Video Converter_is1" = WinX Video Converter 4.1.1
"ZonerPhotoStudio14_EN_is1" = Zoner Photo Studio 14 FREE

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1652633647-405593163-2038319680-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 29.1.2015 18:57:47 | Computer Name = Pavel-PC | Source = WinMgmt | ID = 10
Description =

Error - 29.1.2015 19:09:14 | Computer Name = Pavel-PC | Source = WinMgmt | ID = 10
Description =

Error - 29.1.2015 19:34:12 | Computer Name = Pavel-PC | Source = WinMgmt | ID = 10
Description =

Error - 29.1.2015 19:49:28 | Computer Name = Pavel-PC | Source = WinMgmt | ID = 10
Description =

Error - 29.1.2015 20:24:17 | Computer Name = Pavel-PC | Source = WinMgmt | ID = 10
Description =

Error - 29.1.2015 20:52:58 | Computer Name = Pavel-PC | Source = WinMgmt | ID = 10
Description =

Error - 30.1.2015 7:48:22 | Computer Name = Pavel-PC | Source = WinMgmt | ID = 10
Description =

Error - 30.1.2015 7:54:55 | Computer Name = Pavel-PC | Source = WinMgmt | ID = 10
Description =

Error - 30.1.2015 8:10:04 | Computer Name = Pavel-PC | Source = Windows Search Service | ID = 7040
Description =

Error - 30.1.2015 8:10:04 | Computer Name = Pavel-PC | Source = Windows Search Service | ID = 7042
Description =

[ System Events ]
Error - 29.1.2015 21:34:01 | Computer Name = Pavel-PC | Source = Service Control Manager | ID = 7030
Description = Služba ESET Service je označena jako interaktivní služba. Avšak systém
je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude
fungovat správně.

Error - 30.1.2015 7:46:06 | Computer Name = Pavel-PC | Source = DCOM | ID = 10010
Description =

Error - 30.1.2015 7:48:14 | Computer Name = Pavel-PC | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby IE Search Set bylo dosaženo časového
limitu (30000 ms).

Error - 30.1.2015 7:48:17 | Computer Name = Pavel-PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: SBRE

Error - 30.1.2015 7:50:02 | Computer Name = Pavel-PC | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby Služba Zasílání zpráv o chybách systému
Windows bylo dosaženo časového limitu (30000 ms).

Error - 30.1.2015 7:50:32 | Computer Name = Pavel-PC | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby Služba Zasílání zpráv o chybách systému
Windows bylo dosaženo časového limitu (30000 ms).

Error - 30.1.2015 7:53:27 | Computer Name = Pavel-PC | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby Garmin Core Update Service bylo dosaženo
časového limitu (30000 ms).

Error - 30.1.2015 7:53:27 | Computer Name = Pavel-PC | Source = Service Control Manager | ID = 7000
Description = Služba Garmin Core Update Service neuspěla při spuštění v důsledku
následující chyby: %%1053

Error - 30.1.2015 7:54:03 | Computer Name = Pavel-PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: SBRE

Error - 30.1.2015 7:59:15 | Computer Name = Pavel-PC | Source = Service Control Manager | ID = 7022
Description = Služba Windows Update přestala během spouštění reagovat.

< End of report >

#15 Příspěvek od **altrok** » 30 led 2015 14:37

Je tento OS legalni? Opravdu neni bezne, ze by si bezny domaci uzivatel kupoval nejvyssi licenci, ktera zacina na 5.000 Kc s funkcemi, ktere nevyuzije, misto obycejne licence Home Premium, ktera stoji polovic

VIRY.CZ

Vypínání antiviru a zpomalení PC

Vypínání antiviru a zpomalení PC

Re: Vypínání antiviru a zpomalení PC

Re: Vypínání antiviru a zpomalení PC

Re: Vypínání antiviru a zpomalení PC

Re: Vypínání antiviru a zpomalení PC

Re: Vypínání antiviru a zpomalení PC

Re: Vypínání antiviru a zpomalení PC

Re: Vypínání antiviru a zpomalení PC

Re: Vypínání antiviru a zpomalení PC

Re: Vypínání antiviru a zpomalení PC

Re: Vypínání antiviru a zpomalení PC

Re: Vypínání antiviru a zpomalení PC

Re: Vypínání antiviru a zpomalení PC

Re: Vypínání antiviru a zpomalení PC

Re: Vypínání antiviru a zpomalení PC