Logfile of random's system information tool 1.10 (written by random/random)
Run by Radek at 2016-06-07 18:22:12
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 197 GB (32%) free of 610 GB
Total RAM: 3292 MB (55% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:23:01, on 7.6.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18315)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Smart File Advisor\SFAUpdater.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\System32\wscript.exe
C:\Users\Radek\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Radek\Downloads\RSIT.exe
C:\Program Files\trend micro\Radek.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... kId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F3 - REG:win.ini: load=cmd /c
O2 - BHO: True Key Helper - {0F4B8786-5502-4803-8EBC-F652A1153BB6} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_77\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_77\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {1EA00BE1-6E54-4E2A-8099-680300BF23E1} - (no file)
O3 - Toolbar: True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Smart File Advisor] "C:\Program Files\Smart File Advisor\sfa.exe" /checkassoc
O4 - HKLM\..\Run: [SFAUpdater] "C:\Program Files\Smart File Advisor\SFAUpdater.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Minecraft] wscript.exe //B "C:\Users\Radek\AppData\Roaming\Minecraft.vbs"
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Radek\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Radek\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [Minecraft] wscript.exe //B "C:\Users\Radek\AppData\Roaming\Minecraft.vbs"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Startup: Minecraft.vbs
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://www.samsungsetup.com
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Firewall (avast! Firewall) - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Alcohol Virtual Drive Auto-mount Service (AxAutoMntSrv) - Alcohol Soft Development Team - C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service Installer TrueKey (InstallerService) - Unknown owner - C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe (file missing)
O23 - Service: Intel(R) Biometric and Context Agent Service (IntelBCAsvc) - Intel(R) Corporation - C:\Program Files\Intel\BCA\pabeSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Torch Crash Handler (TorchCrashHandler) - TorchMedia Inc. - C:\Users\Radek\AppData\Local\Torch\Update\TorchCrashHandler.exe
O23 - Service: Intel Security True Key (TrueKey) - McAfee, Inc. - C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
O23 - Service: Intel Security True Key Scheduler (TrueKeyScheduler) - McAfee, Inc. - C:\Program Files\TrueKey\McTkSchedulerService.exe
O23 - Service: TrueKeyServiceHelper - McAfee, Inc. - C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe
--
End of file - 7891 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\fqxs8r1t.default-1462973134106
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.197 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_21_0_0_197.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw_1221171.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.77.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.77.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_77\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3508.0205]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\TorchVLC]
"Description"=VLC Multimedia Plugin
"Path"=C:\Users\Radek\AppData\Local\Torch\Plugins\Video\VLC\npvlc.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F4B8786-5502-4803-8EBC-F652A1153BB6}]
True Key Helper - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-05-17 987888]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_77\bin\ssv.dll [2016-03-29 462400]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-05-10 679680]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-10 193136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-03-29 173120]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{1EA00BE1-6E54-4E2A-8099-680300BF23E1}
{4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - True Key - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-05-17 987888]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-10 193136]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2011-08-16 10820200]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-04-05 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-04-05 175640]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-04-05 169496]
"Smart File Advisor"=C:\Program Files\Smart File Advisor\sfa.exe [2014-10-10 283248]
"SFAUpdater"=C:\Program Files\Smart File Advisor\SFAUpdater.exe [2014-10-10 655472]
"seznam-listicka-distribuce"=C:\Program Files\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-06-04 7400064]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2016-03-20 595480]
"Minecraft"=wscript.exe //B C:\Users\Radek\AppData\Roaming\Minecraft.vbs []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"cz.seznam.software.autoupdate"=C:\Users\Radek\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Radek\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
"Minecraft"=wscript.exe //B C:\Users\Radek\AppData\Roaming\Minecraft.vbs []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20 444904]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2012-01-05 75624]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop]
C:\Users\Radek\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2005-08-11 81920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando Media Booster]
C:\Program Files\Pando Networks\Media Booster\PMB.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce]
C:\Program Files\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony PC Companion]
C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe [2015-09-23 457088]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate]
C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE [2013-12-13 831488]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Service 16]
C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [2013-12-13 831488]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Radek^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MyPC Backup.lnk]
C:\PROGRA~1\MYPCBA~1\MYPCBA~1.EXE []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Radek^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Stickies.lnk]
C:\PROGRA~1\Stickies\stickies.exe [2014-03-26 1122304]
C:\Users\Radek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Minecraft.vbs
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-03-31 227328]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.iv50"=C:\PROGRA~1\SPlayer\ir50_32.dll
"msacm.siren"=sirenacm.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-06-07 18:22:12 ----D---- C:\rsit
2016-06-07 18:22:12 ----D---- C:\Program Files\trend micro
2016-05-11 15:20:56 ----D---- C:\Program Files\Mozilla Maintenance Service
2016-05-11 15:16:37 ----D---- C:\Users\Radek\AppData\Roaming\Google
2016-05-11 15:13:46 ----D---- C:\Users\Radek\AppData\Roaming\TeamViewer
2016-05-11 12:46:35 ----A---- C:\Windows\system32\jnwmon.dll
2016-05-11 12:46:34 ----A---- C:\Windows\system32\gdi32.dll
2016-05-11 12:46:33 ----A---- C:\Windows\system32\d3d10level9.dll
2016-05-11 12:46:32 ----A---- C:\Windows\system32\WindowsCodecs.dll
2016-05-11 12:46:03 ----A---- C:\Windows\system32\InkEd.dll
2016-05-11 12:46:01 ----A---- C:\Windows\system32\win32k.sys
2016-05-11 12:45:58 ----A---- C:\Windows\system32\tzres.dll
2016-05-11 12:45:50 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-05-11 12:45:50 ----A---- C:\Windows\system32\iernonce.dll
2016-05-11 12:45:50 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-05-11 12:45:50 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-05-11 12:45:49 ----A---- C:\Windows\system32\urlmon.dll
2016-05-11 12:45:49 ----A---- C:\Windows\system32\occache.dll
2016-05-11 12:45:49 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-05-11 12:45:49 ----A---- C:\Windows\system32\inseng.dll
2016-05-11 12:45:49 ----A---- C:\Windows\system32\iedkcs32.dll
2016-05-11 12:45:49 ----A---- C:\Windows\system32\ie4uinit.exe
2016-05-11 12:45:48 ----A---- C:\Windows\system32\jsproxy.dll
2016-05-11 12:45:48 ----A---- C:\Windows\system32\jscript9diag.dll
2016-05-11 12:45:48 ----A---- C:\Windows\system32\ieUnatt.exe
2016-05-11 12:45:48 ----A---- C:\Windows\system32\ieapfltr.dll
2016-05-11 12:45:48 ----A---- C:\Windows\system32\dxtmsft.dll
2016-05-11 12:45:47 ----A---- C:\Windows\system32\msfeeds.dll
2016-05-11 12:45:46 ----A---- C:\Windows\system32\webcheck.dll
2016-05-11 12:45:46 ----A---- C:\Windows\system32\msrating.dll
2016-05-11 12:45:46 ----A---- C:\Windows\system32\iesetup.dll
2016-05-11 12:45:45 ----A---- C:\Windows\system32\wininet.dll
2016-05-11 12:45:45 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-05-11 12:45:44 ----A---- C:\Windows\system32\ieui.dll
2016-05-11 12:45:44 ----A---- C:\Windows\system32\dxtrans.dll
2016-05-11 12:45:43 ----A---- C:\Windows\system32\ieframe.dll
2016-05-11 12:45:42 ----A---- C:\Windows\system32\mshtmled.dll
2016-05-11 12:45:41 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-05-11 12:45:40 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-05-11 12:45:40 ----A---- C:\Windows\system32\iertutil.dll
2016-05-11 12:45:39 ----A---- C:\Windows\system32\mshtml.dll
2016-05-11 12:45:38 ----A---- C:\Windows\system32\jscript9.dll
2016-05-11 12:45:37 ----A---- C:\Windows\system32\jscript.dll
2016-05-11 12:45:36 ----A---- C:\Windows\system32\vbscript.dll
2016-05-11 12:45:22 ----A---- C:\Windows\system32\kerberos.dll
2016-05-11 12:45:21 ----A---- C:\Windows\system32\ntkrnlpa.exe
2016-05-11 12:45:20 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-05-11 12:45:20 ----A---- C:\Windows\system32\ntdll.dll
2016-05-11 12:45:18 ----A---- C:\Windows\system32\lsasrv.dll
2016-05-11 12:45:18 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-05-11 12:45:18 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-05-11 12:45:17 ----A---- C:\Windows\system32\wdigest.dll
2016-05-11 12:45:17 ----A---- C:\Windows\system32\sspicli.dll
2016-05-11 12:45:17 ----A---- C:\Windows\system32\srcore.dll
2016-05-11 12:45:17 ----A---- C:\Windows\system32\smss.exe
2016-05-11 12:45:17 ----A---- C:\Windows\system32\schannel.dll
2016-05-11 12:45:17 ----A---- C:\Windows\system32\rpchttp.dll
2016-05-11 12:45:17 ----A---- C:\Windows\system32\rpcrt4.dll
2016-05-11 12:45:17 ----A---- C:\Windows\system32\ncrypt.dll
2016-05-11 12:45:17 ----A---- C:\Windows\system32\msv1_0.dll
2016-05-11 12:45:17 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-05-11 12:45:17 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-05-11 12:45:17 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-05-11 12:45:17 ----A---- C:\Windows\system32\advapi32.dll
2016-05-11 12:45:16 ----A---- C:\Windows\system32\TSpkg.dll
2016-05-11 12:45:16 ----A---- C:\Windows\system32\srclient.dll
2016-05-11 12:45:16 ----A---- C:\Windows\system32\csrsrv.dll
2016-05-11 12:45:16 ----A---- C:\Windows\system32\apisetschema.dll
2016-05-11 12:45:15 ----A---- C:\Windows\system32\sspisrv.dll
2016-05-11 12:45:15 ----A---- C:\Windows\system32\setbcdlocale.dll
2016-05-11 12:45:15 ----A---- C:\Windows\system32\secur32.dll
2016-05-11 12:45:15 ----A---- C:\Windows\system32\rstrui.exe
2016-05-11 12:45:15 ----A---- C:\Windows\system32\msobjs.dll
2016-05-11 12:45:15 ----A---- C:\Windows\system32\msaudite.dll
2016-05-11 12:45:15 ----A---- C:\Windows\system32\lsass.exe
2016-05-11 12:45:15 ----A---- C:\Windows\system32\drivers\appid.sys
2016-05-11 12:45:15 ----A---- C:\Windows\system32\cryptbase.dll
2016-05-11 12:45:15 ----A---- C:\Windows\system32\credssp.dll
2016-05-11 12:45:15 ----A---- C:\Windows\system32\auditpol.exe
2016-05-11 12:45:15 ----A---- C:\Windows\system32\appidsvc.dll
2016-05-11 12:45:15 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2016-05-11 12:45:15 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2016-05-11 12:45:15 ----A---- C:\Windows\system32\appidapi.dll
2016-05-11 12:45:15 ----A---- C:\Windows\system32\adtschema.dll
2016-05-11 12:45:04 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2016-05-11 12:45:04 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2016-05-11 12:45:04 ----A---- C:\Windows\system32\cdd.dll
2016-05-10 19:38:12 ----D---- C:\ProgramData\Google
2016-05-10 19:36:40 ----A---- C:\Windows\system32\aswBoot.exe
2016-05-10 19:21:04 ----A---- C:\Windows\system32\drivers\aswKbd.sys
2016-05-10 19:21:03 ----A---- C:\Windows\system32\drivers\aswNetSec.sys
2016-05-10 19:20:36 ----A---- C:\Windows\avastSS.scr
2016-05-10 19:20:22 ----A---- C:\Windows\system32\drivers\aswNetNd6.sys
======List of files/folders modified in the last 1 month======
2016-06-07 18:22:23 ----D---- C:\Windows\Temp
2016-06-07 18:22:12 ----D---- C:\Program Files
2016-06-07 18:18:35 ----D---- C:\Users\Radek\AppData\Roaming\Seznam.cz
2016-06-07 18:15:44 ----D---- C:\Windows\system32\config
2016-06-07 18:12:11 ----D---- C:\ProgramData\TorchCrashHandler
2016-06-07 18:11:48 ----D---- C:\Program Files\TrueKey
2016-06-06 20:48:49 ----D---- C:\Users\Radek\AppData\Roaming\.minecraft
2016-06-06 18:54:41 ----SHD---- C:\Windows\Installer
2016-06-06 18:54:26 ----D---- C:\Program Files\McAfee
2016-06-05 11:48:19 ----D---- C:\Scenes
2016-06-05 11:48:19 ----D---- C:\KD
2016-06-05 11:48:19 ----A---- C:\Windows\win.ini
2016-06-05 11:47:46 ----D---- C:\Windows\Prefetch
2016-06-02 21:10:06 ----HD---- C:\ProgramData
2016-06-01 07:18:13 ----D---- C:\Users\Radek\AppData\Roaming\vlc
2016-05-29 11:00:27 ----D---- C:\Windows\System32
2016-05-29 11:00:27 ----D---- C:\Windows\inf
2016-05-29 11:00:27 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-05-26 22:28:59 ----D---- C:\Windows\winsxs
2016-05-26 22:28:58 ----SD---- C:\Windows\system32\GWX
2016-05-21 09:18:19 ----D---- C:\Windows\system32\catroot2
2016-05-16 19:33:12 ----D---- C:\ProgramData\McAfee
2016-05-13 03:00:13 ----D---- C:\Windows\system32\appraiser
2016-05-12 17:56:31 ----SHD---- C:\System Volume Information
2016-05-12 17:56:30 ----D---- C:\Windows\Logs
2016-05-12 09:05:30 ----D---- C:\Windows\rescache
2016-05-11 16:01:20 ----D---- C:\Windows\Microsoft.NET
2016-05-11 16:01:16 ----RSD---- C:\Windows\assembly
2016-05-11 15:32:15 ----D---- C:\Install
2016-05-11 15:21:02 ----D---- C:\Program Files\Mozilla Firefox
2016-05-11 15:07:29 ----D---- C:\Windows\ehome
2016-05-11 15:07:29 ----D---- C:\Program Files\Windows Journal
2016-05-11 15:07:28 ----D---- C:\Windows\system32\en-US
2016-05-11 15:07:28 ----D---- C:\Windows\system32\cs-CZ
2016-05-11 15:07:27 ----D---- C:\Program Files\Internet Explorer
2016-05-11 15:07:26 ----D---- C:\Windows\system32\drivers
2016-05-11 13:00:58 ----D---- C:\Windows\system32\MRT
2016-05-11 12:52:39 ----A---- C:\Windows\system32\MRT.exe
2016-05-11 12:43:07 ----D---- C:\Windows\Tasks
2016-05-11 12:43:06 ----D---- C:\Windows\system32\Tasks
2016-05-10 20:13:13 ----D---- C:\Program Files\The Logo Creator v4
2016-05-10 20:12:31 ----HD---- C:\Program Files\InstallShield Installation Information
2016-05-10 20:09:53 ----D---- C:\Program Files\Google
2016-05-10 20:09:10 ----D---- C:\Program Files\Free Videos To DVD
2016-05-10 19:36:32 ----D---- C:\Windows
2016-05-10 19:21:17 ----D---- C:\Windows\system32\DriverStore
2016-05-10 19:20:40 ----D---- C:\ProgramData\AVAST Software
2016-05-10 19:20:26 ----D---- C:\Program Files\AVAST Software
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2016-05-10 58776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2016-05-10 221368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2016-01-02 329384]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2016-05-10 35096]
R1 aswNetSec;aswNetSec; C:\Windows\system32\drivers\aswNetSec.sys [2016-05-10 334776]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2016-05-10 91232]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-05-10 815792]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-05-10 449640]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 eusk2par;Aladdin SmartKey Parallel Driver; \??\C:\Windows\system32\Drivers\eusk2par.sys [2008-12-18 25680]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2016-05-10 32792]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2016-05-10 91168]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2016-05-10 124808]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 aswNetNd6;Avast Firewall NDIS6 Helper; C:\Windows\system32\DRIVERS\aswNetNd6.sys [2016-05-10 26776]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2010-03-31 8744448]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2011-08-16 3648424]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2011-06-01 393320]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2011-05-13 30312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2016-01-02 26168]
S3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\Windows\system32\DRIVERS\dtliteusbbus.sys [2016-01-02 40504]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver; C:\Windows\System32\Drivers\EtronHub3.sys []
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver; C:\Windows\System32\Drivers\EtronXHCI.sys []
S3 eusk3usb;SmartKey 3 USB; C:\Windows\System32\Drivers\eusk3usb.sys [2005-08-22 43968]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2013-02-05 49664]
S3 ggflt;SOMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2015-08-14 13528]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2013-01-15 25200]
S3 ggsomc;SOMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsomc.sys [2015-08-14 26328]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2015-06-11 15872]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 136808]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-05-13 114280]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 36352]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;YunOS USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
S4 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-05-10 243296]
R2 avast! Firewall;Avast Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2016-05-10 370656]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 IntelBCAsvc;Intel(R) Biometric and Context Agent Service; C:\Program Files\Intel\BCA\pabeSvc.exe [2015-11-25 2353816]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 TorchCrashHandler;Torch Crash Handler; C:\Users\Radek\AppData\Local\Torch\Update\TorchCrashHandler.exe [2014-02-24 1216520]
R2 TrueKey;Intel Security True Key; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [2016-05-16 879952]
R2 TrueKeyScheduler;Intel Security True Key Scheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [2016-05-16 16792]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 1713904]
S2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service; C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2012-01-05 75624]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S2 InstallerService;Service Installer TrueKey; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe []
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2013-02-05 1512448]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2016-05-10 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-04-23 102912]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2016-05-03 146888]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [2015-06-10 155520]
S3 TrueKeyServiceHelper;TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [2016-05-16 73968]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-10-19 1343400]
S4 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2012-12-16 72704]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-02 269504]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2014-04-11 45744]
S4 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe []
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 TeamViewer7;TeamViewer 7; C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe [2012-08-31 2754984]
-----------------EOF-----------------
info.txt logfile of random's system information tool 1.10 2016-06-07 18:23:05
======MBR======
0x33C08ED0BC007CFB5007501FFCBE1B7CBF1B065057B9E501F3A4CBBDBE07B104386E007C09751383C510E2F4CD188BF583C610497419382C74F6A0B507B4078BF0AC3C0074FCBB0700B40ECD10EBF2884E10E84600732AFE4610807E040B740B807E040C7405A0B60775D2804602068346080683560A00E821007305A0B607EBBC813EFE7D55AA740B807E100074C8A0B707EBA98BFC1E578BF5CBBF05008A5600B408CD1372238AC1243F988ADE8AFC43F7E38BD186D6B106D2EE42F7E239560A77237205394608731CB80102BB007C8B4E028B5600CD1373514F744E32E48A5600CD13EBE48A560060BBAA55B441CD13723681FB55AA7530F6C101742B61606A006A00FF760AFF76086A0068007C6A016A10B4428BF4CD136161730E4F740B32E48A5600CD13EBD661F9C3496E76616C696420706172746974696F6E207461626C65004572726F72206C6F6164696E67206F7065726174696E672073797374656D004D697373696E67206F7065726174696E672073797374656D000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002C4463A00B87E300000001010007FEFFFF3F000000809D841E00FEFFFF0FFEFFFFBF9D841E82AEB31B000000000000000000000000000000000000000000000000000000000000000055AA
======Uninstall list======
Adobe Flash Player 19 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil32_19_0_0_245_ActiveX.exe -maintain activex
Adobe Flash Player 21 NPAPI-->C:\Windows\system32\Macromed\Flash\FlashUtil32_21_0_0_197_Plugin.exe -maintain plugin
Adobe Reader XI (11.0.07) - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-AB0000000001}
Adobe Shockwave Player 12.2-->"C:\Windows\system32\Adobe\Shockwave 12\uninstaller.exe"
Avast Premier-->C:\Program Files\AVAST Software\Avast\Setup\Instup.exe /control_panel
D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF}
FormatFactory 2.96-->C:\Program Files\FreeTime\FormatFactory\uninst.exe
Fotogalerie-->MsiExec.exe /X{AEA7CE08-09DC-4186-99FD-66A26F3B8B21}
Fotolab Fotosvet-->"C:\Program Files\Fotolab\Fotolab Fotosvet\uninstall.exe"
GIMP 2.8.14-->"C:\Program Files\GIMP 2\uninst\unins000.exe"
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_F3B2E431EE169D71.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
Google Update Helper-->MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
HF Designer 5.2-->"C:\Program Files\HF Designer\unins000.exe"
Intel Security True Key-->C:\Program Files\TrueKey\Mcafee.TrueKey.Uninstaller.Exe
Intel(R) Biometric and Context Agent Redistributables-->MsiExec.exe /X{DD17408A-4066-45D6-8F83-F329C3AFAA6D}
Intel(R) Biometric and Context Agent-->MsiExec.exe /X{A8C4BCA1-00FE-4CC4-B8E4-E56CEA270C89}
Intel(R) Graphics Media Accelerator Driver-->C:\Program Files\Intel\Intel(R) Graphics Media Accelerator Driver\Uninstall\setup.exe -uninstall
IrfanView (remove only)-->"C:\Program Files\IrfanView\iv_uninstall.exe"
Java 8 Update 77-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83218077F0}
Junk Mail filter update-->MsiExec.exe /I{F6F30C28-38AA-4DBA-AE0B-7E30238E61BB}
KitchenDraw 5.0-->C:\KD\UNWISE.EXE C:\KD\INSTALL.LOG
KitchenDraw 6.0-->"c:\KD\unins000.exe"
LibreOffice 3.3-->MsiExec.exe /I{CEE2613D-3B53-4447-BA2D-E88C08272581}
Microsoft .NET Framework 4.5.2 (CSY)-->MsiExec.exe /X{69EDC871-8A8A-34A8-B511-FF7CE3C4B0B7}
Microsoft .NET Framework 4.5.2 (čeština)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.51209\CSY\\Setup.exe /repair /x86 /lcid 1029
Microsoft .NET Framework 4.5.2-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.51209\\Setup.exe /repair /x86
Microsoft .NET Framework 4.5.2-->MsiExec.exe /X{3911CF56-9EF2-39BA-846A-C27BD3CD0685}
Microsoft Office Word Viewer 2003-->MsiExec.exe /I{90850405-6000-11D3-8CFE-0150048383C9}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729-->MsiExec.exe /X{6AFCA4E1-9B78-3640-8F72-A7BF33448200}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501-->"C:\ProgramData\Package Cache\{f65db027-aff3-4070-886a-0d87064aabb1}\vcredist_x86.exe" /uninstall
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005-->MsiExec.exe /X{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005-->MsiExec.exe /X{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}
Microsoft XNA Framework Redistributable 3.1-->MsiExec.exe /I{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}
Movie Maker-->MsiExec.exe /X{379A0618-EF50-423C-9637-EEB2D25A4BB4}
Movie Maker-->MsiExec.exe /X{45898170-E68C-4F02-AA35-C2186BF347A3}
Movies Search App for Firefox (Dist. by Koyote-Lab, Inc.)-->C:\PROGRA~1\MOVIES~1\Datamngr\SRTOOL~1\FF\uninstall.exe /UN=FF /PID=KYT2-DTX /PCD=IMH
Movies Search App for Internet Explorer (Dist. by Koyote-Lab, Inc.)-->C:\PROGRA~1\MOVIES~1\Datamngr\SRTOOL~1\IE\uninstall.exe /UN=IE /PID=KYT2-DTX /PCD=IMH
Mozilla Firefox 46.0.1 (x86 cs)-->"C:\Program Files\Mozilla Firefox\uninstall\helper.exe"
Mozilla Maintenance Service-->"C:\Program Files\Mozilla Maintenance Service\uninstall.exe"
Mozilla Sunbird (0.9)-->C:\Program Files\Mozilla Sunbird\uninstall\uninst.exe
MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
MSVCRT110-->MsiExec.exe /I{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MyPhoneExplorer-->C:\Program Files\MyPhoneExplorer\uninstall.exe
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Optimik 2.36c-->"C:\Program Files\Optimik\unins000.exe"
Ovečky-->C:\Program Files\Ovečky\Uninstall.exe
Photo Common-->MsiExec.exe /X{23AAEBF8-12B1-43EA-B75D-CDC613CA6CB4}
Photo Gallery-->MsiExec.exe /X{0F929651-F516-4956-90F2-FFBD2CD5D30E}
Realtek Ethernet Controller Driver-->C:\Program Files\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly
SafeZone Stable 1.48.2066.101-->"C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" /uninstall
Samsung Printer Live Update-->C:\Program Files\SamsungPrinterLiveUpdateInstaller\uninstall.exe
Security Update for Microsoft .NET Framework 4.5.2 (KB3074230)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {CCEC28F6-82A2-35B0-8FE6-39C22A698F23}
Security Update for Microsoft .NET Framework 4.5.2 (KB3074550)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {A4953275-5880-3E7F-ABC2-BE1904624135}
Security Update for Microsoft .NET Framework 4.5.2 (KB3097996)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {63474770-8265-373F-8E8A-63BE4DB58739}
Security Update for Microsoft .NET Framework 4.5.2 (KB3098781)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {DB389F39-13F5-33DE-B9A2-C2AF6E3D4EDE}
Security Update for Microsoft .NET Framework 4.5.2 (KB3122656)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {BCC414C0-8FCC-3249-B692-4A832E0A9326}
Security Update for Microsoft .NET Framework 4.5.2 (KB3127229)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {DB5B33BE-851E-30AC-AFEC-32082B3448EC}
Security Update for Microsoft .NET Framework 4.5.2 (KB3135996)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {0B89053B-566E-3125-810C-4CFC467F6F39}
Security Update for Microsoft .NET Framework 4.5.2 (KB3142033)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {493E2572-1668-339D-A3C8-A39CBBB2B4E1}
Smart File Advisor 1.1.6-->"C:\Program Files\Smart File Advisor\unins000.exe"
Sony Mobile Update Engine-->C:\Program Files\Sony Mobile\Update Engine\uninst.exe
Sony PC Companion 2.10.303-->"C:\Program Files\InstallShield Installation Information\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}\setup.exe" -runfromtemp -l0x0409 -removeonly
Stickies 7.1a-->C:\Windows\uninstallstickies.bat
swMSM-->MsiExec.exe /I{612C34C7-5E90-47D8-9B5C-0F717DD82726}
Tajemná písmena-->C:\Program Files\Tajemná písmena\Uninstall.exe
Tajuplný ostrov-->C:\Program Files\Tajuplný ostrov\Uninstall.exe
TeamViewer 7-->C:\Program Files\TeamViewer\Version7\uninstall.exe
Total Commander (Remove or Repair)-->c:\totalcmd\tcuninst.exe
Turtix-->C:\Program Files\Turtix\Uninstall.exe
Universal Adb Driver-->MsiExec.exe /I{D9C4202E-6D51-4B06-A8F1-22316E654BCA}
Update Manager-->MsiExec.exe /I{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}
UsbFix-->C:\UsbFix\Un-UsbFix.exe
VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
Visual Studio 2012 x86 Redistributables-->MsiExec.exe /I{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}
VLC media player-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Live Communications Platform-->MsiExec.exe /I{03D562B5-C4E2-4846-A920-33178788BE00}
Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{9976E0BD-56A6-4A32-8597-B80FCE62063A}
Windows Live Family Safety-->MsiExec.exe /I{15F16DD9-670C-4B8F-9F92-BC358AB814BD}
Windows Live Family Safety-->MsiExec.exe /X{BF286606-9E68-472C-BAEA-41162F2BF4D1}
Windows Live ID Sign-in Assistant-->MsiExec.exe /I{8256F87F-8554-4457-8C3D-3F3324697D9F}
Windows Live Installer-->MsiExec.exe /I{5A0EE0F0-E909-4F3B-B437-AAD9252427CB}
Windows Live Mail-->MsiExec.exe /I{B6FF40EA-AEF2-46FF-9516-9A6512901B97}
Windows Live Mail-->MsiExec.exe /I{D604900F-A275-416C-AF9D-CDEDF58B72DB}
Windows Live Messenger-->MsiExec.exe /X{B286BAC3-CBE6-4854-BF68-EB72A34CEA56}
Windows Live Messenger-->MsiExec.exe /X{C82E0493-CDCF-4583-8DAE-59CC7EC4B2FE}
Windows Live MIME IFilter-->MsiExec.exe /I{D8E4163F-7ED2-429A-B8C5-C7CE5B797831}
Windows Live Photo Common-->MsiExec.exe /X{C6B0EE9E-2128-4448-B7AE-5E2B46E0F0E7}
Windows Live PIMT Platform-->MsiExec.exe /I{E3445598-4424-4EE2-B71C-C23325F7FB71}
Windows Live SOXE Definitions-->MsiExec.exe /I{0FF9CC94-EF23-401E-BDBD-37403D1A2B38}
Windows Live SOXE-->MsiExec.exe /I{6B6923B9-8719-425B-916C-CD2908F31AAF}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{D310DD60-9EF2-4C9C-AD66-A58185A1C7CB}
Windows Live UX Platform-->MsiExec.exe /I{F0E58739-2B4C-498F-9B0D-FF0F2FD52B61}
Windows Live Writer Resources-->MsiExec.exe /X{BADEEBDE-ABAF-4650-9149-51614651A1A0}
Windows Live Writer-->MsiExec.exe /X{AAA94EAA-40A4-458C-9D86-D1DA765B51D5}
Windows Live Writer-->MsiExec.exe /X{E5603D65-60FC-47A6-AAC3-D5448227E963}
Windows Live Writer-->MsiExec.exe /X{EFBCA571-617D-484A-9ECA-E301BB6D0750}
Windows Movie Maker 2.6-->MsiExec.exe /X{B3DAF54F-DB25-4586-9EF1-96D24BB14088}
WinRAR 4.20 (32-bit)-->C:\Program Files\WinRAR\uninstall.exe
Zoner Photo Studio 16-->"C:\Program Files\Zoner\Photo Studio 16\unins000.exe"
Ztracený poklad 1.2-->"C:\Program Files\Ztracený poklad\unins000.exe"
======System event log======
Computer Name: Radek-PC
Event Code: 7036
Message: Stav služby Služba Plánovač multimédií byl změněn na: Zastaveno
Record Number: 379714
Source Name: Service Control Manager
Time Written: 20160110174824.439723-000
Event Type: Informace
User:
Computer Name: Radek-PC
Event Code: 7036
Message: Stav služby Funkčnost aplikací byl změněn na: Zastaveno
Record Number: 379713
Source Name: Service Control Manager
Time Written: 20160110174749.199261-000
Event Type: Informace
User:
Computer Name: Radek-PC
Event Code: 7036
Message: Stav služby Služba WinHTTP WPAD byl změněn na: Zastaveno
Record Number: 379712
Source Name: Service Control Manager
Time Written: 20160110174325.215597-000
Event Type: Informace
User:
Computer Name: Radek-PC
Event Code: 104
Message: Byl vymazán soubor protokolu Windows PowerShell.
Record Number: 379711
Source Name: Microsoft-Windows-Eventlog
Time Written: 20160110174320.775586-000
Event Type: Informace
User: Radek-PC\Radek
Computer Name: Radek-PC
Event Code: 104
Message: Byl vymazán soubor protokolu System.
Record Number: 379710
Source Name: Microsoft-Windows-Eventlog
Time Written: 20160110174320.728786-000
Event Type: Informace
User: Radek-PC\Radek
=====Application event log=====
Computer Name: Radek-PC
Event Code: 1033
Message: Zásady budou vyloučeny, protože jsou definovány jen s atributem Pouze přepsat.
Názvy zásad=(IIS-W3SVC-MaxConcurrentRequests) (Microsoft.Windows.Smc-Enabled) (Telnet-Client-EnableTelnetClient) (Telnet-Server-EnableTelnetServer) (TiffIFilterLicensing-EnableTiffIFilter) (nfs-admincmdtools-enabled) (nfs-adminmmc-enabled) (nfs-clientcmdtools-enabled) (nfs-clientcore-enabled) (sua-EnableSUA)
ID aplikace=55c92734-d682-4d71-983e-d6ec3f16059f
ID SKU=7cfd4696-69a9-4af7-af36-ff3d12b6b6c8
Record Number: 84712
Source Name: Microsoft-Windows-Security-SPP
Time Written: 20160110195057.000000-000
Event Type: Informace
User:
Computer Name: Radek-PC
Event Code: 1066
Message: Inicializační stav pro objekty služby
C:\Windows\system32\sppwinob.dll, msft:spp/windowsfunctionality/agent/7.0, 0x00000000, 0x00000000
C:\Windows\system32\sppobjs.dll, msft:rm/algorithm/phone/1.0, 0x00000000, 0x00000000
C:\Windows\system32\sppobjs.dll, msft:rm/algorithm/pkey/2005, 0x00000000, 0x00000000
C:\Windows\system32\sppobjs.dll, msft:spp/TaskScheduler/1.0, 0x00000000, 0x00000000
C:\Windows\system32\sppobjs.dll, msft:spp/volume/services/kms/1.0, 0x00000000, 0x00000000
C:\Windows\system32\sppobjs.dll, msft:spp/volume/services/kms/licenserenewal/1.0, 0x00000000, 0x00000000
Record Number: 84711
Source Name: Microsoft-Windows-Security-SPP
Time Written: 20160110195056.000000-000
Event Type: Informace
User:
Computer Name: Radek-PC
Event Code: 900
Message: Služba Ochrana softwaru se spouští.
Record Number: 84710
Source Name: Microsoft-Windows-Security-SPP
Time Written: 20160110195056.000000-000
Event Type: Informace
User:
Computer Name: Radek-PC
Event Code: 10001
Message: Ukončování relace 1, zahájení 2016-01-10T18:06:27.540297300Z.
Record Number: 84709
Source Name: Microsoft-Windows-RestartManager
Time Written: 20160110180627.555897-000
Event Type: Informace
User: Radek-PC\Radek
Computer Name: Radek-PC
Event Code: 10000
Message: Zahajování relace 1 – 2016-01-10T18:06:27.540297300Z.
Record Number: 84708
Source Name: Microsoft-Windows-RestartManager
Time Written: 20160110180627.540297-000
Event Type: Informace
User: Radek-PC\Radek
=====Security event log=====
Computer Name: Radek-PC
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
Oprávnění: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 108080
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20160110183947.198436-000
Event Type: Úspěšný audit
User:
Computer Name: Radek-PC
Event Code: 4624
Message: Účet byl úspěšně přihlášen.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: RADEK-PC$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7
Typ přihlášení: 5
Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}
Informace o procesu:
ID procesu: 0x24c
Název procesu: C:\Windows\System32\services.exe
Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -
Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0
Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.
Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.
Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).
Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.
Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.
Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 108079
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20160110183947.198436-000
Event Type: Úspěšný audit
User:
Computer Name: Radek-PC
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
Oprávnění: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 108078
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20160110180214.925428-000
Event Type: Úspěšný audit
User:
Computer Name: Radek-PC
Event Code: 4624
Message: Účet byl úspěšně přihlášen.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: RADEK-PC$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7
Typ přihlášení: 5
Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}
Informace o procesu:
ID procesu: 0x24c
Název procesu: C:\Windows\System32\services.exe
Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -
Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0
Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.
Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.
Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).
Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.
Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.
Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 108077
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20160110180214.925428-000
Event Type: Úspěšný audit
User:
Computer Name: Radek-PC
Event Code: 1102
Message: Protokol auditu byl vymazán.
Předmět:
ID zabezpečení: S-1-5-21-13920682-1251540043-472326298-1000
Název účtu: Radek
Název domény: Radek-PC
ID přihlášení: 0x1ba2b
Record Number: 108076
Source Name: Microsoft-Windows-Eventlog
Time Written: 20160110174320.666386-000
Event Type: Úspěšný audit
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\ProgramData\Oracle\Java\javapath;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Windows Live\Shared;C:\Program Files\Xpress Software\AIDC\Advanced ID Creator
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=2
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 10, GenuineIntel
"PROCESSOR_REVISION"=170a
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím kontrolu logu, pc nezobrazuje obsah flash pamětí
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím kontrolu logu, pc nezobrazuje obsah flash pamětí
Zdravím!
Jak je na tom váš oper. systém s legalitou?
Jak je na tom váš oper. systém s legalitou?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím kontrolu logu, pc nezobrazuje obsah flash pamětí
Zdravím, mělo by být vše v pořádku, štítek i aktivace je v pořádku. 
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím kontrolu logu, pc nezobrazuje obsah flash pamětí
OK. Udělejte tento sken:
Stáhněte a spusťte OTL: http://oldtimer.geekstogo.com/OTL.exe . Spusťte, zaškrněte "Pro všechny uživatele", Kontrola na havěť LOP" a Kontrola na hvěť PURITY" a do dolního bílého okna zkopírujte:
Stáhněte a spusťte OTL: http://oldtimer.geekstogo.com/OTL.exe . Spusťte, zaškrněte "Pro všechny uživatele", Kontrola na havěť LOP" a Kontrola na hvěť PURITY" a do dolního bílého okna zkopírujte:
a klikněte na >Prohledat<. Dejte oba logy.CREATERESTOREPOINT
netsvcs
drivers32
savembr:0
/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop
%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5
%SystemDrive%\PhysicalMBR.bin /md5
*crack* /s
*keygen* /s
*loader* /s
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím kontrolu logu, pc nezobrazuje obsah flash pamětí
OTL Extras logfile created on: 7.6.2016 21:46:05 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Radek\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18314)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,22 Gb Total Physical Memory | 1,65 Gb Available Physical Memory | 51,43% Memory free
6,43 Gb Paging File | 4,81 Gb Available in Paging File | 74,79% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 596,07 Gb Total Space | 226,66 Gb Free Space | 38,02% Space Free | Partition Type: NTFS
Drive D: | 109,77 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive E: | 244,14 Gb Total Space | 2,42 Gb Free Space | 0,99% Space Free | Partition Type: NTFS
Drive F: | 221,62 Gb Total Space | 15,89 Gb Free Space | 7,17% Space Free | Partition Type: NTFS
Computer Name: RADEK-PC | User Name: Radek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_USERS\.DEFAULT\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
[HKEY_USERS\S-1-5-18\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
[HKEY_USERS\S-1-5-21-13920682-1251540043-472326298-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Program Files\Smart File Advisor\sfa.exe" /unknown "%1" (Filefacts.net)
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Browse with &IrfanView] -- "C:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [CEWE prezentace] -- "C:\Program Files\Fotolab\Fotolab Fotosvet\CEWE prezentace.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Fotolab Fotosvet] -- "C:\Program Files\Fotolab\Fotolab Fotosvet\Fotolab Fotosvet.exe" "%1" ()
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02443430-1816-4DC5-B44A-B9B8B5D804D7}" = rport=10243 | protocol=6 | dir=out | app=system |
"{0DB55C80-F696-4872-8A29-1FB181809426}" = lport=138 | protocol=17 | dir=in | app=system |
"{232AEEA9-8334-4211-B5F5-1017E55993B9}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{25101A7E-4E3A-4C01-B363-66256022EC47}" = lport=3478 | protocol=17 | dir=in | name=war thunder |
"{284CE83F-26BB-4774-82D2-775F644803BA}" = rport=445 | protocol=6 | dir=out | app=system |
"{2E5B4C17-2BFD-4851-B6D4-5BA29EA70EA9}" = lport=80 | protocol=6 | dir=in | name=war thunder |
"{321AD310-2DD6-4601-AA5E-9167A9FC89A1}" = lport=6881 | protocol=6 | dir=in | name=war thunder |
"{422E4E35-7ABE-4458-A5C3-07EB2B4DF1DA}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\google\chrome\application\chrome.exe |
"{44812B82-2E8C-4BC6-AC96-866270FA8F01}" = lport=20010 | protocol=17 | dir=in | name=war thunder |
"{52ACBCAE-7EFA-4502-B173-E67C75EB8BB1}" = lport=10243 | protocol=6 | dir=in | app=system |
"{5837EE36-624F-4599-8761-1CAC97401C83}" = lport=8090 | protocol=6 | dir=in | name=war thunder |
"{633AE330-4F5A-4A63-84C9-A36CB985DE41}" = lport=137 | protocol=17 | dir=in | app=system |
"{6B318683-64A4-41EE-A5C5-F7FB8FB0A17C}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{6F622A75-19CE-4D93-AC49-4E9415306A24}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{765109C2-698E-4E28-B07A-941DB184BFC3}" = lport=7852 | protocol=6 | dir=in | name=war thunder |
"{7D0BFA8E-1F08-4E45-87EA-BA78C303CE44}" = rport=137 | protocol=17 | dir=out | app=system |
"{7E23E9BF-58B4-4A28-8278-DCBBA58C201C}" = lport=445 | protocol=6 | dir=in | app=system |
"{86FC59F9-A1BA-41D3-A650-63B7FFB8EB44}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{8D8E4681-0929-4648-B973-1129C9A80ABA}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{90FE4889-BE57-469A-898A-7F33E3D4BD39}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{91BC9028-79EC-4BD2-BB5B-5EE001CE2E1B}" = lport=20443 | protocol=6 | dir=in | name=war thunder |
"{91BE4508-A952-451D-B48A-77C73381B80B}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{95FED4F9-FF6D-466B-91DA-2024F2E6E5F8}" = lport=7853 | protocol=6 | dir=in | name=war thunder |
"{A15C7946-2A8D-4A28-A68F-E5A91924790C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A6242DA5-00F9-4A96-BC04-4CF30FBAAA4F}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{C56B238F-2A5F-43E6-9823-3AFF715297FE}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C5F01B3A-6DEA-4D3F-9AB2-4978DB422321}" = rport=138 | protocol=17 | dir=out | app=system |
"{C8A7C5B5-0E3E-4B3F-9829-B10C2F821610}" = lport=443 | protocol=6 | dir=in | name=war thunder |
"{CF09C014-D70A-44E3-94B2-C63E2090E828}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CFDC0956-A67E-40E2-8639-C1A1DA059A61}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D0104FC5-B62E-4D53-AF10-3B1C26D4F493}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D6DC7DA4-E552-421F-82D9-6437F82AA178}" = lport=139 | protocol=6 | dir=in | app=system |
"{E13BD079-A252-4928-B622-ECE57393CC4A}" = lport=2869 | protocol=6 | dir=in | app=system |
"{E702F12D-A858-4596-91D5-A778BC22BA11}" = lport=27022 | protocol=6 | dir=in | name=war thunder |
"{F4D424C4-5452-4451-B886-27A304C32317}" = lport=7850 | protocol=6 | dir=in | name=war thunder |
"{F4FF1FD0-A107-4065-8D4D-256326209217}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FC73E331-4B85-418D-B52A-0CE608E9C570}" = rport=139 | protocol=6 | dir=out | app=system |
"{FD1135E5-2571-49F1-9A1D-D1FD218837DE}" = lport=33333 | protocol=6 | dir=in | name=war thunder |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07D21149-D4FF-471C-B071-9E0FE9668EDA}" = protocol=6 | dir=in | app=c:\program files\maxthon\bin\mxup.exe |
"{167D2C54-14DB-4AFE-B625-47EA671189BB}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1B30E0E4-1F90-42A1-B7B0-CF0633C3F46E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{1BE584B6-B8F9-473F-836E-938846495B8A}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{2BD7E028-B4A6-4B40-BC28-5F1786FDD0CB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{335705F2-481C-4923-AA3F-C67B62249491}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version7\teamviewer_service.exe |
"{3673DCF8-99C4-40F6-A346-CC65BFAC125B}" = protocol=17 | dir=in | app=c:\program files\sony mobile\update engine\sony mobile update engine.exe |
"{3BC2A5C6-AE37-4F0B-9D87-6775E8722D46}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3E3C212B-51D3-4934-A6C9-6AF16F596480}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{46752FF5-9BF2-4984-968B-EAAC42B66494}" = dir=in | app=c:\users\radek\appdata\local\torch\plugins\hola\hola_plugin.exe |
"{467A8610-5487-415C-812B-73F0AF8DDCA1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4AB8EA5D-4590-4091-98E3-BCF5397CB9B1}" = protocol=17 | dir=in | app=c:\program files\maxthon\bin\maxthon.exe |
"{4C0D6703-CA53-4580-A3D0-22E1B9BC49C4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{57DA0B07-3973-4BFA-BC16-EB1B47ABFE74}" = dir=out | app=c:\games\world_of_tanks\wotlauncher.exe |
"{581C0F6C-1E11-478F-B2F6-41ABF3B22C23}" = protocol=17 | dir=in | app=c:\program files\maxthon\bin\mxup.exe |
"{58B4EF85-A775-4BD1-9F1A-1C8E33F5E8E4}" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"{610EBBDF-43AA-40D8-8A96-FD07B1D78571}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{68D371D9-C9D5-4FC2-B5D7-4E30B10682FC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{767CA61E-7FC7-4464-9A23-D226D16BF9A1}" = protocol=6 | dir=in | app=c:\program files\maxthon\bin\maxthon.exe |
"{76884D5D-267C-4612-95DD-4D7172327E56}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{79D3C0FA-B8FE-49B1-9EC4-3BD948B2D365}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{81D9986A-5490-4D19-B05F-A4E3C025613C}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{84FCD33A-EBC8-4DBE-85C5-094142893C74}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{8E574FF1-F3E9-4E3B-9B40-535144C51F60}" = dir=in | app=c:\users\radek\appdata\local\torch\application\torch.exe |
"{9F98AE8E-75D6-42CA-9580-A308C4F43747}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{A57C91A0-FC15-4469-A365-736D293926DA}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version7\teamviewer.exe |
"{A9D158AB-6FE4-4A15-8B24-0BD7896D10EE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{ADC36552-8D9A-4E1F-86AD-D3CFDECB7709}" = protocol=6 | dir=in | app=c:\program files\sony mobile\update engine\sony mobile update engine.exe |
"{B6434F78-5738-4F76-A9F8-0E2DC751FC9E}" = dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"{B8BEECCB-4FD5-4D76-8813-8EE46E825CBE}" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"{BB7CFFC1-7E9D-4DF4-95DB-3DC99F6A2E2D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CACED96F-8AC4-46F1-9F33-7A0186E267E2}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version7\teamviewer.exe |
"{CC4A4A95-0904-4165-99F7-C66989A1EE3A}" = dir=out | app=c:\games\world_of_tanks\worldoftanks.exe |
"{D34C8690-A975-4D1B-943D-22DE45529D33}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version7\teamviewer_service.exe |
"{D3B4D40A-4B9A-4FF7-B129-4465AA832680}" = protocol=17 | dir=in | app=c:\program files\movies app\datamngr\srtool~1\ie\dtuser.exe |
"{D9D1AC7B-0B10-447F-A824-A76C1F3F7CF0}" = dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"{DD90D6DC-382B-46B9-9328-5BCF9EC61D8A}" = protocol=6 | dir=in | app=c:\program files\movies app\datamngr\srtool~1\ie\dtuser.exe |
"{FE3156AA-0304-486C-89F8-939794BD3B45}" = protocol=6 | dir=out | app=system |
"TCP Query User{386B1FD7-F3E8-4C5D-A41E-4FD061394BC8}C:\program files\java\jre1.8.0_77\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre1.8.0_77\bin\javaw.exe |
"TCP Query User{390669AE-98EB-4C5D-A429-54C38F248E3B}C:\games\world_of_warships\wowslauncher.exe" = protocol=6 | dir=in | app=c:\games\world_of_warships\wowslauncher.exe |
"TCP Query User{83BDF750-B9DA-4350-9FC2-808274370421}C:\program files\flatout\flatout.exe" = protocol=6 | dir=in | app=c:\program files\flatout\flatout.exe |
"TCP Query User{9D241028-3836-43DF-8E5A-A97F44965CC1}C:\program files\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe |
"TCP Query User{EE09D9EE-0BCE-42A0-94FD-01AE5154D4C9}C:\program files\myphoneexplorer\myphoneexplorer.exe" = protocol=6 | dir=in | app=c:\program files\myphoneexplorer\myphoneexplorer.exe |
"TCP Query User{FF21BF30-330A-493A-BF1A-D6B96D8E34CD}C:\totalcmd\totalcmd.exe" = protocol=6 | dir=in | app=c:\totalcmd\totalcmd.exe |
"UDP Query User{7C1EE2B2-7D21-4BFC-B1C6-A1F72D5B9C6D}C:\program files\myphoneexplorer\myphoneexplorer.exe" = protocol=17 | dir=in | app=c:\program files\myphoneexplorer\myphoneexplorer.exe |
"UDP Query User{8E7DA1B5-F3B1-4736-93A5-7663D389AC0D}C:\program files\flatout\flatout.exe" = protocol=17 | dir=in | app=c:\program files\flatout\flatout.exe |
"UDP Query User{A38940E0-A684-4E32-AA8F-9D632F3681E7}C:\program files\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe |
"UDP Query User{AABCA1D4-0A00-4631-A310-7CF81CF57A4C}C:\program files\java\jre1.8.0_77\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre1.8.0_77\bin\javaw.exe |
"UDP Query User{D06E5B40-D378-4443-9418-6F8DE8ADED0D}C:\totalcmd\totalcmd.exe" = protocol=17 | dir=in | app=c:\totalcmd\totalcmd.exe |
"UDP Query User{D581F1FA-1E18-4E24-9A84-8742805E01FB}C:\games\world_of_warships\wowslauncher.exe" = protocol=17 | dir=in | app=c:\games\world_of_warships\wowslauncher.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03D562B5-C4E2-4846-A920-33178788BE00}" = Windows Live Communications Platform
"{0F929651-F516-4956-90F2-FFBD2CD5D30E}" = Photo Gallery
"{0FF9CC94-EF23-401E-BDBD-37403D1A2B38}" = Windows Live SOXE Definitions
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{15F16DD9-670C-4B8F-9F92-BC358AB814BD}" = Windows Live Family Safety
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23AAEBF8-12B1-43EA-B75D-CDC613CA6CB4}" = Photo Common
"{26A24AE4-039D-4CA4-87B4-2F83218077F0}" = Java 8 Update 77
"{379A0618-EF50-423C-9637-EEB2D25A4BB4}" = Movie Maker
"{3911CF56-9EF2-39BA-846A-C27BD3CD0685}" = Microsoft .NET Framework 4.5.2
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{45898170-E68C-4F02-AA35-C2186BF347A3}" = Movie Maker
"{49A30D6B-CCD8-4741-91FD-0E3FCC0D3A13}_is1" = Ztracený poklad 1.2
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5A0EE0F0-E909-4F3B-B437-AAD9252427CB}" = Windows Live Installer
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{69EDC871-8A8A-34A8-B511-FF7CE3C4B0B7}" = Microsoft .NET Framework 4.5.2 (CSY)
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6B6923B9-8719-425B-916C-CD2908F31AAF}" = Windows Live SOXE
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{8256F87F-8554-4457-8C3D-3F3324697D9F}" = Windows Live ID Sign-in Assistant
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{90850405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.5.2 (čeština)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.2
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{9976E0BD-56A6-4A32-8597-B80FCE62063A}" = Windows Live Essentials
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A8C4BCA1-00FE-4CC4-B8E4-E56CEA270C89}" = Intel(R) Biometric and Context Agent
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAA94EAA-40A4-458C-9D86-D1DA765B51D5}" = Windows Live Writer
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.07) - Czech
"{AEA7CE08-09DC-4186-99FD-66A26F3B8B21}" = Fotogalerie
"{B286BAC3-CBE6-4854-BF68-EB72A34CEA56}" = Windows Live Messenger
"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6
"{B6FF40EA-AEF2-46FF-9516-9A6512901B97}" = Windows Live Mail
"{BADEEBDE-ABAF-4650-9149-51614651A1A0}" = Windows Live Writer Resources
"{BF286606-9E68-472C-BAEA-41162F2BF4D1}" = Windows Live Family Safety
"{C6B0EE9E-2128-4448-B7AE-5E2B46E0F0E7}" = Windows Live Photo Common
"{C82E0493-CDCF-4583-8DAE-59CC7EC4B2FE}" = Windows Live Messenger
"{CEE2613D-3B53-4447-BA2D-E88C08272581}" = LibreOffice 3.3
"{D310DD60-9EF2-4C9C-AD66-A58185A1C7CB}" = Windows Live UX Platform Language Pack
"{D604900F-A275-416C-AF9D-CDEDF58B72DB}" = Windows Live Mail
"{D642E38E-0D24-486C-9A2D-E316DD696F4B}" = Microsoft XML Parser
"{D8E4163F-7ED2-429A-B8C5-C7CE5B797831}" = Windows Live MIME IFilter
"{D9C4202E-6D51-4B06-A8F1-22316E654BCA}" = Universal Adb Driver
"{DD17408A-4066-45D6-8F83-F329C3AFAA6D}" = Intel(R) Biometric and Context Agent Redistributables
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3445598-4424-4EE2-B71C-C23325F7FB71}" = Windows Live PIMT Platform
"{E5603D65-60FC-47A6-AAC3-D5448227E963}" = Windows Live Writer
"{EFBCA571-617D-484A-9ECA-E301BB6D0750}" = Windows Live Writer
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.303
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver
"{F0E58739-2B4C-498F-9B0D-FF0F2FD52B61}" = Windows Live UX Platform
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}" = Update Manager
"{f65db027-aff3-4070-886a-0d87064aabb1}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
"{F6F30C28-38AA-4DBA-AE0B-7E30238E61BB}" = Junk Mail filter update
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 19 ActiveX
"Adobe Flash Player NPAPI" = Adobe Flash Player 21 NPAPI
"Adobe Shockwave Player" = Adobe Shockwave Player 12.2
"Avast" = Avast Free Antivirus
"CCleaner" = CCleaner
"FormatFactory" = FormatFactory 2.96
"Fotolab Fotosvet" = Fotolab Fotosvet
"GIMP-2_is1" = GIMP 2.8.14
"Google Chrome" = Google Chrome
"HappyFoto-Designer_is1" = HF Designer 5.2
"imeshkoyotesoftmoviestoolbarFF" = Movies Search App for Firefox (Dist. by Koyote-Lab, Inc.)
"imeshkoyotesoftmoviestoolbarIE" = Movies Search App for Internet Explorer (Dist. by Koyote-Lab, Inc.)
"IrfanView" = IrfanView (remove only)
"KitchenDraw 5.0" = KitchenDraw 5.0
"KitchenDraw_is1" = KitchenDraw 6.0
"Mozilla Firefox 46.0.1 (x86 cs)" = Mozilla Firefox 46.0.1 (x86 cs)
"Mozilla Sunbird (0.9)" = Mozilla Sunbird (0.9)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MPE" = MyPhoneExplorer
"Optimik_is1" = Optimik 2.36c
"Ovečky" = Ovečky
"SafeZone 1.48.2066.101" = SafeZone Stable 1.48.2066.101
"Samsung Printer Live Update" = Samsung Printer Live Update
"Smart File Advisor_is1" = Smart File Advisor 1.1.6
"Tajemná písmena" = Tajemná písmena
"Tajuplný ostrov" = Tajuplný ostrov
"TeamViewer 7" = TeamViewer 7
"Totalcmd" = Total Commander (Remove or Repair)
"TrueKey" = Intel Security True Key
"Turtix" = Turtix
"Update Engine" = Sony Mobile Update Engine
"Usbfix" = UsbFix
"VLC media player" = VLC media player
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.20 (32-bit)
"ZhornStickies" = Stickies 7.1a
"ZonerPhotoStudio16_CZ_is1" = Zoner Photo Studio 16
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-13920682-1251540043-472326298-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1" = World of Tanks
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C814eu}_is1" = World of Warships
"SeznamInstall" = Seznam Software
"SquareClock_Production_Home_Siko_Web" = Siko Web Kitchen Planner
"Torch" = Torch
"UnityWebPlayer" = Unity Web Player
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 29.5.2016 4:40:47 | Computer Name = Radek-PC | Source = System Restore | ID = 8193
Description =
Error - 29.5.2016 15:00:14 | Computer Name = Radek-PC | Source = System Restore | ID = 8193
Description =
Error - 30.5.2016 17:21:44 | Computer Name = Radek-PC | Source = System Restore | ID = 8193
Description =
Error - 30.5.2016 18:00:01 | Computer Name = Radek-PC | Source = System Restore | ID = 8193
Description =
Error - 31.5.2016 1:27:25 | Computer Name = Radek-PC | Source = System Restore | ID = 8193
Description =
Error - 31.5.2016 20:04:19 | Computer Name = Radek-PC | Source = System Restore | ID = 8193
Description =
Error - 2.6.2016 14:48:51 | Computer Name = Radek-PC | Source = System Restore | ID = 8193
Description =
Error - 3.6.2016 9:04:49 | Computer Name = Radek-PC | Source = System Restore | ID = 8193
Description =
Error - 5.6.2016 3:44:27 | Computer Name = Radek-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: kd_app.exe, verze: 0.0.0.0, časové razítko:
0x7acc478b Název chybujícího modulu: USER32.dll, verze: 6.1.7601.19061, časové razítko:
0x56423964 Kód výjimky: 0xc0000005 Posun chyby: 0x00014065 ID chybujícího procesu:
0x1694 Čas spuštění chybující aplikace: 0x01d1befe100d7f02 Cesta k chybující aplikaci:
C:\KD\kd_app.exe Cesta k chybujícímu modulu: C:\Windows\system32\USER32.dll ID zprávy:
53f7453a-2af1-11e6-b8ca-50e54920e336
Error - 7.6.2016 12:17:21 | Computer Name = Radek-PC | Source = System Restore | ID = 8193
Description =
[ System Events ]
Error - 5.6.2016 2:56:04 | Computer Name = Radek-PC | Source = Service Control Manager | ID = 7001
Description = Služba Protokol PNRP (Peer Name Resolution Protocol) závisí na službě
Správce identit sítě rovnocenných počítačů, která neuspěla při spuštění v důsledku
následující chyby: %%1053
Error - 5.6.2016 6:01:44 | Computer Name = Radek-PC | Source = Service Control Manager | ID = 7000
Description = Služba Service Installer TrueKey neuspěla při spuštění v důsledku
následující chyby: %%2
Error - 5.6.2016 12:09:51 | Computer Name = Radek-PC | Source = Service Control Manager | ID = 7000
Description = Služba Service Installer TrueKey neuspěla při spuštění v důsledku
následující chyby: %%2
Error - 6.6.2016 12:50:45 | Computer Name = Radek-PC | Source = Service Control Manager | ID = 7000
Description = Služba Service Installer TrueKey neuspěla při spuštění v důsledku
následující chyby: %%2
Error - 7.6.2016 12:12:05 | Computer Name = Radek-PC | Source = Service Control Manager | ID = 7000
Description = Služba Service Installer TrueKey neuspěla při spuštění v důsledku
následující chyby: %%2
Error - 7.6.2016 12:37:12 | Computer Name = Radek-PC | Source = Service Control Manager | ID = 7000
Description = Služba Service Installer TrueKey neuspěla při spuštění v důsledku
následující chyby: %%2
Error - 7.6.2016 13:01:16 | Computer Name = Radek-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk2\DR3.
Error - 7.6.2016 13:01:16 | Computer Name = Radek-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk2\DR3.
Error - 7.6.2016 13:01:17 | Computer Name = Radek-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk2\DR3.
Error - 7.6.2016 13:01:17 | Computer Name = Radek-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk2\DR3.
< End of report >
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Radek\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18314)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,22 Gb Total Physical Memory | 1,65 Gb Available Physical Memory | 51,43% Memory free
6,43 Gb Paging File | 4,81 Gb Available in Paging File | 74,79% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 596,07 Gb Total Space | 226,66 Gb Free Space | 38,02% Space Free | Partition Type: NTFS
Drive D: | 109,77 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive E: | 244,14 Gb Total Space | 2,42 Gb Free Space | 0,99% Space Free | Partition Type: NTFS
Drive F: | 221,62 Gb Total Space | 15,89 Gb Free Space | 7,17% Space Free | Partition Type: NTFS
Computer Name: RADEK-PC | User Name: Radek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_USERS\.DEFAULT\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
[HKEY_USERS\S-1-5-18\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
[HKEY_USERS\S-1-5-21-13920682-1251540043-472326298-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Program Files\Smart File Advisor\sfa.exe" /unknown "%1" (Filefacts.net)
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Browse with &IrfanView] -- "C:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [CEWE prezentace] -- "C:\Program Files\Fotolab\Fotolab Fotosvet\CEWE prezentace.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Fotolab Fotosvet] -- "C:\Program Files\Fotolab\Fotolab Fotosvet\Fotolab Fotosvet.exe" "%1" ()
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02443430-1816-4DC5-B44A-B9B8B5D804D7}" = rport=10243 | protocol=6 | dir=out | app=system |
"{0DB55C80-F696-4872-8A29-1FB181809426}" = lport=138 | protocol=17 | dir=in | app=system |
"{232AEEA9-8334-4211-B5F5-1017E55993B9}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{25101A7E-4E3A-4C01-B363-66256022EC47}" = lport=3478 | protocol=17 | dir=in | name=war thunder |
"{284CE83F-26BB-4774-82D2-775F644803BA}" = rport=445 | protocol=6 | dir=out | app=system |
"{2E5B4C17-2BFD-4851-B6D4-5BA29EA70EA9}" = lport=80 | protocol=6 | dir=in | name=war thunder |
"{321AD310-2DD6-4601-AA5E-9167A9FC89A1}" = lport=6881 | protocol=6 | dir=in | name=war thunder |
"{422E4E35-7ABE-4458-A5C3-07EB2B4DF1DA}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\google\chrome\application\chrome.exe |
"{44812B82-2E8C-4BC6-AC96-866270FA8F01}" = lport=20010 | protocol=17 | dir=in | name=war thunder |
"{52ACBCAE-7EFA-4502-B173-E67C75EB8BB1}" = lport=10243 | protocol=6 | dir=in | app=system |
"{5837EE36-624F-4599-8761-1CAC97401C83}" = lport=8090 | protocol=6 | dir=in | name=war thunder |
"{633AE330-4F5A-4A63-84C9-A36CB985DE41}" = lport=137 | protocol=17 | dir=in | app=system |
"{6B318683-64A4-41EE-A5C5-F7FB8FB0A17C}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{6F622A75-19CE-4D93-AC49-4E9415306A24}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{765109C2-698E-4E28-B07A-941DB184BFC3}" = lport=7852 | protocol=6 | dir=in | name=war thunder |
"{7D0BFA8E-1F08-4E45-87EA-BA78C303CE44}" = rport=137 | protocol=17 | dir=out | app=system |
"{7E23E9BF-58B4-4A28-8278-DCBBA58C201C}" = lport=445 | protocol=6 | dir=in | app=system |
"{86FC59F9-A1BA-41D3-A650-63B7FFB8EB44}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{8D8E4681-0929-4648-B973-1129C9A80ABA}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{90FE4889-BE57-469A-898A-7F33E3D4BD39}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{91BC9028-79EC-4BD2-BB5B-5EE001CE2E1B}" = lport=20443 | protocol=6 | dir=in | name=war thunder |
"{91BE4508-A952-451D-B48A-77C73381B80B}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{95FED4F9-FF6D-466B-91DA-2024F2E6E5F8}" = lport=7853 | protocol=6 | dir=in | name=war thunder |
"{A15C7946-2A8D-4A28-A68F-E5A91924790C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A6242DA5-00F9-4A96-BC04-4CF30FBAAA4F}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{C56B238F-2A5F-43E6-9823-3AFF715297FE}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C5F01B3A-6DEA-4D3F-9AB2-4978DB422321}" = rport=138 | protocol=17 | dir=out | app=system |
"{C8A7C5B5-0E3E-4B3F-9829-B10C2F821610}" = lport=443 | protocol=6 | dir=in | name=war thunder |
"{CF09C014-D70A-44E3-94B2-C63E2090E828}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CFDC0956-A67E-40E2-8639-C1A1DA059A61}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D0104FC5-B62E-4D53-AF10-3B1C26D4F493}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D6DC7DA4-E552-421F-82D9-6437F82AA178}" = lport=139 | protocol=6 | dir=in | app=system |
"{E13BD079-A252-4928-B622-ECE57393CC4A}" = lport=2869 | protocol=6 | dir=in | app=system |
"{E702F12D-A858-4596-91D5-A778BC22BA11}" = lport=27022 | protocol=6 | dir=in | name=war thunder |
"{F4D424C4-5452-4451-B886-27A304C32317}" = lport=7850 | protocol=6 | dir=in | name=war thunder |
"{F4FF1FD0-A107-4065-8D4D-256326209217}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FC73E331-4B85-418D-B52A-0CE608E9C570}" = rport=139 | protocol=6 | dir=out | app=system |
"{FD1135E5-2571-49F1-9A1D-D1FD218837DE}" = lport=33333 | protocol=6 | dir=in | name=war thunder |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07D21149-D4FF-471C-B071-9E0FE9668EDA}" = protocol=6 | dir=in | app=c:\program files\maxthon\bin\mxup.exe |
"{167D2C54-14DB-4AFE-B625-47EA671189BB}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1B30E0E4-1F90-42A1-B7B0-CF0633C3F46E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{1BE584B6-B8F9-473F-836E-938846495B8A}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{2BD7E028-B4A6-4B40-BC28-5F1786FDD0CB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{335705F2-481C-4923-AA3F-C67B62249491}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version7\teamviewer_service.exe |
"{3673DCF8-99C4-40F6-A346-CC65BFAC125B}" = protocol=17 | dir=in | app=c:\program files\sony mobile\update engine\sony mobile update engine.exe |
"{3BC2A5C6-AE37-4F0B-9D87-6775E8722D46}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3E3C212B-51D3-4934-A6C9-6AF16F596480}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{46752FF5-9BF2-4984-968B-EAAC42B66494}" = dir=in | app=c:\users\radek\appdata\local\torch\plugins\hola\hola_plugin.exe |
"{467A8610-5487-415C-812B-73F0AF8DDCA1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4AB8EA5D-4590-4091-98E3-BCF5397CB9B1}" = protocol=17 | dir=in | app=c:\program files\maxthon\bin\maxthon.exe |
"{4C0D6703-CA53-4580-A3D0-22E1B9BC49C4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{57DA0B07-3973-4BFA-BC16-EB1B47ABFE74}" = dir=out | app=c:\games\world_of_tanks\wotlauncher.exe |
"{581C0F6C-1E11-478F-B2F6-41ABF3B22C23}" = protocol=17 | dir=in | app=c:\program files\maxthon\bin\mxup.exe |
"{58B4EF85-A775-4BD1-9F1A-1C8E33F5E8E4}" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"{610EBBDF-43AA-40D8-8A96-FD07B1D78571}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{68D371D9-C9D5-4FC2-B5D7-4E30B10682FC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{767CA61E-7FC7-4464-9A23-D226D16BF9A1}" = protocol=6 | dir=in | app=c:\program files\maxthon\bin\maxthon.exe |
"{76884D5D-267C-4612-95DD-4D7172327E56}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{79D3C0FA-B8FE-49B1-9EC4-3BD948B2D365}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{81D9986A-5490-4D19-B05F-A4E3C025613C}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{84FCD33A-EBC8-4DBE-85C5-094142893C74}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{8E574FF1-F3E9-4E3B-9B40-535144C51F60}" = dir=in | app=c:\users\radek\appdata\local\torch\application\torch.exe |
"{9F98AE8E-75D6-42CA-9580-A308C4F43747}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{A57C91A0-FC15-4469-A365-736D293926DA}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version7\teamviewer.exe |
"{A9D158AB-6FE4-4A15-8B24-0BD7896D10EE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{ADC36552-8D9A-4E1F-86AD-D3CFDECB7709}" = protocol=6 | dir=in | app=c:\program files\sony mobile\update engine\sony mobile update engine.exe |
"{B6434F78-5738-4F76-A9F8-0E2DC751FC9E}" = dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"{B8BEECCB-4FD5-4D76-8813-8EE46E825CBE}" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"{BB7CFFC1-7E9D-4DF4-95DB-3DC99F6A2E2D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CACED96F-8AC4-46F1-9F33-7A0186E267E2}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version7\teamviewer.exe |
"{CC4A4A95-0904-4165-99F7-C66989A1EE3A}" = dir=out | app=c:\games\world_of_tanks\worldoftanks.exe |
"{D34C8690-A975-4D1B-943D-22DE45529D33}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version7\teamviewer_service.exe |
"{D3B4D40A-4B9A-4FF7-B129-4465AA832680}" = protocol=17 | dir=in | app=c:\program files\movies app\datamngr\srtool~1\ie\dtuser.exe |
"{D9D1AC7B-0B10-447F-A824-A76C1F3F7CF0}" = dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"{DD90D6DC-382B-46B9-9328-5BCF9EC61D8A}" = protocol=6 | dir=in | app=c:\program files\movies app\datamngr\srtool~1\ie\dtuser.exe |
"{FE3156AA-0304-486C-89F8-939794BD3B45}" = protocol=6 | dir=out | app=system |
"TCP Query User{386B1FD7-F3E8-4C5D-A41E-4FD061394BC8}C:\program files\java\jre1.8.0_77\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre1.8.0_77\bin\javaw.exe |
"TCP Query User{390669AE-98EB-4C5D-A429-54C38F248E3B}C:\games\world_of_warships\wowslauncher.exe" = protocol=6 | dir=in | app=c:\games\world_of_warships\wowslauncher.exe |
"TCP Query User{83BDF750-B9DA-4350-9FC2-808274370421}C:\program files\flatout\flatout.exe" = protocol=6 | dir=in | app=c:\program files\flatout\flatout.exe |
"TCP Query User{9D241028-3836-43DF-8E5A-A97F44965CC1}C:\program files\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe |
"TCP Query User{EE09D9EE-0BCE-42A0-94FD-01AE5154D4C9}C:\program files\myphoneexplorer\myphoneexplorer.exe" = protocol=6 | dir=in | app=c:\program files\myphoneexplorer\myphoneexplorer.exe |
"TCP Query User{FF21BF30-330A-493A-BF1A-D6B96D8E34CD}C:\totalcmd\totalcmd.exe" = protocol=6 | dir=in | app=c:\totalcmd\totalcmd.exe |
"UDP Query User{7C1EE2B2-7D21-4BFC-B1C6-A1F72D5B9C6D}C:\program files\myphoneexplorer\myphoneexplorer.exe" = protocol=17 | dir=in | app=c:\program files\myphoneexplorer\myphoneexplorer.exe |
"UDP Query User{8E7DA1B5-F3B1-4736-93A5-7663D389AC0D}C:\program files\flatout\flatout.exe" = protocol=17 | dir=in | app=c:\program files\flatout\flatout.exe |
"UDP Query User{A38940E0-A684-4E32-AA8F-9D632F3681E7}C:\program files\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe |
"UDP Query User{AABCA1D4-0A00-4631-A310-7CF81CF57A4C}C:\program files\java\jre1.8.0_77\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre1.8.0_77\bin\javaw.exe |
"UDP Query User{D06E5B40-D378-4443-9418-6F8DE8ADED0D}C:\totalcmd\totalcmd.exe" = protocol=17 | dir=in | app=c:\totalcmd\totalcmd.exe |
"UDP Query User{D581F1FA-1E18-4E24-9A84-8742805E01FB}C:\games\world_of_warships\wowslauncher.exe" = protocol=17 | dir=in | app=c:\games\world_of_warships\wowslauncher.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03D562B5-C4E2-4846-A920-33178788BE00}" = Windows Live Communications Platform
"{0F929651-F516-4956-90F2-FFBD2CD5D30E}" = Photo Gallery
"{0FF9CC94-EF23-401E-BDBD-37403D1A2B38}" = Windows Live SOXE Definitions
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{15F16DD9-670C-4B8F-9F92-BC358AB814BD}" = Windows Live Family Safety
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23AAEBF8-12B1-43EA-B75D-CDC613CA6CB4}" = Photo Common
"{26A24AE4-039D-4CA4-87B4-2F83218077F0}" = Java 8 Update 77
"{379A0618-EF50-423C-9637-EEB2D25A4BB4}" = Movie Maker
"{3911CF56-9EF2-39BA-846A-C27BD3CD0685}" = Microsoft .NET Framework 4.5.2
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{45898170-E68C-4F02-AA35-C2186BF347A3}" = Movie Maker
"{49A30D6B-CCD8-4741-91FD-0E3FCC0D3A13}_is1" = Ztracený poklad 1.2
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5A0EE0F0-E909-4F3B-B437-AAD9252427CB}" = Windows Live Installer
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{69EDC871-8A8A-34A8-B511-FF7CE3C4B0B7}" = Microsoft .NET Framework 4.5.2 (CSY)
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6B6923B9-8719-425B-916C-CD2908F31AAF}" = Windows Live SOXE
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{8256F87F-8554-4457-8C3D-3F3324697D9F}" = Windows Live ID Sign-in Assistant
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{90850405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.5.2 (čeština)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.2
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{9976E0BD-56A6-4A32-8597-B80FCE62063A}" = Windows Live Essentials
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A8C4BCA1-00FE-4CC4-B8E4-E56CEA270C89}" = Intel(R) Biometric and Context Agent
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAA94EAA-40A4-458C-9D86-D1DA765B51D5}" = Windows Live Writer
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.07) - Czech
"{AEA7CE08-09DC-4186-99FD-66A26F3B8B21}" = Fotogalerie
"{B286BAC3-CBE6-4854-BF68-EB72A34CEA56}" = Windows Live Messenger
"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6
"{B6FF40EA-AEF2-46FF-9516-9A6512901B97}" = Windows Live Mail
"{BADEEBDE-ABAF-4650-9149-51614651A1A0}" = Windows Live Writer Resources
"{BF286606-9E68-472C-BAEA-41162F2BF4D1}" = Windows Live Family Safety
"{C6B0EE9E-2128-4448-B7AE-5E2B46E0F0E7}" = Windows Live Photo Common
"{C82E0493-CDCF-4583-8DAE-59CC7EC4B2FE}" = Windows Live Messenger
"{CEE2613D-3B53-4447-BA2D-E88C08272581}" = LibreOffice 3.3
"{D310DD60-9EF2-4C9C-AD66-A58185A1C7CB}" = Windows Live UX Platform Language Pack
"{D604900F-A275-416C-AF9D-CDEDF58B72DB}" = Windows Live Mail
"{D642E38E-0D24-486C-9A2D-E316DD696F4B}" = Microsoft XML Parser
"{D8E4163F-7ED2-429A-B8C5-C7CE5B797831}" = Windows Live MIME IFilter
"{D9C4202E-6D51-4B06-A8F1-22316E654BCA}" = Universal Adb Driver
"{DD17408A-4066-45D6-8F83-F329C3AFAA6D}" = Intel(R) Biometric and Context Agent Redistributables
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3445598-4424-4EE2-B71C-C23325F7FB71}" = Windows Live PIMT Platform
"{E5603D65-60FC-47A6-AAC3-D5448227E963}" = Windows Live Writer
"{EFBCA571-617D-484A-9ECA-E301BB6D0750}" = Windows Live Writer
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.303
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver
"{F0E58739-2B4C-498F-9B0D-FF0F2FD52B61}" = Windows Live UX Platform
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}" = Update Manager
"{f65db027-aff3-4070-886a-0d87064aabb1}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
"{F6F30C28-38AA-4DBA-AE0B-7E30238E61BB}" = Junk Mail filter update
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 19 ActiveX
"Adobe Flash Player NPAPI" = Adobe Flash Player 21 NPAPI
"Adobe Shockwave Player" = Adobe Shockwave Player 12.2
"Avast" = Avast Free Antivirus
"CCleaner" = CCleaner
"FormatFactory" = FormatFactory 2.96
"Fotolab Fotosvet" = Fotolab Fotosvet
"GIMP-2_is1" = GIMP 2.8.14
"Google Chrome" = Google Chrome
"HappyFoto-Designer_is1" = HF Designer 5.2
"imeshkoyotesoftmoviestoolbarFF" = Movies Search App for Firefox (Dist. by Koyote-Lab, Inc.)
"imeshkoyotesoftmoviestoolbarIE" = Movies Search App for Internet Explorer (Dist. by Koyote-Lab, Inc.)
"IrfanView" = IrfanView (remove only)
"KitchenDraw 5.0" = KitchenDraw 5.0
"KitchenDraw_is1" = KitchenDraw 6.0
"Mozilla Firefox 46.0.1 (x86 cs)" = Mozilla Firefox 46.0.1 (x86 cs)
"Mozilla Sunbird (0.9)" = Mozilla Sunbird (0.9)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MPE" = MyPhoneExplorer
"Optimik_is1" = Optimik 2.36c
"Ovečky" = Ovečky
"SafeZone 1.48.2066.101" = SafeZone Stable 1.48.2066.101
"Samsung Printer Live Update" = Samsung Printer Live Update
"Smart File Advisor_is1" = Smart File Advisor 1.1.6
"Tajemná písmena" = Tajemná písmena
"Tajuplný ostrov" = Tajuplný ostrov
"TeamViewer 7" = TeamViewer 7
"Totalcmd" = Total Commander (Remove or Repair)
"TrueKey" = Intel Security True Key
"Turtix" = Turtix
"Update Engine" = Sony Mobile Update Engine
"Usbfix" = UsbFix
"VLC media player" = VLC media player
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.20 (32-bit)
"ZhornStickies" = Stickies 7.1a
"ZonerPhotoStudio16_CZ_is1" = Zoner Photo Studio 16
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-13920682-1251540043-472326298-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1" = World of Tanks
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C814eu}_is1" = World of Warships
"SeznamInstall" = Seznam Software
"SquareClock_Production_Home_Siko_Web" = Siko Web Kitchen Planner
"Torch" = Torch
"UnityWebPlayer" = Unity Web Player
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 29.5.2016 4:40:47 | Computer Name = Radek-PC | Source = System Restore | ID = 8193
Description =
Error - 29.5.2016 15:00:14 | Computer Name = Radek-PC | Source = System Restore | ID = 8193
Description =
Error - 30.5.2016 17:21:44 | Computer Name = Radek-PC | Source = System Restore | ID = 8193
Description =
Error - 30.5.2016 18:00:01 | Computer Name = Radek-PC | Source = System Restore | ID = 8193
Description =
Error - 31.5.2016 1:27:25 | Computer Name = Radek-PC | Source = System Restore | ID = 8193
Description =
Error - 31.5.2016 20:04:19 | Computer Name = Radek-PC | Source = System Restore | ID = 8193
Description =
Error - 2.6.2016 14:48:51 | Computer Name = Radek-PC | Source = System Restore | ID = 8193
Description =
Error - 3.6.2016 9:04:49 | Computer Name = Radek-PC | Source = System Restore | ID = 8193
Description =
Error - 5.6.2016 3:44:27 | Computer Name = Radek-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: kd_app.exe, verze: 0.0.0.0, časové razítko:
0x7acc478b Název chybujícího modulu: USER32.dll, verze: 6.1.7601.19061, časové razítko:
0x56423964 Kód výjimky: 0xc0000005 Posun chyby: 0x00014065 ID chybujícího procesu:
0x1694 Čas spuštění chybující aplikace: 0x01d1befe100d7f02 Cesta k chybující aplikaci:
C:\KD\kd_app.exe Cesta k chybujícímu modulu: C:\Windows\system32\USER32.dll ID zprávy:
53f7453a-2af1-11e6-b8ca-50e54920e336
Error - 7.6.2016 12:17:21 | Computer Name = Radek-PC | Source = System Restore | ID = 8193
Description =
[ System Events ]
Error - 5.6.2016 2:56:04 | Computer Name = Radek-PC | Source = Service Control Manager | ID = 7001
Description = Služba Protokol PNRP (Peer Name Resolution Protocol) závisí na službě
Správce identit sítě rovnocenných počítačů, která neuspěla při spuštění v důsledku
následující chyby: %%1053
Error - 5.6.2016 6:01:44 | Computer Name = Radek-PC | Source = Service Control Manager | ID = 7000
Description = Služba Service Installer TrueKey neuspěla při spuštění v důsledku
následující chyby: %%2
Error - 5.6.2016 12:09:51 | Computer Name = Radek-PC | Source = Service Control Manager | ID = 7000
Description = Služba Service Installer TrueKey neuspěla při spuštění v důsledku
následující chyby: %%2
Error - 6.6.2016 12:50:45 | Computer Name = Radek-PC | Source = Service Control Manager | ID = 7000
Description = Služba Service Installer TrueKey neuspěla při spuštění v důsledku
následující chyby: %%2
Error - 7.6.2016 12:12:05 | Computer Name = Radek-PC | Source = Service Control Manager | ID = 7000
Description = Služba Service Installer TrueKey neuspěla při spuštění v důsledku
následující chyby: %%2
Error - 7.6.2016 12:37:12 | Computer Name = Radek-PC | Source = Service Control Manager | ID = 7000
Description = Služba Service Installer TrueKey neuspěla při spuštění v důsledku
následující chyby: %%2
Error - 7.6.2016 13:01:16 | Computer Name = Radek-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk2\DR3.
Error - 7.6.2016 13:01:16 | Computer Name = Radek-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk2\DR3.
Error - 7.6.2016 13:01:17 | Computer Name = Radek-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk2\DR3.
Error - 7.6.2016 13:01:17 | Computer Name = Radek-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk2\DR3.
< End of report >
Re: Prosím kontrolu logu, pc nezobrazuje obsah flash pamětí
L logfile created on: 7.6.2016 21:46:05 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Radek\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18314)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,22 Gb Total Physical Memory | 1,65 Gb Available Physical Memory | 51,43% Memory free
6,43 Gb Paging File | 4,81 Gb Available in Paging File | 74,79% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 596,07 Gb Total Space | 226,66 Gb Free Space | 38,02% Space Free | Partition Type: NTFS
Drive D: | 109,77 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive E: | 244,14 Gb Total Space | 2,42 Gb Free Space | 0,99% Space Free | Partition Type: NTFS
Drive F: | 221,62 Gb Total Space | 15,89 Gb Free Space | 7,17% Space Free | Partition Type: NTFS
Computer Name: RADEK-PC | User Name: Radek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2016.06.07 21:44:04 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Radek\Downloads\OTL.exe
PRC - [2016.06.07 18:41:09 | 007,391,632 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2016.06.07 18:41:08 | 000,243,296 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2016.05.16 15:26:56 | 000,016,792 | ---- | M] (McAfee, Inc.) -- C:\Program Files\TrueKey\McTkSchedulerService.exe
PRC - [2016.05.16 15:26:28 | 000,879,952 | ---- | M] (McAfee, Inc.) -- C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
PRC - [2016.05.13 19:43:00 | 006,690,008 | ---- | M] (Piriform Ltd) -- C:\Program Files\CCleaner\CCleaner.exe
PRC - [2016.05.03 05:30:33 | 000,392,136 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2016.03.20 22:57:26 | 000,927,256 | ---- | M] (Oracle Corporation) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2016.01.22 07:12:59 | 002,973,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2015.11.25 14:25:08 | 002,353,816 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\BCA\pabeSvc.exe
PRC - [2015.05.26 13:38:58 | 000,457,384 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
PRC - [2014.12.18 23:18:39 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2014.10.10 23:54:12 | 000,655,472 | ---- | M] (Filefacts.net) -- C:\Program Files\Smart File Advisor\SFAUpdater.exe
PRC - [2014.02.24 02:11:59 | 001,216,520 | ---- | M] (TorchMedia Inc.) -- C:\Users\Radek\AppData\Local\Torch\Update\TorchCrashHandler.exe
PRC - [2010.11.20 14:16:56 | 000,776,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\calc.exe
PRC - [2009.12.23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
========== Modules (No Company Name) ==========
MOD - [2016.06.07 18:41:11 | 040,539,648 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2016.06.07 18:41:09 | 000,479,680 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\ffl2.dll
MOD - [2016.06.07 18:41:09 | 000,135,816 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
MOD - [2016.06.07 18:41:09 | 000,123,344 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\log.dll
MOD - [2015.05.26 13:38:58 | 000,457,384 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
MOD - [2015.05.26 13:38:34 | 000,862,888 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\Seznam.cz\bin\lightspeed.dll
MOD - [2015.05.26 13:37:42 | 000,078,504 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\Seznam.cz\bin\9984libfoxloader.dll
MOD - [2015.02.17 10:35:00 | 000,764,416 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\Seznam.cz\bin\libchinst.dll
========== Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe -- (InstallerService)
SRV - [2016.06.07 18:41:08 | 000,243,296 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2016.05.16 15:36:10 | 000,073,968 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe -- (TrueKeyServiceHelper)
SRV - [2016.05.16 15:26:56 | 000,016,792 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\TrueKey\McTkSchedulerService.exe -- (TrueKeyScheduler)
SRV - [2016.05.16 15:26:28 | 000,879,952 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe -- (TrueKey)
SRV - [2016.05.03 05:31:11 | 000,146,888 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2016.04.23 05:58:39 | 000,102,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2016.04.02 20:03:28 | 000,269,504 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2015.11.25 14:25:08 | 002,353,816 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\BCA\pabeSvc.exe -- (IntelBCAsvc)
SRV - [2015.07.22 19:53:34 | 000,937,984 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\diagtrack.dll -- (DiagTrack)
SRV - [2015.06.10 11:11:26 | 000,155,520 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2014.02.24 02:11:59 | 001,216,520 | ---- | M] (TorchMedia Inc.) [Auto | Running] -- C:\Users\Radek\AppData\Local\Torch\Update\TorchCrashHandler.exe -- (TorchCrashHandler)
SRV - [2013.12.21 08:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.05.27 06:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012.10.19 12:23:13 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2012.08.31 16:02:03 | 002,754,984 | ---- | M] (TeamViewer GmbH) [Disabled | Stopped] -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2012.01.05 17:42:34 | 000,075,624 | ---- | M] (Alcohol Soft Development Team) [Auto | Stopped] -- C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe -- (AxAutoMntSrv)
SRV - [2009.12.23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\EtronXHCI.sys -- (EtronXHCI)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\EtronHub3.sys -- (EtronHub3)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (at1a26cf)
DRV - [2016.06.07 18:44:39 | 000,035,096 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2016.06.07 18:41:12 | 000,449,640 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2016.06.07 18:41:12 | 000,221,368 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2016.06.07 18:41:12 | 000,124,808 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\aswStm.sys -- (aswStm)
DRV - [2016.06.07 18:41:12 | 000,091,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2016.06.07 18:41:12 | 000,091,168 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2016.06.07 18:41:12 | 000,058,776 | ---- | M] (AVAST Software) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2016.06.07 18:41:12 | 000,032,792 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\aswHwid.sys -- (aswHwid)
DRV - [2016.06.07 18:41:07 | 000,815,792 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2016.01.02 17:58:08 | 000,040,504 | ---- | M] (Disc Soft Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dtliteusbbus.sys -- (dtliteusbbus)
DRV - [2016.01.02 17:57:39 | 000,026,168 | ---- | M] (Disc Soft Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dtlitescsibus.sys -- (dtlitescsibus)
DRV - [2016.01.02 17:57:37 | 000,329,384 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2015.08.14 21:36:50 | 000,026,328 | ---- | M] (Sony Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggsomc.sys -- (ggsomc)
DRV - [2015.08.14 21:36:50 | 000,013,528 | ---- | M] (Sony Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggflt.sys -- (ggflt)
DRV - [2015.06.11 19:15:04 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2014.09.03 00:08:56 | 000,052,368 | ---- | M] (StdLib) [Kernel | System | Running] -- C:\Windows\System32\drivers\{6ccfd995-07be-49cf-8ad6-1422dc08761a}Gw.sys -- ({6ccfd995-07be-49cf-8ad6-1422dc08761a}Gw)
DRV - [2013.01.15 19:54:12 | 000,025,200 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2011.05.13 03:21:06 | 000,136,808 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2011.05.13 03:21:06 | 000,121,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus)
DRV - [2011.05.13 03:21:06 | 000,114,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadserd.sys -- (ssadserd)
DRV - [2011.05.13 03:21:06 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV - [2011.05.13 03:21:04 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadadb.sys -- (androidusb)
DRV - [2010.11.20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.11.20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009.07.14 01:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\serial.sys -- (Serial)
DRV - [2008.12.18 12:13:18 | 000,025,680 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\eusk2par.sys -- (eusk2par)
DRV - [2005.08.22 14:02:02 | 000,043,968 | ---- | M] (Eutron) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\eusk3usb.sys -- (eusk3usb)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2000}: "URL" = http://www.default-search.net/search?si ... earchTerms}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2418}: "URL" = http://dts.search.ask.com/sr?src=ieb&gc ... earchTerms}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2498}: "URL" = http://www.default-search.net/search?si ... earchTerms}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-13920682-1251540043-472326298-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-13920682-1251540043-472326298-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-13920682-1251540043-472326298-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-13920682-1251540043-472326298-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-13920682-1251540043-472326298-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-13920682-1251540043-472326298-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-13920682-1251540043-472326298-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-13920682-1251540043-472326298-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IESR02
IE - HKU\S-1-5-21-13920682-1251540043-472326298-1000\..\SearchScopes\{11D54CF3-10F6-4549-8C55-785087FAC7C9}: "URL" = http://tv.seznam.cz/hledej?w={searchTer ... arch_14875
IE - HKU\S-1-5-21-13920682-1251540043-472326298-1000\..\SearchScopes\{5CE01EB5-4E04-4D4D-8965-6CD331552D92}: "URL" = http://search.seznam.cz/?q={searchTerms ... arch_12454
IE - HKU\S-1-5-21-13920682-1251540043-472326298-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searcer ... arch_14875
IE - HKU\S-1-5-21-13920682-1251540043-472326298-1000\..\SearchScopes\{89B320DA-9286-4AB7-B6F3-89F06757AFF4}: "URL" = http://www.google.com/search?q={searchT ... f8&oe=utf8
IE - HKU\S-1-5-21-13920682-1251540043-472326298-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2000}: "URL" = http://www.default-search.net/search?si ... earchTerms}
IE - HKU\S-1-5-21-13920682-1251540043-472326298-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2418}: "URL" = http://dts.search.ask.com/sr?src=ieb&gc ... earchTerms}
IE - HKU\S-1-5-21-13920682-1251540043-472326298-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2498}: "URL" = http://www.default-search.net/search?si ... earchTerms}
IE - HKU\S-1-5-21-13920682-1251540043-472326298-1000\..\SearchScopes\{BB6AA2F5-EF82-4A75-BFEF-357030F1FB54}: "URL" = http://websearch.ask.com/redirect?clien ... DD14218EDD
IE - HKU\S-1-5-21-13920682-1251540043-472326298-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.countryCode: "CZ"
FF - prefs.js..browser.search.region: "CZ"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:46.0.1
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_21_0_0_197.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1221171.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.77.2: C:\Program Files\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.77.2: C:\Program Files\Java\jre1.8.0_77\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3508.0205: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\TorchVLC: C:\Users\Radek\AppData\Local\Torch\Plugins\Video\VLC\npvlc.dll (VideoLAN)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Radek\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2016.06.07 18:41:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 46.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 46.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Sunbird 0.9\extensions\\Components: C:\Program Files\Mozilla Sunbird\components [2014.01.14 18:43:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Sunbird 0.9\extensions\\Plugins: C:\Program Files\Mozilla Sunbird\plugins
[2011.09.19 11:26:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Radek\AppData\Roaming\Mozilla\Extensions
[2016.05.11 15:36:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\fqxs8r1t.default-1462973134106\extensions
[2014.01.14 18:43:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Radek\AppData\Roaming\Mozilla\Sunbird\Profiles\9t981bs4.default\extensions
[2016.05.28 11:23:03 | 000,006,303 | ---- | M] () (No name found) -- C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\fqxs8r1t.default-1462973134106\features\{67181a48-ab2e-4efe-8b1d-b3b03cbe0b5a}\e10srollout@mozilla.org.xpi
[2016.05.28 11:23:04 | 000,686,304 | ---- | M] () (No name found) -- C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\fqxs8r1t.default-1462973134106\features\{67181a48-ab2e-4efe-8b1d-b3b03cbe0b5a}\firefox@getpocket.com.xpi
[2016.05.28 11:23:05 | 002,043,369 | ---- | M] () (No name found) -- C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\fqxs8r1t.default-1462973134106\features\{67181a48-ab2e-4efe-8b1d-b3b03cbe0b5a}\loop@mozilla.org.xpi
[2016.05.11 15:20:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
O1 HOSTS File: ([2016.05.11 15:15:07 | 000,000,826 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (True Key Helper) - {0F4B8786-5502-4803-8EBC-F652A1153BB6} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll (Intel Security)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_77\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_77\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - {1EA00BE1-6E54-4E2A-8099-680300BF23E1} - No CLSID value found.
O3 - HKLM\..\Toolbar: (True Key) - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll (Intel Security)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\S-1-5-21-13920682-1251540043-472326298-1000\..\Toolbar\WebBrowser: (no name) - {34AB3C4C-DA1A-4067-96F4-31452C7CFE65} - No CLSID value found.
O3 - HKU\S-1-5-21-13920682-1251540043-472326298-1000\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Minecraft] wscript.exe //B "C:\Users\Radek\AppData\Roaming\Minecraft.vbs" File not found
O4 - HKLM..\Run: [seznam-listicka-distribuce] C:\Program Files\Seznam.cz\distribution\szninstall.exe ()
O4 - HKLM..\Run: [SFAUpdater] C:\Program Files\Smart File Advisor\SFAUpdater.exe (Filefacts.net)
O4 - HKLM..\Run: [Smart File Advisor] C:\Program Files\Smart File Advisor\sfa.exe (Filefacts.net)
O4 - HKU\S-1-5-21-13920682-1251540043-472326298-1000..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-13920682-1251540043-472326298-1000..\Run: [cz.seznam.software.autoupdate] C:\Users\Radek\AppData\Roaming\Seznam.cz\szninstall.exe ()
O4 - HKU\S-1-5-21-13920682-1251540043-472326298-1000..\Run: [cz.seznam.software.szndesktop] C:\Users\Radek\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe ()
O4 - HKU\S-1-5-21-13920682-1251540043-472326298-1000..\Run: [Minecraft] wscript.exe //B "C:\Users\Radek\AppData\Roaming\Minecraft.vbs" File not found
O4 - HKU\.DEFAULT..\RunOnce: [SPReview] C:\Windows\System32\SPReview\SPReview.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [SPReview] C:\Windows\System32\SPReview\SPReview.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Radek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Minecraft.vbs ()
F3 - HKU\S-1-5-21-13920682-1251540043-472326298-1000 WinNT: Load - (cmd /c) - C:\Windows\System32\cmd.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-13920682-1251540043-472326298-1000\..Trusted Domains: localhost ([]http in Internet)
O15 - HKU\S-1-5-21-13920682-1251540043-472326298-1000\..Trusted Domains: samsungsetup.com ([www] http in Důvěryhodné weby)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BD7B00FB-A18D-4569-A16E-C8CED458A970}: DhcpNameServer = 192.168.0.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-13920682-1251540043-472326298-1000 Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2015.09.25 21:07:52 | 000,000,000 | RHSD | M] - C:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2015.09.25 21:07:52 | 000,000,000 | RHSD | M] - E:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2015.09.25 21:07:52 | 000,000,000 | RHSD | M] - F:\Autorun.inf -- [ NTFS ]
O33 - MountPoints2\{00b32511-b15e-11e5-a174-50e54920e336}\Shell - "" = AutoRun
O33 - MountPoints2\{00b32511-b15e-11e5-a174-50e54920e336}\Shell\AutoRun\command - "" = J:\autorun.exe
O33 - MountPoints2\{bf512bc3-5d54-11e2-86c2-50e54920e336}\Shell - "" = AutoRun
O33 - MountPoints2\{bf512bc3-5d54-11e2-86c2-50e54920e336}\Shell\AutoRun\command - "" = H:\Startme.exe
O33 - MountPoints2\I\Shell - "" = AutoRun
O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\autorun.exe
O33 - MountPoints2\J\Shell - "" = AutoRun
O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: x64 - (c:\program files\movies app\datamngr\x64\apcrtldr.dll) - File not found
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv50 - C:\Program Files\SPlayer\ir50_32.dll (Intel Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2016.06.07 18:44:40 | 000,035,096 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswKbd.sys
[2016.06.07 18:43:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2016.06.07 18:42:59 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2016.06.07 18:42:40 | 000,000,000 | ---D | C] -- C:\Users\Radek\AppData\Roaming\AVAST Software
[2016.06.07 18:42:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
[2016.06.07 18:41:54 | 000,124,808 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswStm.sys
[2016.06.07 18:41:53 | 000,449,640 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2016.06.07 18:41:53 | 000,221,368 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswVmm.sys
[2016.06.07 18:41:53 | 000,058,776 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRvrt.sys
[2016.06.07 18:41:52 | 000,091,168 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2016.06.07 18:41:52 | 000,032,792 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswHwid.sys
[2016.06.07 18:41:51 | 000,091,232 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2016.06.07 18:41:50 | 000,815,792 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2016.06.07 18:41:30 | 000,334,280 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2016.06.07 18:41:09 | 000,052,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2016.06.07 18:40:07 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2016.06.07 18:22:12 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2016.06.07 18:22:12 | 000,000,000 | ---D | C] -- C:\rsit
[2016.06.05 22:01:35 | 000,000,000 | ---D | C] -- C:\Users\Radek\AppData\Local\SquareClock.Production_Home_Siko_Web
[2016.05.11 15:25:40 | 000,000,000 | ---D | C] -- C:\Users\Radek\Desktop\Původní data aplikace Firefox
[2016.05.11 15:20:56 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2016.05.11 15:16:37 | 000,000,000 | ---D | C] -- C:\Users\Radek\AppData\Roaming\Google
[2016.05.11 15:13:46 | 000,000,000 | ---D | C] -- C:\Users\Radek\AppData\Roaming\TeamViewer
[2016.05.11 12:46:35 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jnwmon.dll
[2016.05.11 12:46:33 | 000,603,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2016.05.11 12:46:03 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\InkEd.dll
[2016.05.11 12:46:01 | 002,397,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2016.05.11 12:45:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2016.05.11 12:45:50 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe
[2016.05.11 12:45:50 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\JavaScriptCollectionAgent.dll
[2016.05.11 12:45:50 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll
[2016.05.11 12:45:50 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2016.05.11 12:45:49 | 000,689,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2016.05.11 12:45:49 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe
[2016.05.11 12:45:49 | 000,346,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2016.05.11 12:45:49 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2016.05.11 12:45:48 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2016.05.11 12:45:48 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll
[2016.05.11 12:45:48 | 000,416,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2016.05.11 12:45:48 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2016.05.11 12:45:48 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2016.05.11 12:45:47 | 002,724,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2016.05.11 12:45:47 | 000,693,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2016.05.11 12:45:46 | 002,056,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2016.05.11 12:45:46 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2016.05.11 12:45:46 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2016.05.11 12:45:45 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll
[2016.05.11 12:45:44 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2016.05.11 12:45:44 | 000,279,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2016.05.11 12:45:42 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2016.05.11 12:45:41 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll
[2016.05.11 12:45:40 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MshtmlDac.dll
[2016.05.11 12:45:38 | 004,611,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2016.05.11 12:45:21 | 003,998,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2016.05.11 12:45:20 | 003,943,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2016.05.11 12:45:17 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2016.05.11 12:45:17 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2016.05.11 12:45:17 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpchttp.dll
[2016.05.11 12:45:16 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2016.05.11 12:45:16 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apisetschema.dll
[2016.05.11 12:45:15 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adtschema.dll
[2016.05.11 12:45:15 | 000,262,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
[2016.05.11 12:45:15 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msaudite.dll
[2016.05.11 12:45:15 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\appidpolicyconverter.exe
[2016.05.11 12:45:15 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msobjs.dll
[2016.05.11 12:45:15 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\appidapi.dll
[2016.05.11 12:45:15 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setbcdlocale.dll
[2016.05.11 12:45:15 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\auditpol.exe
[2016.05.11 12:45:15 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\appidcertstorecheck.exe
[2016.05.11 12:45:15 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sspisrv.dll
[2016.05.11 12:45:04 | 000,218,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgmms1.sys
[2016.05.11 12:45:04 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2016.05.10 20:38:29 | 000,000,000 | ---D | C] -- C:\Users\Radek\AppData\Local\AVAST Software
[2016.05.10 19:38:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2016.05.09 16:11:41 | 000,000,000 | ---D | C] -- C:\Users\Radek\Desktop\Mobile všešcky
[2015.11.02 22:01:46 | 001,691,304 | ---- | C] (Mozilla Foundation) -- C:\Users\Radek\AppData\Roaming\nss3.dll
[2015.11.02 22:01:46 | 000,970,912 | ---- | C] (Microsoft Corporation) -- C:\Users\Radek\AppData\Roaming\msvcr120.dll
[2015.11.02 22:01:46 | 000,455,328 | ---- | C] (Microsoft Corporation) -- C:\Users\Radek\AppData\Roaming\msvcp120.dll
[2015.11.02 22:00:22 | 000,095,232 | ---- | C] (Spark) -- C:\ProgramData\svhost
[2015.11.02 22:00:14 | 000,095,232 | ---- | C] (Spark) -- C:\Users\Radek\AppData\Roaming\novonj.exe
[2015.11.02 22:00:10 | 000,233,984 | ---- | C] (BernyR) -- C:\Users\Radek\AppData\Roaming\tetro.exe
[2015.11.02 22:00:05 | 000,261,120 | ---- | C] (Gretech Corporation) -- C:\Users\Radek\AppData\Roaming\444.exe
[2015.11.02 22:00:02 | 000,388,608 | ---- | C] (Techland) -- C:\Users\Radek\AppData\Roaming\111 (2).exe
[2015.11.02 21:59:58 | 000,186,880 | ---- | C] (BernyR) -- C:\Users\Radek\AppData\Roaming\1njnoco.exe
[2013.02.24 19:48:24 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Radek\AppData\Roaming\pcouffin.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2016.06.07 21:48:04 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2016.06.07 21:48:00 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2016.06.07 21:16:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2016.06.07 19:02:36 | 000,668,542 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2016.06.07 19:02:36 | 000,653,930 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2016.06.07 19:02:36 | 000,141,202 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2016.06.07 19:02:36 | 000,121,802 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2016.06.07 18:55:58 | 000,017,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2016.06.07 18:55:58 | 000,017,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2016.06.07 18:47:31 | 000,001,078 | ---- | M] () -- C:\Users\Public\Desktop\Avast SafeZone Browser.lnk
[2016.06.07 18:46:47 | 000,002,089 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2016.06.07 18:44:39 | 000,035,096 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswKbd.sys
[2016.06.07 18:43:00 | 000,000,921 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2016.06.07 18:42:27 | 000,002,031 | ---- | M] () -- C:\Users\Public\Desktop\Avast Free Antivirus.lnk
[2016.06.07 18:41:12 | 000,449,640 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2016.06.07 18:41:12 | 000,221,368 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswVmm.sys
[2016.06.07 18:41:12 | 000,124,808 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswStm.sys
[2016.06.07 18:41:12 | 000,091,232 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2016.06.07 18:41:12 | 000,091,168 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2016.06.07 18:41:12 | 000,058,776 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRvrt.sys
[2016.06.07 18:41:12 | 000,032,792 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswHwid.sys
[2016.06.07 18:41:09 | 000,334,280 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2016.06.07 18:41:09 | 000,052,184 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2016.06.07 18:41:07 | 000,815,792 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2016.06.07 18:37:13 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2016.06.07 18:37:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2016.06.07 18:37:02 | 2589,270,016 | -HS- | M] () -- C:\hiberfil.sys
[2016.06.07 18:22:05 | 001,107,968 | ---- | M] () -- C:\Users\Radek\Desktop\RSIT.exe
[2016.06.05 22:02:13 | 000,002,194 | ---- | M] () -- C:\Users\Radek\Desktop\Siko Web Kitchen Planner.lnk
[2016.06.05 11:46:40 | 000,134,589 | ---- | M] () -- C:\Users\Radek\Desktop\půdorys frýša.jpg
[2016.06.05 11:46:05 | 000,091,204 | ---- | M] () -- C:\Users\Radek\Desktop\kuchyn frýša.jpg
[2016.06.05 11:45:46 | 000,001,000 | --S- | M] () -- C:\Users\Public\Documents\mssystem.cfg
[2016.05.11 15:21:01 | 000,001,061 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2016.05.11 15:09:40 | 000,300,384 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2016.06.07 21:48:04 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2016.06.07 18:47:31 | 000,001,078 | ---- | C] () -- C:\Users\Public\Desktop\Avast SafeZone Browser.lnk
[2016.06.07 18:47:31 | 000,001,078 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
[2016.06.07 18:46:47 | 000,002,101 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
[2016.06.07 18:46:47 | 000,002,089 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2016.06.07 18:43:00 | 000,000,921 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2016.06.07 18:42:27 | 000,002,031 | ---- | C] () -- C:\Users\Public\Desktop\Avast Free Antivirus.lnk
[2016.06.07 18:22:02 | 001,107,968 | ---- | C] () -- C:\Users\Radek\Desktop\RSIT.exe
[2016.06.05 22:02:13 | 000,002,194 | ---- | C] () -- C:\Users\Radek\Desktop\Siko Web Kitchen Planner.lnk
[2016.06.05 11:46:40 | 000,134,589 | ---- | C] () -- C:\Users\Radek\Desktop\půdorys frýša.jpg
[2016.06.05 11:46:05 | 000,091,204 | ---- | C] () -- C:\Users\Radek\Desktop\kuchyn frýša.jpg
[2016.05.11 15:21:01 | 000,001,073 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2016.05.11 15:21:01 | 000,001,061 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2016.03.29 20:31:02 | 000,116,837 | ---- | C] () -- C:\Users\Radek\AppData\Roaming\Minecraft.vbs
[2016.01.23 11:07:45 | 000,005,389 | ---- | C] () -- C:\Users\Radek\AppData\Local\recently-used.xbel
[2016.01.11 08:26:55 | 000,300,384 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2015.11.21 14:14:45 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2014.12.17 10:56:42 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2014.12.17 10:54:49 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2014.07.18 23:15:38 | 000,018,280 | ---- | C] () -- C:\Windows\System32\roboot.exe
[2014.03.08 11:57:01 | 000,005,319 | ---- | C] () -- C:\Users\Radek\AppData\Roaming\froggy_scorebox
[2014.03.08 11:57:01 | 000,000,906 | ---- | C] () -- C:\Users\Radek\AppData\Roaming\pl_accounts.pl_acc
[2014.03.08 11:57:01 | 000,000,556 | ---- | C] () -- C:\Users\Radek\AppData\Roaming\Troll.options
[2014.01.21 23:01:03 | 000,021,504 | ---- | C] () -- C:\Users\Radek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.02.24 19:48:24 | 000,087,608 | ---- | C] () -- C:\Users\Radek\AppData\Roaming\inst.exe
[2013.02.24 19:48:24 | 000,007,887 | ---- | C] () -- C:\Users\Radek\AppData\Roaming\pcouffin.cat
[2013.02.24 19:48:24 | 000,001,144 | ---- | C] () -- C:\Users\Radek\AppData\Roaming\pcouffin.inf
[2012.10.19 13:25:59 | 000,000,126 | ---- | C] () -- C:\Users\Radek\AppData\Roaming\default.pls
[2011.09.19 12:06:00 | 000,001,024 | ---- | C] () -- C:\Users\Radek\.rnd
========== ZeroAccess Check ==========
[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2016.01.22 08:05:58 | 012,877,824 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Radek\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18314)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,22 Gb Total Physical Memory | 1,65 Gb Available Physical Memory | 51,43% Memory free
6,43 Gb Paging File | 4,81 Gb Available in Paging File | 74,79% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 596,07 Gb Total Space | 226,66 Gb Free Space | 38,02% Space Free | Partition Type: NTFS
Drive D: | 109,77 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive E: | 244,14 Gb Total Space | 2,42 Gb Free Space | 0,99% Space Free | Partition Type: NTFS
Drive F: | 221,62 Gb Total Space | 15,89 Gb Free Space | 7,17% Space Free | Partition Type: NTFS
Computer Name: RADEK-PC | User Name: Radek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2016.06.07 21:44:04 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Radek\Downloads\OTL.exe
PRC - [2016.06.07 18:41:09 | 007,391,632 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2016.06.07 18:41:08 | 000,243,296 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2016.05.16 15:26:56 | 000,016,792 | ---- | M] (McAfee, Inc.) -- C:\Program Files\TrueKey\McTkSchedulerService.exe
PRC - [2016.05.16 15:26:28 | 000,879,952 | ---- | M] (McAfee, Inc.) -- C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
PRC - [2016.05.13 19:43:00 | 006,690,008 | ---- | M] (Piriform Ltd) -- C:\Program Files\CCleaner\CCleaner.exe
PRC - [2016.05.03 05:30:33 | 000,392,136 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2016.03.20 22:57:26 | 000,927,256 | ---- | M] (Oracle Corporation) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2016.01.22 07:12:59 | 002,973,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2015.11.25 14:25:08 | 002,353,816 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\BCA\pabeSvc.exe
PRC - [2015.05.26 13:38:58 | 000,457,384 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
PRC - [2014.12.18 23:18:39 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2014.10.10 23:54:12 | 000,655,472 | ---- | M] (Filefacts.net) -- C:\Program Files\Smart File Advisor\SFAUpdater.exe
PRC - [2014.02.24 02:11:59 | 001,216,520 | ---- | M] (TorchMedia Inc.) -- C:\Users\Radek\AppData\Local\Torch\Update\TorchCrashHandler.exe
PRC - [2010.11.20 14:16:56 | 000,776,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\calc.exe
PRC - [2009.12.23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
========== Modules (No Company Name) ==========
MOD - [2016.06.07 18:41:11 | 040,539,648 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2016.06.07 18:41:09 | 000,479,680 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\ffl2.dll
MOD - [2016.06.07 18:41:09 | 000,135,816 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
MOD - [2016.06.07 18:41:09 | 000,123,344 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\log.dll
MOD - [2015.05.26 13:38:58 | 000,457,384 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
MOD - [2015.05.26 13:38:34 | 000,862,888 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\Seznam.cz\bin\lightspeed.dll
MOD - [2015.05.26 13:37:42 | 000,078,504 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\Seznam.cz\bin\9984libfoxloader.dll
MOD - [2015.02.17 10:35:00 | 000,764,416 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\Seznam.cz\bin\libchinst.dll
========== Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe -- (InstallerService)
SRV - [2016.06.07 18:41:08 | 000,243,296 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2016.05.16 15:36:10 | 000,073,968 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe -- (TrueKeyServiceHelper)
SRV - [2016.05.16 15:26:56 | 000,016,792 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\TrueKey\McTkSchedulerService.exe -- (TrueKeyScheduler)
SRV - [2016.05.16 15:26:28 | 000,879,952 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe -- (TrueKey)
SRV - [2016.05.03 05:31:11 | 000,146,888 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2016.04.23 05:58:39 | 000,102,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2016.04.02 20:03:28 | 000,269,504 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2015.11.25 14:25:08 | 002,353,816 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\BCA\pabeSvc.exe -- (IntelBCAsvc)
SRV - [2015.07.22 19:53:34 | 000,937,984 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\diagtrack.dll -- (DiagTrack)
SRV - [2015.06.10 11:11:26 | 000,155,520 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2014.02.24 02:11:59 | 001,216,520 | ---- | M] (TorchMedia Inc.) [Auto | Running] -- C:\Users\Radek\AppData\Local\Torch\Update\TorchCrashHandler.exe -- (TorchCrashHandler)
SRV - [2013.12.21 08:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.05.27 06:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012.10.19 12:23:13 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2012.08.31 16:02:03 | 002,754,984 | ---- | M] (TeamViewer GmbH) [Disabled | Stopped] -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2012.01.05 17:42:34 | 000,075,624 | ---- | M] (Alcohol Soft Development Team) [Auto | Stopped] -- C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe -- (AxAutoMntSrv)
SRV - [2009.12.23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\EtronXHCI.sys -- (EtronXHCI)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\EtronHub3.sys -- (EtronHub3)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (at1a26cf)
DRV - [2016.06.07 18:44:39 | 000,035,096 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2016.06.07 18:41:12 | 000,449,640 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2016.06.07 18:41:12 | 000,221,368 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2016.06.07 18:41:12 | 000,124,808 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\aswStm.sys -- (aswStm)
DRV - [2016.06.07 18:41:12 | 000,091,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2016.06.07 18:41:12 | 000,091,168 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2016.06.07 18:41:12 | 000,058,776 | ---- | M] (AVAST Software) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2016.06.07 18:41:12 | 000,032,792 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\aswHwid.sys -- (aswHwid)
DRV - [2016.06.07 18:41:07 | 000,815,792 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2016.01.02 17:58:08 | 000,040,504 | ---- | M] (Disc Soft Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dtliteusbbus.sys -- (dtliteusbbus)
DRV - [2016.01.02 17:57:39 | 000,026,168 | ---- | M] (Disc Soft Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dtlitescsibus.sys -- (dtlitescsibus)
DRV - [2016.01.02 17:57:37 | 000,329,384 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2015.08.14 21:36:50 | 000,026,328 | ---- | M] (Sony Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggsomc.sys -- (ggsomc)
DRV - [2015.08.14 21:36:50 | 000,013,528 | ---- | M] (Sony Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggflt.sys -- (ggflt)
DRV - [2015.06.11 19:15:04 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2014.09.03 00:08:56 | 000,052,368 | ---- | M] (StdLib) [Kernel | System | Running] -- C:\Windows\System32\drivers\{6ccfd995-07be-49cf-8ad6-1422dc08761a}Gw.sys -- ({6ccfd995-07be-49cf-8ad6-1422dc08761a}Gw)
DRV - [2013.01.15 19:54:12 | 000,025,200 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2011.05.13 03:21:06 | 000,136,808 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2011.05.13 03:21:06 | 000,121,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus)
DRV - [2011.05.13 03:21:06 | 000,114,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadserd.sys -- (ssadserd)
DRV - [2011.05.13 03:21:06 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV - [2011.05.13 03:21:04 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadadb.sys -- (androidusb)
DRV - [2010.11.20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.11.20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009.07.14 01:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\serial.sys -- (Serial)
DRV - [2008.12.18 12:13:18 | 000,025,680 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\eusk2par.sys -- (eusk2par)
DRV - [2005.08.22 14:02:02 | 000,043,968 | ---- | M] (Eutron) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\eusk3usb.sys -- (eusk3usb)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2000}: "URL" = http://www.default-search.net/search?si ... earchTerms}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2418}: "URL" = http://dts.search.ask.com/sr?src=ieb&gc ... earchTerms}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2498}: "URL" = http://www.default-search.net/search?si ... earchTerms}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-13920682-1251540043-472326298-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-13920682-1251540043-472326298-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-13920682-1251540043-472326298-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-13920682-1251540043-472326298-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-13920682-1251540043-472326298-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-13920682-1251540043-472326298-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-13920682-1251540043-472326298-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-13920682-1251540043-472326298-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IESR02
IE - HKU\S-1-5-21-13920682-1251540043-472326298-1000\..\SearchScopes\{11D54CF3-10F6-4549-8C55-785087FAC7C9}: "URL" = http://tv.seznam.cz/hledej?w={searchTer ... arch_14875
IE - HKU\S-1-5-21-13920682-1251540043-472326298-1000\..\SearchScopes\{5CE01EB5-4E04-4D4D-8965-6CD331552D92}: "URL" = http://search.seznam.cz/?q={searchTerms ... arch_12454
IE - HKU\S-1-5-21-13920682-1251540043-472326298-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searcer ... arch_14875
IE - HKU\S-1-5-21-13920682-1251540043-472326298-1000\..\SearchScopes\{89B320DA-9286-4AB7-B6F3-89F06757AFF4}: "URL" = http://www.google.com/search?q={searchT ... f8&oe=utf8
IE - HKU\S-1-5-21-13920682-1251540043-472326298-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2000}: "URL" = http://www.default-search.net/search?si ... earchTerms}
IE - HKU\S-1-5-21-13920682-1251540043-472326298-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2418}: "URL" = http://dts.search.ask.com/sr?src=ieb&gc ... earchTerms}
IE - HKU\S-1-5-21-13920682-1251540043-472326298-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2498}: "URL" = http://www.default-search.net/search?si ... earchTerms}
IE - HKU\S-1-5-21-13920682-1251540043-472326298-1000\..\SearchScopes\{BB6AA2F5-EF82-4A75-BFEF-357030F1FB54}: "URL" = http://websearch.ask.com/redirect?clien ... DD14218EDD
IE - HKU\S-1-5-21-13920682-1251540043-472326298-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.countryCode: "CZ"
FF - prefs.js..browser.search.region: "CZ"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:46.0.1
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_21_0_0_197.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1221171.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.77.2: C:\Program Files\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.77.2: C:\Program Files\Java\jre1.8.0_77\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3508.0205: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\TorchVLC: C:\Users\Radek\AppData\Local\Torch\Plugins\Video\VLC\npvlc.dll (VideoLAN)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Radek\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2016.06.07 18:41:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 46.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 46.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Sunbird 0.9\extensions\\Components: C:\Program Files\Mozilla Sunbird\components [2014.01.14 18:43:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Sunbird 0.9\extensions\\Plugins: C:\Program Files\Mozilla Sunbird\plugins
[2011.09.19 11:26:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Radek\AppData\Roaming\Mozilla\Extensions
[2016.05.11 15:36:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\fqxs8r1t.default-1462973134106\extensions
[2014.01.14 18:43:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Radek\AppData\Roaming\Mozilla\Sunbird\Profiles\9t981bs4.default\extensions
[2016.05.28 11:23:03 | 000,006,303 | ---- | M] () (No name found) -- C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\fqxs8r1t.default-1462973134106\features\{67181a48-ab2e-4efe-8b1d-b3b03cbe0b5a}\e10srollout@mozilla.org.xpi
[2016.05.28 11:23:04 | 000,686,304 | ---- | M] () (No name found) -- C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\fqxs8r1t.default-1462973134106\features\{67181a48-ab2e-4efe-8b1d-b3b03cbe0b5a}\firefox@getpocket.com.xpi
[2016.05.28 11:23:05 | 002,043,369 | ---- | M] () (No name found) -- C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\fqxs8r1t.default-1462973134106\features\{67181a48-ab2e-4efe-8b1d-b3b03cbe0b5a}\loop@mozilla.org.xpi
[2016.05.11 15:20:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
O1 HOSTS File: ([2016.05.11 15:15:07 | 000,000,826 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (True Key Helper) - {0F4B8786-5502-4803-8EBC-F652A1153BB6} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll (Intel Security)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_77\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_77\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - {1EA00BE1-6E54-4E2A-8099-680300BF23E1} - No CLSID value found.
O3 - HKLM\..\Toolbar: (True Key) - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll (Intel Security)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\S-1-5-21-13920682-1251540043-472326298-1000\..\Toolbar\WebBrowser: (no name) - {34AB3C4C-DA1A-4067-96F4-31452C7CFE65} - No CLSID value found.
O3 - HKU\S-1-5-21-13920682-1251540043-472326298-1000\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Minecraft] wscript.exe //B "C:\Users\Radek\AppData\Roaming\Minecraft.vbs" File not found
O4 - HKLM..\Run: [seznam-listicka-distribuce] C:\Program Files\Seznam.cz\distribution\szninstall.exe ()
O4 - HKLM..\Run: [SFAUpdater] C:\Program Files\Smart File Advisor\SFAUpdater.exe (Filefacts.net)
O4 - HKLM..\Run: [Smart File Advisor] C:\Program Files\Smart File Advisor\sfa.exe (Filefacts.net)
O4 - HKU\S-1-5-21-13920682-1251540043-472326298-1000..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-13920682-1251540043-472326298-1000..\Run: [cz.seznam.software.autoupdate] C:\Users\Radek\AppData\Roaming\Seznam.cz\szninstall.exe ()
O4 - HKU\S-1-5-21-13920682-1251540043-472326298-1000..\Run: [cz.seznam.software.szndesktop] C:\Users\Radek\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe ()
O4 - HKU\S-1-5-21-13920682-1251540043-472326298-1000..\Run: [Minecraft] wscript.exe //B "C:\Users\Radek\AppData\Roaming\Minecraft.vbs" File not found
O4 - HKU\.DEFAULT..\RunOnce: [SPReview] C:\Windows\System32\SPReview\SPReview.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [SPReview] C:\Windows\System32\SPReview\SPReview.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Radek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Minecraft.vbs ()
F3 - HKU\S-1-5-21-13920682-1251540043-472326298-1000 WinNT: Load - (cmd /c) - C:\Windows\System32\cmd.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-13920682-1251540043-472326298-1000\..Trusted Domains: localhost ([]http in Internet)
O15 - HKU\S-1-5-21-13920682-1251540043-472326298-1000\..Trusted Domains: samsungsetup.com ([www] http in Důvěryhodné weby)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BD7B00FB-A18D-4569-A16E-C8CED458A970}: DhcpNameServer = 192.168.0.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-13920682-1251540043-472326298-1000 Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2015.09.25 21:07:52 | 000,000,000 | RHSD | M] - C:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2015.09.25 21:07:52 | 000,000,000 | RHSD | M] - E:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2015.09.25 21:07:52 | 000,000,000 | RHSD | M] - F:\Autorun.inf -- [ NTFS ]
O33 - MountPoints2\{00b32511-b15e-11e5-a174-50e54920e336}\Shell - "" = AutoRun
O33 - MountPoints2\{00b32511-b15e-11e5-a174-50e54920e336}\Shell\AutoRun\command - "" = J:\autorun.exe
O33 - MountPoints2\{bf512bc3-5d54-11e2-86c2-50e54920e336}\Shell - "" = AutoRun
O33 - MountPoints2\{bf512bc3-5d54-11e2-86c2-50e54920e336}\Shell\AutoRun\command - "" = H:\Startme.exe
O33 - MountPoints2\I\Shell - "" = AutoRun
O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\autorun.exe
O33 - MountPoints2\J\Shell - "" = AutoRun
O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: x64 - (c:\program files\movies app\datamngr\x64\apcrtldr.dll) - File not found
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv50 - C:\Program Files\SPlayer\ir50_32.dll (Intel Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2016.06.07 18:44:40 | 000,035,096 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswKbd.sys
[2016.06.07 18:43:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2016.06.07 18:42:59 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2016.06.07 18:42:40 | 000,000,000 | ---D | C] -- C:\Users\Radek\AppData\Roaming\AVAST Software
[2016.06.07 18:42:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
[2016.06.07 18:41:54 | 000,124,808 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswStm.sys
[2016.06.07 18:41:53 | 000,449,640 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2016.06.07 18:41:53 | 000,221,368 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswVmm.sys
[2016.06.07 18:41:53 | 000,058,776 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRvrt.sys
[2016.06.07 18:41:52 | 000,091,168 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2016.06.07 18:41:52 | 000,032,792 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswHwid.sys
[2016.06.07 18:41:51 | 000,091,232 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2016.06.07 18:41:50 | 000,815,792 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2016.06.07 18:41:30 | 000,334,280 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2016.06.07 18:41:09 | 000,052,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2016.06.07 18:40:07 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2016.06.07 18:22:12 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2016.06.07 18:22:12 | 000,000,000 | ---D | C] -- C:\rsit
[2016.06.05 22:01:35 | 000,000,000 | ---D | C] -- C:\Users\Radek\AppData\Local\SquareClock.Production_Home_Siko_Web
[2016.05.11 15:25:40 | 000,000,000 | ---D | C] -- C:\Users\Radek\Desktop\Původní data aplikace Firefox
[2016.05.11 15:20:56 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2016.05.11 15:16:37 | 000,000,000 | ---D | C] -- C:\Users\Radek\AppData\Roaming\Google
[2016.05.11 15:13:46 | 000,000,000 | ---D | C] -- C:\Users\Radek\AppData\Roaming\TeamViewer
[2016.05.11 12:46:35 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jnwmon.dll
[2016.05.11 12:46:33 | 000,603,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2016.05.11 12:46:03 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\InkEd.dll
[2016.05.11 12:46:01 | 002,397,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2016.05.11 12:45:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2016.05.11 12:45:50 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe
[2016.05.11 12:45:50 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\JavaScriptCollectionAgent.dll
[2016.05.11 12:45:50 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll
[2016.05.11 12:45:50 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2016.05.11 12:45:49 | 000,689,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2016.05.11 12:45:49 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe
[2016.05.11 12:45:49 | 000,346,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2016.05.11 12:45:49 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2016.05.11 12:45:48 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2016.05.11 12:45:48 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll
[2016.05.11 12:45:48 | 000,416,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2016.05.11 12:45:48 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2016.05.11 12:45:48 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2016.05.11 12:45:47 | 002,724,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2016.05.11 12:45:47 | 000,693,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2016.05.11 12:45:46 | 002,056,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2016.05.11 12:45:46 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2016.05.11 12:45:46 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2016.05.11 12:45:45 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll
[2016.05.11 12:45:44 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2016.05.11 12:45:44 | 000,279,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2016.05.11 12:45:42 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2016.05.11 12:45:41 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll
[2016.05.11 12:45:40 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MshtmlDac.dll
[2016.05.11 12:45:38 | 004,611,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2016.05.11 12:45:21 | 003,998,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2016.05.11 12:45:20 | 003,943,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2016.05.11 12:45:17 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2016.05.11 12:45:17 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2016.05.11 12:45:17 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpchttp.dll
[2016.05.11 12:45:16 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2016.05.11 12:45:16 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apisetschema.dll
[2016.05.11 12:45:15 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adtschema.dll
[2016.05.11 12:45:15 | 000,262,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
[2016.05.11 12:45:15 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msaudite.dll
[2016.05.11 12:45:15 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\appidpolicyconverter.exe
[2016.05.11 12:45:15 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msobjs.dll
[2016.05.11 12:45:15 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\appidapi.dll
[2016.05.11 12:45:15 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setbcdlocale.dll
[2016.05.11 12:45:15 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\auditpol.exe
[2016.05.11 12:45:15 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\appidcertstorecheck.exe
[2016.05.11 12:45:15 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sspisrv.dll
[2016.05.11 12:45:04 | 000,218,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgmms1.sys
[2016.05.11 12:45:04 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2016.05.10 20:38:29 | 000,000,000 | ---D | C] -- C:\Users\Radek\AppData\Local\AVAST Software
[2016.05.10 19:38:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2016.05.09 16:11:41 | 000,000,000 | ---D | C] -- C:\Users\Radek\Desktop\Mobile všešcky
[2015.11.02 22:01:46 | 001,691,304 | ---- | C] (Mozilla Foundation) -- C:\Users\Radek\AppData\Roaming\nss3.dll
[2015.11.02 22:01:46 | 000,970,912 | ---- | C] (Microsoft Corporation) -- C:\Users\Radek\AppData\Roaming\msvcr120.dll
[2015.11.02 22:01:46 | 000,455,328 | ---- | C] (Microsoft Corporation) -- C:\Users\Radek\AppData\Roaming\msvcp120.dll
[2015.11.02 22:00:22 | 000,095,232 | ---- | C] (Spark) -- C:\ProgramData\svhost
[2015.11.02 22:00:14 | 000,095,232 | ---- | C] (Spark) -- C:\Users\Radek\AppData\Roaming\novonj.exe
[2015.11.02 22:00:10 | 000,233,984 | ---- | C] (BernyR) -- C:\Users\Radek\AppData\Roaming\tetro.exe
[2015.11.02 22:00:05 | 000,261,120 | ---- | C] (Gretech Corporation) -- C:\Users\Radek\AppData\Roaming\444.exe
[2015.11.02 22:00:02 | 000,388,608 | ---- | C] (Techland) -- C:\Users\Radek\AppData\Roaming\111 (2).exe
[2015.11.02 21:59:58 | 000,186,880 | ---- | C] (BernyR) -- C:\Users\Radek\AppData\Roaming\1njnoco.exe
[2013.02.24 19:48:24 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Radek\AppData\Roaming\pcouffin.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2016.06.07 21:48:04 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2016.06.07 21:48:00 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2016.06.07 21:16:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2016.06.07 19:02:36 | 000,668,542 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2016.06.07 19:02:36 | 000,653,930 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2016.06.07 19:02:36 | 000,141,202 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2016.06.07 19:02:36 | 000,121,802 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2016.06.07 18:55:58 | 000,017,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2016.06.07 18:55:58 | 000,017,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2016.06.07 18:47:31 | 000,001,078 | ---- | M] () -- C:\Users\Public\Desktop\Avast SafeZone Browser.lnk
[2016.06.07 18:46:47 | 000,002,089 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2016.06.07 18:44:39 | 000,035,096 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswKbd.sys
[2016.06.07 18:43:00 | 000,000,921 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2016.06.07 18:42:27 | 000,002,031 | ---- | M] () -- C:\Users\Public\Desktop\Avast Free Antivirus.lnk
[2016.06.07 18:41:12 | 000,449,640 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2016.06.07 18:41:12 | 000,221,368 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswVmm.sys
[2016.06.07 18:41:12 | 000,124,808 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswStm.sys
[2016.06.07 18:41:12 | 000,091,232 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2016.06.07 18:41:12 | 000,091,168 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2016.06.07 18:41:12 | 000,058,776 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRvrt.sys
[2016.06.07 18:41:12 | 000,032,792 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswHwid.sys
[2016.06.07 18:41:09 | 000,334,280 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2016.06.07 18:41:09 | 000,052,184 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2016.06.07 18:41:07 | 000,815,792 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2016.06.07 18:37:13 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2016.06.07 18:37:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2016.06.07 18:37:02 | 2589,270,016 | -HS- | M] () -- C:\hiberfil.sys
[2016.06.07 18:22:05 | 001,107,968 | ---- | M] () -- C:\Users\Radek\Desktop\RSIT.exe
[2016.06.05 22:02:13 | 000,002,194 | ---- | M] () -- C:\Users\Radek\Desktop\Siko Web Kitchen Planner.lnk
[2016.06.05 11:46:40 | 000,134,589 | ---- | M] () -- C:\Users\Radek\Desktop\půdorys frýša.jpg
[2016.06.05 11:46:05 | 000,091,204 | ---- | M] () -- C:\Users\Radek\Desktop\kuchyn frýša.jpg
[2016.06.05 11:45:46 | 000,001,000 | --S- | M] () -- C:\Users\Public\Documents\mssystem.cfg
[2016.05.11 15:21:01 | 000,001,061 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2016.05.11 15:09:40 | 000,300,384 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2016.06.07 21:48:04 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2016.06.07 18:47:31 | 000,001,078 | ---- | C] () -- C:\Users\Public\Desktop\Avast SafeZone Browser.lnk
[2016.06.07 18:47:31 | 000,001,078 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
[2016.06.07 18:46:47 | 000,002,101 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
[2016.06.07 18:46:47 | 000,002,089 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2016.06.07 18:43:00 | 000,000,921 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2016.06.07 18:42:27 | 000,002,031 | ---- | C] () -- C:\Users\Public\Desktop\Avast Free Antivirus.lnk
[2016.06.07 18:22:02 | 001,107,968 | ---- | C] () -- C:\Users\Radek\Desktop\RSIT.exe
[2016.06.05 22:02:13 | 000,002,194 | ---- | C] () -- C:\Users\Radek\Desktop\Siko Web Kitchen Planner.lnk
[2016.06.05 11:46:40 | 000,134,589 | ---- | C] () -- C:\Users\Radek\Desktop\půdorys frýša.jpg
[2016.06.05 11:46:05 | 000,091,204 | ---- | C] () -- C:\Users\Radek\Desktop\kuchyn frýša.jpg
[2016.05.11 15:21:01 | 000,001,073 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2016.05.11 15:21:01 | 000,001,061 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2016.03.29 20:31:02 | 000,116,837 | ---- | C] () -- C:\Users\Radek\AppData\Roaming\Minecraft.vbs
[2016.01.23 11:07:45 | 000,005,389 | ---- | C] () -- C:\Users\Radek\AppData\Local\recently-used.xbel
[2016.01.11 08:26:55 | 000,300,384 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2015.11.21 14:14:45 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2014.12.17 10:56:42 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2014.12.17 10:54:49 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2014.07.18 23:15:38 | 000,018,280 | ---- | C] () -- C:\Windows\System32\roboot.exe
[2014.03.08 11:57:01 | 000,005,319 | ---- | C] () -- C:\Users\Radek\AppData\Roaming\froggy_scorebox
[2014.03.08 11:57:01 | 000,000,906 | ---- | C] () -- C:\Users\Radek\AppData\Roaming\pl_accounts.pl_acc
[2014.03.08 11:57:01 | 000,000,556 | ---- | C] () -- C:\Users\Radek\AppData\Roaming\Troll.options
[2014.01.21 23:01:03 | 000,021,504 | ---- | C] () -- C:\Users\Radek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.02.24 19:48:24 | 000,087,608 | ---- | C] () -- C:\Users\Radek\AppData\Roaming\inst.exe
[2013.02.24 19:48:24 | 000,007,887 | ---- | C] () -- C:\Users\Radek\AppData\Roaming\pcouffin.cat
[2013.02.24 19:48:24 | 000,001,144 | ---- | C] () -- C:\Users\Radek\AppData\Roaming\pcouffin.inf
[2012.10.19 13:25:59 | 000,000,126 | ---- | C] () -- C:\Users\Radek\AppData\Roaming\default.pls
[2011.09.19 12:06:00 | 000,001,024 | ---- | C] () -- C:\Users\Radek\.rnd
========== ZeroAccess Check ==========
[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2016.01.22 08:05:58 | 012,877,824 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
Re: Prosím kontrolu logu, pc nezobrazuje obsah flash pamětí
========== LOP Check ==========
[2016.06.06 20:48:49 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\.minecraft
[2014.12.17 16:14:31 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\.mono
[2014.02.22 10:29:34 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Alawar
[2014.01.22 20:17:11 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Ashampoo
[2016.06.07 18:42:40 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\AVAST Software
[2014.01.22 23:27:13 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\avidemux
[2014.09.03 16:19:52 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\CLiPW
[2013.02.24 20:20:52 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Coolbox
[2016.01.10 19:41:35 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\DAEMON Tools Lite
[2015.11.02 19:31:36 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\dclogs
[2013.02.24 20:34:19 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Digiarty
[2012.10.27 11:32:11 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Exec
[2014.09.06 19:25:39 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\FirefoxToolbar
[2016.01.31 17:03:49 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\FreeMoviesToDVD
[2014.02.21 10:53:56 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Friday's games
[2014.02.03 18:44:10 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Gaijin Ent
[2011.09.19 11:57:32 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\GHISLER
[2014.12.26 16:05:45 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\ImperiaOnline
[2014.07.18 22:12:29 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\inkscape
[2013.01.01 22:22:57 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\IrfanView
[2014.02.21 10:48:15 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Land Of Runes
[2013.02.24 20:06:55 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Leawo
[2012.11.02 20:33:51 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\LibreOffice
[2012.12.01 18:59:38 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Marine Aquarium Lite
[2015.11.27 12:47:35 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Maxthon3
[2014.09.03 16:07:39 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Media Freeware
[2016.02.24 17:07:30 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\MyPhoneExplorer
[2015.11.16 21:12:32 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\OpenOffice
[2014.07.18 22:15:08 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Opera Software
[2012.10.20 17:53:50 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Rovio
[2016.01.02 17:57:33 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\RPEng
[2014.07.22 10:29:27 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Settings Manager
[2016.06.07 18:43:34 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Seznam.cz
[2013.01.06 13:32:11 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\SPlayer
[2014.08.24 20:54:52 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\stickies
[2015.10.05 17:22:34 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Summitsoft
[2014.07.18 23:17:12 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\systweak
[2016.05.11 15:13:46 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\TeamViewer
[2013.02.24 20:07:24 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\tiger-k
[2014.11.28 21:12:32 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Unity
[2013.02.24 20:12:36 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\VobSub
[2013.02.24 19:48:24 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Vso
[2014.07.27 10:42:37 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\wargaming.net
[2016.02.26 20:20:30 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Windows Live Writer
[2014.01.18 16:54:03 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Zoner
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009.07.14 06:53:46 | 000,032,520 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 06:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2012.10.22 12:14:52 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012.10.22 12:38:15 | 000,000,936 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012.10.22 12:38:16 | 000,000,940 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
< >
< MD5 for: ATAPI.SYS >
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_a5025d31bee4647c\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_df26d4d57fdef5b0\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_dfc9143c98e9a6c4\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2009.07.14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2010.11.20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010.11.20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010.11.20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2016.01.22 07:12:59 | 002,973,184 | ---- | M] (Microsoft Corporation) MD5=2A156D5EBF221EF2A6AE7CE452324DAC -- C:\Windows\explorer.exe
[2016.01.22 07:12:59 | 002,973,184 | ---- | M] (Microsoft Corporation) MD5=2A156D5EBF221EF2A6AE7CE452324DAC -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.19135_none_53a73c47d80e17a9\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe
[2016.01.22 08:07:00 | 002,973,696 | ---- | M] (Microsoft Corporation) MD5=CEA6C2000AEC6CAF3CD6F3F73848E40A -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.23338_none_5433dbd6f129009f\explorer.exe
< MD5 for: HAL.DLL >
[2010.11.20 14:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010.11.20 14:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
[2009.07.14 03:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll
< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
< MD5 for: SERVICES.EXE >
[2015.04.13 05:19:24 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=0780A42DBD7D9969F9BF4A19AA4285B5 -- C:\Windows\System32\services.exe
[2015.04.13 05:19:24 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=0780A42DBD7D9969F9BF4A19AA4285B5 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7601.18829_none_d1614ac32b8ec5cf\services.exe
[2009.07.14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe
[2015.04.11 05:53:55 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=97981140500E86E5BBAD7B76BA890146 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7601.23033_none_d1d9ee0844ba1cc2\services.exe
< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
< MD5 for: TCPIP.SYS >
[2011.04.25 06:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys
[2011.04.25 06:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2009.07.14 03:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2013.01.03 07:01:49 | 001,303,912 | ---- | M] (Microsoft Corporation) MD5=34AE5CC0C7417AB701C2AA8A7BC75417 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_b3c99dece09ecc3b\tcpip.sys
[2010.11.20 14:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2013.01.04 06:56:23 | 001,308,504 | ---- | M] (Microsoft Corporation) MD5=4A95845C5F33A4DDEB6AEF6367FB6520 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_b5becc06ddb98192\tcpip.sys
[2014.04.05 04:25:01 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=5579DD18546999F5D0EC39D018726C6B -- C:\Windows\System32\drivers\tcpip.sys
[2014.04.05 04:25:01 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=5579DD18546999F5D0EC39D018726C6B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18438_none_b513c4dfc4b513b9\tcpip.sys
[2012.03.30 12:29:05 | 001,287,024 | ---- | M] (Microsoft Corporation) MD5=55E9965552741F3850CB22CBBA9671ED -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_b2f57423c7b8dea8\tcpip.sys
[2014.12.18 23:18:52 | 001,309,120 | ---- | M] (Microsoft Corporation) MD5=6C4F3D92764FFA22D28061A4D9235446 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_b58e8eb0ddde6cf1\tcpip.sys
[2011.04.25 08:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2013.01.03 07:05:20 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=7C0507D2391AF5933600CBCED799F277 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_b502eb9fc4c2a304\tcpip.sys
[2012.03.30 12:23:11 | 001,291,632 | ---- | M] (Microsoft Corporation) MD5=7FA2E0F8B072BD04B77B421480B6CC22 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_b52e5147c4a202d7\tcpip.sys
[2011.04.25 06:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys
[2012.03.30 11:04:23 | 001,306,480 | ---- | M] (Microsoft Corporation) MD5=88FCDB9923EFECA207B3CEBD24407126 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_b583df0adde66104\tcpip.sys
[2013.01.04 06:55:21 | 001,287,528 | ---- | M] (Microsoft Corporation) MD5=BBCEAEFF1FD72A026F827CBB2F4AA8AD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_b34bcf71c7782cb0\tcpip.sys
[2014.12.18 23:18:52 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=CA59F7C570AF70BC174F477CFE2D9EE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_b4fa2013c4c8ebf1\tcpip.sys
[2012.10.03 18:44:01 | 001,308,040 | ---- | M] (Microsoft Corporation) MD5=D490DD0A91B4EAC3B4EE08D11EE37C31 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_b5a428d6ddce3d9a\tcpip.sys
[2012.10.03 18:58:30 | 001,293,680 | ---- | M] (Microsoft Corporation) MD5=E23A56F843E2AEBBB209D0ACCA73C640 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_b4ef7439c4d0da52\tcpip.sys
[2012.03.30 12:08:19 | 001,303,408 | ---- | M] (Microsoft Corporation) MD5=E47C2844A1605A44178F4281E4D58B3D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_b38bb990e0ccc871\tcpip.sys
[2014.04.05 04:16:21 | 001,310,144 | ---- | M] (Microsoft Corporation) MD5=EA47AB18E289333AB94397D77CA6E3A1 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22648_none_b59293a4dddacc9b\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009.10.28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2014.07.16 04:56:14 | 000,304,640 | ---- | M] (Microsoft Corporation) MD5=4F37B93C14AEE313BEC52A23AFB15C2E -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22750_none_7224b2134c7555fa\winlogon.exe
[2014.07.17 03:39:27 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=52449FD429D6053B78AE564DEF303870 -- C:\Windows\System32\winlogon.exe
[2014.07.17 03:39:27 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=52449FD429D6053B78AE564DEF303870 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18540_none_71a5e34e334f9d18\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
[2014.03.04 11:17:02 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=998507B046BA314CE8245364C686FA67 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_71da23b23327143c\winlogon.exe
[2014.03.04 12:39:02 | 000,304,640 | ---- | M] (Microsoft Corporation) MD5=D53972F87D850CD2EB4B29B60CAFDD77 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_7255f1994c4f8119\winlogon.exe
< >
< %systemroot%*.* /U /s >
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[7 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\348fa23db5676581511d3bd9823857c3\*.tmp files -> C:\Windows\SoftwareDistribution\Download\348fa23db5676581511d3bd9823857c3\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
[2007.11.07 09:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2016.06.06 20:48:49 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\.minecraft
[2014.12.17 16:14:31 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\.mono
[2012.12.16 20:45:28 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Adobe
[2014.02.22 10:29:34 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Alawar
[2014.01.22 20:17:11 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Ashampoo
[2016.06.07 18:42:40 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\AVAST Software
[2014.01.22 23:27:13 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\avidemux
[2014.09.03 16:19:52 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\CLiPW
[2013.02.24 20:20:52 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Coolbox
[2012.12.21 11:33:17 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Corel
[2016.01.10 19:41:35 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\DAEMON Tools Lite
[2015.11.02 19:31:36 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\dclogs
[2013.02.24 20:34:19 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Digiarty
[2013.02.25 17:07:26 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\dvdcss
[2012.10.27 11:32:11 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Exec
[2014.09.06 19:25:39 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\FirefoxToolbar
[2016.01.31 17:03:49 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\FreeMoviesToDVD
[2014.02.21 10:53:56 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Friday's games
[2014.02.03 18:44:10 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Gaijin Ent
[2011.09.19 11:57:32 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\GHISLER
[2016.05.11 15:16:37 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Google
[2011.09.19 10:45:52 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Identities
[2014.12.26 16:05:45 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\ImperiaOnline
[2014.07.18 22:12:29 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\inkscape
[2013.01.01 22:22:57 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\IrfanView
[2014.02.21 10:48:15 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Land Of Runes
[2013.02.24 20:06:55 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Leawo
[2012.11.02 20:33:51 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\LibreOffice
[2012.10.19 12:17:10 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Macromedia
[2012.12.01 18:59:38 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Marine Aquarium Lite
[2015.11.27 12:47:35 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Maxthon3
[2009.07.14 11:20:06 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Media Center Programs
[2014.09.03 16:07:39 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Media Freeware
[2015.11.16 21:01:09 | 000,000,000 | --SD | M] -- C:\Users\Radek\AppData\Roaming\Microsoft
[2016.01.11 22:51:07 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Mozilla
[2016.02.24 17:07:30 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\MyPhoneExplorer
[2014.09.04 17:12:50 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\NCH Software
[2012.12.22 13:29:46 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Nero
[2015.11.16 21:12:32 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\OpenOffice
[2014.07.18 22:15:08 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Opera Software
[2012.10.20 17:53:50 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Rovio
[2016.01.02 17:57:33 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\RPEng
[2014.07.22 10:29:27 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Settings Manager
[2016.06.07 18:43:34 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Seznam.cz
[2013.01.06 13:32:11 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\SPlayer
[2014.08.24 20:54:52 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\stickies
[2015.10.05 17:22:34 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Summitsoft
[2016.03.29 20:28:19 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Sun
[2014.07.18 23:17:12 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\systweak
[2014.01.14 18:43:18 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Talkback
[2016.05.11 15:13:46 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\TeamViewer
[2013.02.24 20:07:24 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\tiger-k
[2014.11.28 21:12:32 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Unity
[2016.06.01 07:18:13 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\vlc
[2013.02.24 20:12:36 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\VobSub
[2013.02.24 19:48:24 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Vso
[2014.07.27 10:42:37 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\wargaming.net
[2016.02.26 20:20:30 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Windows Live Writer
[2012.10.20 17:53:12 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\WinRAR
[2014.01.18 16:54:03 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Zoner
< %APPDATA%\*.exe /s >
[2015.11.02 22:00:06 | 000,388,608 | ---- | M] (Techland) -- C:\Users\Radek\AppData\Roaming\111 (2).exe
[2015.11.02 22:00:00 | 000,186,880 | ---- | M] (BernyR) -- C:\Users\Radek\AppData\Roaming\1njnoco.exe
[2015.11.02 22:00:08 | 000,261,120 | ---- | M] (Gretech Corporation) -- C:\Users\Radek\AppData\Roaming\444.exe
[2013.02.24 19:48:24 | 000,087,608 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\inst.exe
[2015.11.02 22:00:15 | 000,095,232 | ---- | M] (Spark) -- C:\Users\Radek\AppData\Roaming\novonj.exe
[2015.11.02 22:00:13 | 000,233,984 | ---- | M] (BernyR) -- C:\Users\Radek\AppData\Roaming\tetro.exe
[2015.05.08 14:50:52 | 001,799,448 | ---- | M] (Maxthon International ltd.) -- C:\Users\Radek\AppData\Roaming\Maxthon3\Public\MxUp\MxUp.exe
[2014.02.16 12:02:36 | 000,071,894 | R--- | M] () -- C:\Users\Radek\AppData\Roaming\Microsoft\Installer\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}\GPUploader.exe
[2012.12.21 11:32:51 | 000,010,134 | R--- | M] () -- C:\Users\Radek\AppData\Roaming\Microsoft\Installer\{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}\ARPPRODUCTICON.exe
[2012.12.21 11:32:51 | 000,065,536 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Radek\AppData\Roaming\Microsoft\Installer\{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}\Shortcut0.C3A146F5_4B48_11D5_A819_00B0D0428C0C.exe
[2007.11.27 09:41:32 | 000,405,504 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\NCH Software\Components\mp3el2\lame.exe
[2016.01.02 17:58:07 | 002,970,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Users\Radek\AppData\Roaming\RPEng\17F423F4104F4BF780CD6E6E313200CD\AVG_PCTuneUp_1314.exe
[2016.01.02 17:57:37 | 000,201,880 | ---- | M] (Install helper Team) -- C:\Users\Radek\AppData\Roaming\RPEng\17F423F4104F4BF780CD6E6E313200CD\dhe986.exe
[2013.05.16 15:25:04 | 001,062,472 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\Seznam.cz\szninstall.exe
[2013.05.16 15:26:24 | 002,589,256 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\Seznam.cz\sznsetup.exe
[2013.04.16 12:52:34 | 000,055,808 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\Seznam.cz\bin\ffkill.exe
[2015.05.26 13:36:54 | 000,073,896 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
[2015.05.26 13:38:58 | 000,457,384 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
[2015.05.26 13:38:44 | 000,103,080 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe
[2014.07.16 18:58:20 | 000,645,400 | ---- | M] (Systweak Software ) -- C:\Users\Radek\AppData\Roaming\systweak\ssd\SSDPTstub.exe
[2002.12.11 10:20:18 | 000,061,440 | ---- | M] (Gabest) -- C:\Users\Radek\AppData\Roaming\VobSub\submux.exe
[2002.12.11 10:20:40 | 000,098,304 | ---- | M] (Gabest) -- C:\Users\Radek\AppData\Roaming\VobSub\subresync.exe
[2013.02.24 20:12:36 | 000,059,134 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\VobSub\Uninstall VobSub.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job >
[2016.06.07 22:16:09 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2016.06.07 18:37:13 | 000,000,936 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2016.06.07 21:48:00 | 000,000,940 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
[2016.06.07 18:41:12 | 000,032,792 | ---- | M] (AVAST Software) -- C:\Windows\system32\drivers\aswHwid.sys
[2016.06.07 18:44:39 | 000,035,096 | ---- | M] (AVAST Software) -- C:\Windows\system32\drivers\aswKbd.sys
[2016.06.07 18:41:12 | 000,091,168 | ---- | M] (AVAST Software) -- C:\Windows\system32\drivers\aswMonFlt.sys
[2016.06.07 18:41:12 | 000,091,232 | ---- | M] (AVAST Software) -- C:\Windows\system32\drivers\aswRdr2.sys
[2016.06.07 18:41:12 | 000,058,776 | ---- | M] (AVAST Software) -- C:\Windows\system32\drivers\aswRvrt.sys
[2016.06.07 18:41:07 | 000,815,792 | ---- | M] (AVAST Software) -- C:\Windows\system32\drivers\aswSnx.sys
[2016.06.07 18:41:12 | 000,449,640 | ---- | M] (AVAST Software) -- C:\Windows\system32\drivers\aswSP.sys
[2016.06.07 18:41:12 | 000,124,808 | ---- | M] (AVAST Software) -- C:\Windows\system32\drivers\aswStm.sys
[2016.06.07 18:41:12 | 000,221,368 | ---- | M] (AVAST Software) -- C:\Windows\system32\drivers\aswVmm.sys
< %systemroot%\system32\*.* /3 >
[2016.06.07 18:55:58 | 000,017,168 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2016.06.07 18:55:58 | 000,017,168 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2016.06.07 18:41:09 | 000,334,280 | ---- | M] (AVAST Software) -- C:\Windows\system32\aswBoot.exe
[2016.06.07 18:17:02 | 000,014,439 | ---- | M] () -- C:\Windows\system32\debug.log
[2016.06.07 19:02:36 | 000,141,202 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2016.06.07 19:02:36 | 000,121,802 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2016.06.07 19:02:36 | 000,668,542 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2016.06.07 19:02:36 | 000,653,930 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2016.06.07 19:02:36 | 001,583,226 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI
< %SYSTEMDRIVE%\*.exe >
[2007.11.07 09:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"cz.seznam.software.autoupdate" = "C:\Users\Radek\AppData\Roaming\Seznam.cz\szninstall.exe" -c -- [2013.05.16 15:25:04 | 001,062,472 | ---- | M] ()
"cz.seznam.software.szndesktop" = "C:\Users\Radek\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q -- [2015.05.26 13:38:44 | 000,103,080 | ---- | M] ()
"Minecraft" = wscript.exe //B "C:\Users\Radek\AppData\Roaming\Minecraft.vbs" -- [2013.10.12 03:15:48 | 000,141,824 | ---- | M] (Microsoft Corporation)
"CCleaner Monitoring" = "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR -- [2016.05.13 19:43:00 | 006,690,008 | ---- | M] (Piriform Ltd)
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2016.05.03 05:30:33 | 000,392,136 | ---- | M] (Mozilla Corporation) MD5=7DF8845A1CF92C227E81DBBC6F6434DF -- C:\Program Files\Mozilla Firefox\firefox.exe
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2016.04.23 18:24:50 | 000,815,304 | ---- | M] (Microsoft Corporation) MD5=455FBE995E8E809DA3EBB78C447202D9 -- C:\Program Files\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2016.06.04 03:57:01 | 000,941,720 | ---- | M] (Google Inc.) MD5=6CF0ACD321C93EB978C4908DEB79B7FB -- C:\Program Files\Google\Chrome\Application\chrome.exe
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2016.06.07 21:48:04 | 000,000,512 | ---- | M] () MD5=6E779F0A09A3A03A222301654126B2C9 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2014.08.26 23:07:28 | 000,062,238 | ---- | M] () -- \Program Files\GIMP 2\share\gimp\2.0\patterns\cracked.pat
< *keygen* /s >
< *loader* /s >
[2010.07.05 13:30:50 | 000,071,208 | ---- | M] () -- \Games\World_of_Tanks\PhysXLoader.dll
[2016.02.29 19:59:17 | 000,010,323 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\app_loader\loader.pyc
[2016.02.29 19:59:17 | 000,001,518 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\eulaversionloader.pyc
[2016.02.29 19:59:17 | 000,002,209 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\graphicspresetsloader.pyc
[2016.02.29 19:59:17 | 000,007,493 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\guicolorsloader.pyc
[2016.02.29 19:59:17 | 000,004,097 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\guisoundsloader.pyc
[2016.02.29 19:59:17 | 000,002,753 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\windowsstoreddataloader.pyc
[2016.02.29 19:59:17 | 000,001,519 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\scaleform\framework\entities\abstract\loadermanagermeta.pyc
[2016.02.29 19:59:17 | 000,006,194 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\scaleform\framework\managers\loaders.pyc
[2016.02.29 19:59:17 | 000,011,861 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\shared\remotedatadownloader.pyc
[2016.02.29 19:59:17 | 000,003,419 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\helpers\rssdownloader.pyc
[2016.02.29 19:59:17 | 000,011,716 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\tutorial\loader.pyc
[2015.12.09 22:42:18 | 000,011,336 | ---- | M] () -- \Games\World_of_Tanks\res_bw\scripts\common\lib\unittest\loader.pyc
[2015.12.09 22:42:18 | 000,049,402 | ---- | M] () -- \Games\World_of_Tanks\res_bw\scripts\common\lib\unittest\test\test_loader.pyc
[2015.06.24 12:59:50 | 000,034,951 | ---- | M] () -- \Games\World_of_Warships\res\gui\flash\sfm_loader.swf
[2015.07.11 08:31:33 | 000,010,364 | ---- | M] () -- \Games\World_of_Warships\res\scripts\client\SFM\core\SFMTreeLoader.pyc
[2015.07.11 08:31:34 | 000,013,348 | ---- | M] () -- \Games\World_of_Warships\res\scripts\common\Lib\unittest\loader.pyc
[2015.07.11 08:31:34 | 000,029,728 | ---- | M] () -- \Games\World_of_Warships\res\scripts\common\Lib\unittest\test\test_loader.pyc
[2016.06.07 18:41:08 | 000,087,480 | ---- | M] () -- \Program Files\AVAST Software\Avast\aswWrcIELoader32.exe
[2016.06.07 18:41:06 | 000,060,128 | ---- | M] () -- \Program Files\AVAST Software\Avast\ie_loader.exe
[2016.06.07 18:41:09 | 000,019,136 | ---- | M] () -- \Program Files\AVAST Software\Avast\setup\CRT\avast.vc140.crt\x86\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.04.15 14:52:55 | 001,755,262 | ---- | M] () -- \Program Files\AVAST Software\SZBrowser\1.48.2066.101\resources\bundled_extensions\video-downloader.crx
[2016.04.15 14:52:55 | 001,755,262 | ---- | M] () -- \Program Files\AVAST Software\SZBrowser\resources\bundled_extensions\video-downloader.crx
[2014.10.14 12:01:44 | 000,382,464 | ---- | M] () -- \Program Files\Fotolab\Fotolab Fotosvet\CWImageLoader0.dll
[2011.03.08 10:43:28 | 000,013,734 | ---- | M] () -- \Program Files\GIMP 2\Python\Lib\unittest\loader.py
[2014.10.30 12:03:48 | 000,001,682 | ---- | M] () -- \Program Files\HF Designer\Loader.elf
[2014.10.30 12:03:48 | 001,083,968 | ---- | M] () -- \Program Files\HF Designer\Loader.exe
[2016.05.17 16:39:54 | 000,001,087 | ---- | M] () -- \Program Files\Intel Security\True Key\Application\data\scripts\cs-loader.js
[2011.03.15 23:49:50 | 000,006,263 | ---- | M] () -- \Program Files\LibreOffice 3\Basis\program\pythonloader.py
[2011.09.19 11:48:07 | 000,020,992 | ---- | M] () -- \Program Files\LibreOffice 3\Basis\program\pythonloader.uno.dll
[2011.03.16 07:12:38 | 000,000,171 | ---- | M] () -- \Program Files\LibreOffice 3\Basis\program\pythonloader.uno.ini
[2011.03.15 21:50:14 | 000,066,250 | ---- | M] () -- \Program Files\LibreOffice 3\share\extensions\report-builder\libloader-1.0.0.jar
[2011.09.19 11:48:10 | 000,030,208 | ---- | M] () -- \Program Files\LibreOffice 3\URE\bin\javaloader.uno.dll
[2011.03.15 21:35:58 | 000,003,873 | ---- | M] () -- \Program Files\LibreOffice 3\URE\java\unoloader.jar
[2014.07.09 08:52:06 | 000,006,820 | ---- | M] () -- \Program Files\Movies App\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\ajax-loader.gif
[2015.02.18 17:27:02 | 000,031,516 | ---- | M] () -- \Program Files\Seznam.cz\distribution\install\cz.seznam.software.libfoxloader-3.1.2-win32.zip
[2015.08.03 11:44:14 | 000,001,702 | ---- | M] () -- \Program Files\Sony Mobile\Update Engine\licenses\loaderbinarylegal.txt
[2013.03.05 11:11:10 | 000,432,128 | ---- | M] () -- \Program Files\Zoner\Photo Studio 16\Plugins\Facebook\ZPSFacebookUploader.exe
[2010.04.29 15:12:40 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 16\Plugins\Facebook\ZPSPluginLoader.exe
[2013.03.05 14:03:44 | 000,443,904 | ---- | M] () -- \Program Files\Zoner\Photo Studio 16\Plugins\Flickr\ZPSFlickrUploader.exe
[2010.04.29 15:12:42 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 16\Plugins\Flickr\ZPSPluginLoader.exe
[2013.03.05 13:34:20 | 000,192,512 | ---- | M] () -- \Program Files\Zoner\Photo Studio 16\Plugins\Picasa\ZPSPicasaUploader.exe
[2010.04.29 15:12:40 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 16\Plugins\Picasa\ZPSPluginLoader.exe
[2013.12.13 17:35:50 | 000,103,936 | ---- | M] () -- \Program Files\Zoner\Photo Studio 16\Program32\8bfLoader.exe
[2013.12.13 17:35:58 | 000,018,944 | ---- | M] () -- \Program Files\Zoner\Photo Studio 16\Program32\WICLoader.exe
[2016.05.10 13:27:26 | 000,006,673 | ---- | M] () -- \Users\Radek\AppData\Local\Torch\User Data\Default\Extensions\pdehmppfilefbolgganhfihpbmjlgebh\1.13.642_0\js\www\util\pub\pre_loader.js
[2014.02.16 12:02:36 | 000,071,894 | R--- | M] () -- \Users\Radek\AppData\Roaming\Microsoft\Installer\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}\GPUploader.exe
[2015.05.26 13:35:36 | 000,079,872 | ---- | M] () -- \Users\Radek\AppData\Roaming\Seznam.cz\bin\9984libfoxloader-x64.dll
[2015.05.26 13:37:42 | 000,078,504 | ---- | M] () -- \Users\Radek\AppData\Roaming\Seznam.cz\bin\9984libfoxloader.dll
[2015.11.16 21:00:09 | 000,000,164 | ---- | M] () -- \Users\Radek\AppData\Roaming\Seznam.cz\conf\szndesktop.d\libfoxloader.conf
[2015.02.18 17:27:02 | 000,031,516 | ---- | M] () -- \Users\Radek\AppData\Roaming\Seznam.cz\install\cz.seznam.software.libfoxloader-3.1.2-win32.zip
[2015.01.06 16:17:14 | 000,000,665 | ---- | M] () -- \Users\Radek\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_2_5.install.bat
[2015.01.06 16:17:14 | 000,000,117 | ---- | M] () -- \Users\Radek\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_2_5.uninstall.bat
[2014.12.17 14:43:49 | 000,000,073 | ---- | M] () -- \Users\Radek\AppData\Roaming\Unity\WebPlayerPrefs\data_2eultimate_2ddisassembly_2ecom\prefloader2_5ffacebook_5f208a9_2eunity3d.upp
[2015.06.26 12:21:09 | 000,000,077 | ---- | M] () -- \Users\Radek\AppData\Roaming\Unity\WebPlayerPrefs\data_2eultimate_2ddisassembly_2ecom\prefloader2_5ffacebook_5f208o7_2eunity3d.upp
[2015.02.20 21:28:03 | 000,000,564 | ---- | M] () -- \Users\Radek\AppData\Roaming\Unity\WebPlayerPrefs\z6g7t5i5_2essl_2ehwcdn_2enet\prefrc2_2e7-redcrucible_5floader_2eunity3d.upp
[2012.05.22 16:24:08 | 854,573,984 | ---- | M] () -- \Users\Radek\Desktop\DDDDDDDDDDDDDDDDDDDDDDDDDDDD\Prerusene-ticho-2012.TVRip.cz.by.Salud.of.PowerUploaders.avi
[2009.07.14 14:25:34 | 002,202,645 | R--- | M] () -- \Windows\Setup\SCRIPTS\Windows7Loader.exe
[2016.03.18 00:24:26 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2015.10.19 12:26:02 | 000,012,532 | ---- | M] () -- \Windows\System32\Adobe\Shockwave 12\shockwave_Projector_Loader.dcr
[2013.07.08 13:04:40 | 000,009,622 | ---- | M] () -- \Windows\System32\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr
[2009.07.14 06:54:01 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2016.05.11 12:51:37 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23418_cs-cz_35d7452c7465d13a.manifest
[2016.05.11 12:51:37 | 000,034,536 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23418_cs-cz_35d7452c7465d13a_winload.exe.mui_3bc5b827
[2016.05.11 12:51:37 | 000,030,440 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23418_cs-cz_35d7452c7465d13a_winresume.exe.mui_ff8b5358
[2016.05.11 12:51:37 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23418_none_5dbb90b4e403376d.manifest
[2016.05.11 12:51:37 | 000,534,816 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23418_none_5dbb90b4e403376d_winload.exe_75835076
[2016.05.11 12:51:38 | 000,470,704 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23418_none_5dbb90b4e403376d_winresume.exe_85cd1215
[2009.07.14 04:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 04:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2015.05.13 20:56:34 | 000,000,612 | ---- | M] () -- \Windows\winsxs\FileMaps\programdata_microsoft_diagnosis_asimovuploader_0413bca0c3dfdda4.cdf-ms
[2009.07.14 10:42:11 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2015.02.03 05:54:10 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_cs-cz_352654f75b66aedd.manifest
[2015.08.04 20:15:30 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18950_cs-cz_351a888d5b6fabc5.manifest
[2015.10.01 20:23:11 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.19021_cs-cz_353bd0bd5b56a48b.manifest
[2014.12.13 03:50:10 | 000,002,777 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22908_cs-cz_35e2355e745d8d6b.manifest
[2015.01.13 00:09:15 | 000,002,777 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22921_cs-cz_35c59380747413ec.manifest
[2015.01.16 08:24:33 | 000,002,777 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22923_cs-cz_35c794147472469a.manifest
[2015.01.27 06:12:13 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22943_cs-cz_35b1f43c74827e7c.manifest
[2015.02.03 06:04:47 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22948_cs-cz_35b6f5ae747dfd2f.manifest
[2015.03.17 07:30:44 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23002_cs-cz_35dc0bc4746328a3.manifest
[2015.04.27 21:41:46 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23040_cs-cz_35aecb80748565b9.manifest
[2015.05.25 20:50:50 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23072_cs-cz_35905c50749bec3a.manifest
[2015.07.15 05:32:43 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23126_cs-cz_35ca6efa746fc308.manifest
[2015.07.15 20:44:27 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23136_cs-cz_35bf9f0e7477def9.manifest
[2015.07.23 03:24:51 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23142_cs-cz_35b0cdfa7483958e.manifest
[2015.08.04 20:38:06 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23153_cs-cz_35a6fe58748acad6.manifest
[2015.09.28 22:45:05 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23223_cs-cz_35c770027472742a.manifest
[2015.10.01 20:14:51 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23226_cs-cz_35ca70e0746fc02f.manifest
[2015.10.20 03:19:05 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23250_cs-cz_35a3ff60748d7bf8.manifest
[2015.12.30 21:30:42 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23313_cs-cz_35d241d4746a5560.manifest
[2016.01.17 02:54:34 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23334_cs-cz_35bda2467479a699.manifest
[2016.01.22 08:42:13 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23338_cs-cz_35c1a36e74760bf5.manifest
[2016.02.10 21:03:27 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23349_cs-cz_35b7d3cc747d413d.manifest
[2016.03.16 21:09:18 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23391_cs-cz_3579c1e074ad023a.manifest
[2016.03.18 01:01:03 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23392_cs-cz_357ac22a74ac1b91.manifest
[2016.04.09 09:21:02 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23418_cs-cz_35d7452c7465d13a.manifest
[2009.07.14 03:47:46 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009.08.19 09:38:48 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed.manifest
[2009.08.19 09:21:21 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20509_none_5be12f8ee6d3987e.manifest
[2010.11.20 06:02:40 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2015.02.03 05:32:58 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18741_none_5d0aa07fcb041510.manifest
[2015.08.04 20:12:04 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18950_none_5cfed415cb0d11f8.manifest
[2015.10.01 20:21:33 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.19021_none_5d201c45caf40abe.manifest
[2014.12.12 08:03:57 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22908_none_5dc680e6e3faf39e.manifest
[2015.01.12 05:35:19 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22921_none_5da9df08e4117a1f.manifest
[2015.01.14 08:45:13 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22923_none_5dabdf9ce40faccd.manifest
[2015.01.27 05:51:15 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22943_none_5d963fc4e41fe4af.manifest
[2015.02.03 05:54:42 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22948_none_5d9b4136e41b6362.manifest
[2015.03.17 07:06:11 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23002_none_5dc0574ce4008ed6.manifest
[2015.04.27 21:17:27 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23040_none_5d931708e422cbec.manifest
[2015.05.25 20:35:55 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23072_none_5d74a7d8e439526d.manifest
[2015.07.15 05:25:32 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23126_none_5daeba82e40d293b.manifest
[2015.07.15 20:16:39 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23136_none_5da3ea96e415452c.manifest
[2015.07.23 02:23:37 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23142_none_5d951982e420fbc1.manifest
[2015.08.04 20:18:44 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23153_none_5d8b49e0e4283109.manifest
[2015.09.28 22:46:19 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23223_none_5dabbb8ae40fda5d.manifest
[2015.10.01 20:05:19 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23226_none_5daebc68e40d2662.manifest
[2015.10.20 03:15:07 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23250_none_5d884ae8e42ae22b.manifest
[2015.12.30 21:23:44 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23313_none_5db68d5ce407bb93.manifest
[2016.01.17 02:43:34 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23334_none_5da1edcee4170ccc.manifest
[2016.01.22 08:39:54 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23338_none_5da5eef6e4137228.manifest
[2016.02.10 21:17:55 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23349_none_5d9c1f54e41aa770.manifest
[2016.03.16 21:02:45 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23391_none_5d5e0d68e44a686d.manifest
[2016.03.18 00:51:44 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23392_none_5d5f0db2e44981c4.manifest
[2016.04.09 09:16:41 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23418_none_5dbb90b4e403376d.manifest
[2009.07.14 03:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2016.06.07 18:41:33 | 000,019,136 | ---- | M] () -- \Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.23918.0_none_9b756b1a36307bc0\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:19:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.18 13:09:17 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_0ae0ab79dce0fb26\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:45:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:56:23 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_0a96fc99dd17f16b\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_0adfad15dce1def6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:42:56 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_0b6949e0f5ff7ec0\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:48:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:44:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_0b12ca80f6405e48\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:39:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_0b5e7bdaf60797d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:15:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:32:13 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.09 05:08:08 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18847_none_0c9bd9e5da27bd35\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.01.16 20:34:24 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.19131_none_0ca08403da2536ca\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.01.22 07:59:07 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.19135_none_0ca4852bda219c26\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.04 12:35:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_0d44e078f32df860\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.12 04:03:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_0d169feaf3511c1f\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.09 07:34:47 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23049_none_0d274f66f343c2ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.01.17 02:09:50 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23334_none_0d2d2392f3401fc0\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.01.22 07:58:11 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23338_none_0d3124baf33c851c\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.03.16 20:23:40 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23391_none_0ce9432cf3737b61\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.03.18 00:24:26 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23392_none_0cea4376f37294b8\api-ms-win-core-libraryloader-l1-1-0.dll
========== Alternate Data Streams ==========
@Alternate Data Stream - 6144 bytes -> C:\Windows\Cursors\arrow_n.cur:NEDTA.DAT
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:35A1F1D2
< End of report >
[2016.06.06 20:48:49 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\.minecraft
[2014.12.17 16:14:31 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\.mono
[2014.02.22 10:29:34 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Alawar
[2014.01.22 20:17:11 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Ashampoo
[2016.06.07 18:42:40 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\AVAST Software
[2014.01.22 23:27:13 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\avidemux
[2014.09.03 16:19:52 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\CLiPW
[2013.02.24 20:20:52 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Coolbox
[2016.01.10 19:41:35 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\DAEMON Tools Lite
[2015.11.02 19:31:36 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\dclogs
[2013.02.24 20:34:19 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Digiarty
[2012.10.27 11:32:11 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Exec
[2014.09.06 19:25:39 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\FirefoxToolbar
[2016.01.31 17:03:49 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\FreeMoviesToDVD
[2014.02.21 10:53:56 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Friday's games
[2014.02.03 18:44:10 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Gaijin Ent
[2011.09.19 11:57:32 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\GHISLER
[2014.12.26 16:05:45 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\ImperiaOnline
[2014.07.18 22:12:29 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\inkscape
[2013.01.01 22:22:57 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\IrfanView
[2014.02.21 10:48:15 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Land Of Runes
[2013.02.24 20:06:55 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Leawo
[2012.11.02 20:33:51 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\LibreOffice
[2012.12.01 18:59:38 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Marine Aquarium Lite
[2015.11.27 12:47:35 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Maxthon3
[2014.09.03 16:07:39 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Media Freeware
[2016.02.24 17:07:30 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\MyPhoneExplorer
[2015.11.16 21:12:32 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\OpenOffice
[2014.07.18 22:15:08 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Opera Software
[2012.10.20 17:53:50 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Rovio
[2016.01.02 17:57:33 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\RPEng
[2014.07.22 10:29:27 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Settings Manager
[2016.06.07 18:43:34 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Seznam.cz
[2013.01.06 13:32:11 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\SPlayer
[2014.08.24 20:54:52 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\stickies
[2015.10.05 17:22:34 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Summitsoft
[2014.07.18 23:17:12 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\systweak
[2016.05.11 15:13:46 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\TeamViewer
[2013.02.24 20:07:24 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\tiger-k
[2014.11.28 21:12:32 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Unity
[2013.02.24 20:12:36 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\VobSub
[2013.02.24 19:48:24 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Vso
[2014.07.27 10:42:37 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\wargaming.net
[2016.02.26 20:20:30 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Windows Live Writer
[2014.01.18 16:54:03 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Zoner
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009.07.14 06:53:46 | 000,032,520 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 06:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2012.10.22 12:14:52 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012.10.22 12:38:15 | 000,000,936 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012.10.22 12:38:16 | 000,000,940 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
< >
< MD5 for: ATAPI.SYS >
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_a5025d31bee4647c\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_df26d4d57fdef5b0\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_dfc9143c98e9a6c4\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2009.07.14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2010.11.20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010.11.20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010.11.20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2016.01.22 07:12:59 | 002,973,184 | ---- | M] (Microsoft Corporation) MD5=2A156D5EBF221EF2A6AE7CE452324DAC -- C:\Windows\explorer.exe
[2016.01.22 07:12:59 | 002,973,184 | ---- | M] (Microsoft Corporation) MD5=2A156D5EBF221EF2A6AE7CE452324DAC -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.19135_none_53a73c47d80e17a9\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe
[2016.01.22 08:07:00 | 002,973,696 | ---- | M] (Microsoft Corporation) MD5=CEA6C2000AEC6CAF3CD6F3F73848E40A -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.23338_none_5433dbd6f129009f\explorer.exe
< MD5 for: HAL.DLL >
[2010.11.20 14:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010.11.20 14:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
[2009.07.14 03:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll
< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
< MD5 for: SERVICES.EXE >
[2015.04.13 05:19:24 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=0780A42DBD7D9969F9BF4A19AA4285B5 -- C:\Windows\System32\services.exe
[2015.04.13 05:19:24 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=0780A42DBD7D9969F9BF4A19AA4285B5 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7601.18829_none_d1614ac32b8ec5cf\services.exe
[2009.07.14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe
[2015.04.11 05:53:55 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=97981140500E86E5BBAD7B76BA890146 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7601.23033_none_d1d9ee0844ba1cc2\services.exe
< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
< MD5 for: TCPIP.SYS >
[2011.04.25 06:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys
[2011.04.25 06:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2009.07.14 03:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2013.01.03 07:01:49 | 001,303,912 | ---- | M] (Microsoft Corporation) MD5=34AE5CC0C7417AB701C2AA8A7BC75417 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_b3c99dece09ecc3b\tcpip.sys
[2010.11.20 14:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2013.01.04 06:56:23 | 001,308,504 | ---- | M] (Microsoft Corporation) MD5=4A95845C5F33A4DDEB6AEF6367FB6520 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_b5becc06ddb98192\tcpip.sys
[2014.04.05 04:25:01 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=5579DD18546999F5D0EC39D018726C6B -- C:\Windows\System32\drivers\tcpip.sys
[2014.04.05 04:25:01 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=5579DD18546999F5D0EC39D018726C6B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18438_none_b513c4dfc4b513b9\tcpip.sys
[2012.03.30 12:29:05 | 001,287,024 | ---- | M] (Microsoft Corporation) MD5=55E9965552741F3850CB22CBBA9671ED -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_b2f57423c7b8dea8\tcpip.sys
[2014.12.18 23:18:52 | 001,309,120 | ---- | M] (Microsoft Corporation) MD5=6C4F3D92764FFA22D28061A4D9235446 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_b58e8eb0ddde6cf1\tcpip.sys
[2011.04.25 08:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2013.01.03 07:05:20 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=7C0507D2391AF5933600CBCED799F277 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_b502eb9fc4c2a304\tcpip.sys
[2012.03.30 12:23:11 | 001,291,632 | ---- | M] (Microsoft Corporation) MD5=7FA2E0F8B072BD04B77B421480B6CC22 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_b52e5147c4a202d7\tcpip.sys
[2011.04.25 06:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys
[2012.03.30 11:04:23 | 001,306,480 | ---- | M] (Microsoft Corporation) MD5=88FCDB9923EFECA207B3CEBD24407126 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_b583df0adde66104\tcpip.sys
[2013.01.04 06:55:21 | 001,287,528 | ---- | M] (Microsoft Corporation) MD5=BBCEAEFF1FD72A026F827CBB2F4AA8AD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_b34bcf71c7782cb0\tcpip.sys
[2014.12.18 23:18:52 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=CA59F7C570AF70BC174F477CFE2D9EE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_b4fa2013c4c8ebf1\tcpip.sys
[2012.10.03 18:44:01 | 001,308,040 | ---- | M] (Microsoft Corporation) MD5=D490DD0A91B4EAC3B4EE08D11EE37C31 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_b5a428d6ddce3d9a\tcpip.sys
[2012.10.03 18:58:30 | 001,293,680 | ---- | M] (Microsoft Corporation) MD5=E23A56F843E2AEBBB209D0ACCA73C640 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_b4ef7439c4d0da52\tcpip.sys
[2012.03.30 12:08:19 | 001,303,408 | ---- | M] (Microsoft Corporation) MD5=E47C2844A1605A44178F4281E4D58B3D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_b38bb990e0ccc871\tcpip.sys
[2014.04.05 04:16:21 | 001,310,144 | ---- | M] (Microsoft Corporation) MD5=EA47AB18E289333AB94397D77CA6E3A1 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22648_none_b59293a4dddacc9b\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009.10.28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2014.07.16 04:56:14 | 000,304,640 | ---- | M] (Microsoft Corporation) MD5=4F37B93C14AEE313BEC52A23AFB15C2E -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22750_none_7224b2134c7555fa\winlogon.exe
[2014.07.17 03:39:27 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=52449FD429D6053B78AE564DEF303870 -- C:\Windows\System32\winlogon.exe
[2014.07.17 03:39:27 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=52449FD429D6053B78AE564DEF303870 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18540_none_71a5e34e334f9d18\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
[2014.03.04 11:17:02 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=998507B046BA314CE8245364C686FA67 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_71da23b23327143c\winlogon.exe
[2014.03.04 12:39:02 | 000,304,640 | ---- | M] (Microsoft Corporation) MD5=D53972F87D850CD2EB4B29B60CAFDD77 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_7255f1994c4f8119\winlogon.exe
< >
< %systemroot%*.* /U /s >
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[7 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\348fa23db5676581511d3bd9823857c3\*.tmp files -> C:\Windows\SoftwareDistribution\Download\348fa23db5676581511d3bd9823857c3\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
[2007.11.07 09:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2016.06.06 20:48:49 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\.minecraft
[2014.12.17 16:14:31 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\.mono
[2012.12.16 20:45:28 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Adobe
[2014.02.22 10:29:34 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Alawar
[2014.01.22 20:17:11 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Ashampoo
[2016.06.07 18:42:40 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\AVAST Software
[2014.01.22 23:27:13 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\avidemux
[2014.09.03 16:19:52 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\CLiPW
[2013.02.24 20:20:52 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Coolbox
[2012.12.21 11:33:17 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Corel
[2016.01.10 19:41:35 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\DAEMON Tools Lite
[2015.11.02 19:31:36 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\dclogs
[2013.02.24 20:34:19 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Digiarty
[2013.02.25 17:07:26 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\dvdcss
[2012.10.27 11:32:11 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Exec
[2014.09.06 19:25:39 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\FirefoxToolbar
[2016.01.31 17:03:49 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\FreeMoviesToDVD
[2014.02.21 10:53:56 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Friday's games
[2014.02.03 18:44:10 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Gaijin Ent
[2011.09.19 11:57:32 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\GHISLER
[2016.05.11 15:16:37 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Google
[2011.09.19 10:45:52 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Identities
[2014.12.26 16:05:45 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\ImperiaOnline
[2014.07.18 22:12:29 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\inkscape
[2013.01.01 22:22:57 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\IrfanView
[2014.02.21 10:48:15 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Land Of Runes
[2013.02.24 20:06:55 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Leawo
[2012.11.02 20:33:51 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\LibreOffice
[2012.10.19 12:17:10 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Macromedia
[2012.12.01 18:59:38 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Marine Aquarium Lite
[2015.11.27 12:47:35 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Maxthon3
[2009.07.14 11:20:06 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Media Center Programs
[2014.09.03 16:07:39 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Media Freeware
[2015.11.16 21:01:09 | 000,000,000 | --SD | M] -- C:\Users\Radek\AppData\Roaming\Microsoft
[2016.01.11 22:51:07 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Mozilla
[2016.02.24 17:07:30 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\MyPhoneExplorer
[2014.09.04 17:12:50 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\NCH Software
[2012.12.22 13:29:46 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Nero
[2015.11.16 21:12:32 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\OpenOffice
[2014.07.18 22:15:08 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Opera Software
[2012.10.20 17:53:50 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Rovio
[2016.01.02 17:57:33 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\RPEng
[2014.07.22 10:29:27 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Settings Manager
[2016.06.07 18:43:34 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Seznam.cz
[2013.01.06 13:32:11 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\SPlayer
[2014.08.24 20:54:52 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\stickies
[2015.10.05 17:22:34 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Summitsoft
[2016.03.29 20:28:19 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Sun
[2014.07.18 23:17:12 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\systweak
[2014.01.14 18:43:18 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Talkback
[2016.05.11 15:13:46 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\TeamViewer
[2013.02.24 20:07:24 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\tiger-k
[2014.11.28 21:12:32 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Unity
[2016.06.01 07:18:13 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\vlc
[2013.02.24 20:12:36 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\VobSub
[2013.02.24 19:48:24 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Vso
[2014.07.27 10:42:37 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\wargaming.net
[2016.02.26 20:20:30 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Windows Live Writer
[2012.10.20 17:53:12 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\WinRAR
[2014.01.18 16:54:03 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Zoner
< %APPDATA%\*.exe /s >
[2015.11.02 22:00:06 | 000,388,608 | ---- | M] (Techland) -- C:\Users\Radek\AppData\Roaming\111 (2).exe
[2015.11.02 22:00:00 | 000,186,880 | ---- | M] (BernyR) -- C:\Users\Radek\AppData\Roaming\1njnoco.exe
[2015.11.02 22:00:08 | 000,261,120 | ---- | M] (Gretech Corporation) -- C:\Users\Radek\AppData\Roaming\444.exe
[2013.02.24 19:48:24 | 000,087,608 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\inst.exe
[2015.11.02 22:00:15 | 000,095,232 | ---- | M] (Spark) -- C:\Users\Radek\AppData\Roaming\novonj.exe
[2015.11.02 22:00:13 | 000,233,984 | ---- | M] (BernyR) -- C:\Users\Radek\AppData\Roaming\tetro.exe
[2015.05.08 14:50:52 | 001,799,448 | ---- | M] (Maxthon International ltd.) -- C:\Users\Radek\AppData\Roaming\Maxthon3\Public\MxUp\MxUp.exe
[2014.02.16 12:02:36 | 000,071,894 | R--- | M] () -- C:\Users\Radek\AppData\Roaming\Microsoft\Installer\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}\GPUploader.exe
[2012.12.21 11:32:51 | 000,010,134 | R--- | M] () -- C:\Users\Radek\AppData\Roaming\Microsoft\Installer\{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}\ARPPRODUCTICON.exe
[2012.12.21 11:32:51 | 000,065,536 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Radek\AppData\Roaming\Microsoft\Installer\{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}\Shortcut0.C3A146F5_4B48_11D5_A819_00B0D0428C0C.exe
[2007.11.27 09:41:32 | 000,405,504 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\NCH Software\Components\mp3el2\lame.exe
[2016.01.02 17:58:07 | 002,970,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Users\Radek\AppData\Roaming\RPEng\17F423F4104F4BF780CD6E6E313200CD\AVG_PCTuneUp_1314.exe
[2016.01.02 17:57:37 | 000,201,880 | ---- | M] (Install helper Team) -- C:\Users\Radek\AppData\Roaming\RPEng\17F423F4104F4BF780CD6E6E313200CD\dhe986.exe
[2013.05.16 15:25:04 | 001,062,472 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\Seznam.cz\szninstall.exe
[2013.05.16 15:26:24 | 002,589,256 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\Seznam.cz\sznsetup.exe
[2013.04.16 12:52:34 | 000,055,808 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\Seznam.cz\bin\ffkill.exe
[2015.05.26 13:36:54 | 000,073,896 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
[2015.05.26 13:38:58 | 000,457,384 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
[2015.05.26 13:38:44 | 000,103,080 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe
[2014.07.16 18:58:20 | 000,645,400 | ---- | M] (Systweak Software ) -- C:\Users\Radek\AppData\Roaming\systweak\ssd\SSDPTstub.exe
[2002.12.11 10:20:18 | 000,061,440 | ---- | M] (Gabest) -- C:\Users\Radek\AppData\Roaming\VobSub\submux.exe
[2002.12.11 10:20:40 | 000,098,304 | ---- | M] (Gabest) -- C:\Users\Radek\AppData\Roaming\VobSub\subresync.exe
[2013.02.24 20:12:36 | 000,059,134 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\VobSub\Uninstall VobSub.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job >
[2016.06.07 22:16:09 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2016.06.07 18:37:13 | 000,000,936 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2016.06.07 21:48:00 | 000,000,940 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
[2016.06.07 18:41:12 | 000,032,792 | ---- | M] (AVAST Software) -- C:\Windows\system32\drivers\aswHwid.sys
[2016.06.07 18:44:39 | 000,035,096 | ---- | M] (AVAST Software) -- C:\Windows\system32\drivers\aswKbd.sys
[2016.06.07 18:41:12 | 000,091,168 | ---- | M] (AVAST Software) -- C:\Windows\system32\drivers\aswMonFlt.sys
[2016.06.07 18:41:12 | 000,091,232 | ---- | M] (AVAST Software) -- C:\Windows\system32\drivers\aswRdr2.sys
[2016.06.07 18:41:12 | 000,058,776 | ---- | M] (AVAST Software) -- C:\Windows\system32\drivers\aswRvrt.sys
[2016.06.07 18:41:07 | 000,815,792 | ---- | M] (AVAST Software) -- C:\Windows\system32\drivers\aswSnx.sys
[2016.06.07 18:41:12 | 000,449,640 | ---- | M] (AVAST Software) -- C:\Windows\system32\drivers\aswSP.sys
[2016.06.07 18:41:12 | 000,124,808 | ---- | M] (AVAST Software) -- C:\Windows\system32\drivers\aswStm.sys
[2016.06.07 18:41:12 | 000,221,368 | ---- | M] (AVAST Software) -- C:\Windows\system32\drivers\aswVmm.sys
< %systemroot%\system32\*.* /3 >
[2016.06.07 18:55:58 | 000,017,168 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2016.06.07 18:55:58 | 000,017,168 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2016.06.07 18:41:09 | 000,334,280 | ---- | M] (AVAST Software) -- C:\Windows\system32\aswBoot.exe
[2016.06.07 18:17:02 | 000,014,439 | ---- | M] () -- C:\Windows\system32\debug.log
[2016.06.07 19:02:36 | 000,141,202 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2016.06.07 19:02:36 | 000,121,802 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2016.06.07 19:02:36 | 000,668,542 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2016.06.07 19:02:36 | 000,653,930 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2016.06.07 19:02:36 | 001,583,226 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI
< %SYSTEMDRIVE%\*.exe >
[2007.11.07 09:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"cz.seznam.software.autoupdate" = "C:\Users\Radek\AppData\Roaming\Seznam.cz\szninstall.exe" -c -- [2013.05.16 15:25:04 | 001,062,472 | ---- | M] ()
"cz.seznam.software.szndesktop" = "C:\Users\Radek\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q -- [2015.05.26 13:38:44 | 000,103,080 | ---- | M] ()
"Minecraft" = wscript.exe //B "C:\Users\Radek\AppData\Roaming\Minecraft.vbs" -- [2013.10.12 03:15:48 | 000,141,824 | ---- | M] (Microsoft Corporation)
"CCleaner Monitoring" = "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR -- [2016.05.13 19:43:00 | 006,690,008 | ---- | M] (Piriform Ltd)
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2016.05.03 05:30:33 | 000,392,136 | ---- | M] (Mozilla Corporation) MD5=7DF8845A1CF92C227E81DBBC6F6434DF -- C:\Program Files\Mozilla Firefox\firefox.exe
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2016.04.23 18:24:50 | 000,815,304 | ---- | M] (Microsoft Corporation) MD5=455FBE995E8E809DA3EBB78C447202D9 -- C:\Program Files\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2016.06.04 03:57:01 | 000,941,720 | ---- | M] (Google Inc.) MD5=6CF0ACD321C93EB978C4908DEB79B7FB -- C:\Program Files\Google\Chrome\Application\chrome.exe
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2016.06.07 21:48:04 | 000,000,512 | ---- | M] () MD5=6E779F0A09A3A03A222301654126B2C9 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2014.08.26 23:07:28 | 000,062,238 | ---- | M] () -- \Program Files\GIMP 2\share\gimp\2.0\patterns\cracked.pat
< *keygen* /s >
< *loader* /s >
[2010.07.05 13:30:50 | 000,071,208 | ---- | M] () -- \Games\World_of_Tanks\PhysXLoader.dll
[2016.02.29 19:59:17 | 000,010,323 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\app_loader\loader.pyc
[2016.02.29 19:59:17 | 000,001,518 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\eulaversionloader.pyc
[2016.02.29 19:59:17 | 000,002,209 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\graphicspresetsloader.pyc
[2016.02.29 19:59:17 | 000,007,493 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\guicolorsloader.pyc
[2016.02.29 19:59:17 | 000,004,097 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\guisoundsloader.pyc
[2016.02.29 19:59:17 | 000,002,753 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\windowsstoreddataloader.pyc
[2016.02.29 19:59:17 | 000,001,519 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\scaleform\framework\entities\abstract\loadermanagermeta.pyc
[2016.02.29 19:59:17 | 000,006,194 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\scaleform\framework\managers\loaders.pyc
[2016.02.29 19:59:17 | 000,011,861 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\shared\remotedatadownloader.pyc
[2016.02.29 19:59:17 | 000,003,419 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\helpers\rssdownloader.pyc
[2016.02.29 19:59:17 | 000,011,716 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\tutorial\loader.pyc
[2015.12.09 22:42:18 | 000,011,336 | ---- | M] () -- \Games\World_of_Tanks\res_bw\scripts\common\lib\unittest\loader.pyc
[2015.12.09 22:42:18 | 000,049,402 | ---- | M] () -- \Games\World_of_Tanks\res_bw\scripts\common\lib\unittest\test\test_loader.pyc
[2015.06.24 12:59:50 | 000,034,951 | ---- | M] () -- \Games\World_of_Warships\res\gui\flash\sfm_loader.swf
[2015.07.11 08:31:33 | 000,010,364 | ---- | M] () -- \Games\World_of_Warships\res\scripts\client\SFM\core\SFMTreeLoader.pyc
[2015.07.11 08:31:34 | 000,013,348 | ---- | M] () -- \Games\World_of_Warships\res\scripts\common\Lib\unittest\loader.pyc
[2015.07.11 08:31:34 | 000,029,728 | ---- | M] () -- \Games\World_of_Warships\res\scripts\common\Lib\unittest\test\test_loader.pyc
[2016.06.07 18:41:08 | 000,087,480 | ---- | M] () -- \Program Files\AVAST Software\Avast\aswWrcIELoader32.exe
[2016.06.07 18:41:06 | 000,060,128 | ---- | M] () -- \Program Files\AVAST Software\Avast\ie_loader.exe
[2016.06.07 18:41:09 | 000,019,136 | ---- | M] () -- \Program Files\AVAST Software\Avast\setup\CRT\avast.vc140.crt\x86\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.04.15 14:52:55 | 001,755,262 | ---- | M] () -- \Program Files\AVAST Software\SZBrowser\1.48.2066.101\resources\bundled_extensions\video-downloader.crx
[2016.04.15 14:52:55 | 001,755,262 | ---- | M] () -- \Program Files\AVAST Software\SZBrowser\resources\bundled_extensions\video-downloader.crx
[2014.10.14 12:01:44 | 000,382,464 | ---- | M] () -- \Program Files\Fotolab\Fotolab Fotosvet\CWImageLoader0.dll
[2011.03.08 10:43:28 | 000,013,734 | ---- | M] () -- \Program Files\GIMP 2\Python\Lib\unittest\loader.py
[2014.10.30 12:03:48 | 000,001,682 | ---- | M] () -- \Program Files\HF Designer\Loader.elf
[2014.10.30 12:03:48 | 001,083,968 | ---- | M] () -- \Program Files\HF Designer\Loader.exe
[2016.05.17 16:39:54 | 000,001,087 | ---- | M] () -- \Program Files\Intel Security\True Key\Application\data\scripts\cs-loader.js
[2011.03.15 23:49:50 | 000,006,263 | ---- | M] () -- \Program Files\LibreOffice 3\Basis\program\pythonloader.py
[2011.09.19 11:48:07 | 000,020,992 | ---- | M] () -- \Program Files\LibreOffice 3\Basis\program\pythonloader.uno.dll
[2011.03.16 07:12:38 | 000,000,171 | ---- | M] () -- \Program Files\LibreOffice 3\Basis\program\pythonloader.uno.ini
[2011.03.15 21:50:14 | 000,066,250 | ---- | M] () -- \Program Files\LibreOffice 3\share\extensions\report-builder\libloader-1.0.0.jar
[2011.09.19 11:48:10 | 000,030,208 | ---- | M] () -- \Program Files\LibreOffice 3\URE\bin\javaloader.uno.dll
[2011.03.15 21:35:58 | 000,003,873 | ---- | M] () -- \Program Files\LibreOffice 3\URE\java\unoloader.jar
[2014.07.09 08:52:06 | 000,006,820 | ---- | M] () -- \Program Files\Movies App\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\images\ajax-loader.gif
[2015.02.18 17:27:02 | 000,031,516 | ---- | M] () -- \Program Files\Seznam.cz\distribution\install\cz.seznam.software.libfoxloader-3.1.2-win32.zip
[2015.08.03 11:44:14 | 000,001,702 | ---- | M] () -- \Program Files\Sony Mobile\Update Engine\licenses\loaderbinarylegal.txt
[2013.03.05 11:11:10 | 000,432,128 | ---- | M] () -- \Program Files\Zoner\Photo Studio 16\Plugins\Facebook\ZPSFacebookUploader.exe
[2010.04.29 15:12:40 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 16\Plugins\Facebook\ZPSPluginLoader.exe
[2013.03.05 14:03:44 | 000,443,904 | ---- | M] () -- \Program Files\Zoner\Photo Studio 16\Plugins\Flickr\ZPSFlickrUploader.exe
[2010.04.29 15:12:42 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 16\Plugins\Flickr\ZPSPluginLoader.exe
[2013.03.05 13:34:20 | 000,192,512 | ---- | M] () -- \Program Files\Zoner\Photo Studio 16\Plugins\Picasa\ZPSPicasaUploader.exe
[2010.04.29 15:12:40 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 16\Plugins\Picasa\ZPSPluginLoader.exe
[2013.12.13 17:35:50 | 000,103,936 | ---- | M] () -- \Program Files\Zoner\Photo Studio 16\Program32\8bfLoader.exe
[2013.12.13 17:35:58 | 000,018,944 | ---- | M] () -- \Program Files\Zoner\Photo Studio 16\Program32\WICLoader.exe
[2016.05.10 13:27:26 | 000,006,673 | ---- | M] () -- \Users\Radek\AppData\Local\Torch\User Data\Default\Extensions\pdehmppfilefbolgganhfihpbmjlgebh\1.13.642_0\js\www\util\pub\pre_loader.js
[2014.02.16 12:02:36 | 000,071,894 | R--- | M] () -- \Users\Radek\AppData\Roaming\Microsoft\Installer\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}\GPUploader.exe
[2015.05.26 13:35:36 | 000,079,872 | ---- | M] () -- \Users\Radek\AppData\Roaming\Seznam.cz\bin\9984libfoxloader-x64.dll
[2015.05.26 13:37:42 | 000,078,504 | ---- | M] () -- \Users\Radek\AppData\Roaming\Seznam.cz\bin\9984libfoxloader.dll
[2015.11.16 21:00:09 | 000,000,164 | ---- | M] () -- \Users\Radek\AppData\Roaming\Seznam.cz\conf\szndesktop.d\libfoxloader.conf
[2015.02.18 17:27:02 | 000,031,516 | ---- | M] () -- \Users\Radek\AppData\Roaming\Seznam.cz\install\cz.seznam.software.libfoxloader-3.1.2-win32.zip
[2015.01.06 16:17:14 | 000,000,665 | ---- | M] () -- \Users\Radek\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_2_5.install.bat
[2015.01.06 16:17:14 | 000,000,117 | ---- | M] () -- \Users\Radek\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_2_5.uninstall.bat
[2014.12.17 14:43:49 | 000,000,073 | ---- | M] () -- \Users\Radek\AppData\Roaming\Unity\WebPlayerPrefs\data_2eultimate_2ddisassembly_2ecom\prefloader2_5ffacebook_5f208a9_2eunity3d.upp
[2015.06.26 12:21:09 | 000,000,077 | ---- | M] () -- \Users\Radek\AppData\Roaming\Unity\WebPlayerPrefs\data_2eultimate_2ddisassembly_2ecom\prefloader2_5ffacebook_5f208o7_2eunity3d.upp
[2015.02.20 21:28:03 | 000,000,564 | ---- | M] () -- \Users\Radek\AppData\Roaming\Unity\WebPlayerPrefs\z6g7t5i5_2essl_2ehwcdn_2enet\prefrc2_2e7-redcrucible_5floader_2eunity3d.upp
[2012.05.22 16:24:08 | 854,573,984 | ---- | M] () -- \Users\Radek\Desktop\DDDDDDDDDDDDDDDDDDDDDDDDDDDD\Prerusene-ticho-2012.TVRip.cz.by.Salud.of.PowerUploaders.avi
[2009.07.14 14:25:34 | 002,202,645 | R--- | M] () -- \Windows\Setup\SCRIPTS\Windows7Loader.exe
[2016.03.18 00:24:26 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2015.10.19 12:26:02 | 000,012,532 | ---- | M] () -- \Windows\System32\Adobe\Shockwave 12\shockwave_Projector_Loader.dcr
[2013.07.08 13:04:40 | 000,009,622 | ---- | M] () -- \Windows\System32\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr
[2009.07.14 06:54:01 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2016.05.11 12:51:37 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23418_cs-cz_35d7452c7465d13a.manifest
[2016.05.11 12:51:37 | 000,034,536 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23418_cs-cz_35d7452c7465d13a_winload.exe.mui_3bc5b827
[2016.05.11 12:51:37 | 000,030,440 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23418_cs-cz_35d7452c7465d13a_winresume.exe.mui_ff8b5358
[2016.05.11 12:51:37 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23418_none_5dbb90b4e403376d.manifest
[2016.05.11 12:51:37 | 000,534,816 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23418_none_5dbb90b4e403376d_winload.exe_75835076
[2016.05.11 12:51:38 | 000,470,704 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23418_none_5dbb90b4e403376d_winresume.exe_85cd1215
[2009.07.14 04:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 04:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2015.05.13 20:56:34 | 000,000,612 | ---- | M] () -- \Windows\winsxs\FileMaps\programdata_microsoft_diagnosis_asimovuploader_0413bca0c3dfdda4.cdf-ms
[2009.07.14 10:42:11 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2015.02.03 05:54:10 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_cs-cz_352654f75b66aedd.manifest
[2015.08.04 20:15:30 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18950_cs-cz_351a888d5b6fabc5.manifest
[2015.10.01 20:23:11 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.19021_cs-cz_353bd0bd5b56a48b.manifest
[2014.12.13 03:50:10 | 000,002,777 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22908_cs-cz_35e2355e745d8d6b.manifest
[2015.01.13 00:09:15 | 000,002,777 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22921_cs-cz_35c59380747413ec.manifest
[2015.01.16 08:24:33 | 000,002,777 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22923_cs-cz_35c794147472469a.manifest
[2015.01.27 06:12:13 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22943_cs-cz_35b1f43c74827e7c.manifest
[2015.02.03 06:04:47 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22948_cs-cz_35b6f5ae747dfd2f.manifest
[2015.03.17 07:30:44 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23002_cs-cz_35dc0bc4746328a3.manifest
[2015.04.27 21:41:46 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23040_cs-cz_35aecb80748565b9.manifest
[2015.05.25 20:50:50 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23072_cs-cz_35905c50749bec3a.manifest
[2015.07.15 05:32:43 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23126_cs-cz_35ca6efa746fc308.manifest
[2015.07.15 20:44:27 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23136_cs-cz_35bf9f0e7477def9.manifest
[2015.07.23 03:24:51 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23142_cs-cz_35b0cdfa7483958e.manifest
[2015.08.04 20:38:06 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23153_cs-cz_35a6fe58748acad6.manifest
[2015.09.28 22:45:05 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23223_cs-cz_35c770027472742a.manifest
[2015.10.01 20:14:51 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23226_cs-cz_35ca70e0746fc02f.manifest
[2015.10.20 03:19:05 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23250_cs-cz_35a3ff60748d7bf8.manifest
[2015.12.30 21:30:42 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23313_cs-cz_35d241d4746a5560.manifest
[2016.01.17 02:54:34 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23334_cs-cz_35bda2467479a699.manifest
[2016.01.22 08:42:13 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23338_cs-cz_35c1a36e74760bf5.manifest
[2016.02.10 21:03:27 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23349_cs-cz_35b7d3cc747d413d.manifest
[2016.03.16 21:09:18 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23391_cs-cz_3579c1e074ad023a.manifest
[2016.03.18 01:01:03 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23392_cs-cz_357ac22a74ac1b91.manifest
[2016.04.09 09:21:02 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23418_cs-cz_35d7452c7465d13a.manifest
[2009.07.14 03:47:46 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009.08.19 09:38:48 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed.manifest
[2009.08.19 09:21:21 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20509_none_5be12f8ee6d3987e.manifest
[2010.11.20 06:02:40 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2015.02.03 05:32:58 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18741_none_5d0aa07fcb041510.manifest
[2015.08.04 20:12:04 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18950_none_5cfed415cb0d11f8.manifest
[2015.10.01 20:21:33 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.19021_none_5d201c45caf40abe.manifest
[2014.12.12 08:03:57 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22908_none_5dc680e6e3faf39e.manifest
[2015.01.12 05:35:19 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22921_none_5da9df08e4117a1f.manifest
[2015.01.14 08:45:13 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22923_none_5dabdf9ce40faccd.manifest
[2015.01.27 05:51:15 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22943_none_5d963fc4e41fe4af.manifest
[2015.02.03 05:54:42 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22948_none_5d9b4136e41b6362.manifest
[2015.03.17 07:06:11 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23002_none_5dc0574ce4008ed6.manifest
[2015.04.27 21:17:27 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23040_none_5d931708e422cbec.manifest
[2015.05.25 20:35:55 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23072_none_5d74a7d8e439526d.manifest
[2015.07.15 05:25:32 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23126_none_5daeba82e40d293b.manifest
[2015.07.15 20:16:39 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23136_none_5da3ea96e415452c.manifest
[2015.07.23 02:23:37 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23142_none_5d951982e420fbc1.manifest
[2015.08.04 20:18:44 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23153_none_5d8b49e0e4283109.manifest
[2015.09.28 22:46:19 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23223_none_5dabbb8ae40fda5d.manifest
[2015.10.01 20:05:19 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23226_none_5daebc68e40d2662.manifest
[2015.10.20 03:15:07 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23250_none_5d884ae8e42ae22b.manifest
[2015.12.30 21:23:44 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23313_none_5db68d5ce407bb93.manifest
[2016.01.17 02:43:34 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23334_none_5da1edcee4170ccc.manifest
[2016.01.22 08:39:54 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23338_none_5da5eef6e4137228.manifest
[2016.02.10 21:17:55 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23349_none_5d9c1f54e41aa770.manifest
[2016.03.16 21:02:45 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23391_none_5d5e0d68e44a686d.manifest
[2016.03.18 00:51:44 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23392_none_5d5f0db2e44981c4.manifest
[2016.04.09 09:16:41 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23418_none_5dbb90b4e403376d.manifest
[2009.07.14 03:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2016.06.07 18:41:33 | 000,019,136 | ---- | M] () -- \Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.23918.0_none_9b756b1a36307bc0\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:19:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.18 13:09:17 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_0ae0ab79dce0fb26\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:45:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:56:23 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_0a96fc99dd17f16b\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_0adfad15dce1def6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:42:56 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_0b6949e0f5ff7ec0\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:48:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:44:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_0b12ca80f6405e48\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:39:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_0b5e7bdaf60797d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:15:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:32:13 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.09 05:08:08 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18847_none_0c9bd9e5da27bd35\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.01.16 20:34:24 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.19131_none_0ca08403da2536ca\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.01.22 07:59:07 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.19135_none_0ca4852bda219c26\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.04 12:35:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_0d44e078f32df860\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.12 04:03:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_0d169feaf3511c1f\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.09 07:34:47 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23049_none_0d274f66f343c2ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.01.17 02:09:50 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23334_none_0d2d2392f3401fc0\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.01.22 07:58:11 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23338_none_0d3124baf33c851c\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.03.16 20:23:40 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23391_none_0ce9432cf3737b61\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.03.18 00:24:26 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23392_none_0cea4376f37294b8\api-ms-win-core-libraryloader-l1-1-0.dll
========== Alternate Data Streams ==========
@Alternate Data Stream - 6144 bytes -> C:\Windows\Cursors\arrow_n.cur:NEDTA.DAT
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:35A1F1D2
< End of report >
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím kontrolu logu, pc nezobrazuje obsah flash pamětí
K čemu pak slouží v systému nelegální aktivátor?Duge77 píše:Zdravím, mělo by být vše v pořádku, štítek i aktivace je v pořádku.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím kontrolu logu, pc nezobrazuje obsah flash pamětí
Netuším, co kdo dělal s PC přede mnou a ani jsem to hlouběji nezkoumal, nevím co k tomu napsat 
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím kontrolu logu, pc nezobrazuje obsah flash pamětí
Bohužel ani v tomto případě nemohu podle pravidel téma řešit. Za to co je v PC nainstalováno, v plné míře odpovídá uživatel a toto fórum nelegání OS zkrátka neřeší. Lepší zprávu pro vás nemám.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?