Zpomalený počítač

Zpráva

libork · #31 Příspěvek od **libork** » 05 říj 2016 09:01

Přiložil jsem zkomprimovaný obrázek toho, jak to vypadá. Dělá to prakticky na všech stránkách, spíš náhodně než u stejných obrázků nebo textu. Zbytek (vypnutí antiviru a nouzový režim) vyzkouším večer nebo zítra, musím do práce. Pak se ozvu.

#32 Příspěvek od **Márty84** » 05 říj 2016 18:12

Fajn, pak jeste zkuste nouzovy rezim firefoxu https://support.mozilla.org/cs/kb/Nouzo ... re%C5%BEim

libork · #33 Příspěvek od **libork** » 05 říj 2016 20:58

V nouzovém režimu je to v pořádku, foto i text se zobrazují normálně

libork · #34 Příspěvek od **libork** » 05 říj 2016 21:12

A při vypnutém antiviru to taky blbne

#35 Příspěvek od **Márty84** » 06 říj 2016 02:36

libork píše:V nouzovém režimu je to v pořádku

V nouzovem rezimu windowsu, nebo v nouzovem rezimu firefoxu?

libork · #36 Příspěvek od **libork** » 06 říj 2016 08:36

V nouzovém režimu Firefoxu.

#37 Příspěvek od **Márty84** » 06 říj 2016 18:56

No tak to musi delat nejaky doplnek firefoxu. Postupne je jeden po druhem vypinejte (odinstalovavejte), az prijdete na ten spravny. Nemusi to byt vylozene havet, proste si jen neco s necim nesedlo.

libork · #38 Příspěvek od **libork** » 06 říj 2016 22:28

Doplňky jsem nejprve zakázal, nepomohlo to, potom odinstaloval (podle návodu z netu přidáním X před název souboru, jiná možnost nebyla) a zase nic, potíže přetrvávají

#39 Příspěvek od **Márty84** » 07 říj 2016 02:54

Toz ja nevim co s tim. Nekde v tom firefoxu je neco zazraneho a pri odinstalaci to tam zustane. A nebo se to vraci z bodu obnovy.

Znovu odinstalujte firefox, pomoci Reva http://www.stahuj.centrum.cz/utility_a_ ... installer/
Pak vymazte body obnovy.
Procistete CCleanerem, vcetne registru.
Pouzijte znovu ADWCleaner.
Pok poslete logy z OTL

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

libork · #40 Příspěvek od **libork** » 08 říj 2016 06:32

OTL logfile created on: 8.10.2016 4:07:45 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Libor\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18449)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,97 Gb Total Physical Memory | 0,95 Gb Available Physical Memory | 48,19% Memory free
3,93 Gb Paging File | 2,82 Gb Available in Paging File | 71,81% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 457,94 Gb Total Space | 280,26 Gb Free Space | 61,20% Space Free | Partition Type: NTFS

Computer Name: LIBOR-PC | User Name: Libor | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2016.10.08 00:52:57 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Libor\Desktop\OTL.exe
PRC - [2016.09.16 11:24:06 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2016.08.30 16:20:06 | 000,280,864 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\NisSrv.exe
PRC - [2016.08.30 16:20:06 | 000,104,200 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2016.08.30 16:10:10 | 001,004,064 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2016.08.26 21:23:10 | 006,868,696 | ---- | M] (Piriform Ltd) -- C:\Program Files\CCleaner\CCleaner.exe
PRC - [2016.07.28 21:59:37 | 000,288,920 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.3.31.5\GoogleCrashHandler.exe
PRC - [2016.07.26 02:25:22 | 002,130,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office 15\ClientX86\officeclicktorun.exe
PRC - [2016.04.14 17:53:44 | 002,042,144 | ---- | M] (TomTom) -- C:\Program Files\MyDrive Connect\TomTom MyDrive Connect.exe
PRC - [2016.04.09 07:44:07 | 002,973,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2015.02.17 11:05:26 | 005,436,176 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\TeamViewer_Service.exe
PRC - [2013.04.18 07:57:32 | 000,313,656 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\HP\StatusAlerts\bin\HPStatusAlerts.exe
PRC - [2013.01.09 18:36:06 | 000,795,208 | ---- | M] (pdfforge GbR) -- C:\Program Files\PDF Architect\ConversionService.exe
PRC - [2013.01.09 18:34:26 | 001,324,104 | ---- | M] (pdfforge GbR) -- C:\Program Files\PDF Architect\HelperService.exe
PRC - [2012.12.04 11:52:22 | 000,174,592 | ---- | M] (HP) -- C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
PRC - [2012.11.23 04:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2011.10.17 16:51:54 | 000,013,824 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\HP\HPBDSService\HPBDSService.exe
PRC - [2009.10.14 14:36:56 | 002,793,304 | ---- | M] () -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
PRC - [2009.10.14 14:34:18 | 000,560,472 | ---- | M] () -- C:\Program Files\Common Files\logishrd\LQCVFX\COCIManager.exe
PRC - [2009.10.07 02:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe

========== Modules (No Company Name) ==========

MOD - [2016.08.26 20:25:08 | 000,061,440 | ---- | M] () -- C:\Program Files\CCleaner\Lang\lang-1029.dll
MOD - [2016.07.13 22:21:38 | 011,923,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\699e49c0c28ae602caf56e744368b126\System.Web.ni.dll
MOD - [2016.05.11 06:48:47 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\e24fa73a85564123eeb3755544d8cefc\System.ServiceProcess.ni.dll
MOD - [2016.05.11 06:48:45 | 001,812,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\2b7719ba2bc033673438ab40898fa877\System.Deployment.ni.dll
MOD - [2016.05.11 06:48:44 | 012,438,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dll
MOD - [2016.05.11 06:48:29 | 000,774,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\77248929224228e8150eea45de075401\System.Runtime.Remoting.ni.dll
MOD - [2016.05.11 06:48:29 | 000,310,784 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\c0340703d3054ede6a49516700f16d17\System.Runtime.Serialization.Formatters.Soap.ni.dll
MOD - [2016.05.11 06:48:14 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6f4f738362752c5d3a2c9234d604784d\System.Drawing.ni.dll
MOD - [2016.05.11 06:48:05 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\c8b82d8b2e7e18c7caf27b8017c6c615\System.Configuration.ni.dll
MOD - [2016.05.11 06:48:04 | 005,467,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ef4a32979d02a76972d22c8161778f10\System.Xml.ni.dll
MOD - [2016.05.11 06:47:59 | 007,996,416 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dll
MOD - [2014.09.11 20:50:42 | 011,497,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dll
MOD - [2014.09.11 17:15:28 | 000,252,928 | ---- | M] () -- C:\Program Files\MyDrive Connect\Plugins\imageformats\qwebp.dll
MOD - [2014.09.11 17:15:16 | 000,307,712 | ---- | M] () -- C:\Program Files\MyDrive Connect\Plugins\imageformats\qtiff.dll
MOD - [2014.09.11 17:15:04 | 000,014,848 | ---- | M] () -- C:\Program Files\MyDrive Connect\Plugins\imageformats\qwbmp.dll
MOD - [2014.09.11 17:14:58 | 000,381,952 | ---- | M] () -- C:\Program Files\MyDrive Connect\Plugins\imageformats\qjp2.dll
MOD - [2014.09.11 17:14:56 | 000,015,360 | ---- | M] () -- C:\Program Files\MyDrive Connect\Plugins\imageformats\qtga.dll
MOD - [2014.09.11 17:14:44 | 000,218,112 | ---- | M] () -- C:\Program Files\MyDrive Connect\Plugins\imageformats\qmng.dll
MOD - [2014.09.11 17:14:40 | 000,027,648 | ---- | M] () -- C:\Program Files\MyDrive Connect\Plugins\imageformats\qicns.dll
MOD - [2014.09.11 17:14:34 | 000,032,256 | ---- | M] () -- C:\Program Files\MyDrive Connect\Plugins\imageformats\qdds.dll
MOD - [2014.09.11 17:08:42 | 000,015,872 | ---- | M] () -- C:\Program Files\MyDrive Connect\Plugins\imageformats\qsvg.dll
MOD - [2014.09.11 17:06:50 | 000,878,592 | ---- | M] () -- C:\Program Files\MyDrive Connect\Plugins\platforms\qwindows.dll
MOD - [2014.09.11 17:06:04 | 000,038,912 | ---- | M] () -- C:\Program Files\MyDrive Connect\Plugins\bearer\qnativerwifibearer.dll
MOD - [2014.09.11 17:05:52 | 000,021,504 | ---- | M] () -- C:\Program Files\MyDrive Connect\Plugins\imageformats\qico.dll
MOD - [2014.09.11 17:05:52 | 000,021,504 | ---- | M] () -- C:\Program Files\MyDrive Connect\Plugins\imageformats\qgif.dll
MOD - [2014.09.11 17:05:38 | 000,036,352 | ---- | M] () -- C:\Program Files\MyDrive Connect\Plugins\bearer\qgenericbearer.dll
MOD - [2014.09.11 17:05:36 | 000,204,800 | ---- | M] () -- C:\Program Files\MyDrive Connect\Plugins\imageformats\qjpeg.dll
MOD - [2014.04.14 21:41:12 | 000,039,192 | ---- | M] () -- C:\Program Files\CCleaner\branding.dll
MOD - [2013.07.08 14:43:45 | 000,393,216 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Deployment.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Deployment.resources.dll
MOD - [2010.11.13 03:54:19 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009.10.14 14:36:56 | 002,793,304 | ---- | M] () -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
MOD - [2009.10.14 14:34:18 | 000,560,472 | ---- | M] () -- C:\Program Files\Common Files\logishrd\LQCVFX\COCIManager.exe

========== Services (SafeList) ==========

SRV - [2016.09.16 11:24:06 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2016.09.14 09:29:31 | 000,270,016 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2016.09.01 04:24:38 | 000,102,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2016.08.30 16:20:06 | 000,280,864 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2016.08.30 16:20:06 | 000,104,200 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2016.07.26 02:25:22 | 002,130,160 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe -- (ClickToRunSvc)
SRV - [2015.07.22 19:53:34 | 000,937,984 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\diagtrack.dll -- (DiagTrack)
SRV - [2015.02.17 11:05:26 | 005,436,176 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\TeamViewer_Service.exe -- (TeamViewer)
SRV - [2013.05.27 06:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013.01.09 18:36:06 | 000,795,208 | ---- | M] (pdfforge GbR) [Auto | Running] -- C:\Program Files\PDF Architect\ConversionService.exe -- (PDF Architect Service)
SRV - [2013.01.09 18:34:26 | 001,324,104 | ---- | M] (pdfforge GbR) [Auto | Running] -- C:\Program Files\PDF Architect\HelperService.exe -- (PDF Architect Helper Service)
SRV - [2012.12.04 11:52:22 | 000,174,592 | ---- | M] (HP) [Auto | Running] -- C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe -- (HP LaserJet Service)
SRV - [2012.01.02 12:45:30 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2011.10.17 16:51:54 | 000,013,824 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\HP\HPBDSService\HPBDSService.exe -- (HP DS Service)
SRV - [2009.10.07 02:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)

========== Driver Services (SafeList) ==========

DRV - [2016.08.25 10:46:12 | 000,105,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2011.08.17 11:03:58 | 000,137,472 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2011.08.17 11:03:50 | 000,008,576 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2011.08.17 10:56:32 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2011.08.17 10:56:30 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011.08.17 10:56:26 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2011.08.17 10:56:22 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2011.08.11 08:54:02 | 000,088,176 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C)
DRV - [2010.11.20 23:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 23:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.11.20 23:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2009.10.07 02:46:36 | 000,025,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2009.09.23 03:19:31 | 000,294,912 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vpcvmm.sys -- (vpcvmm)
DRV - [2009.09.23 03:19:31 | 000,055,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV - [2009.09.23 03:18:08 | 000,078,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vpcusb.sys -- (vpcusb)
DRV - [2009.09.23 03:18:07 | 000,165,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vpchbus.sys -- (vpcbus)
DRV - [2009.05.13 19:11:34 | 000,006,504 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2008.07.26 16:26:22 | 000,041,752 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2008.07.26 16:25:48 | 000,627,864 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvrs.sys -- (LVRS)
DRV - [2008.07.26 16:22:34 | 002,570,520 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LV302V32.SYS -- (PID_PEPI)
DRV - [2008.07.26 16:22:22 | 000,013,848 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lv302af.sys -- (pepifilter)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-726496295-2317986126-1619368687-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = 52 A6 34 04 37 C0 D1 01 [binary data]
IE - HKU\S-1-5-21-726496295-2317986126-1619368687-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = Reg Error: Value error.
IE - HKU\S-1-5-21-726496295-2317986126-1619368687-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-726496295-2317986126-1619368687-1000\..\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}: "URL" = http://www.google.com/search?q={searchTerms}
IE - HKU\S-1-5-21-726496295-2317986126-1619368687-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IESR02
IE - HKU\S-1-5-21-726496295-2317986126-1619368687-1000\..\SearchScopes\{B11F5F4A-5285-4795-906C-0CF4761EA898}: "URL" = http://www.novinky.cz/hledej?w={searchT ... arch_12454
IE - HKU\S-1-5-21-726496295-2317986126-1619368687-1000\..\SearchScopes\{E3472CF2-F332-4A9F-B906-F879FD3EC370}: "URL" = http://tv.seznam.cz/hledej?w={searchTer ... arch_12454
IE - HKU\S-1-5-21-726496295-2317986126-1619368687-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.countryCode: "CZ"
FF - prefs.js..browser.search.region: "CZ"
FF - prefs.js..browser.startup.homepage: "https://www.seznam.cz/"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:49.0.1
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll File not found

[2016.10.04 21:30:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Libor\AppData\Roaming\Mozilla\Extensions
[2016.10.05 22:39:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\9aif3cru.default\extensions
[2016.10.05 22:39:55 | 000,007,076 | ---- | M] () (No name found) -- C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\9aif3cru.default\features\{8c952e95-18e6-48d8-bdfb-2cdd67df4db4}\e10srollout@mozilla.org.xpi

========== Chrome ==========

CHR - default_search_provider: (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\
CHR - Extension: No name found = C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\
CHR - Extension: No name found = C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_0\
CHR - Extension: No name found = C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\
CHR - Extension: No name found = C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
CHR - Extension: No name found = C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5316.725.0.15_0\

O1 HOSTS File: ([2016.10.06 22:55:01 | 000,000,102 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ਍㨀㨀㄀氀漀挀愀氀栀漀猀琀ഀഀ
O1 - Hosts: ਍
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\urlredir.dll (Microsoft Corporation)
O2 - BHO: (Adblock Plus for IE Browser Helper Object) - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Eyeo GmbH)
O3 - HKU\S-1-5-21-726496295-2317986126-1619368687-1000\..\Toolbar\WebBrowser: (no name) - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [StatusAlerts] C:\Program Files\HP\StatusAlerts\bin\HPStatusAlerts.exe (Hewlett-Packard Company)
O4 - HKU\S-1-5-21-726496295-2317986126-1619368687-1000..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-726496295-2317986126-1619368687-1000..\Run: [MyDriveConnect.exe] C:\Program Files\MyDrive Connect\TomTom MyDrive Connect.exe (TomTom)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-726496295-2317986126-1619368687-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-726496295-2317986126-1619368687-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\onbttnielinkednotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\onbttnielinkednotes.dll (Microsoft Corporation)
O15 - HKU\S-1-5-21-726496295-2317986126-1619368687-1000\..Trusted Domains: localhost ([]http in Internet)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 185.18.30.142 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E0BC94DA-EACE-47BA-B7D7-A46A2E95D57E}: DhcpNameServer = 185.18.30.142 8.8.8.8
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\msosb.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2016.10.08 00:52:49 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Libor\Desktop\OTL.exe
[2016.10.07 22:11:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[2016.10.07 22:11:42 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2016.10.07 22:10:17 | 007,100,088 | ---- | C] (VS Revo Group ) -- C:\Users\Libor\Desktop\revosetup.exe
[2016.10.06 23:06:01 | 000,000,000 | ---D | C] -- C:\Users\Libor\AppData\Local\CEF
[2016.10.06 22:34:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2016.10.06 22:34:14 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee
[2016.10.06 22:21:20 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2016.10.04 22:21:56 | 000,000,000 | ---D | C] -- C:\Program Files\Adblock Plus for IE
[2016.10.04 21:26:10 | 000,000,000 | ---D | C] -- C:\Users\Libor\AppData\Roaming\Mozilla
[2016.10.04 21:26:10 | 000,000,000 | ---D | C] -- C:\Users\Libor\AppData\Local\Mozilla
[2016.10.03 20:01:37 | 000,000,000 | ---D | C] -- C:\_OTM
[2016.10.03 19:59:39 | 000,522,240 | ---- | C] (OldTimer Tools) -- C:\Users\Libor\Desktop\OTM.exe
[2016.10.02 11:25:43 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2016.10.02 11:22:19 | 000,000,000 | ---D | C] -- C:\Windows\Temp
[2016.10.02 11:22:19 | 000,000,000 | ---D | C] -- C:\Users\Libor\AppData\Local\Temp
[2016.10.01 22:08:03 | 000,000,000 | ---D | C] -- C:\zoek_backup
[2016.10.01 15:40:39 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2016.10.01 09:15:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
[2016.10.01 09:15:44 | 000,000,000 | ---D | C] -- C:\Program Files\Defraggler
[2016.09.28 18:08:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
[2016.09.28 18:08:20 | 000,000,000 | ---D | C] -- C:\Program Files\CrystalDiskInfo
[2016.09.24 20:30:52 | 000,000,000 | ---D | C] -- C:\Users\Libor\Documents\A - Plocha 3
[2016.09.20 22:48:36 | 000,000,000 | ---D | C] -- C:\Users\Libor\Documents\Adobe Scripts
[2016.09.20 19:47:34 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2016.09.14 09:32:36 | 000,240,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2016.09.14 09:32:36 | 000,187,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2016.09.14 09:32:36 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\INETRES.dll
[2016.09.14 09:32:35 | 002,399,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2016.09.14 09:32:28 | 002,945,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2016.09.14 09:32:28 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2016.09.14 09:32:28 | 000,174,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2016.09.14 09:32:28 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2016.09.14 09:32:28 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2016.09.14 09:32:27 | 004,000,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2016.09.14 09:32:27 | 003,944,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2016.09.14 09:32:27 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSetupUI.dll
[2016.09.14 09:32:26 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2016.09.14 09:32:26 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\appidpolicyconverter.exe
[2016.09.14 09:32:26 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2016.09.14 09:32:26 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2016.09.14 09:32:25 | 000,262,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
[2016.09.14 09:32:25 | 000,105,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2016.09.14 09:32:25 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2016.09.14 09:32:25 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\appidapi.dll
[2016.09.14 09:32:25 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2016.09.14 09:32:25 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\appidcertstorecheck.exe
[2016.09.14 09:32:25 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wu.upgrade.ps.dll
[2016.09.14 09:32:24 | 001,806,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2016.09.14 09:32:24 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msihnd.dll
[2016.09.14 09:32:24 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2016.09.14 09:32:24 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setbcdlocale.dll
[2016.09.14 09:32:24 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apisetschema.dll
[2016.09.14 09:32:23 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adtschema.dll
[2016.09.14 09:32:23 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msaudite.dll
[2016.09.14 09:32:23 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpchttp.dll
[2016.09.14 09:32:23 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msobjs.dll
[2016.09.14 09:32:23 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\auditpol.exe
[2016.09.14 09:32:23 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msimsg.dll
[2016.09.14 09:32:23 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sspisrv.dll
[2016.09.14 09:31:43 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\JavaScriptCollectionAgent.dll
[2016.09.14 09:31:42 | 000,689,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2016.09.14 09:31:42 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe
[2016.09.14 09:31:42 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe
[2016.09.14 09:31:42 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2016.09.14 09:31:42 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll
[2016.09.14 09:31:42 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2016.09.14 09:31:41 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2016.09.14 09:31:41 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll
[2016.09.14 09:31:41 | 000,416,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2016.09.14 09:31:41 | 000,346,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2016.09.14 09:31:41 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2016.09.14 09:31:41 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2016.09.14 09:31:40 | 002,724,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2016.09.14 09:31:40 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2016.09.14 09:31:39 | 002,055,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2016.09.14 09:31:39 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2016.09.14 09:31:39 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2016.09.14 09:31:38 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll
[2016.09.14 09:31:37 | 000,279,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2016.09.14 09:31:36 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2016.09.14 09:31:35 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2016.09.14 09:31:34 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll
[2016.09.14 09:31:33 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MshtmlDac.dll
[2016.09.14 09:31:30 | 004,607,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012.01.16 11:22:04 | 004,316,160 | ---- | C] (Gabest) -- C:\Program Files\mplayerc.exe

========== Files - Modified Within 30 Days ==========

[2016.10.08 01:02:40 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2016.10.08 00:55:01 | 000,024,800 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2016.10.08 00:55:01 | 000,024,800 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2016.10.08 00:52:57 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Libor\Desktop\OTL.exe
[2016.10.08 00:33:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2016.10.08 00:33:02 | 1583,177,728 | -HS- | M] () -- C:\hiberfil.sys
[2016.10.08 00:28:56 | 003,874,368 | ---- | M] () -- C:\Users\Libor\Desktop\adwcleaner_6.021.exe
[2016.10.07 22:11:46 | 000,001,153 | ---- | M] () -- C:\Users\Public\Desktop\Revo Uninstaller.lnk
[2016.10.07 22:10:47 | 007,100,088 | ---- | M] (VS Revo Group ) -- C:\Users\Libor\Desktop\revosetup.exe
[2016.10.06 22:55:01 | 000,000,102 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2016.10.06 22:20:45 | 000,001,983 | ---- | M] () -- C:\Users\Public\Desktop\Acrobat Reader DC.lnk
[2016.10.05 09:04:14 | 000,026,112 | ---- | M] () -- C:\Users\Libor\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2016.10.05 08:01:03 | 000,002,095 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2016.10.05 07:45:37 | 000,670,674 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2016.10.05 07:45:37 | 000,654,828 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2016.10.05 07:45:37 | 000,142,286 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2016.10.05 07:45:37 | 000,122,700 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2016.10.04 21:13:48 | 000,243,664 | ---- | M] () -- C:\Users\Libor\Desktop\Firefox Setup Stub 49.0.1.exe
[2016.10.03 19:59:44 | 000,522,240 | ---- | M] (OldTimer Tools) -- C:\Users\Libor\Desktop\OTM.exe
[2016.10.02 11:06:59 | 000,024,064 | ---- | M] () -- C:\Windows\zoek-delete.exe
[2016.10.01 09:13:46 | 000,177,058 | ---- | M] () -- C:\Users\Libor\Documents\cc_20161001_091327.reg
[2016.10.01 09:07:47 | 000,000,931 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2016.09.27 23:02:58 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
[2016.09.21 20:53:20 | 003,847,848 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2016.09.14 09:29:30 | 000,796,352 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2016.09.14 09:29:30 | 000,142,528 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl

========== Files Created - No Company Name ==========

[2016.10.08 01:02:39 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2016.10.08 00:28:50 | 003,874,368 | ---- | C] () -- C:\Users\Libor\Desktop\adwcleaner_6.021.exe
[2016.10.07 22:11:46 | 000,001,153 | ---- | C] () -- C:\Users\Public\Desktop\Revo Uninstaller.lnk
[2016.10.06 22:20:45 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
[2016.10.06 22:20:45 | 000,001,983 | ---- | C] () -- C:\Users\Public\Desktop\Acrobat Reader DC.lnk
[2016.10.04 21:13:17 | 000,243,664 | ---- | C] () -- C:\Users\Libor\Desktop\Firefox Setup Stub 49.0.1.exe
[2016.10.02 11:22:19 | 000,024,064 | ---- | C] () -- C:\Windows\zoek-delete.exe
[2016.10.01 09:13:32 | 000,177,058 | ---- | C] () -- C:\Users\Libor\Documents\cc_20161001_091327.reg
[2012.02.14 08:32:52 | 000,026,112 | ---- | C] () -- C:\Users\Libor\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2016.04.09 08:54:53 | 012,881,408 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 23:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2015.09.14 22:44:39 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\AnvSoft
[2015.09.14 22:30:56 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\avidemux
[2012.01.25 22:33:38 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\Canon
[2015.03.09 10:36:04 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\Epson
[2015.02.27 22:55:45 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\IrfanView
[2014.02.22 14:40:10 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\IsolatedStorage
[2012.04.12 09:41:11 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\klonsoft
[2012.02.11 09:38:23 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\Leadertech
[2013.09.20 21:37:25 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\LibreOffice
[2016.01.18 10:52:05 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\OpenOffice
[2015.09.14 22:45:03 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\Opera Software
[2013.03.03 16:43:20 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\PDF Architect
[2013.02.09 11:35:30 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\PdfConvertor
[2016.10.01 15:38:31 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\Seznam.cz
[2013.09.14 01:36:52 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\SoftGrid Client
[2012.01.12 11:46:04 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\Steinberg
[2015.03.17 09:10:58 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\TeamViewer
[2014.10.27 20:03:57 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\TomTom
[2013.07.14 11:02:16 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\WinAVI
[2012.01.02 11:39:01 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\Zoner

========== Purity Check ==========

< End of report >

libork · #41 Příspěvek od **libork** » 08 říj 2016 06:33

OTL Extras logfile created on: 8.10.2016 4:07:45 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Libor\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18449)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,97 Gb Total Physical Memory | 0,95 Gb Available Physical Memory | 48,19% Memory free
3,93 Gb Paging File | 2,82 Gb Available in Paging File | 71,81% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 457,94 Gb Total Space | 280,26 Gb Free Space | 61,20% Space Free | Partition Type: NTFS

Computer Name: LIBOR-PC | User Name: Libor | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Browse with &IrfanView] -- "C:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01CAE8C2-5B62-4A83-9833-D780D90D684A}" = lport=2869 | protocol=6 | dir=in | app=system |
"{030C9D44-2AC1-40F1-8D31-080178F22A4F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{0846E81E-E6CB-459D-8502-D0D3F3594094}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{115632E7-28C2-492F-B168-3C01C8A3145C}" = rport=138 | protocol=17 | dir=out | app=system |
"{18B797AE-98E4-41DC-97C7-ED1D77F015E9}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{23A6B54C-9334-44E2-A532-8125A223C570}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{24460DE9-9DE7-4A2D-8E61-479980797F46}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{2958F72E-DD64-4914-A5EC-0EC455994766}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{33FA4EEC-2D18-4E1E-BF58-1211873E7FEE}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{446ACA73-DFB4-4272-A657-84BCBEC01160}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{523603F9-F2EF-4B10-A723-E4FA0C0367D9}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office 15\root\office15\outlook.exe |
"{56D4EFCC-D249-42FA-A8C4-7D6AAC582862}" = lport=139 | protocol=6 | dir=in | app=system |
"{5E8B0702-07AB-4AF2-AFF8-ABE0B581BF0F}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{61CB07B4-015B-4F17-8417-3313AB037ECF}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6404CC42-F54B-4A5D-AD77-BDEDBE2EFF2F}" = lport=10243 | protocol=6 | dir=in | app=system |
"{6BC5BACD-3735-4EDF-9EBB-72461AB626A4}" = lport=137 | protocol=17 | dir=in | app=system |
"{82179F62-0BC3-4CCA-AA9D-031989C13A75}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8FDC2C7B-C0DE-4BDF-81F7-8CB2BC40E359}" = lport=445 | protocol=6 | dir=in | app=system |
"{99EFACED-E253-4061-9006-E126C962DA49}" = rport=137 | protocol=17 | dir=out | app=system |
"{9EAD24A6-93E5-4406-B7D5-744567CD16CC}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{9F0DA3BA-B96A-49FD-820F-D0D96D529FFD}" = rport=10243 | protocol=6 | dir=out | app=system |
"{BF6A9ADE-E25A-44F4-8765-9DBDCF0725E0}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D75CF3D1-0BFC-410C-B93A-D7CF246635AC}" = rport=445 | protocol=6 | dir=out | app=system |
"{D7E93010-A0CF-49BE-AC7F-D8516ACB10FB}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E4419144-85E8-4D57-9526-9273C71A31E1}" = lport=138 | protocol=17 | dir=in | app=system |
"{EFA29F69-BCFE-409A-B2DE-D3EAA0F6B1C3}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\google\chrome\application\chrome.exe |
"{F79E9B0F-5C70-4539-AB20-C61EC844C776}" = rport=139 | protocol=6 | dir=out | app=system |
"{FDE171B0-E540-4F4E-BF64-D0937B5F4D40}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00A70864-D01C-4DA2-A43C-5247E417317E}" = protocol=6 | dir=in | app=c:\program files\teamviewer\teamviewer_service.exe |
"{1100033E-67CE-4430-9009-F89A53C7AD7D}" = protocol=6 | dir=in | app=c:\program files\logitech\vid hd\vid.exe |
"{1B9CE597-2BAA-4239-A4C1-B5B6509DD6CB}" = protocol=17 | dir=in | app=c:\hp_laserjet_pro_mfp_m125-m126\installer\hpbcsiinstaller.exe |
"{1DD47B50-5904-4A87-AFF7-5BA3AEC8F641}" = protocol=17 | dir=in | app=c:\program files\teamviewer\teamviewer_service.exe |
"{274897D9-567F-4FC2-970A-F13A72E8977D}" = dir=in | app=c:\users\libor\appdata\local\microsoft\skydrive\skydrive.exe |
"{2896B587-B484-4069-91EB-F8FC66E5FDB7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2C8CB343-38B9-4D0D-B851-C4A3E9008E89}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3951FAA4-3A71-441D-A945-FBCEB01F08AD}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{42F17BFE-E761-4558-9A7C-BEFBAD16B909}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{444E4698-3C4B-4BDE-826E-039E1B832837}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{47B30FE5-392A-44FC-86B1-35EB737866DA}" = protocol=17 | dir=in | app=c:\program files\teamviewer\teamviewer.exe |
"{492C197D-F21C-4915-8363-AEE710EAB374}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{4A8527CB-18DB-4B66-AE2A-8A9FB621F9A2}" = protocol=6 | dir=in | app=c:\program files\teamviewer\teamviewer.exe |
"{50774DFC-4F60-4DC9-A5CF-E81B6724719C}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{530FEB55-0C21-4062-A710-1D7585C7DAF4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{5495BAD6-0403-418B-B092-258024643441}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{5A11DBE9-5644-4805-A22E-B1EE301F89C6}" = dir=in | app=c:\program files\hp\hp laserjet pro mfp m125-m126\bin\hpnetworkcommunicatorcom.exe |
"{5B57F10D-C094-4AF9-9D0A-165FB9AC80A8}" = protocol=17 | dir=in | app=c:\program files\logitech\vid hd\vid.exe |
"{6A395199-BB30-48ED-977E-BCC252F0AFB6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{72C328ED-E29B-4C83-A9C8-278AEFF402F3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8FD6FC7A-F794-4649-A9FE-1B093E99ED1B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9348A714-F1AC-4DCA-8464-C5040A26261E}" = protocol=6 | dir=in | app=c:\hp_laserjet_pro_mfp_m125-m126\installer\hpbcsiinstaller.exe |
"{A0242DB3-05A2-43A6-9035-CFA63EDC7BC9}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{A1C04533-D79C-4022-8A2F-419EFA155E3F}" = dir=in | app=c:\program files\hp\hp laserjet pro mfp m125-m126\bin\ewsproxy.exe |
"{B99D817B-9599-4544-88B9-042BA100EDCE}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{BA650043-5988-4143-97C4-4BB834608BC7}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{C2115227-8573-4BC6-92B7-1B2A2BDEA511}" = protocol=6 | dir=out | app=system |
"{C8CC9CED-7186-4FEF-9396-0B76BBE4BE62}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D9D8ED57-C490-44A7-9463-49C34BC364E4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F03263DC-D369-4AF7-ABA7-A4D30AF3A0C2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F9ACF031-C9A1-4F9D-B0C8-8AF3132EE8E1}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{FC700FCD-5FBD-4C65-B107-87F7189C36FE}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"TCP Query User{37CD3B0F-7629-4BDF-8A4E-D4D1F4C33296}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{831B9F3F-AA85-4555-86E2-B0045E4544DE}C:\program files\libreoffice 4\program\soffice.bin" = protocol=6 | dir=in | app=c:\program files\libreoffice 4\program\soffice.bin |
"UDP Query User{479B7019-74B2-42F6-8BBE-DA8931F95C58}C:\program files\libreoffice 4\program\soffice.bin" = protocol=17 | dir=in | app=c:\program files\libreoffice 4\program\soffice.bin |
"UDP Query User{9C7128CC-F83B-44B3-BEA6-C6CDC157B698}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{0891B708-EF3F-4D7E-9724-265245F46276}" = Windows Live Remote Service Resources
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0BFDA228-F4D0-42C0-90B2-8C47F147AEB1}" = HPDXP
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{1080213B-DD61-41C1-9C1C-8B0E67709D84}" = Microsoft Security Client
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{178F0383-A2F1-427C-9881-6EACB8728C76}" = hppLaserJetService
"{17CA32D1-73BD-4990-B8F6-369D8D34B05D}" = Microsoft Antimalware Service CS-CZ Language Pack
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18A5DFF2-8A95-49F3-873F-743CB5549F3D}" = Canon ScanGear Starter
"{18D5B189-DBDD-4E57-A84B-58C7700E9BB0}" = hppM125LaserJetService
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype™ 7.0
"{28A25E3A-2855-4A39-B72B-50BF80FB86C5}" = Windows Live Family Safety
"{2D6E3D97-1FDF-4993-AC75-72F59EC445C5}" = Windows Live Family Safety
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{30500C7C-2206-3DC6-9792-96E95A04669D}" = Microsoft .NET Framework 4.6.1
"{30DD7187-F392-4D83-8AED-D9A2DC64EF15}" = HPLJUTCore
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{4412F224-3849-4461-A3E9-DEEF8D252790}" = Visual Studio C++ 10.0 Runtime
"{454F5782-A4C3-480E-A629-D435795DEFD8}" = Windows Live Remote Client Resources
"{4DC59BF3-0D72-3CE8-BFEF-1E8FAF689EB0}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
"{50779A29-834E-4E36-BBEB-B7CABC67A825}" = Microsoft Security Client CS-CZ Language Pack
"{581A9CCB-1AD7-4BB4-A698-590305F773FB}" = hpStatusAlertsM125-M126
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{5E4DD8C2-A906-4F1B-94B6-4F6A51D625B2}" = HPLJDXPHelper
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{62022DCB-BA92-4EC2-AE03-9B946E4DBF12}" = hpbDSService
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{6470E292-3B55-41DC-B5EB-91C34C5ACB5D}" = hpStatusAlerts
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69D27D4C-36CE-4CB2-A290-C38B0A990955}" = OpenOffice 4.1.2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{80A07844-CA64-4DE4-AB61-D37DDBE8074F}" = PDF Architect
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{817750FA-EC6A-485D-9901-0683AE6FFDF1}" = Google Earth
"{82E7776B-E837-4584-BD0D-E2F54A0F6960}" = HP LaserJet Pro MFP M125-M126 HP Device Toolbox
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E2A18E2-96AF-4DF9-8459-5C06B75139A4}_is1" = SUPER © v2013.build.59+Recorder (2013/12/18) verze v2013.build.
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90150000-007E-0000-0000-0000000FF1CE}" = Office 15 Click-to-Run Licensing Component
"{90150000-008C-0000-0000-0000000FF1CE}" = Office 15 Click-to-Run Extensibility Component
"{90150000-008C-0405-0000-0000000FF1CE}" = Office 15 Click-to-Run Localization Component
"{91120000-0014-0000-0000-0000000FF1CE}" = Microsoft Office Professional 2007
"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.6.1 (čeština)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.6.1
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-00AF-0405-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer
"{9A0C3AE6-A6C3-46C4-95A5-E3745CCE3D57}" = hpbM126DSService
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9E7CB788-5C1F-4A18-95AA-8F4B1618A80C}" = HPLJUTM125_126
"{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1" = Revo Uninstaller 2.0.1
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{AC76BA86-0804-1033-1959-001824202044}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1029-7B44-AC0F074E4100}" = Adobe Acrobat Reader DC - Czech
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B1CB7E99-4685-45CB-867E-2FB58EDA0A39}" = HP Unified IO
"{B2894225-82C7-4006-B243-6272589993B2}" = HPLJProMFPM125M126
"{B44F3823-52DD-45CA-A916-8B320778715D}" = Messenger Companion
"{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B93DCF58-AA57-41EC-8D69-B05C66C6312D}_is1" = SUPER © v2012.build.51 (April 7, 2012) verze v2012.build.51
"{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}" = Nokia Connectivity Cable Driver
"{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}" = Logitech Webcam Software
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{c65448bc-e467-4ec7-b4a5-246697f52957}" = HP LaserJet Pro MFP M125-M126
"{C9EF1AAF-B542-41C8-A537-1142DA5D4AEC}" = HP Customer Experience Enhancements
"{CBECBAA4-A9A1-48B6-88DC-5D5E800B0E52}" = Adblock Plus for IE (32-bit)
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240DA}" = WinZip 17.5
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{EAECD0D7-F27D-4F13-8312-A9C0B5C5F1B7}" = LJDXPHelperUI
"{F07C83EA-CF0C-44B4-9F1E-C3CD82EBA538}" = Sonic Foundry ACID Pro 3.0
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1EE568A-171F-4C06-9BE6-2395BED067A3}" = LibreOffice 4.1.1.2
"{F2979AAA-FDD7-4CB3-93BC-5C24D965D679}" = Windows Live Messenger
"{F4C709E1-76EC-3A6B-A015-38AEB35CAED0}" = Microsoft .NET Framework 4.6.1 (CSY)
"{f65db027-aff3-4070-886a-0d87064aabb1}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
"{F84EA1B1-5184-4145-B6E6-5E5D33D85FE4}" = HP LJ M125126 Scan HP Scan
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 23 ActiveX
"Adobe Flash Player NPAPI" = Adobe Flash Player 23 NPAPI
"Any Video Converter_is1" = Any Video Converter 5.8.2
"CCleaner" = CCleaner
"CDA Converter Plus" = CDA Converter Plus
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"CrystalDiskInfo_is1" = CrystalDiskInfo 7.0.3
"Defraggler" = Defraggler
"EPSON XP-202 203 206 Series Netg" = Příručka pro síť EPSON XP-202 203 206 Series
"Google Chrome" = Google Chrome
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"IrfanView" = IrfanView (remove only)
"Logitech Vid" = Logitech Vid HD
"Microsoft Security Client" = Microsoft Security Essentials
"Microsoft Visual Studio 2010 Tools for Office Runtime (x86)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
"MULTIFlight" = MULTIFlight
"MyDriveConnect" = TomTom MyDrive Connect 4.1.0.2658
"O365HomePremRetail - cs-cz" = Microsoft Office 365 - cs-cz
"PdfConvertor_is1" = PdfConvertor
"PROR" = Microsoft Office Professional 2007
"Sonic Foundry ACID Pro 3.0 Crack" = Sonic Foundry ACID Pro 3.0 Crack
"Steinberg Cubase VST32" = Steinberg Cubase VST32
"TeamViewer" = TeamViewer 10
"VLC media player" = VLC media player
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.20 (32-bit)

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-726496295-2317986126-1619368687-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"SeznamInstall" = Seznam Software
"SkyDriveSetup.exe" = Microsoft SkyDrive

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 6.10.2016 16:25:19 | Computer Name = Libor-PC | Source = WinMgmt | ID = 10
Description =

Error - 6.10.2016 16:42:17 | Computer Name = Libor-PC | Source = InstallerService | ID = 0
Description = Zastavení služby se nezdařilo. System.NullReferenceException: Odkaz
na objekt není nastaven na instanci objektu. v Mcafee.TrueKey.InstallerService.InstallerSvc.OnStop()

v System.ServiceProcess.ServiceBase.DeferredStop()

Error - 6.10.2016 16:43:24 | Computer Name = Libor-PC | Source = WinMgmt | ID = 10
Description =

Error - 6.10.2016 17:18:54 | Computer Name = Libor-PC | Source = WinMgmt | ID = 10
Description =

Error - 7.10.2016 3:17:09 | Computer Name = Libor-PC | Source = WinMgmt | ID = 10
Description =

Error - 7.10.2016 3:25:55 | Computer Name = Libor-PC | Source = Office 2013 Licensing Service | ID = 0
Description =

Error - 7.10.2016 15:53:03 | Computer Name = Libor-PC | Source = WinMgmt | ID = 10
Description =

Error - 7.10.2016 16:06:28 | Computer Name = Libor-PC | Source = WinMgmt | ID = 10
Description =

Error - 7.10.2016 16:13:04 | Computer Name = Libor-PC | Source = VSS | ID = 8194
Description =

Error - 7.10.2016 18:34:54 | Computer Name = Libor-PC | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 7.10.2016 18:30:39 | Computer Name = Libor-PC | Source = Service Control Manager | ID = 7034
Description = Služba PDF Architect Service byla neočekávaně ukončena. Tento stav
nastal již 1krát.

Error - 7.10.2016 18:30:39 | Computer Name = Libor-PC | Source = Service Control Manager | ID = 7031
Description = Služba Windows Live ID Sign-in Assistant byla nečekaně ukončena. Stalo
se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat
službu.

Error - 7.10.2016 18:30:45 | Computer Name = Libor-PC | Source = Service Control Manager | ID = 7031
Description = Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát.
Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error - 7.10.2016 18:30:46 | Computer Name = Libor-PC | Source = Service Control Manager | ID = 7031
Description = Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena.
Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund:
Restartovat službu.

Error - 7.10.2016 18:30:47 | Computer Name = Libor-PC | Source = Service Control Manager | ID = 7031
Description = Služba Instalační služba modulů systému Windows byla nečekaně ukončena.
Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund:
Restartovat službu.

Error - 7.10.2016 18:31:15 | Computer Name = Libor-PC | Source = Service Control Manager | ID = 7038
Description = Služba WSearch se nemohla přihlásit jako NT AUTHORITY\SYSTEM s aktuálně
konfigurovaným heslem z důvodu následující chyby: %%50 Chcete-li zajistit správnou
konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management
Console (MMC).

Error - 7.10.2016 18:31:15 | Computer Name = Libor-PC | Source = Service Control Manager | ID = 7000
Description = Služba Windows Search neuspěla při spuštění v důsledku následující
chyby: %%1069

Error - 7.10.2016 18:31:16 | Computer Name = Libor-PC | Source = Service Control Manager | ID = 7038
Description = Služba WMPNetworkSvc se nemohla přihlásit jako NT AUTHORITY\NetworkService
s aktuálně konfigurovaným heslem z důvodu následující chyby: %%50 Chcete-li zajistit
správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management
Console (MMC).

Error - 7.10.2016 18:31:16 | Computer Name = Libor-PC | Source = Service Control Manager | ID = 7000
Description = Služba Služba Windows Media Player Network Sharing neuspěla při spuštění
v důsledku následující chyby: %%1069

Error - 7.10.2016 18:38:38 | Computer Name = Libor-PC | Source = DCOM | ID = 10010
Description =

< End of report >

#42 Příspěvek od **Márty84** » 08 říj 2016 22:03

Nezkopiroval jste tam ten text, takze log neni uplny.

libork · #43 Příspěvek od **libork** » 10 říj 2016 07:13

Prohledávání se vždy zasekne v tomto místě - viz obrázek

#44 Příspěvek od **Márty84** » 10 říj 2016 08:12

Obcas se to stane, ze OTL tuhle chybku vyhodi

Spustte ho podle stejneho navodu jeste jednou, ale s timto upravenym skriptem

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

libork · #45 Příspěvek od **libork** » 10 říj 2016 21:22

OTL logfile created on: 10.10.2016 21:29:32 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Libor\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18449)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,97 Gb Total Physical Memory | 0,92 Gb Available Physical Memory | 46,94% Memory free
3,93 Gb Paging File | 2,76 Gb Available in Paging File | 70,28% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 457,94 Gb Total Space | 276,87 Gb Free Space | 60,46% Space Free | Partition Type: NTFS

Computer Name: LIBOR-PC | User Name: Libor | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2016.10.08 00:52:57 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Libor\Desktop\OTL.exe
PRC - [2016.09.25 05:47:08 | 000,966,760 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2016.09.16 11:24:06 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2016.08.30 16:20:06 | 000,280,864 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\NisSrv.exe
PRC - [2016.08.30 16:20:06 | 000,104,200 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2016.08.30 16:10:10 | 001,004,064 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2016.08.26 21:23:10 | 006,868,696 | ---- | M] (Piriform Ltd) -- C:\Program Files\CCleaner\CCleaner.exe
PRC - [2016.07.28 21:59:37 | 000,288,920 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.3.31.5\GoogleCrashHandler.exe
PRC - [2016.07.26 02:25:22 | 002,130,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office 15\ClientX86\officeclicktorun.exe
PRC - [2016.04.14 17:53:44 | 002,042,144 | ---- | M] (TomTom) -- C:\Program Files\MyDrive Connect\TomTom MyDrive Connect.exe
PRC - [2016.04.09 07:44:07 | 002,973,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2015.02.17 11:05:26 | 005,436,176 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\TeamViewer_Service.exe
PRC - [2013.04.18 07:57:32 | 000,313,656 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\HP\StatusAlerts\bin\HPStatusAlerts.exe
PRC - [2013.01.09 18:36:06 | 000,795,208 | ---- | M] (pdfforge GbR) -- C:\Program Files\PDF Architect\ConversionService.exe
PRC - [2013.01.09 18:34:26 | 001,324,104 | ---- | M] (pdfforge GbR) -- C:\Program Files\PDF Architect\HelperService.exe
PRC - [2012.12.04 11:52:22 | 000,174,592 | ---- | M] (HP) -- C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
PRC - [2012.11.23 04:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2011.10.17 16:51:54 | 000,013,824 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\HP\HPBDSService\HPBDSService.exe
PRC - [2009.10.14 14:36:56 | 002,793,304 | ---- | M] () -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
PRC - [2009.10.14 14:34:18 | 000,560,472 | ---- | M] () -- C:\Program Files\Common Files\logishrd\LQCVFX\COCIManager.exe
PRC - [2009.10.07 02:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe

========== Modules (No Company Name) ==========

MOD - [2016.09.25 05:47:17 | 001,805,416 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\53.0.2785.143\libglesv2.dll
MOD - [2016.09.25 05:47:16 | 000,093,288 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\53.0.2785.143\libegl.dll
MOD - [2016.08.26 20:25:08 | 000,061,440 | ---- | M] () -- C:\Program Files\CCleaner\Lang\lang-1029.dll
MOD - [2016.07.13 22:21:38 | 011,923,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\699e49c0c28ae602caf56e744368b126\System.Web.ni.dll
MOD - [2016.05.11 06:48:47 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\e24fa73a85564123eeb3755544d8cefc\System.ServiceProcess.ni.dll
MOD - [2016.05.11 06:48:45 | 001,812,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\2b7719ba2bc033673438ab40898fa877\System.Deployment.ni.dll
MOD - [2016.05.11 06:48:44 | 012,438,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dll
MOD - [2016.05.11 06:48:29 | 000,774,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\77248929224228e8150eea45de075401\System.Runtime.Remoting.ni.dll
MOD - [2016.05.11 06:48:29 | 000,310,784 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\c0340703d3054ede6a49516700f16d17\System.Runtime.Serialization.Formatters.Soap.ni.dll
MOD - [2016.05.11 06:48:14 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6f4f738362752c5d3a2c9234d604784d\System.Drawing.ni.dll
MOD - [2016.05.11 06:48:05 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\c8b82d8b2e7e18c7caf27b8017c6c615\System.Configuration.ni.dll
MOD - [2016.05.11 06:48:04 | 005,467,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ef4a32979d02a76972d22c8161778f10\System.Xml.ni.dll
MOD - [2016.05.11 06:47:59 | 007,996,416 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dll
MOD - [2014.09.11 20:50:42 | 011,497,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dll
MOD - [2014.09.11 17:15:28 | 000,252,928 | ---- | M] () -- C:\Program Files\MyDrive Connect\Plugins\imageformats\qwebp.dll
MOD - [2014.09.11 17:15:16 | 000,307,712 | ---- | M] () -- C:\Program Files\MyDrive Connect\Plugins\imageformats\qtiff.dll
MOD - [2014.09.11 17:15:04 | 000,014,848 | ---- | M] () -- C:\Program Files\MyDrive Connect\Plugins\imageformats\qwbmp.dll
MOD - [2014.09.11 17:14:58 | 000,381,952 | ---- | M] () -- C:\Program Files\MyDrive Connect\Plugins\imageformats\qjp2.dll
MOD - [2014.09.11 17:14:56 | 000,015,360 | ---- | M] () -- C:\Program Files\MyDrive Connect\Plugins\imageformats\qtga.dll
MOD - [2014.09.11 17:14:44 | 000,218,112 | ---- | M] () -- C:\Program Files\MyDrive Connect\Plugins\imageformats\qmng.dll
MOD - [2014.09.11 17:14:40 | 000,027,648 | ---- | M] () -- C:\Program Files\MyDrive Connect\Plugins\imageformats\qicns.dll
MOD - [2014.09.11 17:14:34 | 000,032,256 | ---- | M] () -- C:\Program Files\MyDrive Connect\Plugins\imageformats\qdds.dll
MOD - [2014.09.11 17:08:42 | 000,015,872 | ---- | M] () -- C:\Program Files\MyDrive Connect\Plugins\imageformats\qsvg.dll
MOD - [2014.09.11 17:06:50 | 000,878,592 | ---- | M] () -- C:\Program Files\MyDrive Connect\Plugins\platforms\qwindows.dll
MOD - [2014.09.11 17:06:04 | 000,038,912 | ---- | M] () -- C:\Program Files\MyDrive Connect\Plugins\bearer\qnativerwifibearer.dll
MOD - [2014.09.11 17:05:52 | 000,021,504 | ---- | M] () -- C:\Program Files\MyDrive Connect\Plugins\imageformats\qico.dll
MOD - [2014.09.11 17:05:52 | 000,021,504 | ---- | M] () -- C:\Program Files\MyDrive Connect\Plugins\imageformats\qgif.dll
MOD - [2014.09.11 17:05:38 | 000,036,352 | ---- | M] () -- C:\Program Files\MyDrive Connect\Plugins\bearer\qgenericbearer.dll
MOD - [2014.09.11 17:05:36 | 000,204,800 | ---- | M] () -- C:\Program Files\MyDrive Connect\Plugins\imageformats\qjpeg.dll
MOD - [2014.04.14 21:41:12 | 000,039,192 | ---- | M] () -- C:\Program Files\CCleaner\branding.dll
MOD - [2013.07.08 14:43:45 | 000,393,216 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Deployment.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Deployment.resources.dll
MOD - [2010.11.13 03:54:19 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009.10.14 14:36:56 | 002,793,304 | ---- | M] () -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
MOD - [2009.10.14 14:34:18 | 000,560,472 | ---- | M] () -- C:\Program Files\Common Files\logishrd\LQCVFX\COCIManager.exe

========== Services (SafeList) ==========

SRV - [2016.09.16 11:24:06 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2016.09.14 09:29:31 | 000,270,016 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2016.09.01 04:24:38 | 000,102,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2016.08.30 16:20:06 | 000,280,864 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2016.08.30 16:20:06 | 000,104,200 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2016.07.26 02:25:22 | 002,130,160 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe -- (ClickToRunSvc)
SRV - [2015.07.22 19:53:34 | 000,937,984 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\diagtrack.dll -- (DiagTrack)
SRV - [2015.02.17 11:05:26 | 005,436,176 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\TeamViewer_Service.exe -- (TeamViewer)
SRV - [2013.05.27 06:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013.01.09 18:36:06 | 000,795,208 | ---- | M] (pdfforge GbR) [Auto | Running] -- C:\Program Files\PDF Architect\ConversionService.exe -- (PDF Architect Service)
SRV - [2013.01.09 18:34:26 | 001,324,104 | ---- | M] (pdfforge GbR) [Auto | Running] -- C:\Program Files\PDF Architect\HelperService.exe -- (PDF Architect Helper Service)
SRV - [2012.12.04 11:52:22 | 000,174,592 | ---- | M] (HP) [Auto | Running] -- C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe -- (HP LaserJet Service)
SRV - [2012.01.02 12:45:30 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2011.10.17 16:51:54 | 000,013,824 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\HP\HPBDSService\HPBDSService.exe -- (HP DS Service)
SRV - [2009.10.07 02:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)

========== Driver Services (SafeList) ==========

DRV - [2016.08.25 10:46:12 | 000,105,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2011.08.17 11:03:58 | 000,137,472 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2011.08.17 11:03:50 | 000,008,576 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2011.08.17 10:56:32 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2011.08.17 10:56:30 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011.08.17 10:56:26 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2011.08.17 10:56:22 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2011.08.11 08:54:02 | 000,088,176 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C)
DRV - [2010.11.20 23:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 23:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.11.20 23:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2009.10.07 02:46:36 | 000,025,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2009.09.23 03:19:31 | 000,294,912 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vpcvmm.sys -- (vpcvmm)
DRV - [2009.09.23 03:19:31 | 000,055,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV - [2009.09.23 03:18:08 | 000,078,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vpcusb.sys -- (vpcusb)
DRV - [2009.09.23 03:18:07 | 000,165,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vpchbus.sys -- (vpcbus)
DRV - [2009.05.13 19:11:34 | 000,006,504 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2008.07.26 16:26:22 | 000,041,752 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2008.07.26 16:25:48 | 000,627,864 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvrs.sys -- (LVRS)
DRV - [2008.07.26 16:22:34 | 002,570,520 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LV302V32.SYS -- (PID_PEPI)
DRV - [2008.07.26 16:22:22 | 000,013,848 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lv302af.sys -- (pepifilter)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-726496295-2317986126-1619368687-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = 52 A6 34 04 37 C0 D1 01 [binary data]
IE - HKU\S-1-5-21-726496295-2317986126-1619368687-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = Reg Error: Value error.
IE - HKU\S-1-5-21-726496295-2317986126-1619368687-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-726496295-2317986126-1619368687-1000\..\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}: "URL" = http://www.google.com/search?q={searchTerms}
IE - HKU\S-1-5-21-726496295-2317986126-1619368687-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IESR02
IE - HKU\S-1-5-21-726496295-2317986126-1619368687-1000\..\SearchScopes\{B11F5F4A-5285-4795-906C-0CF4761EA898}: "URL" = http://www.novinky.cz/hledej?w={searchT ... arch_12454
IE - HKU\S-1-5-21-726496295-2317986126-1619368687-1000\..\SearchScopes\{E3472CF2-F332-4A9F-B906-F879FD3EC370}: "URL" = http://tv.seznam.cz/hledej?w={searchTer ... arch_12454
IE - HKU\S-1-5-21-726496295-2317986126-1619368687-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.countryCode: "CZ"
FF - prefs.js..browser.search.region: "CZ"
FF - prefs.js..browser.startup.homepage: "https://www.seznam.cz/"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:49.0.1
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll File not found

[2016.10.04 21:30:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Libor\AppData\Roaming\Mozilla\Extensions
[2016.10.05 22:39:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\9aif3cru.default\extensions
[2016.10.05 22:39:55 | 000,007,076 | ---- | M] () (No name found) -- C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\9aif3cru.default\features\{8c952e95-18e6-48d8-bdfb-2cdd67df4db4}\e10srollout@mozilla.org.xpi

========== Chrome ==========

CHR - Extension: No name found = C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\
CHR - Extension: No name found = C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\
CHR - Extension: No name found = C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_0\
CHR - Extension: No name found = C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\
CHR - Extension: No name found = C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
CHR - Extension: No name found = C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5316.725.0.15_0\

O1 HOSTS File: ([2016.10.06 22:55:01 | 000,000,102 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ਍㨀㨀㄀氀漀挀愀氀栀漀猀琀ഀഀ
O1 - Hosts: ਍
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\urlredir.dll (Microsoft Corporation)
O2 - BHO: (Adblock Plus for IE Browser Helper Object) - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Eyeo GmbH)
O3 - HKU\S-1-5-21-726496295-2317986126-1619368687-1000\..\Toolbar\WebBrowser: (no name) - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [StatusAlerts] C:\Program Files\HP\StatusAlerts\bin\HPStatusAlerts.exe (Hewlett-Packard Company)
O4 - HKU\S-1-5-21-726496295-2317986126-1619368687-1000..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-726496295-2317986126-1619368687-1000..\Run: [MyDriveConnect.exe] C:\Program Files\MyDrive Connect\TomTom MyDrive Connect.exe (TomTom)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-726496295-2317986126-1619368687-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-726496295-2317986126-1619368687-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\onbttnielinkednotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\onbttnielinkednotes.dll (Microsoft Corporation)
O15 - HKU\S-1-5-21-726496295-2317986126-1619368687-1000\..Trusted Domains: localhost ([]http in Internet)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 185.18.30.142 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E0BC94DA-EACE-47BA-B7D7-A46A2E95D57E}: DhcpNameServer = 185.18.30.142 8.8.8.8
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\msosb.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.I420 - C:\Windows\System32\i420vfw.dll (www.helixcommunity.org)
Drivers32: vidc.yv12 - C:\Windows\System32\yv12vfw.dll (www.helixcommunity.org)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2016.10.08 19:25:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2016.10.08 00:52:49 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Libor\Desktop\OTL.exe
[2016.10.07 22:11:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[2016.10.07 22:11:42 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2016.10.07 22:10:17 | 007,100,088 | ---- | C] (VS Revo Group ) -- C:\Users\Libor\Desktop\revosetup.exe
[2016.10.06 23:06:01 | 000,000,000 | ---D | C] -- C:\Users\Libor\AppData\Local\CEF
[2016.10.06 22:34:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2016.10.06 22:34:14 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee
[2016.10.06 22:21:20 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2016.10.04 22:21:56 | 000,000,000 | ---D | C] -- C:\Program Files\Adblock Plus for IE
[2016.10.04 21:26:10 | 000,000,000 | ---D | C] -- C:\Users\Libor\AppData\Roaming\Mozilla
[2016.10.04 21:26:10 | 000,000,000 | ---D | C] -- C:\Users\Libor\AppData\Local\Mozilla
[2016.10.03 20:01:37 | 000,000,000 | ---D | C] -- C:\_OTM
[2016.10.03 19:59:39 | 000,522,240 | ---- | C] (OldTimer Tools) -- C:\Users\Libor\Desktop\OTM.exe
[2016.10.02 11:25:43 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2016.10.02 11:22:19 | 000,000,000 | ---D | C] -- C:\Windows\Temp
[2016.10.02 11:22:19 | 000,000,000 | ---D | C] -- C:\Users\Libor\AppData\Local\Temp
[2016.10.01 22:08:03 | 000,000,000 | ---D | C] -- C:\zoek_backup
[2016.10.01 15:40:39 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2016.10.01 09:15:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
[2016.10.01 09:15:44 | 000,000,000 | ---D | C] -- C:\Program Files\Defraggler
[2016.09.28 18:08:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
[2016.09.28 18:08:20 | 000,000,000 | ---D | C] -- C:\Program Files\CrystalDiskInfo
[2016.09.24 20:30:52 | 000,000,000 | ---D | C] -- C:\Users\Libor\Documents\A - Plocha 3
[2016.09.20 22:48:36 | 000,000,000 | ---D | C] -- C:\Users\Libor\Documents\Adobe Scripts
[2016.09.20 19:47:34 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2016.09.14 09:32:36 | 000,240,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2016.09.14 09:32:36 | 000,187,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2016.09.14 09:32:36 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\INETRES.dll
[2016.09.14 09:32:35 | 002,399,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2016.09.14 09:32:28 | 002,945,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2016.09.14 09:32:28 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2016.09.14 09:32:28 | 000,174,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2016.09.14 09:32:28 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2016.09.14 09:32:28 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2016.09.14 09:32:27 | 004,000,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2016.09.14 09:32:27 | 003,944,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2016.09.14 09:32:27 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSetupUI.dll
[2016.09.14 09:32:26 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2016.09.14 09:32:26 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\appidpolicyconverter.exe
[2016.09.14 09:32:26 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2016.09.14 09:32:26 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2016.09.14 09:32:25 | 000,262,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
[2016.09.14 09:32:25 | 000,105,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2016.09.14 09:32:25 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2016.09.14 09:32:25 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\appidapi.dll
[2016.09.14 09:32:25 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2016.09.14 09:32:25 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\appidcertstorecheck.exe
[2016.09.14 09:32:25 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wu.upgrade.ps.dll
[2016.09.14 09:32:24 | 001,806,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2016.09.14 09:32:24 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msihnd.dll
[2016.09.14 09:32:24 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2016.09.14 09:32:24 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setbcdlocale.dll
[2016.09.14 09:32:24 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apisetschema.dll
[2016.09.14 09:32:23 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adtschema.dll
[2016.09.14 09:32:23 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msaudite.dll
[2016.09.14 09:32:23 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpchttp.dll
[2016.09.14 09:32:23 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msobjs.dll
[2016.09.14 09:32:23 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\auditpol.exe
[2016.09.14 09:32:23 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msimsg.dll
[2016.09.14 09:32:23 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sspisrv.dll
[2016.09.14 09:31:43 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\JavaScriptCollectionAgent.dll
[2016.09.14 09:31:42 | 000,689,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2016.09.14 09:31:42 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe
[2016.09.14 09:31:42 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe
[2016.09.14 09:31:42 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2016.09.14 09:31:42 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll
[2016.09.14 09:31:42 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2016.09.14 09:31:41 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2016.09.14 09:31:41 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll
[2016.09.14 09:31:41 | 000,416,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2016.09.14 09:31:41 | 000,346,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2016.09.14 09:31:41 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2016.09.14 09:31:41 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2016.09.14 09:31:40 | 002,724,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2016.09.14 09:31:40 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2016.09.14 09:31:39 | 002,055,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2016.09.14 09:31:39 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2016.09.14 09:31:39 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2016.09.14 09:31:38 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll
[2016.09.14 09:31:37 | 000,279,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2016.09.14 09:31:36 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2016.09.14 09:31:35 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2016.09.14 09:31:34 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll
[2016.09.14 09:31:33 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MshtmlDac.dll
[2016.09.14 09:31:30 | 004,607,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012.01.16 11:22:04 | 004,316,160 | ---- | C] (Gabest) -- C:\Program Files\mplayerc.exe

========== Files - Modified Within 30 Days ==========

[2016.10.10 21:33:50 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2016.10.10 21:33:20 | 000,024,800 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2016.10.10 21:33:20 | 000,024,800 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2016.10.10 21:20:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2016.10.10 21:20:05 | 1583,177,728 | -HS- | M] () -- C:\hiberfil.sys
[2016.10.08 19:25:38 | 000,002,068 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2016.10.08 10:39:03 | 000,670,674 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2016.10.08 10:39:03 | 000,654,828 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2016.10.08 10:39:03 | 000,142,286 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2016.10.08 10:39:03 | 000,122,700 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2016.10.08 00:52:57 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Libor\Desktop\OTL.exe
[2016.10.08 00:28:56 | 003,874,368 | ---- | M] () -- C:\Users\Libor\Desktop\adwcleaner_6.021.exe
[2016.10.07 22:11:46 | 000,001,153 | ---- | M] () -- C:\Users\Public\Desktop\Revo Uninstaller.lnk
[2016.10.07 22:10:47 | 007,100,088 | ---- | M] (VS Revo Group ) -- C:\Users\Libor\Desktop\revosetup.exe
[2016.10.06 22:55:01 | 000,000,102 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2016.10.06 22:20:45 | 000,001,983 | ---- | M] () -- C:\Users\Public\Desktop\Acrobat Reader DC.lnk
[2016.10.05 09:04:14 | 000,026,112 | ---- | M] () -- C:\Users\Libor\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2016.10.05 08:01:03 | 000,002,095 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2016.10.04 21:13:48 | 000,243,664 | ---- | M] () -- C:\Users\Libor\Desktop\Firefox Setup Stub 49.0.1.exe
[2016.10.03 19:59:44 | 000,522,240 | ---- | M] (OldTimer Tools) -- C:\Users\Libor\Desktop\OTM.exe
[2016.10.02 11:06:59 | 000,024,064 | ---- | M] () -- C:\Windows\zoek-delete.exe
[2016.10.01 09:07:47 | 000,000,931 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2016.09.27 23:02:58 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
[2016.09.21 20:53:20 | 003,847,848 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2016.09.14 09:29:30 | 000,796,352 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2016.09.14 09:29:30 | 000,142,528 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl

========== Files Created - No Company Name ==========

[2016.10.08 19:25:38 | 000,002,068 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2016.10.08 01:02:39 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2016.10.08 00:28:50 | 003,874,368 | ---- | C] () -- C:\Users\Libor\Desktop\adwcleaner_6.021.exe
[2016.10.07 22:11:46 | 000,001,153 | ---- | C] () -- C:\Users\Public\Desktop\Revo Uninstaller.lnk
[2016.10.06 22:20:45 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
[2016.10.06 22:20:45 | 000,001,983 | ---- | C] () -- C:\Users\Public\Desktop\Acrobat Reader DC.lnk
[2016.10.04 21:13:17 | 000,243,664 | ---- | C] () -- C:\Users\Libor\Desktop\Firefox Setup Stub 49.0.1.exe
[2016.10.02 11:22:19 | 000,024,064 | ---- | C] () -- C:\Windows\zoek-delete.exe
[2012.02.14 08:32:52 | 000,026,112 | ---- | C] () -- C:\Users\Libor\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2016.04.09 08:54:53 | 012,881,408 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 23:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2015.09.14 22:44:39 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\AnvSoft
[2015.09.14 22:30:56 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\avidemux
[2012.01.25 22:33:38 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\Canon
[2015.03.09 10:36:04 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\Epson
[2015.02.27 22:55:45 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\IrfanView
[2014.02.22 14:40:10 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\IsolatedStorage
[2012.04.12 09:41:11 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\klonsoft
[2012.02.11 09:38:23 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\Leadertech
[2013.09.20 21:37:25 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\LibreOffice
[2016.01.18 10:52:05 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\OpenOffice
[2015.09.14 22:45:03 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\Opera Software
[2013.03.03 16:43:20 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\PDF Architect
[2013.02.09 11:35:30 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\PdfConvertor
[2016.10.01 15:38:31 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\Seznam.cz
[2013.09.14 01:36:52 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\SoftGrid Client
[2012.01.12 11:46:04 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\Steinberg
[2015.03.17 09:10:58 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\TeamViewer
[2014.10.27 20:03:57 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\TomTom
[2013.07.14 11:02:16 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\WinAVI
[2012.01.02 11:39:01 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\Zoner

========== Purity Check ==========

========== Custom Scans ==========

< >
[2009.07.14 06:53:46 | 000,032,600 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 06:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_a5025d31bee4647c\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_df26d4d57fdef5b0\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_dfc9143c98e9a6c4\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.20 23:29:06 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010.11.20 23:29:06 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2010.11.20 23:29:03 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010.11.20 23:29:03 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010.11.20 23:29:03 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2016.04.09 07:44:07 | 002,973,184 | ---- | M] (Microsoft Corporation) MD5=3DA48EA028AD771C5B71727F0C3984E9 -- C:\Windows\explorer.exe
[2016.04.09 07:44:07 | 002,973,184 | ---- | M] (Microsoft Corporation) MD5=3DA48EA028AD771C5B71727F0C3984E9 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.23418_none_54497d94f118c5e4\explorer.exe
[2010.11.20 23:29:20 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe

< MD5 for: HAL.DLL >
[2010.11.20 23:29:19 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010.11.20 23:29:19 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll

< MD5 for: SCECLI.DLL >
[2010.11.20 23:29:07 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 23:29:07 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: TCPIP.SYS >
[2010.11.20 23:29:20 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2016.07.07 17:20:44 | 001,309,928 | ---- | M] (Microsoft Corporation) MD5=C7E41209132B9CF084CCEA8593F61328 -- C:\Windows\System32\drivers\tcpip.sys
[2016.07.07 17:20:44 | 001,309,928 | ---- | M] (Microsoft Corporation) MD5=C7E41209132B9CF084CCEA8593F61328 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.23496_none_b55a68e0de0544f5\tcpip.sys
[2012.10.03 18:44:01 | 001,308,040 | ---- | M] (Microsoft Corporation) MD5=D490DD0A91B4EAC3B4EE08D11EE37C31 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_b5a428d6ddce3d9a\tcpip.sys
[2012.10.03 18:58:30 | 001,293,680 | ---- | M] (Microsoft Corporation) MD5=E23A56F843E2AEBBB209D0ACCA73C640 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_b4ef7439c4d0da52\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 23:29:06 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 23:29:06 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe

< MD5 for: WINLOGON.EXE >
[2014.07.16 04:56:14 | 000,304,640 | ---- | M] (Microsoft Corporation) MD5=4F37B93C14AEE313BEC52A23AFB15C2E -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22750_none_7224b2134c7555fa\winlogon.exe
[2014.07.17 03:39:27 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=52449FD429D6053B78AE564DEF303870 -- C:\Windows\System32\winlogon.exe
[2014.07.17 03:39:27 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=52449FD429D6053B78AE564DEF303870 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18540_none_71a5e34e334f9d18\winlogon.exe
[2010.11.20 23:29:06 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2014.03.04 11:17:02 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=998507B046BA314CE8245364C686FA67 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_71da23b23327143c\winlogon.exe
[2014.03.04 12:39:02 | 000,304,640 | ---- | M] (Microsoft Corporation) MD5=D53972F87D850CD2EB4B29B60CAFDD77 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_7255f1994c4f8119\winlogon.exe

< >

< %systemroot%*.* /U /s >
[14 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\Windows\System32\config\systemprofile\AppData\Local\SoftGrid Client\140066.CSY-90140011-66-405\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Local\SoftGrid Client\140066.CSY-90140011-66-405\*.tmp -> ]
[510 C:\Windows\System32\spool\PRINTERS\*.tmp files -> C:\Windows\System32\spool\PRINTERS\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2016.10.06 22:23:10 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\Adobe
[2015.09.14 22:44:39 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\AnvSoft
[2014.04.21 14:26:24 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\Apple Computer
[2015.09.14 22:30:56 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\avidemux
[2012.01.25 22:33:38 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\Canon
[2016.04.15 21:13:41 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\dvdcss
[2015.03.09 10:36:04 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\Epson
[2012.01.11 12:03:14 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\Google
[2016.01.17 20:40:06 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\Hewlett-Packard
[2016.01.17 18:43:34 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\Hewlett-Packard Company
[2016.01.17 20:32:05 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\hpqLog
[2016.01.25 09:24:38 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\HpUpdate
[2012.01.02 11:31:39 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\Identities
[2015.02.27 22:55:45 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\IrfanView
[2014.02.22 14:40:10 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\IsolatedStorage
[2012.04.12 09:41:11 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\klonsoft
[2012.02.11 09:38:23 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\Leadertech
[2013.09.20 21:37:25 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\LibreOffice
[2012.01.11 11:27:05 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\Macromedia
[2013.05.04 15:33:49 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\Malwarebytes
[2010.11.21 03:24:44 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\Media Center Programs
[2016.01.17 18:56:19 | 000,000,000 | --SD | M] -- C:\Users\Libor\AppData\Roaming\Microsoft
[2016.10.04 21:30:08 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\Mozilla
[2016.01.18 10:52:05 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\OpenOffice
[2015.09.14 22:45:03 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\Opera Software
[2013.03.03 16:43:20 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\PDF Architect
[2013.02.09 11:35:30 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\PdfConvertor
[2016.10.01 15:38:31 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\Seznam.cz
[2013.09.17 22:15:45 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\Skype
[2013.09.14 01:36:52 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\SoftGrid Client
[2012.01.12 11:46:04 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\Steinberg
[2016.03.15 10:59:50 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\Sun
[2015.03.17 09:10:58 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\TeamViewer
[2014.10.27 20:03:57 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\TomTom
[2016.10.10 07:28:21 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\vlc
[2013.07.14 11:02:16 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\WinAVI
[2012.01.16 11:21:19 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\WinRAR
[2012.01.02 11:39:01 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\Zoner

< %APPDATA%\*.exe /s >
[2015.07.03 12:18:26 | 005,549,234 | ---- | M] () -- C:\Users\Libor\AppData\Roaming\AnvSoft\Common\youtube-dl.exe
[2013.01.20 17:32:58 | 005,398,528 | ---- | M] () -- C:\Users\Libor\AppData\Roaming\PdfConvertor\pdfconvert.exe
[2013.01.20 19:53:20 | 000,797,184 | ---- | M] (Email Marketing Studio) -- C:\Users\Libor\AppData\Roaming\PdfConvertor\pdf_creator_install.exe
[2013.01.20 19:50:40 | 001,438,208 | ---- | M] () -- C:\Users\Libor\AppData\Roaming\PdfConvertor\xconvert.exe
[2013.05.16 15:25:04 | 001,062,472 | ---- | M] () -- C:\Users\Libor\AppData\Roaming\Seznam.cz\szninstall.exe
[2013.05.16 15:26:24 | 002,589,256 | ---- | M] () -- C:\Users\Libor\AppData\Roaming\Seznam.cz\sznsetup.exe
[2013.04.16 12:52:34 | 000,055,808 | ---- | M] () -- C:\Users\Libor\AppData\Roaming\Seznam.cz\bin\ffkill.exe
[2015.05.26 13:36:54 | 000,073,896 | ---- | M] () -- C:\Users\Libor\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
[2015.05.26 13:38:58 | 000,457,384 | ---- | M] () -- C:\Users\Libor\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
[2015.05.26 13:38:44 | 000,103,080 | ---- | M] () -- C:\Users\Libor\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe
[2016.06.26 18:33:28 | 000,051,712 | ---- | M] () -- C:\Users\Libor\AppData\Roaming\Seznam.cz\bin\x64loader.exe
[2012.01.02 11:39:50 | 012,505,560 | ---- | M] (ZONER software ) -- C:\Users\Libor\AppData\Roaming\Zoner\NLMDB\product.0034\autoupdate.cz\ZPS13_Update_Build07.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2016.10.10 21:33:20 | 000,024,800 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2016.10.10 21:33:20 | 000,024,800 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2016.10.08 10:39:03 | 000,142,286 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2016.10.08 10:39:03 | 000,122,700 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2016.10.08 10:39:03 | 000,670,674 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2016.10.08 10:39:03 | 000,654,828 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2016.10.08 10:39:03 | 001,584,626 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI

< %SYSTEMDRIVE%\*.exe >

< >

< *crack* /s >

< *keygen* /s >

< *AntiWPA* /s >

< *loader* /s >
[2013.10.20 10:36:44 | 000,003,208 | ---- | M] () -- \Program Files\Adblock Plus for IE\html\static\img\ajax-loader.gif
[2015.05.14 11:35:14 | 000,173,056 | ---- | M] () -- \Program Files\AnvSoft\Any Video Converter\avcdownloader.dll
[2015.04.24 20:49:28 | 000,005,932 | ---- | M] () -- \Program Files\AnvSoft\Any Video Converter\plugins\loader.avsi
[2013.04.21 21:44:16 | 000,008,827 | ---- | M] () -- \Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\HeapSnapshotLoader.js
[2006.10.26 14:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 14:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2014.09.03 01:27:24 | 000,268,432 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2014.09.03 01:27:24 | 000,019,096 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2013.08.20 12:25:48 | 000,006,852 | ---- | M] () -- \Program Files\LibreOffice 4\program\pythonloader.py
[2013.08.23 17:08:32 | 000,000,171 | ---- | M] () -- \Program Files\LibreOffice 4\program\pythonloader.uno.ini
[2013.08.23 17:06:56 | 000,037,272 | ---- | M] () -- \Program Files\LibreOffice 4\program\pythonloaderlo.dll
[2013.10.10 07:46:19 | 000,007,171 | ---- | M] () -- \Program Files\LibreOffice 4\program\__pycache__\pythonloader.cpython-33.pyc
[2013.08.22 02:35:58 | 000,124,248 | ---- | M] () -- \Program Files\LibreOffice 4\program\classes\libloader-1.1.6.jar
[2013.08.22 05:31:02 | 000,013,850 | ---- | M] () -- \Program Files\LibreOffice 4\program\python-core-3.3.0\lib\unittest\loader.py
[2013.08.22 05:31:06 | 000,049,593 | ---- | M] () -- \Program Files\LibreOffice 4\program\python-core-3.3.0\lib\unittest\test\test_loader.py
[2013.08.23 17:06:28 | 000,082,328 | ---- | M] () -- \Program Files\LibreOffice 4\URE\bin\javaloader.uno.dll
[2013.08.22 02:24:40 | 000,004,301 | ---- | M] () -- \Program Files\LibreOffice 4\URE\java\unoloader.jar
[2015.10.21 16:49:08 | 000,029,696 | ---- | M] () -- \Program Files\OpenOffice 4\program\javaloader.uno.dll
[2015.10.21 16:53:44 | 000,005,813 | ---- | M] () -- \Program Files\OpenOffice 4\program\pythonloader.py
[2015.10.21 16:49:12 | 000,020,992 | ---- | M] () -- \Program Files\OpenOffice 4\program\pythonloader.uno.dll
[2015.10.21 17:33:02 | 000,000,171 | ---- | M] () -- \Program Files\OpenOffice 4\program\pythonloader.uno.ini
[2015.10.21 11:42:14 | 000,003,868 | ---- | M] () -- \Program Files\OpenOffice 4\program\classes\unoloader.jar
[2015.10.21 11:59:02 | 000,013,501 | ---- | M] () -- \Program Files\OpenOffice 4\program\python-core-2.7.6\lib\unittest\loader.py
[2013.01.21 16:03:44 | 000,030,608 | ---- | M] () -- \Program Files\Seznam.cz\distribution\install\cz.seznam.software.libfoxloader-3.0.0-win32.zip
[2013.06.06 17:50:00 | 000,499,712 | R--- | M] () -- \Program Files\WinZip\adxloader.dll
[2013.06.06 17:50:00 | 000,000,348 | ---- | M] () -- \Program Files\WinZip\adxloader.dll.manifest
[2013.06.06 17:50:00 | 000,704,000 | R--- | M] () -- \Program Files\WinZip\adxloader64.dll
[2015.05.26 13:37:42 | 000,078,504 | ---- | M] () -- \Users\Libor\AppData\Roaming\Seznam.cz\bin\25674libfoxloader.dll
[2015.05.26 13:35:36 | 000,079,872 | ---- | M] () -- \Users\Libor\AppData\Roaming\Seznam.cz\bin\25678libfoxloader-x64.dll
[2016.06.26 18:33:28 | 000,051,712 | ---- | M] () -- \Users\Libor\AppData\Roaming\Seznam.cz\bin\x64loader.exe
[2016.09.28 18:09:11 | 000,000,165 | ---- | M] () -- \Users\Libor\AppData\Roaming\Seznam.cz\conf\szndesktop.d\libfoxloader.conf
[2015.12.11 17:11:44 | 000,031,516 | ---- | M] () -- \Users\Libor\AppData\Roaming\Seznam.cz\install\cz.seznam.software.libfoxloader-3.1.2-win32.zip
[2015.01.06 16:17:14 | 000,000,665 | ---- | M] () -- \Users\Libor\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_2_5.install.bat
[2015.01.06 16:17:14 | 000,000,117 | ---- | M] () -- \Users\Libor\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_2_5.uninstall.bat
[2016.03.18 00:24:26 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2009.07.14 06:54:01 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2016.09.14 09:50:51 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23539_cs-cz_35c2a78474751f9a.manifest
[2016.09.14 09:50:51 | 000,034,536 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23539_cs-cz_35c2a78474751f9a_winload.exe.mui_3bc5b827
[2016.09.14 09:50:51 | 000,030,440 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23539_cs-cz_35c2a78474751f9a_winresume.exe.mui_ff8b5358
[2016.09.14 09:51:09 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23539_none_5da6f30ce41285cd.manifest
[2016.09.14 09:51:10 | 000,534,816 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23539_none_5da6f30ce41285cd_winload.exe_75835076
[2016.09.14 09:51:10 | 000,470,704 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23539_none_5da6f30ce41285cd_winresume.exe_85cd1215
[2009.07.14 04:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 04:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2015.05.13 08:45:33 | 000,000,612 | ---- | M] () -- \Windows\winsxs\FileMaps\programdata_microsoft_diagnosis_asimovuploader_0413bca0c3dfdda4.cdf-ms
[2010.11.21 03:15:24 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2015.02.03 05:54:10 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_cs-cz_352654f75b66aedd.manifest
[2015.02.03 06:04:47 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22948_cs-cz_35b6f5ae747dfd2f.manifest
[2015.04.27 21:41:46 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23040_cs-cz_35aecb80748565b9.manifest
[2015.05.25 20:50:50 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23072_cs-cz_35905c50749bec3a.manifest
[2015.07.15 05:32:43 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23126_cs-cz_35ca6efa746fc308.manifest
[2015.07.15 20:44:27 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23136_cs-cz_35bf9f0e7477def9.manifest
[2015.07.23 03:24:51 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23142_cs-cz_35b0cdfa7483958e.manifest
[2016.01.22 08:42:13 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23338_cs-cz_35c1a36e74760bf5.manifest
[2016.03.16 21:09:18 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23391_cs-cz_3579c1e074ad023a.manifest
[2016.03.18 01:01:03 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23392_cs-cz_357ac22a74ac1b91.manifest
[2016.04.09 09:21:02 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23418_cs-cz_35d7452c7465d13a.manifest
[2016.09.02 17:44:19 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23539_cs-cz_35c2a78474751f9a.manifest
[2010.11.20 23:23:54 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2015.02.03 05:32:58 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18741_none_5d0aa07fcb041510.manifest
[2015.02.03 05:54:42 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22948_none_5d9b4136e41b6362.manifest
[2015.04.27 21:17:27 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23040_none_5d931708e422cbec.manifest
[2015.05.25 20:35:55 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23072_none_5d74a7d8e439526d.manifest
[2015.07.15 05:25:32 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23126_none_5daeba82e40d293b.manifest
[2015.07.15 20:16:39 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23136_none_5da3ea96e415452c.manifest
[2015.07.23 02:23:37 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23142_none_5d951982e420fbc1.manifest
[2016.01.22 08:39:54 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23338_none_5da5eef6e4137228.manifest
[2016.03.16 21:02:45 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23391_none_5d5e0d68e44a686d.manifest
[2016.03.18 00:51:44 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23392_none_5d5f0db2e44981c4.manifest
[2016.04.09 09:16:41 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23418_none_5dbb90b4e403376d.manifest
[2016.09.02 17:45:24 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23539_none_5da6f30ce41285cd.manifest
[2009.07.14 03:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.01.22 07:59:07 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.19135_none_0ca4852bda219c26\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.12 04:03:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_0d169feaf3511c1f\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.01.22 07:58:11 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23338_none_0d3124baf33c851c\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.03.16 20:23:40 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23391_none_0ce9432cf3737b61\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.03.18 00:24:26 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23392_none_0cea4376f37294b8\api-ms-win-core-libraryloader-l1-1-0.dll

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2013.08.22 02:36:00 | 000,021,754 | ---- | M] () -- \Program Files\LibreOffice 4\program\classes\libserializer-1.1.6.jar
[2015.12.05 09:56:08 | 000,793,256 | ---- | M] () -- \Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.Mashup.Document.XmlSerializers.dll
[2015.12.05 09:55:07 | 000,133,800 | ---- | M] () -- \Program Files\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.Mashup.Storage.XmlSerializers.dll
[2016.07.11 17:05:28 | 000,434,368 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.50709.0\System.Runtime.Serialization.dll
[2016.09.14 09:52:33 | 001,164,288 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.50709.0\System.Runtime.Serialization.ni.dll
[2014.07.11 00:24:10 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.21 03:15:56 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2010.04.14 19:20:46 | 000,415,592 | ---- | M] () -- \Program Files\Windows Live\Mesh\System.Runtime.Serialization.dll
[2010.04.14 19:20:46 | 000,141,168 | ---- | M] () -- \Program Files\Windows Live\Mesh\System.Runtime.Serialization.Json.dll
[2010.04.14 19:20:46 | 000,321,376 | ---- | M] () -- \Program Files\Windows Live\Mesh\System.Xml.Serialization.dll
[2013.07.08 14:43:48 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014.06.24 01:43:20 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.13 04:37:50 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2014.07.11 00:24:10 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2016.05.11 07:10:33 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\5cbdc13bae7068a248da6dfb5cd96f69\System.Runtime.Serialization.ni.dll
[2016.05.11 06:48:29 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\c0340703d3054ede6a49516700f16d17\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2016.05.10 22:25:09 | 000,299,520 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\221e586032d2fd51f2d4465006102890\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2016.05.10 22:25:09 | 000,000,644 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\221e586032d2fd51f2d4465006102890\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2016.05.10 22:25:37 | 002,772,992 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\ffbd00c458124054f2049e9a25a7cca8\System.Runtime.Serialization.ni.dll
[2016.05.10 22:25:37 | 000,001,100 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\ffbd00c458124054f2049e9a25a7cca8\System.Runtime.Serialization.ni.dll.aux
[2016.04.13 09:30:36 | 000,025,600 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\d338702ac1d34ebaada2df45a48c64fd\System.Xml.Serialization.ni.dll
[2016.04.13 09:30:36 | 000,000,308 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\d338702ac1d34ebaada2df45a48c64fd\System.Xml.Serialization.ni.dll.aux
[2015.11.05 22:25:32 | 000,028,008 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2015.11.05 20:36:48 | 000,141,160 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2015.11.05 20:36:48 | 000,029,480 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Json\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Json.dll
[2015.11.05 20:36:48 | 000,029,512 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Primitives\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Primitives.dll
[2015.11.05 22:25:32 | 000,113,952 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2015.11.05 20:36:48 | 000,029,464 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Xml\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Xml.dll
[2015.11.05 20:36:48 | 001,037,568 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2015.11.05 20:36:48 | 000,045,800 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2015.11.05 20:36:48 | 000,029,936 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.XmlSerializer\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Xml.XmlSerializer.dll
[2014.06.24 01:43:20 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.21 03:15:47 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014.07.11 00:24:11 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2015.11.05 20:36:48 | 001,037,568 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2015.11.05 20:36:48 | 000,141,160 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2015.11.05 20:36:48 | 000,029,480 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Json.dll
[2015.11.05 20:36:48 | 000,029,512 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2015.11.05 20:36:48 | 000,029,464 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2015.11.05 20:36:48 | 000,045,800 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2015.11.05 20:36:48 | 000,029,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.XmlSerializer.dll
[2015.11.05 22:25:32 | 000,028,008 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2015.11.05 22:25:32 | 000,113,952 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2010.11.21 03:15:49 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 01:45:33 | 000,083,456 | ---- | M] () -- \Windows\System32\drivers\serial.sys
[2010.11.21 03:15:53 | 000,009,728 | ---- | M] () -- \Windows\System32\drivers\cs-CZ\serial.sys.mui
[2009.07.14 00:13:45 | 001,068,032 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\mdmmotsm.inf_x86_neutral_c1415d9789c54b89\smserial.sys
[2009.07.14 01:45:33 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_x86_neutral_c1a802e06677f73f\serial.sys
[2009.07.14 00:09:18 | 000,031,232 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_x86_neutral_63e72c669d043f14\grserial.sys
[2009.07.14 04:18:03 | 000,002,762 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486.manifest
[2009.07.14 04:18:03 | 000,015,952 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486_kdcom.dll_db5e7744
[2010.11.21 03:16:08 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009.07.14 04:18:51 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2010.11.20 23:24:56 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2014.07.02 07:57:49 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.18523_none_a6803b1074d97c29.manifest
[2014.07.14 04:04:09 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.18532_none_a681522274d87bdf.manifest
[2014.07.02 08:07:46 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22733_none_8fb394768e7ff5d7.manifest
[2014.07.14 04:04:27 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22743_none_8fb494c08e7f0f2e.manifest
[2010.11.21 03:15:32 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2014.07.02 08:50:42 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18523_cs-cz_342b81c984259c43.manifest
[2014.07.14 05:14:58 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_cs-cz_342c98db84249bf9.manifest
[2014.07.02 22:15:55 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22733_cs-cz_1d5edb2f9dcc15f1.manifest
[2014.07.14 05:04:07 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_cs-cz_1d5fdb799dcb2f48.manifest
[2010.11.20 23:24:56 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2014.07.02 08:00:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.18523_none_d6c370aa9c807d5c.manifest
[2014.07.14 04:06:40 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.18532_none_d6c487bc9c7f7d12.manifest
[2014.07.02 08:10:04 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22733_none_bff6ca10b626f70a.manifest
[2014.07.14 04:06:53 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22743_none_bff7ca5ab6261061.manifest
[2009.07.14 03:49:26 | 000,002,762 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486.manifest
[2009.07.14 03:45:27 | 000,000,866 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_2c93290b67c98d09.manifest
[2010.11.20 23:24:56 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2014.07.02 07:58:58 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18523_none_db9e1c77dd57179e.manifest
[2014.07.14 04:05:25 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18532_none_db9f3389dd561754.manifest
[2014.07.02 08:08:55 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22733_none_c4d175ddf6fd914c.manifest
[2014.07.14 04:05:41 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22743_none_c4d27627f6fcaaa3.manifest
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2014.06.24 01:43:20 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7601.18523_none_1c70653de072abde\System.Runtime.Serialization.Formatters.Soap.dll
[2014.06.24 01:43:36 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7601.22733_none_05a3bea3fa19258c\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.21 03:15:52 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.07.08 14:43:48 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7601.18523_cs-cz_d5997ba9da0ab4d7\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.20 23:29:48 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2014.03.09 23:47:42 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.18523_none_a6803b1074d97c29\System.Runtime.Serialization.dll
[2014.07.11 00:24:11 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.18532_none_a681522274d87bdf\System.Runtime.Serialization.dll
[2014.03.17 16:38:28 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22733_none_8fb394768e7ff5d7\System.Runtime.Serialization.dll
[2014.07.08 01:27:52 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22743_none_8fb494c08e7f0f2e\System.Runtime.Serialization.dll
[2010.11.21 03:15:56 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2010.11.13 04:37:50 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18523_cs-cz_342b81c984259c43\System.RunTime.Serialization.Resources.dll
[2010.11.13 04:37:50 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_cs-cz_342c98db84249bf9\System.RunTime.Serialization.Resources.dll
[2010.11.13 04:37:50 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22733_cs-cz_1d5edb2f9dcc15f1\System.RunTime.Serialization.Resources.dll
[2010.11.13 04:37:50 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_cs-cz_1d5fdb799dcb2f48\System.RunTime.Serialization.Resources.dll
[2010.11.20 23:29:48 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2014.03.09 23:47:42 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.18523_none_d6c370aa9c807d5c\System.Runtime.Serialization.dll
[2014.07.11 00:24:10 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.18532_none_d6c487bc9c7f7d12\System.Runtime.Serialization.dll
[2014.03.17 16:38:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22733_none_bff6ca10b626f70a\System.Runtime.Serialization.dll
[2014.07.08 01:27:52 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22743_none_bff7ca5ab6261061\System.Runtime.Serialization.dll
[2009.07.14 00:13:45 | 001,068,032 | ---- | M] () -- \Windows\winsxs\x86_mdmmotsm.inf_31bf3856ad364e35_6.1.7600.16385_none_7a97936f8a972896\smserial.sys
[2010.11.21 03:15:47 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_c233d4df09982c29\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.21 03:15:47 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.18523_cs-cz_c227ede109a14864\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.21 03:15:47 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.22731_cs-cz_c2a4bc1222c8ce98\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.21 03:15:49 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2010.11.21 03:15:56 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2010.11.21 03:15:56 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.18523_cs-cz_5f6f957eb0ca0ea1\System.RunTime.Serialization.Resources.dll
[2010.11.21 03:15:56 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.22733_cs-cz_5fee6443c9efc783\System.RunTime.Serialization.Resources.dll
[2010.11.21 03:15:53 | 000,009,728 | ---- | M] () -- \Windows\winsxs\x86_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_c48c78a9ad8ff996\serial.sys.mui
[2009.07.14 01:45:33 | 000,083,456 | ---- | M] () -- \Windows\winsxs\x86_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_f86e06d519b1d9a4\serial.sys
[2009.07.14 00:09:18 | 000,031,232 | ---- | M] () -- \Windows\winsxs\x86_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_7280378295916274\grserial.sys
[2010.11.20 23:29:48 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2014.03.09 23:47:42 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18523_none_db9e1c77dd57179e\System.Runtime.Serialization.dll
[2014.07.11 00:24:10 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18532_none_db9f3389dd561754\System.Runtime.Serialization.dll
[2014.03.17 16:38:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22733_none_c4d175ddf6fd914c\System.Runtime.Serialization.dll
[2014.07.08 01:27:52 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22743_none_c4d27627f6fcaaa3\System.Runtime.Serialization.dll

< *w7lxe* /s >

< End of report >

VIRY.CZ

Zpomalený počítač

Re: Zpomalený počítač

Re: Zpomalený počítač

Re: Zpomalený počítač

Re: Zpomalený počítač

Re: Zpomalený počítač

Re: Zpomalený počítač

Re: Zpomalený počítač

Re: Zpomalený počítač

Re: Zpomalený počítač

Re: Zpomalený počítač

Re: Zpomalený počítač

Re: Zpomalený počítač

Re: Zpomalený počítač

Re: Zpomalený počítač

Re: Zpomalený počítač