Velmi pomalé notebook

[Márty84]

Odinstalovala jste MBAM? Porad ho tam vidim. Musi pryc, jinak se bude prat s Avastem.



Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
Najdete tento soubor C:\Program Files\trend micro\vladimír.exe , kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Kliknete na Main menu a na Do a system scan only
U techto radku dejte vlevo zatrzitko

Kód: Vybrat vše

R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [SiteRanker] "C:\Program Files\SiteRanker\SiteRankTray.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe /s
O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ7.4\ICQ.exe" silent loginmode=4
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: Game Alarm.lnk = C:\Games\Game Alarm\gamealarm.exe
O4 - Global Startup: GamersFirst LIVE!.lnk = C:\Program Files\GamersFirst\LIVE!\Live.exe

Kliknete na nápis Fix checked a potvrdte





Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
Stahnete OTM http://oldtimer.geekstogo.com/OTM.exe a ulozte nejlepe na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Do leveho okna zkopirujte tento skript (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[RESETHOSTS]
[Purity]

:services
MBAMProtector
MBAMService
MBAMScheduler
NAUpdate
Nero BackItUp Scheduler 3
NMIndexingService
gupdate1c9bb839f812513
SkypeUpdate
gupdatem
gusvc

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\Install.job
C:\Windows\tasks\User_Feed_Synchronization-{EC8F04E4-6B45-438C-B532-E6115DF13F24}.job
C:\ProgramData\Norton
C:\ProgramData\Symantec
C:\Windows\system32\drivers\mbam.sys
C:\Program Files\Malwarebytes' Anti-Malware

Kliknete na MoveIt a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu sem dejte log, ktery na vas vyskoci, nebo bude zde C:\_OTM\MovedFiles\xxxxxxxx_xxxxxx (misto tech x budou cisla, predstavujici datum a cas spusteni)

[zeleninka100]

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User

User: Public

User: vladimír
->Temp folder emptied: 805409569 bytes
->Temporary Internet Files folder emptied: 1254400146 bytes
->FireFox cache emptied: 46963202 bytes
->Google Chrome cache emptied: 352731172 bytes
->Flash cache emptied: 648390 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 2512592 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 496534176 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 19416400 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 2 841,00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Public

User: vladimír
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
========== SERVICES/DRIVERS ==========
Error: No service named MBAMProtector was found to stop!
Service\Driver key MBAMProtector not found.
Error: No service named MBAMService was found to stop!
Service\Driver key MBAMService not found.
Error: No service named MBAMScheduler was found to stop!
Service\Driver key MBAMScheduler not found.
Service NAUpdate stopped successfully!
Service NAUpdate deleted successfully!
Service Nero BackItUp Scheduler 3 stopped successfully!
Service Nero BackItUp Scheduler 3 deleted successfully!
Service NMIndexingService stopped successfully!
Service NMIndexingService deleted successfully!
Service gupdate1c9bb839f812513 stopped successfully!
Service gupdate1c9bb839f812513 deleted successfully!
Service SkypeUpdate stopped successfully!
Service SkypeUpdate deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
Service gusvc stopped successfully!
Service gusvc deleted successfully!
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\tasks\Install.job moved successfully.
C:\Windows\tasks\User_Feed_Synchronization-{EC8F04E4-6B45-438C-B532-E6115DF13F24}.job moved successfully.
C:\ProgramData\Norton folder moved successfully.
C:\ProgramData\Symantec\Shared\QBackup folder moved successfully.
C:\ProgramData\Symantec\Shared folder moved successfully.
C:\ProgramData\Symantec\LiveUpdate folder moved successfully.
C:\ProgramData\Symantec folder moved successfully.
File/Folder C:\Windows\system32\drivers\mbam.sys not found.
C:\Program Files\Malwarebytes' Anti-Malware folder moved successfully.

OTM by OldTimer - Version 3.1.21.0 log created on 03242013_155522

Files moved on Reboot...
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

[zeleninka100]

Ješte to tady je pomaly internet, jednou je to rychle a podruhe velmi pomalé.

[Márty84]

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

[zeleninka100]

OTL logfile created on: 27.3.2013 10:41:49 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\vladimír\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,75 Gb Total Physical Memory | 1,39 Gb Available Physical Memory | 50,46% Memory free
5,70 Gb Paging File | 4,25 Gb Available in Paging File | 74,58% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 80,30 Gb Free Space | 53,88% Space Free | Partition Type: NTFS
Drive D: | 139,28 Gb Total Space | 139,07 Gb Free Space | 99,85% Space Free | Partition Type: NTFS

Computer Name: DOMACI | User Name: vladimír | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013.03.27 10:40:20 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\vladimír\Desktop\OTL.exe
PRC - [2013.03.24 16:35:59 | 000,706,776 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\Macromed\Flash\FlashUtil32_11_6_602_180_ActiveX.exe
PRC - [2013.03.23 15:50:17 | 002,317,848 | ---- | M] () -- C:\Windows\System32\ssins.exe
PRC - [2013.03.07 00:32:44 | 004,767,304 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013.03.07 00:32:44 | 000,045,248 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2009.05.21 21:13:36 | 000,275,768 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
PRC - [2009.05.21 20:46:36 | 000,559,104 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqbam08.exe
PRC - [2009.05.21 20:46:36 | 000,168,960 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqste08.exe
PRC - [2009.05.21 17:57:00 | 000,362,496 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqgpc01.exe
PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.11.18 01:16:04 | 003,054,136 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2008.08.12 09:21:11 | 006,265,376 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008.07.19 04:52:16 | 000,104,936 | ---- | M] (CyberLink) -- C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2008.07.10 02:09:26 | 000,191,032 | ---- | M] (ATK) -- C:\Program Files\P4G\BatteryLife.exe
PRC - [2008.06.18 07:10:24 | 000,297,528 | ---- | M] (ASUS) -- C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
PRC - [2008.06.04 02:29:08 | 000,851,968 | ---- | M] (ATK) -- C:\Program Files\ASUS\Splendid\ACMON.exe
PRC - [2008.04.10 20:32:18 | 000,752,168 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2008.03.18 05:27:11 | 000,013,312 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
PRC - [2008.02.02 00:17:26 | 000,233,472 | ---- | M] (ATK0100) -- C:\Program Files\ATK Hotkey\HControl.exe
PRC - [2008.01.24 00:34:42 | 007,766,016 | ---- | M] () -- C:\Program Files\ATKOSD2\ATKOSD2.exe
PRC - [2008.01.23 19:51:28 | 000,151,552 | ---- | M] () -- C:\Program Files\ATK Hotkey\WDC.exe
PRC - [2008.01.12 07:40:10 | 000,098,304 | ---- | M] () -- C:\Program Files\ATK Hotkey\HControlUser.exe
PRC - [2007.12.04 19:57:06 | 002,486,272 | ---- | M] () -- C:\Program Files\ATK Hotkey\ATKOSD.exe
PRC - [2007.11.30 20:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files\ASUS\ASUS Live Update\ALU.exe
PRC - [2007.11.05 04:48:06 | 000,106,496 | ---- | M] () -- C:\Program Files\ATK Hotkey\MsgTranAgt.exe
PRC - [2007.10.03 06:53:00 | 000,094,208 | ---- | M] () -- C:\Program Files\ATK Hotkey\AsLdrSrv.exe
PRC - [2007.09.18 01:05:08 | 000,040,960 | ---- | M] ( ) -- C:\Program Files\ASUS\ATK Media\GPSWatch.exe
PRC - [2007.08.17 07:40:29 | 000,102,400 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPStart.exe
PRC - [2007.08.15 20:20:16 | 000,106,496 | ---- | M] () -- C:\Program Files\ATK Hotkey\KBFiltr.exe
PRC - [2007.08.08 09:08:40 | 000,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe
PRC - [2007.08.03 21:24:54 | 000,125,496 | ---- | M] () -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
PRC - [2007.07.06 01:53:44 | 001,040,384 | ---- | M] () -- C:\Program Files\Wireless Console 2\wcourier.exe
PRC - [2007.05.24 06:06:56 | 000,061,440 | ---- | M] (ASUSTeK Computer INC.) -- C:\Program Files\ASUS\ATK Media\DMedia.exe
PRC - [2007.05.11 03:06:38 | 000,341,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
PRC - [2005.07.07 00:43:42 | 000,155,648 | ---- | M] (ASUSTeK) -- C:\Windows\System32\ACEngSvr.exe
PRC - [2003.04.06 01:17:18 | 000,147,456 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe


========== Modules (No Company Name) ==========

MOD - [2008.07.19 04:52:08 | 000,649,704 | ---- | M] () -- C:\Program Files\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2008.06.09 18:55:08 | 000,013,096 | ---- | M] () -- C:\Program Files\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2008.04.10 20:25:54 | 000,126,976 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll
MOD - [2008.01.24 00:34:42 | 007,766,016 | ---- | M] () -- C:\Program Files\ATKOSD2\ATKOSD2.exe
MOD - [2008.01.12 07:40:10 | 000,098,304 | ---- | M] () -- C:\Program Files\ATK Hotkey\HControlUser.exe
MOD - [2007.11.30 20:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files\ASUS\ASUS Live Update\ALU.exe
MOD - [2007.11.13 00:41:50 | 000,106,496 | ---- | M] () -- C:\Program Files\ATK Hotkey\MsgTran.dll
MOD - [2007.01.13 03:01:28 | 000,475,136 | R--- | M] () -- C:\Program Files\Adobe\Reader 8.0\Reader\ccme_base.dll
MOD - [2007.01.13 03:01:28 | 000,397,312 | R--- | M] () -- C:\Program Files\Adobe\Reader 8.0\Reader\cryptocme2.dll


========== Services (SafeList) ==========

SRV - File not found [Disabled | Unknown] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2013.03.24 16:36:00 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.03.23 15:50:17 | 002,317,848 | ---- | M] () [Auto | Running] -- C:\Windows\System32\ssins.exe -- (ssinstall)
SRV - [2013.03.21 00:11:11 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.03.07 00:32:44 | 000,045,248 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010.02.21 00:05:18 | 000,373,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2009.05.21 21:13:36 | 000,248,832 | ---- | M] (Hewlett-Packard Co.) [On_Demand | Running] -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08)
SRV - [2009.05.21 21:03:06 | 000,133,120 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqddsvc.dll -- (hpqddsvc)
SRV - [2009.04.11 07:28:17 | 000,052,224 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2008.03.18 05:27:11 | 000,013,312 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2008.01.21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.10.03 06:53:00 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2007.08.08 09:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2007.08.03 21:24:54 | 000,125,496 | ---- | M] () [Auto | Running] -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe -- (spmgr)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2013.03.07 00:33:24 | 000,765,736 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2013.03.07 00:33:24 | 000,368,176 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2013.03.07 00:33:24 | 000,164,736 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2013.03.07 00:33:24 | 000,062,376 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2013.03.07 00:33:24 | 000,049,760 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2013.03.07 00:33:24 | 000,049,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013.03.07 00:33:23 | 000,066,336 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2013.03.07 00:33:22 | 000,029,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2013.02.18 09:22:18 | 000,149,352 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2011.12.08 05:22:26 | 000,136,808 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2011.12.08 05:22:26 | 000,121,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus)
DRV - [2011.12.08 05:22:26 | 000,114,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadserd.sys -- (ssadserd)
DRV - [2011.12.08 05:22:26 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadadb.sys -- (androidusb)
DRV - [2011.12.08 05:22:26 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV - [2010.02.28 13:30:23 | 000,077,004 | ---- | M] (Oak Technology Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AFS.SYS -- (AFS)
DRV - [2009.09.05 14:25:36 | 001,183,744 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009.07.02 00:59:00 | 009,786,752 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008.07.22 03:21:07 | 000,015,872 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2008.07.08 11:32:51 | 001,050,656 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2008.06.03 07:41:51 | 000,015,928 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbfiltr.sys -- (kbfiltr)
DRV - [2008.04.07 07:00:45 | 000,006,656 | ---- | M] (Generic) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CRFILTER.sys -- (CRFILTER)
DRV - [2008.03.21 05:12:59 | 001,203,776 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2008.02.05 08:52:23 | 000,206,464 | ---- | M] (eMPIA Technology Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\etFilter.sys -- (FiltUSBET)
DRV - [2008.01.31 12:18:57 | 000,006,528 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\etScan.sys -- (ScanUSBET)
DRV - [2007.09.06 09:43:49 | 000,474,624 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\etDevice.sys -- (DCamUSBET)
DRV - [2007.08.03 05:26:21 | 000,020,936 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys -- (ghaio)
DRV - [2007.07.24 20:09:04 | 000,013,880 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ATKGFNEX\ASMMAP.sys -- (ASMMAP)
DRV - [2006.12.14 08:11:57 | 000,007,680 | ---- | M] (ATK0100) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor)
DRV - [2006.11.02 08:41:49 | 001,010,560 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain ... &bmod=ASUS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain ... &bmod=ASUS
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=i ... lz=1I7ASUS

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain ... &bmod=ASUS
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=i ... US_csCZ320
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..extensions.enabledAddons: %7Bea614400-e918-4741-9a97-7a972ff7c30b%7D:2.5.14
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF - prefs.js..keyword.URL: ""
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1165635.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@gamersfirst.com/LiveLauncher: C:\Program Files\GamersFirst\LIVE!\nplivelauncher.dll File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa2,version=2.0.0: C:\Program Files\Picasa2\npPicasa2.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@virtools.com/3DviaPlayer: C:\Program Files\Virtools\3D Life Player\npvirtools.dll (Dassault Systèmes)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\siteranker@siteranker.com: C:\Program Files\SiteRanker\firefox\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\Hewlett-Packard\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.06.02 14:03:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.03.07 22:08:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.03.21 00:11:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\Hewlett-Packard\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.06.02 14:03:30 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.03.21 00:11:12 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2012.01.26 15:08:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\vladimír\AppData\Roaming\Mozilla\Extensions
[2013.03.20 23:44:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\vladimír\AppData\Roaming\Mozilla\Firefox\Profiles\flwl4y5x.default\extensions
[2013.03.20 23:44:59 | 000,000,000 | ---D | M] (Seznam lištiÄŤka) -- C:\Users\vladimír\AppData\Roaming\Mozilla\Firefox\Profiles\flwl4y5x.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2013.03.20 23:43:41 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013.03.20 23:43:41 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\distribution\extensions
[2013.03.20 23:43:41 | 000,000,000 | ---D | M] (Seznam lištička) -- C:\Program Files\Mozilla Firefox\distribution\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
File not found (No name found) -- C:\USERS\VLADIMĂ­R\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FLWL4Y5X.DEFAULT\EXTENSIONS\{EA614400-E918-4741-9A97-7A972FF7C30B}
[2013.03.21 00:11:11 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2013.02.16 09:25:21 | 000,002,421 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2013.02.16 09:25:21 | 000,000,851 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2013.02.16 09:25:21 | 000,001,580 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2013.02.16 09:25:21 | 000,000,867 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2013.02.16 09:25:21 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - default_search_provider: Google.cz (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage:
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.172\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.172\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.172\pdf.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Picasa2\npPicasa2.dll
CHR - plugin: 3DVIA player (Enabled) = C:\Program Files\Virtools\3D Life Player\npvirtools.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw_1165635.dll
CHR - Extension: YouTube = C:\Users\vladimír\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\vladimír\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: Gmail = C:\Users\vladimír\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2013.03.24 16:28:52 | 000,000,000 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\Hewlett-Packard\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\Hewlett-Packard\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files\ATKOSD2\ATKOSD2.exe ()
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [HControlUser] C:\Program Files\ATK Hotkey\HcontrolUser.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [P2Go_Menu] C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\Hewlett-Packard\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O13 - gopher Prefix: missing
O15 - HKLM\..Trusted Domains: localhost ([]http in Internet)
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CCF532DA-FA10-415E-B09F-E6E611BD03A0}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E5196F93-DDB9-49BD-ACF1-FA977EBCBFBF}: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\vladimír\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\vladimír\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: wave2 - C:\Windows\System32\serwvdrv.dll (Microsoft Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2013.03.27 10:40:20 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\vladimír\Desktop\OTL.exe
[2013.03.24 16:35:59 | 000,693,976 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013.03.24 16:35:59 | 000,073,432 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013.03.24 15:55:22 | 000,000,000 | ---D | C] -- C:\_OTM
[2013.03.24 15:53:58 | 000,522,240 | ---- | C] (OldTimer Tools) -- C:\Users\vladimír\Desktop\OTM.exe
[2013.03.23 21:03:31 | 000,000,000 | ---D | C] -- C:\Users\vladimír\Desktop\RK_Quarantine
[2013.03.23 18:52:38 | 000,000,000 | ---D | C] -- C:\Users\vladimír\AppData\Roaming\Malwarebytes
[2013.03.23 18:52:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.03.23 15:11:54 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.03.23 15:11:54 | 000,000,000 | ---D | C] -- C:\rsit
[2013.03.21 20:41:13 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023.sys
[2013.03.20 23:43:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2013.03.20 23:43:44 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2013.03.20 23:43:39 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013.03.15 18:03:27 | 000,754,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webservices.dll
[2013.03.15 17:58:08 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2013.03.15 17:55:08 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2013.03.15 17:55:07 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2013.03.15 17:55:07 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013.03.15 17:55:06 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013.03.15 17:55:06 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2013.03.15 17:55:06 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2013.03.15 17:55:06 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2013.03.15 17:55:06 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2013.03.15 17:55:05 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2013.03.15 17:55:05 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2013.03.15 17:55:05 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2013.03.15 17:55:05 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2013.03.15 17:55:05 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2013.03.15 17:55:04 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013.03.15 17:55:04 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013.03.15 17:55:04 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2013.03.15 17:55:04 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013.03.15 17:55:04 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2013.03.15 17:55:04 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2013.03.15 17:55:04 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2013.03.15 17:55:04 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2013.03.15 17:55:04 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2013.03.15 17:55:04 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2013.03.15 17:55:04 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2013.03.15 17:55:03 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013.03.15 17:55:03 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2013.03.15 17:55:03 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2013.03.15 17:55:03 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013.03.15 17:55:03 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2013.03.15 17:55:03 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2013.03.15 17:55:02 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013.03.15 17:55:02 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2013.03.15 17:55:02 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2013.03.15 17:55:02 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2013.03.15 17:55:02 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2013.03.15 17:55:02 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2013.03.15 17:55:02 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2013.02.27 13:14:03 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2013.02.25 14:58:10 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee

========== Files - Modified Within 30 Days ==========

[2013.03.27 10:46:18 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.03.27 10:40:20 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\vladimír\Desktop\OTL.exe
[2013.03.27 10:35:28 | 000,063,544 | ---- | M] () -- C:\ProgramData\nvModes.001
[2013.03.27 10:35:21 | 000,063,544 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2013.03.27 10:35:10 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013.03.27 10:35:10 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013.03.27 10:34:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.03.24 16:50:39 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2013.03.24 16:44:57 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.03.24 16:35:59 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013.03.24 16:35:59 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013.03.24 16:28:52 | 000,000,000 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2013.03.24 16:06:14 | 000,045,056 | ---- | M] () -- C:\Windows\System32\acovcnt.exe
[2013.03.24 15:53:58 | 000,522,240 | ---- | M] (OldTimer Tools) -- C:\Users\vladimír\Desktop\OTM.exe
[2013.03.23 21:03:03 | 000,816,128 | ---- | M] () -- C:\Users\vladimír\Desktop\RogueKiller.exe
[2013.03.23 18:47:49 | 002,319,732 | ---- | M] () -- C:\Users\vladimír\Scan0002.tif
[2013.03.23 18:46:24 | 011,996,604 | ---- | M] () -- C:\Users\vladimír\Scan0001.tif
[2013.03.23 17:38:34 | 000,609,993 | ---- | M] () -- C:\Users\vladimír\Desktop\adwcleaner.exe
[2013.03.23 16:00:45 | 000,019,286 | ---- | M] () -- C:\cleanup.exe
[2013.03.23 16:00:16 | 000,731,136 | ---- | M] () -- C:\Users\vladimír\Desktop\avenger.exe
[2013.03.23 15:59:36 | 000,724,952 | ---- | M] () -- C:\Users\vladimír\Desktop\avenger.zip
[2013.03.23 15:50:18 | 000,000,079 | ---- | M] () -- C:\Windows\System32\ssinstall-uninstall.bat
[2013.03.23 15:50:17 | 002,317,848 | ---- | M] () -- C:\Windows\System32\ssins.exe
[2013.03.23 15:09:57 | 000,781,383 | ---- | M] () -- C:\Users\vladimír\Desktop\RSIT.exe
[2013.03.22 00:06:43 | 000,061,440 | ---- | M] () -- C:\Users\vladimír\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.03.20 23:43:46 | 000,000,853 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.03.16 11:49:07 | 000,001,978 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.03.15 17:55:23 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat
[2013.03.15 17:55:23 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat
[2013.03.15 17:55:08 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2013.03.15 17:55:07 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2013.03.15 17:55:07 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013.03.15 17:55:06 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013.03.15 17:55:06 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2013.03.15 17:55:06 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2013.03.15 17:55:06 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2013.03.15 17:55:06 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2013.03.15 17:55:05 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2013.03.15 17:55:05 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2013.03.15 17:55:05 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2013.03.15 17:55:05 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2013.03.15 17:55:05 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2013.03.15 17:55:04 | 001,427,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013.03.15 17:55:04 | 000,607,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013.03.15 17:55:04 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2013.03.15 17:55:04 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013.03.15 17:55:04 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2013.03.15 17:55:04 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2013.03.15 17:55:04 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2013.03.15 17:55:04 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2013.03.15 17:55:04 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2013.03.15 17:55:04 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2013.03.15 17:55:04 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2013.03.15 17:55:04 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2013.03.15 17:55:03 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013.03.15 17:55:03 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2013.03.15 17:55:03 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2013.03.15 17:55:03 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013.03.15 17:55:03 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2013.03.15 17:55:03 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2013.03.15 17:55:02 | 001,800,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013.03.15 17:55:02 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2013.03.15 17:55:02 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2013.03.15 17:55:02 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2013.03.15 17:55:02 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2013.03.15 17:55:02 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2013.03.15 17:55:02 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2013.03.15 17:34:14 | 000,000,824 | ---- | M] () -- C:\Users\vladimír\Desktop\IrfanView.lnk
[2013.03.14 10:00:32 | 000,607,714 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2013.03.14 10:00:32 | 000,596,246 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.03.14 10:00:32 | 000,118,346 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2013.03.14 10:00:32 | 000,104,320 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.03.07 22:08:39 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2013.03.07 00:33:24 | 000,765,736 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2013.03.07 00:33:24 | 000,368,176 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2013.03.07 00:33:24 | 000,164,736 | ---- | M] () -- C:\Windows\System32\drivers\aswVmm.sys
[2013.03.07 00:33:24 | 000,062,376 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2013.03.07 00:33:24 | 000,049,760 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2013.03.07 00:33:24 | 000,049,248 | ---- | M] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2013.03.07 00:33:23 | 000,066,336 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2013.03.07 00:33:22 | 000,029,816 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2013.03.07 00:32:51 | 000,041,664 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2013.03.07 00:32:42 | 000,228,600 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2013.02.27 13:25:14 | 000,000,380 | ---- | M] () -- C:\Users\vladimír\Desktop\Obrázky.lnk
[2013.02.27 13:14:18 | 000,001,894 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 8.lnk

[zeleninka100]

========== Files Created - No Company Name ==========

[2013.03.27 10:46:18 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.03.24 16:36:03 | 000,000,914 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.03.23 21:03:03 | 000,816,128 | ---- | C] () -- C:\Users\vladimír\Desktop\RogueKiller.exe
[2013.03.23 18:47:48 | 002,319,732 | ---- | C] () -- C:\Users\vladimír\Scan0002.tif
[2013.03.23 18:46:23 | 011,996,604 | ---- | C] () -- C:\Users\vladimír\Scan0001.tif
[2013.03.23 17:38:33 | 000,609,993 | ---- | C] () -- C:\Users\vladimír\Desktop\adwcleaner.exe
[2013.03.23 16:00:45 | 000,019,286 | ---- | C] () -- C:\cleanup.exe
[2013.03.23 15:59:33 | 000,724,952 | ---- | C] () -- C:\Users\vladimír\Desktop\avenger.zip
[2013.03.23 15:50:18 | 000,000,079 | ---- | C] () -- C:\Windows\System32\ssinstall-uninstall.bat
[2013.03.23 15:50:17 | 002,317,848 | ---- | C] () -- C:\Windows\System32\ssins.exe
[2013.03.23 15:09:57 | 000,781,383 | ---- | C] () -- C:\Users\vladimír\Desktop\RSIT.exe
[2013.03.20 23:43:46 | 000,000,865 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013.03.20 23:43:46 | 000,000,853 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.03.15 17:55:04 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2013.03.07 22:08:40 | 000,164,736 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2013.03.07 22:08:39 | 000,049,248 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2013.02.27 13:25:14 | 000,000,380 | ---- | C] () -- C:\Users\vladimír\Desktop\Obrázky.lnk
[2013.02.27 13:14:18 | 000,001,894 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 8.lnk
[2013.02.27 13:14:18 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 8.lnk
[2012.12.25 14:11:47 | 000,000,581 | ---- | C] () -- C:\Users\vladimír\AppData\Local\cookies.ini
[2012.06.13 11:18:36 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2011.12.23 20:58:28 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011.12.23 20:58:24 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2011.12.23 20:58:24 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2011.12.23 20:58:24 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2011.12.23 20:58:24 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2011.08.11 22:41:03 | 000,000,680 | ---- | C] () -- C:\Users\vladimír\AppData\Local\d3d9caps.dat
[2011.06.02 14:01:53 | 000,001,041 | ---- | C] () -- C:\Users\vladimír\Nakupujte spotřební materiál HP.lnk
[2011.06.02 13:51:09 | 000,180,261 | ---- | C] () -- C:\Windows\hpoins44.dat
[2011.05.03 21:53:32 | 000,000,026 | ---- | C] () -- C:\Windows\NeoSetup.INI
[2011.04.09 17:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2009.07.27 15:01:39 | 000,000,000 | -H-- | C] () -- C:\Users\vladimír\hpothb07.tif
[2009.07.27 15:01:39 | 000,000,000 | -H-- | C] () -- C:\Users\vladimír\hpothb07.dat
[2009.06.17 10:34:20 | 000,061,440 | ---- | C] () -- C:\Users\vladimír\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.04.12 16:42:58 | 000,000,048 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.04.04 16:45:10 | 000,063,544 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009.04.04 16:43:50 | 000,063,544 | ---- | C] () -- C:\ProgramData\nvModes.dat

========== ZeroAccess Check ==========

[2006.11.02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2010.01.23 18:45:19 | 000,000,000 | ---D | M] -- C:\Users\vladimír\AppData\Roaming\Farm Mania
[2012.11.27 17:03:47 | 000,000,000 | ---D | M] -- C:\Users\vladimír\AppData\Roaming\ICQ
[2012.03.10 19:12:11 | 000,000,000 | ---D | M] -- C:\Users\vladimír\AppData\Roaming\Product_RM
[2011.02.04 17:07:53 | 000,000,000 | ---D | M] -- C:\Users\vladimír\AppData\Roaming\ProtectDISC
[2011.09.10 18:05:16 | 000,000,000 | ---D | M] -- C:\Users\vladimír\AppData\Roaming\Registry Mechanic
[2012.01.07 19:05:18 | 000,000,000 | ---D | M] -- C:\Users\vladimír\AppData\Roaming\Samsung

========== Purity Check ==========



========== Custom Scans ==========

< >
[2006.11.02 14:01:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2006.11.02 14:01:49 | 000,032,608 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2013.03.24 16:36:03 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job

< >

< MD5 for: AGP440.SYS >
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009.04.11 07:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\System32\autochk.exe
[2009.04.11 07:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6002.18005_none_e3df6655bee2ee3b\autochk.exe
[2008.01.21 03:24:45 | 000,642,560 | ---- | M] (Microsoft Corporation) MD5=2FC5BE79B51714B479809358E4908FC3 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.18000_none_e1f3ed49c1c122ef\autochk.exe

< MD5 for: CDROM.SYS >
[2008.01.21 03:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys
[2008.01.21 03:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[2009.04.11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\drivers\cdrom.sys
[2009.04.11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys
[2009.04.11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys
[2006.11.02 09:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2008.01.21 03:24:35 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=6DE363F9F99334514C46AEC02D3E3678 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_75ff99649acf4de9\cryptsvc.dll
[2012.04.23 17:00:53 | 000,133,120 | ---- | M] (Microsoft Corporation) MD5=75C6A297E364014840B48ECCD7525E30 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18618_none_77e34ec697f67015\cryptsvc.dll
[2012.04.23 15:48:06 | 000,135,168 | ---- | M] (Microsoft Corporation) MD5=C979AEA8C4D8F875CD25507D08980006 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.22840_none_78447b63b1339621\cryptsvc.dll
[2012.06.02 12:09:26 | 000,135,168 | ---- | M] (Microsoft Corporation) MD5=DD9CCF40ED80DD0D62F1B607A1EA4449 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.22869_none_7837de25b13bb212\cryptsvc.dll
[2012.06.02 01:02:32 | 000,133,120 | ---- | M] (Microsoft Corporation) MD5=F1E8C34892336D33EDDCDFE44E474F64 -- C:\Windows\System32\cryptsvc.dll
[2012.06.02 01:02:32 | 000,133,120 | ---- | M] (Microsoft Corporation) MD5=F1E8C34892336D33EDDCDFE44E474F64 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18643_none_77bddd9098134535\cryptsvc.dll
[2009.04.11 07:28:18 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_77eb127097f11935\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2008.10.29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008.10.29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008.10.30 04:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008.10.28 03:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008.01.21 03:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

< MD5 for: HAL.DLL >
[2009.04.11 07:32:46 | 000,177,128 | ---- | M] (Microsoft Corporation) MD5=B8D52005181A15D7D1470CBF2AF214DD -- C:\Windows\System32\hal.dll

< MD5 for: IASTORV.SYS >
[2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2006.11.02 10:50:24 | 000,047,208 | ---- | M] (Microsoft Corporation) MD5=350FCA7E73CF65BCEF43FAE1E4E91293 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\isapnp.sys
[2008.01.21 03:23:01 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\drivers\isapnp.sys
[2008.01.21 03:23:01 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\isapnp.sys
[2008.01.21 03:23:01 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\isapnp.sys
[2008.01.21 03:23:01 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\isapnp.sys
[2008.01.21 03:23:01 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\isapnp.sys

< MD5 for: LSASS.EXE >
[2009.06.15 13:51:56 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=203D86EBD6D8E4C8501B222421E81506 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_a886901f7335e2fc\lsass.exe
[2009.09.10 15:44:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=2D3AC5E7AC01E905F3ABD2D745FE3A9B -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_a8a80213731ca5a7\lsass.exe
[2009.06.15 13:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_a7fbf30a5a1929db\lsass.exe
[2009.02.13 08:26:04 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=59DE082968FDD257FFF0D209B9A5B460 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_a44eb0105fb4d975\lsass.exe
[2012.06.01 23:37:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=613DEB66A91820F0A41915B40BB8833F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22869_none_a882cf8373379c5f\lsass.exe
[2009.06.15 14:03:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=6F1F23D3599EAE17734451936B7F17C6 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_a69e1da376115b2a\lsass.exe
[2011.11.16 15:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A3E186B4B935905B829219502557314E -- C:\Windows\System32\lsass.exe
[2011.11.16 15:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A3E186B4B935905B829219502557314E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18541_none_a806cc745a10ffad\lsass.exe
[2011.11.16 15:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A3E186B4B935905B829219502557314E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18643_none_a808ceee5a0f2f82\lsass.exe
[2009.06.15 13:57:59 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A911ECAC81F94ADEAFBE8E3F7873EDB0 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_a600dfae5d0228c9\lsass.exe
[2009.02.13 05:58:37 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=AFF8A58280863629CA4FFA9E0B259F1E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_a4e2f4e978ca9090\lsass.exe
[2009.06.15 13:59:08 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=BA9A67672E025078C77967731BCFC560 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_a4b3e75378eccda6\lsass.exe
[2009.06.15 14:10:12 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=C731B1FE449D4E9CEA358C9D55B69BE9 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_a418a0745fdd652a\lsass.exe
[2009.09.09 12:09:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=CB7E838C140B4087B2DA323F2D4523C5 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_a6d1618975e9b345\lsass.exe
[2009.09.10 15:47:51 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=D09A5DA84B7C9CA9B02EBCD7FAE41C8D -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_a4dd285578ce285b\lsass.exe
[2008.01.21 03:24:15 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_a64a8ac25ccb3836\lsass.exe
[2008.01.21 03:24:15 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_a644c0145ccecd28\lsass.exe
[2008.01.21 03:24:15 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_none_a83603ce59ed0382\lsass.exe
[2011.11.16 14:57:04 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=EBFAEB786C46B407930811F94F08877D -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22742_none_a8916b6f732db5f5\lsass.exe
[2009.02.13 09:20:29 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=F4C62B07E5BF96F1FDCA9DB393ECED22 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_a68e7da1761c2def\lsass.exe

< MD5 for: NDIS.SYS >
[2009.04.11 07:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\System32\drivers\ndis.sys
[2009.04.11 07:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys
[2008.01.21 03:23:50 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys
[2008.02.08 05:25:28 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=C8560010A542B5DCA94C62468DC20784 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.22110_none_a845f8a63534c8d3\ndis.sys
[2008.02.08 05:22:00 | 000,503,352 | ---- | M] (Microsoft Corporation) MD5=E50187F20ED749F57C97836FEDE14BD6 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6000.20768_none_a631acb4382f8e4f\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.21 03:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

< MD5 for: NVRAID.SYS >
[2008.01.21 03:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\System32\drivers\nvraid.sys
[2008.01.21 03:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvraid.sys
[2008.01.21 03:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvraid.sys
[2006.11.02 10:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) MD5=E69E946F80C1C31C53003BFBF50CBB7C -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2006.11.02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

< MD5 for: SCECLI.DLL >
[2008.01.21 03:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

< MD5 for: SMSS.EXE >
[2008.01.21 03:23:50 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=6701DDAF68BEDE6BBEEA9D514D73A35B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6001.18000_none_ac3aa7fd19319fba\smss.exe
[2009.04.11 07:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=98AF15A94CD6AC37248E72E5FE789B35 -- C:\Windows\System32\smss.exe
[2009.04.11 07:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=98AF15A94CD6AC37248E72E5FE789B35 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.18005_none_ae26210916536b06\smss.exe

< MD5 for: SVCHOST.EXE >
[2008.01.21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008.01.21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.04.26 09:08:16 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=01EC1E92595F839BEE70D439C46796E3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys
[2009.04.11 07:33:02 | 000,897,000 | ---- | M] (Microsoft Corporation) MD5=0E6B0885C3D5E4643ED2D043DE3433D8 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_b5098b5e63880c42\tcpip.sys
[2011.09.20 22:02:55 | 000,913,280 | ---- | M] (Microsoft Corporation) MD5=16731B631F28F63CD9F4CB60940E7DDD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22719_none_b58c64c97caa1c43\tcpip.sys
[2009.12.08 21:52:30 | 000,897,624 | ---- | M] (Microsoft Corporation) MD5=1ACBB7A47E78F4CC82D2EFFB72901528 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18377_none_b2d96a966698ad63\tcpip.sys
[2009.08.15 22:30:53 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=2512B4D1353370D6688B1AF1F5AFA1CF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys
[2009.08.14 18:01:55 | 000,900,168 | ---- | M] (Microsoft Corporation) MD5=2608E71AAD54564647D4BB984E1925AA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys
[2011.06.17 21:13:55 | 000,905,104 | ---- | M] (Microsoft Corporation) MD5=2756186E287139310997090797E0182B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18484_none_b4b2134c63c9c70f\tcpip.sys
[2012.03.30 13:39:11 | 000,905,600 | ---- | M] (Microsoft Corporation) MD5=27D470DABC77BC60D0A3B0E4DEB6CB91 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18604_none_b50896786388e1d5\tcpip.sys
[2010.02.18 12:51:51 | 000,818,688 | ---- | M] (Microsoft Corporation) MD5=2C1F7005AA3B62721BFDB307BD5F5010 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\tcpip.sys
[2010.02.18 15:49:38 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=2EAE4500984C2F8DACFB977060300A15 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys
[2009.08.14 15:24:47 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=300208927321066EA53761FDC98747C6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys
[2013.01.04 12:28:19 | 000,914,792 | ---- | M] (Microsoft Corporation) MD5=3535CD93F944C00F098E73E12EE7FEB6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.23013_none_b5863efb7cafb1c9\tcpip.sys
[2009.12.08 21:15:00 | 000,907,832 | ---- | M] (Microsoft Corporation) MD5=46E6685F3E92AEC743773ADD4CD54F57 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22283_none_b53aaa1b7ce8560d\tcpip.sys
[2010.02.18 15:07:16 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_b50d905263846bec\tcpip.sys
[2010.02.18 13:05:37 | 000,815,104 | ---- | M] (Microsoft Corporation) MD5=4A82FA8F0DF67AA354580C3FAAF8BDE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\tcpip.sys
[2009.12.08 21:37:09 | 000,900,696 | ---- | M] (Microsoft Corporation) MD5=5653230D480A9C54D169E1B080B72CF5 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_b36309477fb64a54\tcpip.sys
[2010.06.16 16:55:58 | 000,902,032 | ---- | M] (Microsoft Corporation) MD5=6216A954ED7045B62880A92D6C9B9FC7 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys
[2009.08.14 17:27:34 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=65877AA1B6A7CB797488E831698973E9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys
[2011.06.17 21:13:55 | 000,913,296 | ---- | M] (Microsoft Corporation) MD5=6647FCE6FC4970DAAFE5C64C794513D3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22662_none_b54f51417cd8f970\tcpip.sys
[2010.06.16 17:39:32 | 000,912,776 | ---- | M] (Microsoft Corporation) MD5=6A10AFCE0B38371064BE41C1FBFD3C6B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_b57d8e037cb5db63\tcpip.sys
[2013.01.04 12:28:18 | 000,905,576 | ---- | M] (Microsoft Corporation) MD5=74E2D020C47BB2B2FCCBA29A518A7EB4 -- C:\Windows\System32\drivers\tcpip.sys
[2013.01.04 12:28:18 | 000,905,576 | ---- | M] (Microsoft Corporation) MD5=74E2D020C47BB2B2FCCBA29A518A7EB4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18764_none_b4c7b8d663b986a2\tcpip.sys
[2010.06.16 16:59:54 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=782568AB6A43160A159B6215B70BCCE9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_b2bfcb7c66ac7d10\tcpip.sys
[2011.09.20 22:02:55 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=814A1C66FBD4E1B310A517221F1456BF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18519_none_b502c618638c7f52\tcpip.sys
[2008.04.26 09:26:49 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=82E266BEE5F0167E41C6ECFDD2A79C02 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys
[2009.12.08 18:58:13 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=8734BD051FFDCBF8425CF222141C3741 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16973_none_5f56ae52926920d8\tcpip.sys
[2009.08.14 18:07:56 | 000,897,608 | ---- | M] (Microsoft Corporation) MD5=8A7AD2A214233F684242F289ED83EBC3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys
[2010.02.18 18:36:50 | 000,902,024 | ---- | M] (Microsoft Corporation) MD5=93A5655CD9CD2F080EF1CB71A3666215 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys
[2010.06.16 17:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=A474879AFA4A596B3A531F3E69730DBF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_b4baded863c37e22\tcpip.sys
[2009.12.08 18:45:32 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=CA3A5756672013A66BB9D547A5A62DCA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21175_none_5fe223d3ab852692\tcpip.sys
[2010.02.18 15:22:11 | 000,910,216 | ---- | M] (Microsoft Corporation) MD5=D9F5DD5BBC8348E8F8220CCBF14C022E -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_b563eb1d7cc9b0c2\tcpip.sys
[2009.12.08 21:01:08 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=DA467E7619AE5F4588E6262C13C8940A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18160_none_b4c3ac4a63bd325c\tcpip.sys
[2012.03.30 13:39:11 | 000,914,304 | ---- | M] (Microsoft Corporation) MD5=EE7E10BED85C312C1D5D30C435BDDA9F -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22828_none_b58096797cb31c04\tcpip.sys
[2008.01.21 03:25:03 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=FC6E2835D667774D409C7C7021EAF9C4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys
[2009.08.14 17:33:50 | 000,905,784 | ---- | M] (Microsoft Corporation) MD5=FF71856BD4CD6D4367F9FD84BE79A874 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.01.21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008.01.21 03:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< MD5 for: WS2_32.DLL >
[2008.01.21 03:24:48 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows\System32\ws2_32.dll
[2008.01.21 03:24:48 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_f2b7b0c2ce5605c4\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[22 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\85e372d35fcb19fdacfc4d3029e65d06\*.tmp files -> C:\Windows\SoftwareDistribution\Download\85e372d35fcb19fdacfc4d3029e65d06\*.tmp -> ]
[1 C:\Windows\System32\DriverStore\FileRepository\hposcu08.inf_6b5c1a40\drivers\scanner\*.tmp files -> C:\Windows\System32\DriverStore\FileRepository\hposcu08.inf_6b5c1a40\drivers\scanner\*.tmp -> ]
[1 C:\Windows\twain_32\*.tmp files -> C:\Windows\twain_32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >
[2013.03.23 16:00:45 | 000,019,286 | ---- | M] () -- C:\cleanup.exe

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2009.04.25 15:10:15 | 000,000,000 | ---D | M] -- C:\Users\vladimír\AppData\Roaming\Adobe
[2010.08.20 19:06:00 | 000,000,000 | ---D | M] -- C:\Users\vladimír\AppData\Roaming\CyberLink
[2010.01.23 18:45:19 | 000,000,000 | ---D | M] -- C:\Users\vladimír\AppData\Roaming\Farm Mania
[2009.04.04 10:56:51 | 000,000,000 | ---D | M] -- C:\Users\vladimír\AppData\Roaming\Google
[2011.06.02 14:36:43 | 000,000,000 | ---D | M] -- C:\Users\vladimír\AppData\Roaming\HP
[2011.05.10 10:50:52 | 000,000,000 | ---D | M] -- C:\Users\vladimír\AppData\Roaming\HpUpdate
[2012.11.27 17:03:47 | 000,000,000 | ---D | M] -- C:\Users\vladimír\AppData\Roaming\ICQ
[2009.03.12 11:09:47 | 000,000,000 | ---D | M] -- C:\Users\vladimír\AppData\Roaming\Identities
[2009.03.12 11:10:10 | 000,000,000 | ---D | M] -- C:\Users\vladimír\AppData\Roaming\Macromedia
[2013.03.23 18:52:38 | 000,000,000 | ---D | M] -- C:\Users\vladimír\AppData\Roaming\Malwarebytes
[2006.11.02 13:37:34 | 000,000,000 | ---D | M] -- C:\Users\vladimír\AppData\Roaming\Media Center Programs
[2012.01.08 12:14:31 | 000,000,000 | --SD | M] -- C:\Users\vladimír\AppData\Roaming\Microsoft
[2012.01.26 15:08:23 | 000,000,000 | ---D | M] -- C:\Users\vladimír\AppData\Roaming\Mozilla
[2011.04.04 15:34:24 | 000,000,000 | ---D | M] -- C:\Users\vladimír\AppData\Roaming\Nero
[2012.03.10 19:12:11 | 000,000,000 | ---D | M] -- C:\Users\vladimír\AppData\Roaming\Product_RM
[2011.02.04 17:07:53 | 000,000,000 | ---D | M] -- C:\Users\vladimír\AppData\Roaming\ProtectDISC
[2011.09.10 18:05:16 | 000,000,000 | ---D | M] -- C:\Users\vladimír\AppData\Roaming\Registry Mechanic
[2012.01.07 19:05:18 | 000,000,000 | ---D | M] -- C:\Users\vladimír\AppData\Roaming\Samsung
[2012.09.14 02:42:42 | 000,000,000 | ---D | M] -- C:\Users\vladimír\AppData\Roaming\Skype
[2011.12.30 13:51:14 | 000,000,000 | ---D | M] -- C:\Users\vladimír\AppData\Roaming\skypePM
[2009.03.12 11:10:22 | 000,000,000 | ---D | M] -- C:\Users\vladimír\AppData\Roaming\Symantec

< %APPDATA%\*.exe /s >
[2013.02.11 15:13:26 | 003,154,792 | ---- | M] (Microsoft Corporation) -- C:\Users\vladimír\AppData\Roaming\Samsung\Kies\UpdateTemp\NDP40-KB2461678-x86.exe
[2011.12.27 23:21:22 | 000,371,088 | ---- | M] (ml) -- C:\Users\vladimír\AppData\Roaming\Samsung\Kies\UpdateTemp\Temp\Kies.Update.exe
[2013.01.10 10:02:20 | 000,601,968 | ---- | M] (ml) -- C:\Users\vladimír\AppData\Roaming\Samsung\Kies\UpdateTemp\Updater\Kies.Update.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2008.01.21 04:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008.01.21 04:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008.01.21 04:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 11:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 11:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013.03.27 10:35:10 | 000,003,616 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013.03.27 10:35:10 | 000,003,616 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013.03.24 16:06:14 | 000,045,056 | ---- | M] () -- C:\Windows\system32\acovcnt.exe
[2013.03.24 16:35:59 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerApp.exe
[2013.03.24 16:35:59 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerCPLApp.cpl
[2013.03.27 10:35:26 | 000,000,000 | ---- | M] () -- C:\Windows\system32\sinstall.log

< %SYSTEMDRIVE%\*.exe >
[2013.03.23 16:00:45 | 000,019,286 | ---- | M] () -- C:\cleanup.exe

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ehTray.exe" = C:\Windows\ehome\ehTray.exe -- [2008.01.21 03:25:11 | 000,125,952 | ---- | M] (Microsoft Corporation)

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
No captured output from command...

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
No captured output from command...

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
No captured output from command...

< >

< type c:\boot.ini >> test.txt /c >
No captured output from command...

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.03.27 10:46:18 | 000,000,512 | ---- | M] () MD5=FB10179CDF67A882F52D50A5907F1DDA -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2011.02.04 21:20:19 | 000,174,904 | ---- | M] () -- \Program Files\Singles\Texture\crackerbox.dds

< *keygen* /s >

< *loader* /s >
[2008.02.28 13:26:06 | 000,111,912 | ---- | M] () -- \Program Files\Common Files\Nero\Shared\NSCLoader.dll
[2009.05.21 19:38:08 | 000,007,507 | ---- | M] () -- \Program Files\Hewlett-Packard\Digital Imaging\HelpViewer\Resources\Loader.swf
[2009.05.21 20:54:18 | 000,030,776 | ---- | M] () -- \Program Files\Hewlett-Packard\Digital Imaging\smart web printing\RsrcLoaderLib.dll
[2009.05.21 20:54:18 | 000,002,713 | ---- | M] () -- \Program Files\Hewlett-Packard\Digital Imaging\smart web printing\MozillaAddOn3\xre\components\uriloader.xpt
[2011.12.24 01:17:42 | 000,069,120 | ---- | M] () -- \Program Files\Samsung\Kies\Common\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.dll
[2011.12.27 23:21:16 | 000,131,984 | ---- | M] () -- \Program Files\Samsung\Kies\External\FirmwareUpdate\BinaryLoaderMgr.exe
[2009.11.13 23:21:10 | 000,028,160 | ---- | M] () -- \Program Files\Virtools\3D Life Player\BuildingBlocks\CryptedLoader.dll
[2009.11.13 21:55:58 | 000,046,080 | ---- | M] () -- \Program Files\Virtools\3D Life Player\Plugins\3dsLoader.dll
[2009.11.13 21:56:38 | 000,026,624 | ---- | M] () -- \Program Files\Virtools\3D Life Player\Plugins\AscLoader.dll
[2009.11.13 22:01:52 | 000,118,784 | ---- | M] () -- \Program Files\Virtools\3D Life Player\Plugins\JpgLoader.dll
[2009.11.13 22:02:30 | 000,094,208 | ---- | M] () -- \Program Files\Virtools\3D Life Player\Plugins\PngLoader.dll
[2009.11.13 22:03:50 | 000,090,112 | ---- | M] () -- \Program Files\Virtools\3D Life Player\Plugins\VirtoolsLoader.dll
[2009.11.13 22:08:16 | 000,110,592 | ---- | M] () -- \Program Files\Virtools\3D Life Player\Plugins\XLoader.dll
[2008.02.04 11:32:50 | 000,000,232 | ---- | M] () -- \ProgramData\Nero\Nero8\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2012.06.18 11:39:40 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012.06.18 11:39:40 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2013.03.24 16:34:52 | 000,003,784 | ---- | M] () -- \Users\vladimír\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HL8286WI\bundleloader[1].js
[2013.03.24 16:34:55 | 000,000,723 | ---- | M] () -- \Users\vladimír\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JKZS2VTL\downloaderror[1].js
[2013.03.24 16:34:55 | 000,001,174 | ---- | M] () -- \Users\vladimír\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JKZS2VTL\downloader[1].js
[2013.03.24 16:16:07 | 000,002,545 | ---- | M] () -- \Users\vladimír\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1ZA7FFXP\ajax-loader[1].gif
[2008.01.21 03:23:37 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2012.07.05 08:21:22 | 000,012,532 | ---- | M] () -- \Windows\System32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2010.08.18 07:02:24 | 000,009,622 | ---- | M] () -- \Windows\System32\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr
[2008.04.17 11:34:23 | 000,003,402 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15.manifest
[2008.04.17 11:34:23 | 000,027,648 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15_winload.exe.mui_3bc5b827
[2008.04.17 11:34:23 | 000,019,968 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15_winresume.exe.mui_ff8b5358
[2010.08.14 14:09:21 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94.manifest
[2010.08.14 14:09:21 | 000,986,600 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94_winload.exe_75835076
[2010.08.14 14:09:21 | 000,926,184 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94_winresume.exe_85cd1215
[2008.01.21 03:26:48 | 000,003,885 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2.manifest
[2008.01.21 03:26:48 | 000,021,048 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2_spldr.sys_98bd87a0
[2008.02.29 08:26:23 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_de-de_cb9c6772f81a418b.manifest
[2008.02.29 08:19:08 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_en-us_748d3d6be6f84d50.manifest
[2008.02.29 11:05:29 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_es-es_74589a4fe71f3ef5.manifest
[2008.02.29 11:07:01 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_fr-fr_1710104ed9f15557.manifest
[2008.02.29 11:05:17 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_it-it_01380695b1233ad5.manifest
[2008.02.29 09:14:00 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_ja-jp_a35d85a2a43e4cb0.manifest
[2008.02.29 11:02:51 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_nl-nl_2d992eca70004957.manifest
[2008.02.29 08:19:24 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_de-de_cbf6c366115bebbd.manifest
[2008.02.29 08:21:05 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_en-us_74e7995f0039f782.manifest
[2008.02.29 10:56:53 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_es-es_74b2f6430060e927.manifest
[2008.02.29 11:12:24 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_fr-fr_176a6c41f332ff89.manifest
[2008.02.29 11:01:15 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_it-it_01926288ca64e507.manifest
[2008.02.29 08:46:06 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_ja-jp_a3b7e195bd7ff6e2.manifest
[2008.02.29 10:17:45 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_nl-nl_2df38abd8941f389.manifest
[2008.04.17 11:33:01 | 000,003,402 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15.manifest
[2008.02.29 08:17:27 | 000,004,858 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6000.16646_none_591b3d986f9b5725.manifest
[2008.02.29 08:13:09 | 000,004,858 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6000.20782_none_5975998b88dd0157.manifest
[2008.01.21 03:20:53 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18000_none_5b26ba326ca6e048.manifest
[2008.02.29 09:08:07 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18027_none_5b181c606cb0c98b.manifest
[2008.02.29 08:37:27 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.22125_none_5b9fb89785d036a7.manifest
[2009.04.10 23:12:44 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94.manifest
[2006.11.02 11:13:06 | 000,003,970 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6000.16386_none_68fc663d5430d3de.manifest
[2008.01.21 03:19:11 | 000,003,885 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2.manifest
[2008.01.21 03:23:37 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6001.18000_none_45f41bf18fa2cf5a\dmloader.dll
[2008.01.21 03:23:37 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6002.18005_none_47df94fd8cc49aa6\dmloader.dll

< *minodlogin* /s >

[zeleninka100]

< *tnod* /s >
[2002.11.26 10:45:16 | 000,001,430 | ---- | M] () -- \Program Files\Aspyr\Tony Hawks Pro Skater 4 Demo\Game\data\anims\skater_misc\SitNod.ska.xbx

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2013.01.24 20:09:36 | 000,434,264 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.20125.0\System.Runtime.Serialization.dll
[2013.03.14 09:26:58 | 001,164,288 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.20125.0\System.Runtime.Serialization.ni.dll
[2012.10.08 12:01:03 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2009.02.19 02:11:23 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2008.08.12 23:12:10 | 000,135,168 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\el\System.RunTime.Serialization.Resources.dll
[2009.05.21 17:57:00 | 000,004,185 | ---- | M] () -- \ProgramData\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009.03.31 19:04:50 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.03.30 05:42:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2009.02.19 02:11:23 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2008.08.12 23:12:10 | 000,135,168 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.resources\3.0.0.0_el_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2012.10.08 12:01:03 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.01.12 22:33:42 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\385aa099c26f145e4ebebdebe26b155e\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.01.12 22:33:21 | 002,346,496 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\895899bb8c1772f2043de17305d7eb35\System.Runtime.Serialization.ni.dll
[2013.02.14 19:11:27 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\77abf1693d291d374b58ffbbfe36d4dd\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.02.14 19:11:14 | 002,647,040 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\910fe53ec2122cf3a2ad11c2b2f5cbfd\System.Runtime.Serialization.ni.dll
[2013.02.14 19:15:59 | 000,009,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\058c3947c450591cb81643529cfd5ca7\System.Xml.Serialization.ni.dll
[2011.06.30 08:07:34 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.02.14 18:20:12 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2011.06.30 08:07:33 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2013.02.14 18:20:02 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.02.14 18:20:44 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2009.03.30 05:42:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2009.03.31 19:04:50 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.10.08 12:01:09 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.06 15:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2010.06.15 02:33:16 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 02:33:16 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2010.03.18 13:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\GAC20058\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\GAC20058\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.06 15:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\GAC20058\System.Xml.Serialization.dll
[2008.01.21 03:23:51 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2008.04.17 11:34:04 | 000,005,632 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2006.11.02 09:51:30 | 000,083,456 | ---- | M] () -- \Windows\System32\drivers\serial.sys
[2006.11.02 08:41:49 | 001,010,560 | ---- | M] () -- \Windows\System32\drivers\smserial.sys
[2008.04.17 11:33:45 | 000,004,096 | ---- | M] () -- \Windows\System32\drivers\cs-CZ\grserial.sys.mui
[2008.04.17 11:33:45 | 000,010,240 | ---- | M] () -- \Windows\System32\drivers\cs-CZ\serial.sys.mui
[2008.01.21 03:23:26 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\hiddigi.inf_33048ac2\serial.sys
[2006.11.02 09:51:30 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\hiddigi.inf_9d4661e2\serial.sys
[2006.11.02 08:41:49 | 001,010,560 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\mdmmotsm.inf_91bbdacd\smserial.sys
[2008.01.21 03:23:01 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_44880ea7\serial.sys
[2006.11.02 09:51:30 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_ac874de4\serial.sys
[2006.11.02 09:51:28 | 000,031,232 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_a24cc104\grserial.sys
[2008.01.21 03:23:22 | 000,031,232 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_bec36faa\grserial.sys
[2010.08.14 14:09:27 | 000,003,462 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.0.6002.18005_none_13a1062aa9ccba61.manifest
[2010.08.14 14:09:27 | 000,017,384 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.0.6002.18005_none_13a1062aa9ccba61_kdcom.dll_db5e7744
[2008.04.17 11:34:23 | 000,005,632 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_4e6ae191e3aac47c_serialui.dll.mui_7d29d2a3
[2010.08.14 14:09:49 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.0.6002.18005_none_f6ed1a9a1bcc8805_serialui.dll_bea29328
[2006.11.02 13:33:50 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6000.16386_none_d24e4473b7df83f3.manifest
[2008.06.23 03:05:53 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6000.16708_none_d2461403b7e6edc1.manifest
[2008.06.23 03:02:26 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6000.20864_none_bb7eca1fd1887f4d.manifest
[2008.01.21 03:21:15 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.18000_none_d222c62fb8372cbf.manifest
[2008.06.23 03:40:19 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.18096_none_d22b4019b82faa94.manifest
[2010.04.12 19:45:00 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.18457_none_d2272799b833601d.manifest
[2008.06.23 02:58:46 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.22208_none_bb54690bd1df5a1e.manifest
[2010.04.12 19:51:10 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.22668_none_bb5a6a37d1d9f36c.manifest
[2009.04.10 23:16:00 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.18005_none_d1fe4b6bb888c0d3.manifest
[2010.04.12 19:29:50 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.18239_none_d200f0e1b88673fe.manifest
[2012.10.08 17:24:13 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.18707_none_d1fe1cdfb888f64c.manifest
[2010.04.12 20:40:05 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.22380_none_bb39189bd2286c0e.manifest
[2012.10.08 16:03:48 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.22945_none_bb34a4b3d22c88bd.manifest
[2008.04.17 11:32:25 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16386_cs-cz_5ff98b2cc72ba40d.manifest
[2008.04.17 11:36:30 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16386_el-gr_bb1eba0702d0c85e.manifest
[2006.11.02 13:39:55 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16386_en-us_bb16054302d6ef1f.manifest
[2008.06.23 03:30:17 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16708_en-us_bb0dd4d302de58ed.manifest
[2008.08.14 06:39:56 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16730_cs-cz_5ff511dac72f8cd8.manifest
[2008.08.14 06:38:29 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16730_el-gr_bb1a40b502d4b129.manifest
[2008.06.23 03:23:53 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.20864_en-us_a4468aef1c7fea79.manifest
[2008.08.14 06:23:06 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.20895_cs-cz_492cfaeee0d2050d.manifest
[2008.08.14 06:23:17 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.20895_el-gr_a45229c91c77295e.manifest
[2008.04.17 11:32:48 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.18000_cs-cz_5fce0ce8c7834cd9.manifest
[2008.06.23 03:32:13 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.18096_en-us_baf300e9032715c0.manifest
[2008.08.14 09:36:16 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.18121_cs-cz_5fcff690c7819979.manifest
[2008.08.14 09:52:22 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.18121_el-gr_baf5256b0326bdca.manifest
[2010.04.12 18:23:06 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.18457_en-us_baeee869032acb49.manifest
[2008.06.23 03:09:44 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.22208_en-us_a41c29db1cd6c54a.manifest
[2008.08.14 08:03:05 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.22243_cs-cz_490422d4e1275f6f.manifest
[2008.08.14 08:22:51 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.22243_el-gr_a42951af1ccc83c0.manifest
[2010.04.12 18:31:55 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.22668_en-us_a4222b071cd15e98.manifest
[2009.04.11 10:04:50 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18005_cs-cz_5fa99224c7d4e0ed.manifest
[2010.04.12 23:15:50 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18239_cs-cz_5fac379ac7d29418.manifest
[2010.04.12 22:12:52 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18239_el-gr_bad166750377b869.manifest
[2010.04.12 18:44:55 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18239_en-us_bac8b1b1037ddf2a.manifest
[2012.10.08 20:37:20 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18707_cs-cz_5fa96398c7d51666.manifest
[2012.10.08 20:02:19 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18707_el-gr_bace9273037a3ab7.manifest
[2012.10.08 17:20:22 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18707_en-us_bac5ddaf03806178.manifest
[2010.04.12 23:51:48 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.22380_cs-cz_48e45f54e1748c28.manifest
[2010.04.12 23:30:10 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.22380_el-gr_a4098e2f1d19b079.manifest
[2010.04.12 19:41:31 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.22380_en-us_a400d96b1d1fd73a.manifest
[2012.10.08 17:22:39 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.22945_cs-cz_48dfeb6ce178a8d7.manifest
[2012.10.08 17:37:56 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.22945_el-gr_a4051a471d1dcd28.manifest
[2012.10.08 16:00:20 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.22945_en-us_a3fc65831d23f3e9.manifest
[2006.11.02 13:33:50 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6000.16386_none_02917a0ddf868526.manifest
[2008.06.23 03:05:31 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6000.16708_none_0289499ddf8deef4.manifest
[2008.06.23 03:02:01 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6000.20864_none_ebc1ffb9f92f8080.manifest
[2008.01.21 03:21:15 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.18000_none_0265fbc9dfde2df2.manifest
[2008.06.23 03:39:55 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.18096_none_026e75b3dfd6abc7.manifest
[2010.04.12 19:44:39 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.18457_none_026a5d33dfda6150.manifest
[2008.06.23 02:58:14 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.22208_none_eb979ea5f9865b51.manifest
[2010.04.12 19:50:49 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.22668_none_eb9d9fd1f980f49f.manifest
[2009.04.10 23:15:32 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.18005_none_02418105e02fc206.manifest
[2010.04.12 19:29:29 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.18239_none_0244267be02d7531.manifest
[2012.10.08 17:23:59 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.18707_none_02415279e02ff77f.manifest
[2010.04.12 20:39:45 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.22380_none_eb7c4e35f9cf6d41.manifest
[2012.10.08 16:03:34 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.22945_none_eb77da4df9d389f0.manifest
[2006.11.02 11:18:20 | 000,003,462 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.0.6000.16386_none_0f7ecb22afbfde41.manifest
[2008.01.21 03:20:08 | 000,003,462 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.0.6001.18000_none_11b58d1eacaaef15.manifest
[2009.04.10 23:13:32 | 000,003,462 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.0.6002.18005_none_13a1062aa9ccba61.manifest
[2006.11.02 11:02:09 | 000,001,406 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.0.6000.16386_none_2a8610ec098ae6c4.manifest
[2006.11.02 13:33:50 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6000.16386_none_076c25db205d1f68.manifest
[2008.06.23 03:08:38 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6000.16708_none_0763f56b20648936.manifest
[2008.06.23 03:05:46 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6000.20864_none_f09cab873a061ac2.manifest
[2008.01.21 03:21:11 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.18000_none_0740a79720b4c834.manifest
[2008.06.23 03:43:41 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.18096_none_0749218120ad4609.manifest
[2010.04.12 19:47:49 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.18457_none_0745090120b0fb92.manifest
[2008.06.23 03:02:24 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.22208_none_f0724a733a5cf593.manifest
[2010.04.12 19:53:39 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.22668_none_f0784b9f3a578ee1.manifest
[2009.04.10 23:18:56 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.18005_none_071c2cd321065c48.manifest
[2010.04.12 19:32:33 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.18239_none_071ed24921040f73.manifest
[2012.10.08 17:26:11 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.18707_none_071bfe47210691c1.manifest
[2010.04.12 20:42:39 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.22380_none_f056fa033aa60783.manifest
[2012.10.08 16:05:32 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.22945_none_f052861b3aaa2432.manifest
[2006.10.20 02:14:53 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6000.16386_none_483e6ea12378b3a8\System.Runtime.Serialization.Formatters.Soap.dll
[2008.07.27 19:00:27 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6000.16720_none_4838f505237d831c\System.Runtime.Serialization.Formatters.Soap.dll
[2008.07.27 18:55:55 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6000.20883_none_31710ba93d1fc80f\System.Runtime.Serialization.Formatters.Soap.dll
[2008.01.21 03:23:53 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6001.18000_none_4812f05d23d05c74\System.Runtime.Serialization.Formatters.Soap.dll
[2008.07.27 19:03:15 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6001.18111_none_4813d9bb23cf8fbd\System.Runtime.Serialization.Formatters.Soap.dll
[2008.07.27 18:58:35 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6001.22230_none_31484a573d7508d0\System.Runtime.Serialization.Formatters.Soap.dll
[2009.03.30 05:42:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6002.18005_none_47ee75992421f088\System.Runtime.Serialization.Formatters.Soap.dll
[2008.04.17 11:33:19 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.0.6000.16386_cs-cz_0167850d1d10bca1\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.09.12 23:57:47 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.0.6000.16754_cs-cz_0164b12f1d133e9e\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.09.12 23:56:42 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.0.6000.20921_cs-cz_ea944dc536bd060d\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.04.17 11:33:59 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.0.6001.18000_cs-cz_013c06c91d68656d\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.09.15 23:24:37 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.0.6001.18145_cs-cz_013f95e51d654b3f\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.09.15 23:25:16 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.0.6001.22269_cs-cz_ea739499370b4477\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.03.31 19:04:50 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.0.6002.18005_cs-cz_01178c051db9f981\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2006.11.02 13:36:03 | 000,888,832 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6000.16386_none_d24e4473b7df83f3\System.Runtime.Serialization.dll
[2008.06.20 02:17:50 | 000,966,656 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6000.16708_none_d2461403b7e6edc1\System.Runtime.Serialization.dll
[2008.06.20 02:12:45 | 000,966,656 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6000.20864_none_bb7eca1fd1887f4d\System.Runtime.Serialization.dll
[2008.01.21 03:25:23 | 000,929,792 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.18000_none_d222c62fb8372cbf\System.Runtime.Serialization.dll
[2008.06.20 02:14:31 | 000,966,656 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.18096_none_d22b4019b82faa94\System.Runtime.Serialization.dll
[2010.04.12 13:20:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.18457_none_d2272799b833601d\System.Runtime.Serialization.dll
[2008.06.20 02:13:19 | 000,966,656 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.22208_none_bb54690bd1df5a1e\System.Runtime.Serialization.dll
[2010.04.12 13:22:02 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.22668_none_bb5a6a37d1d9f36c\System.Runtime.Serialization.dll
[2009.02.18 19:38:43 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.18005_none_d1fe4b6bb888c0d3\System.Runtime.Serialization.dll
[2010.04.12 13:21:15 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.18239_none_d200f0e1b88673fe\System.Runtime.Serialization.dll
[2012.10.08 12:01:09 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.18707_none_d1fe1cdfb888f64c\System.Runtime.Serialization.dll
[2010.04.12 13:22:02 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.22380_none_bb39189bd2286c0e\System.Runtime.Serialization.dll
[2012.10.08 11:59:43 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.22945_none_bb34a4b3d22c88bd\System.Runtime.Serialization.dll
[2008.04.17 11:33:50 | 000,081,920 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16386_cs-cz_5ff98b2cc72ba40d\System.RunTime.Serialization.Resources.dll
[2008.04.17 11:37:56 | 000,122,880 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16386_el-gr_bb1eba0702d0c85e\System.RunTime.Serialization.Resources.dll
[2008.08.12 23:12:07 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16730_cs-cz_5ff511dac72f8cd8\System.RunTime.Serialization.Resources.dll
[2008.08.12 23:12:10 | 000,135,168 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16730_el-gr_bb1a40b502d4b129\System.RunTime.Serialization.Resources.dll
[2008.08.12 23:12:26 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.20895_cs-cz_492cfaeee0d2050d\System.RunTime.Serialization.Resources.dll
[2008.08.12 23:12:32 | 000,135,168 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.20895_el-gr_a45229c91c77295e\System.RunTime.Serialization.Resources.dll
[2008.04.17 11:33:58 | 000,086,016 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.18000_cs-cz_5fce0ce8c7834cd9\System.RunTime.Serialization.Resources.dll
[2008.08.12 23:15:53 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.18121_cs-cz_5fcff690c7819979\System.RunTime.Serialization.Resources.dll
[2008.08.12 23:16:15 | 000,135,168 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.18121_el-gr_baf5256b0326bdca\System.RunTime.Serialization.Resources.dll
[2008.08.12 23:16:19 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.22243_cs-cz_490422d4e1275f6f\System.RunTime.Serialization.Resources.dll
[2008.08.12 23:16:29 | 000,135,168 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.22243_el-gr_a42951af1ccc83c0\System.RunTime.Serialization.Resources.dll
[2009.02.19 02:11:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18005_cs-cz_5fa99224c7d4e0ed\System.RunTime.Serialization.Resources.dll
[2009.02.19 02:11:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18239_cs-cz_5fac379ac7d29418\System.RunTime.Serialization.Resources.dll
[2009.04.16 08:46:49 | 000,135,168 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18239_el-gr_bad166750377b869\System.RunTime.Serialization.Resources.dll
[2009.02.19 02:11:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18707_cs-cz_5fa96398c7d51666\System.RunTime.Serialization.Resources.dll
[2009.04.16 07:22:08 | 000,135,168 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18707_el-gr_bace9273037a3ab7\System.RunTime.Serialization.Resources.dll
[2009.02.19 02:11:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.22380_cs-cz_48e45f54e1748c28\System.RunTime.Serialization.Resources.dll
[2009.04.16 07:22:08 | 000,135,168 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.22380_el-gr_a4098e2f1d19b079\System.RunTime.Serialization.Resources.dll
[2009.02.19 02:11:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.22945_cs-cz_48dfeb6ce178a8d7\System.RunTime.Serialization.Resources.dll
[2009.04.16 07:22:08 | 000,135,168 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.22945_el-gr_a4051a471d1dcd28\System.RunTime.Serialization.Resources.dll
[2006.11.02 13:36:03 | 000,888,832 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6000.16386_none_02917a0ddf868526\System.Runtime.Serialization.dll
[2008.06.20 02:17:48 | 000,966,656 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6000.16708_none_0289499ddf8deef4\System.Runtime.Serialization.dll
[2008.06.20 02:12:43 | 000,966,656 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6000.20864_none_ebc1ffb9f92f8080\System.Runtime.Serialization.dll
[2008.01.21 03:25:23 | 000,929,792 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.18000_none_0265fbc9dfde2df2\System.Runtime.Serialization.dll
[2008.06.20 02:14:29 | 000,966,656 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.18096_none_026e75b3dfd6abc7\System.Runtime.Serialization.dll
[2010.04.12 13:19:53 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.18457_none_026a5d33dfda6150\System.Runtime.Serialization.dll
[2008.06.20 02:13:17 | 000,966,656 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.22208_none_eb979ea5f9865b51\System.Runtime.Serialization.dll
[2010.04.12 13:21:48 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.22668_none_eb9d9fd1f980f49f\System.Runtime.Serialization.dll
[2009.02.18 19:38:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.18005_none_02418105e02fc206\System.Runtime.Serialization.dll
[2010.04.12 13:21:01 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.18239_none_0244267be02d7531\System.Runtime.Serialization.dll
[2012.10.08 12:01:03 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.18707_none_02415279e02ff77f\System.Runtime.Serialization.dll
[2010.04.12 13:21:48 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.22380_none_eb7c4e35f9cf6d41\System.Runtime.Serialization.dll
[2012.10.08 11:59:29 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.22945_none_eb77da4df9d389f0\System.Runtime.Serialization.dll
[2008.04.17 11:33:45 | 000,010,240 | ---- | M] () -- \Windows\winsxs\x86_hiddigi.inf.resources_31bf3856ad364e35_6.0.6000.16386_cs-cz_f15fa7f9f28d5343\serial.sys.mui
[2008.01.21 03:23:26 | 000,083,456 | ---- | M] () -- \Windows\winsxs\x86_hiddigi.inf_31bf3856ad364e35_6.0.6001.18000_none_955c449145dbf667\serial.sys
[2008.04.17 11:33:39 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.0.6000.16386_cs-cz_bdf5a8f7ae6b024a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.09.12 23:57:47 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.0.6000.16754_cs-cz_be141fbfae547065\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.09.12 23:56:42 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.0.6000.20921_cs-cz_bebb2d56c75c6d7e\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.04.17 11:34:01 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_c02c6af3ab56131e\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.09.15 23:24:37 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.0.6001.18145_cs-cz_c0062e9bab71febc\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.09.15 23:25:16 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.0.6001.22269_cs-cz_c07e2cb6c49c3bc4\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.03.31 19:04:50 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.0.6002.18005_cs-cz_c217e3ffa877de6a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.04.17 11:33:44 | 000,005,632 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.0.6000.16386_cs-cz_4c341f95e6bfb3a8\serialui.dll.mui
[2008.04.17 11:34:04 | 000,005,632 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_4e6ae191e3aac47c\serialui.dll.mui
[2008.01.21 03:23:51 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.0.6001.18000_none_f501a18e1eaabcb9\serialui.dll
[2008.01.21 03:23:51 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.0.6002.18005_none_f6ed1a9a1bcc8805\serialui.dll
[2008.04.17 11:33:50 | 000,081,920 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6000.16386_cs-cz_5b3d50955593c887\System.RunTime.Serialization.Resources.dll
[2008.04.17 11:37:56 | 000,122,880 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6000.16386_el-gr_9e38f38b3cc581ae\System.RunTime.Serialization.Resources.dll
[2008.08.12 23:12:07 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6000.16730_cs-cz_5b6d660d55709964\System.RunTime.Serialization.Resources.dll
[2008.08.12 23:12:10 | 000,135,168 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6000.16730_el-gr_9e6909033ca2528b\System.RunTime.Serialization.Resources.dll
[2008.08.12 23:12:26 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6000.20895_cs-cz_5bbb24c26eba5f87\System.RunTime.Serialization.Resources.dll
[2008.08.12 23:12:32 | 000,135,168 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6000.20895_el-gr_9eb6c7b855ec18ae\System.RunTime.Serialization.Resources.dll
[2008.04.17 11:33:58 | 000,086,016 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_5d741291527ed95b\System.RunTime.Serialization.Resources.dll
[2008.08.12 23:15:53 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6001.18121_cs-cz_5d5f74e9528e27bb\System.RunTime.Serialization.Resources.dll
[2008.08.12 23:16:15 | 000,135,168 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6001.18121_el-gr_a05b17df39bfe0e2\System.RunTime.Serialization.Resources.dll
[2008.08.12 23:16:19 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6001.22243_cs-cz_5dd572706bba3215\System.RunTime.Serialization.Resources.dll
[2008.08.12 23:16:29 | 000,135,168 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6001.22243_el-gr_a0d1156652ebeb3c\System.RunTime.Serialization.Resources.dll
[2009.02.19 02:11:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6002.18005_cs-cz_5f5f8b9d4fa0a4a7\System.RunTime.Serialization.Resources.dll
[2008.04.17 11:33:21 | 000,010,240 | ---- | M] () -- \Windows\winsxs\x86_msports.inf.resources_31bf3856ad364e35_6.0.6000.16386_cs-cz_c27f608a4f515351\serial.sys.mui
[2008.01.21 03:23:01 | 000,083,456 | ---- | M] () -- \Windows\winsxs\x86_msports.inf_31bf3856ad364e35_6.0.6001.18000_none_f897b0b1b85e4433\serial.sys
[2008.04.17 11:33:45 | 000,004,096 | ---- | M] () -- \Windows\winsxs\x86_smartcrd.inf.resources_31bf3856ad364e35_6.0.6000.16386_cs-cz_b4070b50f198e261\grserial.sys.mui
[2008.01.21 03:23:22 | 000,031,232 | ---- | M] () -- \Windows\winsxs\x86_smartcrd.inf_31bf3856ad364e35_6.0.6001.18000_none_72a9e15f343dcd03\grserial.sys
[2006.11.02 13:36:02 | 000,888,832 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6000.16386_none_076c25db205d1f68\System.Runtime.Serialization.dll
[2008.06.20 02:17:48 | 000,966,656 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6000.16708_none_0763f56b20648936\System.Runtime.Serialization.dll
[2008.06.20 02:12:43 | 000,966,656 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6000.20864_none_f09cab873a061ac2\System.Runtime.Serialization.dll
[2008.01.21 03:25:21 | 000,929,792 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.18000_none_0740a79720b4c834\System.Runtime.Serialization.dll
[2008.06.20 02:14:29 | 000,966,656 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.18096_none_0749218120ad4609\System.Runtime.Serialization.dll
[2010.04.12 13:19:53 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.18457_none_0745090120b0fb92\System.Runtime.Serialization.dll
[2008.06.20 02:13:17 | 000,966,656 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.22208_none_f0724a733a5cf593\System.Runtime.Serialization.dll
[2010.04.12 13:21:48 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.22668_none_f0784b9f3a578ee1\System.Runtime.Serialization.dll
[2009.02.18 19:38:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.18005_none_071c2cd321065c48\System.Runtime.Serialization.dll
[2010.04.12 13:21:01 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.18239_none_071ed24921040f73\System.Runtime.Serialization.dll
[2012.10.08 12:01:03 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.18707_none_071bfe47210691c1\System.Runtime.Serialization.dll
[2010.04.12 13:21:48 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.22380_none_f056fa033aa60783\System.Runtime.Serialization.dll
[2012.10.08 11:59:29 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.22945_none_f052861b3aaa2432\System.Runtime.Serialization.dll

< *w7lxe* /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 6144 bytes -> C:\Windows\Cursors\arrow_n.cur:NEDTA.DAT
@Alternate Data Stream - 109 bytes -> C:\ProgramData\Temp:592D7272
@Alternate Data Stream - 104 bytes -> C:\ProgramData\Temp:D1B5B4F1

< End of report >

[zeleninka100]

OTL Extras logfile created on: 27.3.2013 10:41:50 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\vladimír\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,75 Gb Total Physical Memory | 1,39 Gb Available Physical Memory | 50,46% Memory free
5,70 Gb Paging File | 4,25 Gb Available in Paging File | 74,58% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 80,30 Gb Free Space | 53,88% Space Free | Partition Type: NTFS
Drive D: | 139,28 Gb Total Space | 139,07 Gb Free Space | 99,85% Space Free | Partition Type: NTFS

Computer Name: DOMACI | User Name: vladimír | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with &IrfanView] -- "C:\Program Files\IrfanViewII\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{38334F5E-7069-4A1A-8BE3-B3C7E92EA8C4}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{3E90796C-71D0-4454-ABAA-FD1DCF24F256}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{5B62FF6A-AEAD-43B9-8471-5A118CE08614}" = lport=445 | protocol=6 | dir=in | app=system |
"{77659D4F-CBE7-452E-BAA6-FD2931E6CBC6}" = rport=138 | protocol=17 | dir=out | app=system |
"{927C4252-055F-4D50-A444-B4DC9C568A1B}" = lport=138 | protocol=17 | dir=in | app=system |
"{B51EEA9E-373C-4DC7-B251-2281F7CCBE9A}" = lport=137 | protocol=17 | dir=in | app=system |
"{B64E6D23-DDCE-42BA-A700-7C340C7918A6}" = rport=445 | protocol=6 | dir=out | app=system |
"{D0B36403-3E76-44F1-B29B-B000ABA5D956}" = rport=137 | protocol=17 | dir=out | app=system |
"{D60D6B6F-C925-4443-8DDD-D84E1DDA9107}" = rport=139 | protocol=6 | dir=out | app=system |
"{E20C47CB-F16C-4C6E-80E9-D82B8E702619}" = lport=139 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02D2112D-6774-4184-AA4A-8C1230D43C34}" = dir=in | app=c:\program files\hewlett-packard\digital imaging\bin\hpqgpc01.exe |
"{041ED75D-3054-48BE-86D1-1D9EC9F57E65}" = dir=in | app=c:\program files\hewlett-packard\digital imaging\bin\hpqste08.exe |
"{05CCFA2F-373A-4938-AA7D-960966AD31D6}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{0AA9D75B-18EB-4126-AF95-2CC5710E33E1}" = protocol=17 | dir=in | app=c:\windows\system32\muzapp.exe |
"{200748EB-461F-4346-8625-B5FF7F665AB9}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{23119903-6770-4051-B36B-66B3B1286430}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{2C91666D-CCDD-4C32-B769-CE0C7A50B8D5}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{3C6F306D-AA26-4BD9-B70A-5BE37709E234}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{4E5DE0E3-F3A6-4D1C-A162-582253D4572A}" = dir=in | app=c:\program files\hewlett-packard\digital imaging\bin\hpqcopy2.exe |
"{4E635946-13B6-42C2-B9AE-DD30438EF020}" = protocol=6 | dir=in | app=c:\windows\system32\muzapp.exe |
"{53BA0FEF-2B49-41F8-9DCC-6FB1C6741C52}" = dir=in | app=c:\program files\hewlett-packard\digital imaging\bin\hpiscnapp.exe |
"{61A39F3D-C07A-4AE5-921F-D0B6D62A1E1B}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{68C0EDB9-1AE2-4261-9A7D-864DB66E7C00}" = dir=in | app=c:\program files\hewlett-packard\hp software update\hpwucli.exe |
"{6A41EFD6-A534-421F-A862-7014837D51C0}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{719997C7-B876-4DFD-99FC-C071608FA4A2}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{8113DA20-D504-49B0-8D48-39684FECED29}" = dir=in | app=c:\program files\hewlett-packard\digital imaging\bin\hpfccopy.exe |
"{87FEB870-2FA5-4F5C-8F82-4702FEF13253}" = dir=in | app=c:\program files\hewlett-packard\digital imaging\bin\hpqusgh.exe |
"{8A158618-3D39-4E97-9EC7-1A4DEFE59631}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{8ABE18C7-4F9B-4A2C-A299-4F34B2A83BD8}" = dir=in | app=c:\program files\hewlett-packard\digital imaging\bin\hpqgplgtupl.exe |
"{AECCD882-DB18-4BA0-AA74-928BC5BC8F6A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B7E2B143-A20F-490A-B987-BA06A4059443}" = dir=in | app=c:\program files\hewlett-packard\digital imaging\smart web printing\smartwebprintexe.exe |
"{CD86DC78-1139-47C6-B397-8FB5D02A8820}" = dir=in | app=c:\program files\hewlett-packard\digital imaging\bin\hpqkygrp.exe |
"{CF0947A5-0B3E-4135-A7A4-F9F3D5770009}" = dir=in | app=c:\program files\hewlett-packard\digital imaging\bin\hpqscnvw.exe |
"{D1D64B0A-6931-4E66-84A0-BF72A10D1768}" = dir=in | app=c:\program files\hewlett-packard\digital imaging\bin\hposid01.exe |
"{DEFE70A1-A622-4608-AA68-FC3746625188}" = dir=in | app=c:\program files\hewlett-packard\digital imaging\bin\hpqusgm.exe |
"{F10BF9A4-BD89-43A1-90F0-C87A4ADCA1A9}" = dir=in | app=c:\program files\hewlett-packard\digital imaging\bin\hpqtra08.exe |
"{F27819B9-E8BD-42AE-BDE1-29646E66282B}" = dir=in | app=c:\program files\hewlett-packard\digital imaging\bin\hpoews01.exe |
"{FF02D425-2E12-4E8F-BB7B-9032D211FFB1}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"TCP Query User{22DC3611-5B30-4FC7-BE96-A5DDBA6D3079}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{347C029B-A433-43D1-B91E-D0D1DF7C8A7B}C:\program files\icq7.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe |
"TCP Query User{4635744F-C512-4A06-9364-57EF5DBC8C70}C:\program files\singles\singles.exe" = protocol=6 | dir=in | app=c:\program files\singles\singles.exe |
"TCP Query User{65CB0B3F-100A-43F4-BB3D-26A468221CB5}C:\program files\icq7.4\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq7.4\icq.exe |
"TCP Query User{6B345FE5-1EE9-49A5-B22E-8BC2B4F09F2E}C:\program files\activision\call of duty 2\cod2mp_s.exe" = protocol=6 | dir=in | app=c:\program files\activision\call of duty 2\cod2mp_s.exe |
"TCP Query User{6E742D74-EDBC-4760-A21A-D475C4B65E3F}C:\program files\activision\call of duty 2\cod2mp_s.exe" = protocol=6 | dir=in | app=c:\program files\activision\call of duty 2\cod2mp_s.exe |
"TCP Query User{89CF1541-9191-4E0C-8B65-285C589D0A89}C:\program files\icq7.4\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq7.4\icq.exe |
"TCP Query User{9D31C169-1427-4DB7-A912-AB35D8AE4AF5}C:\games\game alarm\gamealarm.exe" = protocol=6 | dir=in | app=c:\games\game alarm\gamealarm.exe |
"TCP Query User{AB052763-69F0-49FC-B3EF-6C97840D85B1}C:\games\game alarm\gamealarm.exe" = protocol=6 | dir=in | app=c:\games\game alarm\gamealarm.exe |
"TCP Query User{BF88FB66-BAEB-45DE-9BC8-DE2BB79378C2}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{D93AA464-AD40-475F-9D94-30F85A1CE61E}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"TCP Query User{ED082EB6-D7D4-4E7D-94DB-8681CB5883F7}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{FF0A5CCA-462F-4B8D-9715-44198B76DD49}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{02C56EA1-BD3C-464D-B127-4788C94A6982}C:\program files\icq7.4\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq7.4\icq.exe |
"UDP Query User{4C64DB6E-9897-45C8-BDF2-D79B0E27AF81}C:\games\game alarm\gamealarm.exe" = protocol=17 | dir=in | app=c:\games\game alarm\gamealarm.exe |
"UDP Query User{4D109DF9-D0CC-4998-91E2-2B4F165B4889}C:\program files\activision\call of duty 2\cod2mp_s.exe" = protocol=17 | dir=in | app=c:\program files\activision\call of duty 2\cod2mp_s.exe |
"UDP Query User{748A5CC7-D623-49E0-92EF-AA7479CC752E}C:\program files\singles\singles.exe" = protocol=17 | dir=in | app=c:\program files\singles\singles.exe |
"UDP Query User{74D33743-9D16-40CB-87FD-D5BF2C9FD488}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{7CECE9A4-3EB5-4409-B514-E45E0700F49A}C:\games\game alarm\gamealarm.exe" = protocol=17 | dir=in | app=c:\games\game alarm\gamealarm.exe |
"UDP Query User{7EF7CCCD-AEF8-4D7F-8D48-A26A08C73C8B}C:\program files\activision\call of duty 2\cod2mp_s.exe" = protocol=17 | dir=in | app=c:\program files\activision\call of duty 2\cod2mp_s.exe |
"UDP Query User{88ADCF37-F443-4FC9-ABF4-2BC6AADA3791}C:\program files\icq7.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe |
"UDP Query User{89024D08-606E-4F22-9141-E1B281330513}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{9C226C0F-F953-44E6-BBED-88EEC7579C8B}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{AEAD205C-D31F-45B8-9527-8DDCBFCEE47E}C:\program files\icq7.4\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq7.4\icq.exe |
"UDP Query User{AF1B73E9-5904-4DE0-B52F-F33181E342E5}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"UDP Query User{DB1D6477-FE62-4E03-A34E-4A3CB30E8547}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01161F64-6897-4885-93A0-A9F7BE9A4253}" = hp psc 1100 series
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software
"{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}" = LightScribe System Software 1.14.17.1
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}_is1" = SiteRanker
"{139B0FFA-187E-4BA1-BCA6-6B56B2B6AB8C}" = ATK Media
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{1D975A5E-1126-4F46-A423-41781934A63E}" = JuicyAccess Toolbar
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1DEBA8AA-3FC2-4867-AD29-4CE4A95E1029}" = Nero 8
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program
"{2862A3C1-0CD9-4D8B-A28C-8C337D4DD5EB}" = Express Gate
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}" = ATK Hotkey
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{40C4903E-EDFB-4CAE-A611-41FEBA585921}" = VTech Download Agent Library
"{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module
"{42E2EEB2-D48E-4A47-B181-32ECA031D93B}" = DJ_AIO_06_F2400_SW_Min
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4E868D3D-6EEB-4273-926C-2287236B5B79}" = 3DVIA player 5.0
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57B15AD4-8C9D-4164-82BB-E33D8644E757}" = ASUS InstantFun
"{5C1DB4ED-E9B4-402D-BB14-D75D97D6C1A6}" = ATKOSD2
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}" = NB Probe
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BAA71B6-8F43-4C72-931A-3354ABB0258A}" = F2400
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6CB8556C-36B2-40D4-A73A-4ACBAFC8C72D}" = Tony Hawks Pro Skater 4 Demo
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{6ECB39BD-73C2-44DD-B1A0-898207C58D8B}" = Zpracování fotografií a obrázků HP 2.0 - All-in-One ovladač
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{83F73CB1-7705-49D1-9852-84D839CA2A45}" = Wireless Console 2
"{842BEE12-CCCB-43F4-ABAF-CBA6DFE2583D}" = Nero BurnLite 10
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0020-0405-0000-0000000FF1CE}" = Sada Compatibility Pack pro systém Office 2007
"{90280405-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional s aplikací FrontPage
"{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9867A917-5D17-40DE-83BA-BEA5293194B1}" = Zpracování fotografií a obrázků HP 2.0 - All-in-One
"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear eXtreme
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A23E5590-6799-437B-9723-2627BA800B6F}" = Dolby Control Center
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB627AF2-9C7E-4DBD-816B-3B2646B81E89}" = Nero BurnLite 10
"{AC76BA86-7AD7-1033-7B44-A81300000003}" = Adobe Reader 8.1.3
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovladač HD audia 1.3.18.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B376402D-58EA-45EA-BD50-DD924EB67A70}" = HP Memories Disc
"{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}" = Google Earth
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CDBF8C2D-04B0-4F9B-9AE1-7422F7F0EC94}" = HP Deskjet F2400 All-In-One Driver Software 13.0 Rel .6
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service
"{D7AF66D9-BC29-4EA1-A39F-32DF5A03B2EC}" = Freak Out Extreme Freeride Demo
"{DA41F9E9-B878-467F-95E7-27E4D1943533}" = Multimedia Card Reader
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{DDD5104F-1C44-49EB-9E6B-29EC5D27658B}" = HP Update
"{DE10AB76-4756-4913-BE25-55D1C1051F9A}" = WinFlash
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{FAF26102-09D7-4C58-AB01-0D59A2E517CA}" = Copy
"3GP Player_is1" = 3GP Player 1.1.5
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"Asus_Camera_ScreenSaver" = Asus_Camera_ScreenSaver
"avast" = avast! Free Antivirus
"GamersFirst LIVE!" = GamersFirst LIVE!
"Google Desktop" = Google Desktop
"Google Chrome" = Google Chrome
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Print Projects" = HP Print Projects 1.0
"HP PSC 1100 Series" = Zpracování fotografií a obrázkù HP 2.0 - HP psc 1100
"HP Smart Web Printing" = HP Smart Web Printing 4.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"IrfanView" = IrfanView (remove only)
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Mozilla Firefox 19.0.2 (x86 cs)" = Mozilla Firefox 19.0.2 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIA Drivers" = NVIDIA Drivers
"Picasa2" = Picasa 2
"Shop for HP Supplies" = Shop for HP Supplies
"ssinstall" = Seznam Instalátor
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"USB Mass Storage Filter Driver" = Multimedia Card Reader
"USB2.0 1.3M UVC WebCam" = USB2.0 1.3M UVC WebCam
"WMMA2" = WMMA2

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"gamealarm-DEFAULT" = Game Alarm
"sc11-CH_SF" = Ski Challenge 11 (SF)

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 20.10.2011 18:10:08 | Computer Name = domaci | Source = WinMgmt | ID = 10
Description =

Error - 21.10.2011 5:49:14 | Computer Name = domaci | Source = WinMgmt | ID = 10
Description =

Error - 21.10.2011 9:14:23 | Computer Name = domaci | Source = WinMgmt | ID = 10
Description =

Error - 21.10.2011 18:48:20 | Computer Name = domaci | Source = WinMgmt | ID = 10
Description =

Error - 22.10.2011 14:47:21 | Computer Name = domaci | Source = WinMgmt | ID = 10
Description =

Error - 23.10.2011 5:35:32 | Computer Name = domaci | Source = WinMgmt | ID = 10
Description =

Error - 23.10.2011 9:04:59 | Computer Name = domaci | Source = WinMgmt | ID = 10
Description =

Error - 23.10.2011 16:35:06 | Computer Name = domaci | Source = WinMgmt | ID = 10
Description =

Error - 24.10.2011 6:28:36 | Computer Name = domaci | Source = WinMgmt | ID = 10
Description =

Error - 24.10.2011 15:33:53 | Computer Name = domaci | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 23.3.2013 11:07:36 | Computer Name = domaci | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =

Error - 23.3.2013 12:38:13 | Computer Name = domaci | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =

Error - 23.3.2013 13:06:01 | Computer Name = domaci | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =

Error - 23.3.2013 15:49:06 | Computer Name = domaci | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =

Error - 23.3.2013 16:02:27 | Computer Name = domaci | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =

Error - 24.3.2013 10:43:37 | Computer Name = domaci | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =

Error - 24.3.2013 10:55:23 | Computer Name = domaci | Source = Service Control Manager | ID = 7034
Description =

Error - 24.3.2013 11:09:17 | Computer Name = domaci | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =

Error - 24.3.2013 11:33:01 | Computer Name = domaci | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =

Error - 27.3.2013 5:38:20 | Computer Name = domaci | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =


< End of report >

[Márty84]

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
Znovu spustte OTL jako spravce
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[RESETHOSTS]
[Purity]

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\Windows\tasks\Adobe Flash Player Updater.job

:otl
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O15 - HKLM\..Trusted Domains: localhost ([]http in Internet)
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
[2013.02.25 14:58:10 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[22 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\85e372d35fcb19fdacfc4d3029e65d06\*.tmp files -> C:\Windows\SoftwareDistribution\Download\85e372d35fcb19fdacfc4d3029e65d06\*.tmp -> ]
[1 C:\Windows\System32\DriverStore\FileRepository\hposcu08.inf_6b5c1a40\drivers\scanner\*.tmp files -> C:\Windows\System32\DriverStore\FileRepository\hposcu08.inf_6b5c1a40\drivers\scanner\*.tmp -> ]
[1 C:\Windows\twain_32\*.tmp files -> C:\Windows\twain_32\*.tmp -> ]
@Alternate Data Stream - 6144 bytes -> C:\Windows\Cursors\arrow_n.cur:NEDTA.DAT
@Alternate Data Stream - 109 bytes -> C:\ProgramData\Temp:592D7272
@Alternate Data Stream - 104 bytes -> C:\ProgramData\Temp:D1B5B4F1

Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

[zeleninka100]

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User

User: Public

User: vladimír
->Temp folder emptied: 31443040 bytes
->Temporary Internet Files folder emptied: 8499952 bytes
->FireFox cache emptied: 3376652 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 492 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1430750 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 43,00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Public

User: vladimír
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
C:\Windows\tasks\Adobe Flash Player Updater.job moved successfully.
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin\ deleted successfully.
C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll moved successfully.
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin\ deleted successfully.
File C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll not found.
File C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\localhost\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\localhost\ deleted successfully.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\GD\\http deleted successfully.
C:\ProgramData\McAfee\MCLOGS\SecurityScanner\mcuicnt folder moved successfully.
C:\ProgramData\McAfee\MCLOGS\SecurityScanner folder moved successfully.
C:\ProgramData\McAfee\MCLOGS\PartnerCustom\SSScheduler folder moved successfully.
C:\ProgramData\McAfee\MCLOGS\PartnerCustom\SecurityScan_Release folder moved successfully.
C:\ProgramData\McAfee\MCLOGS\PartnerCustom\SecurityScan_Inner folder moved successfully.
C:\ProgramData\McAfee\MCLOGS\PartnerCustom\McUicnt folder moved successfully.
C:\ProgramData\McAfee\MCLOGS\PartnerCustom\McCHSvc folder moved successfully.
C:\ProgramData\McAfee\MCLOGS\PartnerCustom\Au_ folder moved successfully.
C:\ProgramData\McAfee\MCLOGS\PartnerCustom folder moved successfully.
C:\ProgramData\McAfee\MCLOGS\McUICnt\McUicnt folder moved successfully.
C:\ProgramData\McAfee\MCLOGS\McUICnt folder moved successfully.
C:\ProgramData\McAfee\MCLOGS\McLightInstaller\McUICnt folder moved successfully.
C:\ProgramData\McAfee\MCLOGS\McLightInstaller folder moved successfully.
C:\ProgramData\McAfee\MCLOGS\Common\McUicnt folder moved successfully.
C:\ProgramData\McAfee\MCLOGS\Common\McCHSvc folder moved successfully.
C:\ProgramData\McAfee\MCLOGS\Common folder moved successfully.
C:\ProgramData\McAfee\MCLOGS folder moved successfully.
C:\ProgramData\McAfee folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2DF2.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3207.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP50DD.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP542A.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5C42.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5CC2.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP693D.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6AF4.tmp\System.Data.Entity.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6AF4.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6BDC.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6EE9.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP733C.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP81A.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP81BE.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9388.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPA545.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB51B.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB7DA.tmp\System.Web.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB7DA.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPD152.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE5AC.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE752.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPEEF0.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPFD92.tmp folder deleted successfully.
C:\Windows\Installer\MSI453.tmp deleted successfully.
C:\Windows\SoftwareDistribution\Download\85e372d35fcb19fdacfc4d3029e65d06\BIT54EA.tmp deleted successfully.
File delete failed. C:\Windows\System32\DriverStore\FileRepository\hposcu08.inf_6b5c1a40\drivers\scanner\hpqgends.tmp scheduled to be deleted on reboot.
C:\Windows\twain_32\hpqgnds2.tmp deleted successfully.
ADS C:\Windows\Cursors\arrow_n.cur:NEDTA.DAT deleted successfully.
ADS C:\ProgramData\Temp:592D7272 deleted successfully.
ADS C:\ProgramData\Temp:D1B5B4F1 deleted successfully.

OTL by OldTimer - Version 3.2.69.0 log created on 03282013_094819

Files\Folders moved on Reboot...
C:\Users\vladimír\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\C9RUVQGL\ads[3].htm moved successfully.
C:\Users\vladimír\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\C9RUVQGL\afr[1].htm moved successfully.
C:\Users\vladimír\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\C9RUVQGL\si[2].htm moved successfully.
C:\Users\vladimír\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\C9RUVQGL\viewtopic[1].htm moved successfully.
C:\Users\vladimír\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\C9RUVQGL\zrt_lookup[1].htm moved successfully.
C:\Users\vladimír\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\ED8654D5-B9F0-4DD9-B3E8-F8F560086FDF.dat moved successfully.
C:\Users\vladimír\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
File\Folder C:\Windows\temp\TMP00000016232F388CAD8A5D45 not found!
File move failed. C:\Windows\System32\DriverStore\FileRepository\hposcu08.inf_6b5c1a40\drivers\scanner\hpqgends.tmp scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

[Márty84]

Nastala nejaka zmena?

[zeleninka100]

Pořád je pomalý net a když je notebook ve spáku tak nejde dát do pohovostního režimu.

[Márty84]

Pokud nemate, zazalohujte si radeji dulezita data (fotky, dokumenty, atd.)

Nepouzivejte ComboFix bez predchozi domluvy! Je to poruseni pravidel fora a ztratite tim narok na pomoc!

Stahnete ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Kliknete na ComboFix pravym mysidlem a levym na Spustit jako spravce
Odsouhlaste licencni podminky a nechte program pracovat. Jestli vam nabidne instalaci Konzoly pro zotaveni, souhlaste.
Po dobu skenu nic nespoustejte, nikam neklikejte.
Po dokonceni skenovani (muze dojit i k restartu pc) by se mel vytvorit log, ktery bude umisteny zde C:\ComboFix.txt
Jeho obsah sem zkopirujte

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
Kdyz windows nabehne, ale pri spousteni programu bude hlasena chyba, staci restartovat pc a bude to v poradku

[zeleninka100]

ComboFix 13-03-27.01 - vladimír 28.03.2013 12:00:35.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.2814.1725 [GMT 1:00]
Spuštěný z: c:\users\vladimÝr\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\hpoddt01.exe.lnk
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-02-28 do 2013-03-28 )))))))))))))))))))))))))))))))
.
.
2013-03-28 11:12 . 2013-03-28 11:12 -------- d-----w- c:\users\vladimír\AppData\Local\temp
2013-03-28 11:12 . 2013-03-28 11:12 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-03-28 09:20 . 2013-03-28 09:20 -------- d-----w- c:\users\vladimír\AppData\Local\GHISLER
2013-03-28 09:15 . 2013-03-28 09:15 -------- dc----w- C:\totalcmd
2013-03-28 09:15 . 2013-03-28 09:15 -------- d-----w- c:\users\vladimír\AppData\Roaming\GHISLER
2013-03-28 09:15 . 2012-08-03 07:01 545 ----a-w- c:\windows\UC.PIF
2013-03-28 09:15 . 2012-08-03 07:01 545 ----a-w- c:\windows\RAR.PIF
2013-03-28 09:15 . 2012-08-03 07:01 545 ----a-w- c:\windows\PKZIP.PIF
2013-03-28 09:15 . 2012-08-03 07:01 545 ----a-w- c:\windows\PKUNZIP.PIF
2013-03-28 09:15 . 2012-08-03 07:01 545 ----a-w- c:\windows\LHA.PIF
2013-03-28 09:15 . 2012-08-03 07:01 545 ----a-w- c:\windows\ARJ.PIF
2013-03-28 08:54 . 2013-03-28 08:54 9310 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TEXTBOX.JS
2013-03-28 08:54 . 2013-03-28 08:54 8646 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TILEBOX.JS
2013-03-28 08:54 . 2013-03-28 08:54 6429 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\UICORE.JS
2013-03-28 08:54 . 2013-03-28 08:54 63115 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\USERTILE.JS
2013-03-28 08:54 . 2013-03-28 08:54 5927 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TEXT.JS
2013-03-28 08:54 . 2013-03-28 08:54 4599 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\UIRESOURCE.JS
2013-03-28 08:54 . 2013-03-28 08:54 8613 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\SAVEDUSER.JS
2013-03-28 08:54 . 2013-03-28 08:54 1651 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\QUERYSTRING.JS
2013-03-28 08:53 . 2013-03-28 08:53 8288 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\IMAGE.JS
2013-03-28 08:53 . 2013-03-28 08:53 6910 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\NEWUSERCOMM.JS
2013-03-28 08:53 . 2013-03-28 08:53 6208 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\LINK.JS
2013-03-28 08:53 . 2013-03-28 08:53 18541 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\LOCALIZATION.JS
2013-03-28 08:53 . 2013-03-28 08:53 51852 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\EXTERNALWRAPPER.JS
2013-03-28 08:53 . 2013-03-28 08:53 8782 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\BUTTON.JS
2013-03-28 08:53 . 2013-03-28 08:53 7271 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\CHECKBOX.JS
2013-03-28 08:53 . 2013-03-28 08:53 23327 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\COMBOBOX.JS
2013-03-28 08:53 . 2013-03-28 08:53 20719 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\DIVWRAPPER.JS
2013-03-28 08:48 . 2013-03-28 08:48 -------- dc----w- C:\_OTL
2013-03-27 09:46 . 2013-03-27 09:46 512 -c--a-w- C:\PhysicalMBR.bin
2013-03-27 09:43 . 2013-03-15 07:21 7108640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A664691D-71F3-4B66-953E-CED82795CE41}\mpengine.dll
2013-03-24 15:35 . 2013-03-24 15:35 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-03-24 15:35 . 2013-03-24 15:35 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-03-24 14:55 . 2013-03-24 14:55 -------- dc----w- C:\_OTM
2013-03-23 17:52 . 2013-03-23 17:52 -------- d-----w- c:\users\vladimír\AppData\Roaming\Malwarebytes
2013-03-23 17:52 . 2013-03-23 17:52 -------- d-----w- c:\programdata\Malwarebytes
2013-03-23 15:00 . 2013-03-23 15:00 19286 -c--a-w- C:\cleanup.exe
2013-03-23 14:50 . 2013-03-23 14:50 79 ----a-w- c:\windows\system32\ssinstall-uninstall.bat
2013-03-23 14:50 . 2013-03-23 14:50 2317848 ----a-w- c:\windows\system32\ssins.exe
2013-03-23 14:11 . 2013-03-24 15:28 -------- d-----w- c:\program files\trend micro
2013-03-23 14:11 . 2013-03-23 14:13 -------- dc----w- C:\rsit
2013-03-21 19:41 . 2013-02-12 01:57 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-03-20 22:43 . 2013-03-21 09:54 -------- d-----w- c:\program files\Mozilla Maintenance Service
2013-03-17 20:26 . 2013-01-08 22:01 768000 ----a-w- c:\program files\Common Files\Microsoft Shared\vgx\VGX.dll
2013-03-15 17:03 . 2009-08-04 08:02 754688 ----a-w- c:\windows\system32\webservices.dll
2013-03-15 16:58 . 2013-03-15 16:58 -------- d-----w- c:\program files\NVIDIA Corporation
2013-03-07 21:08 . 2013-03-06 23:33 164736 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-03-07 21:08 . 2013-03-06 23:33 49248 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-03-28 08:53 . 2009-03-12 10:04 45056 ----a-w- c:\windows\system32\acovcnt.exe
2013-03-06 23:33 . 2011-06-11 08:59 765736 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-03-06 23:33 . 2009-04-29 10:20 49760 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2013-03-06 23:33 . 2009-04-29 10:20 62376 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-03-06 23:33 . 2009-04-29 10:20 368176 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-03-06 23:33 . 2012-01-26 14:30 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-03-06 23:33 . 2009-04-29 10:20 29816 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-03-06 23:32 . 2011-06-11 08:58 41664 ----a-w- c:\windows\avastSS.scr
2013-03-06 23:32 . 2009-04-29 10:20 228600 ----a-w- c:\windows\system32\aswBoot.exe
2013-02-18 08:22 . 2013-02-18 08:22 884072 ----a-w- c:\windows\system32\nvhdagenco3220103.dll
2013-02-18 08:22 . 2013-02-18 08:22 67432 ----a-w- c:\windows\system32\nvapo32v.dll
2013-02-18 08:22 . 2013-02-18 08:22 28008 ----a-w- c:\windows\system32\nvhdap32.dll
2013-02-18 08:22 . 2013-02-18 08:22 149352 ----a-w- c:\windows\system32\drivers\nvhda32v.sys
2013-01-17 00:28 . 2009-10-03 15:33 232336 ------w- c:\windows\system32\MpSigStub.exe
2013-01-05 05:26 . 2013-02-13 10:47 3550072 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-01-05 05:26 . 2013-02-13 10:47 3602808 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-01-04 11:28 . 2013-02-13 10:47 905576 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-01-04 01:38 . 2013-02-13 10:47 2048512 ----a-w- c:\windows\system32\win32k.sys
2013-03-20 23:11 . 2013-03-20 22:43 263064 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-03-06 23:32 121968 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CLMLServer"="c:\program files\CyberLink\Power2Go\CLMLSvc.exe" [2008-07-19 104936]
"P2Go_Menu"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-06-14 210216]
"HControlUser"="c:\program files\ATK Hotkey\HcontrolUser.exe" [2008-01-12 98304]
"ATKOSD2"="c:\program files\ATKOSD2\ATKOSD2.exe" [2008-01-23 7766016]
"RtHDVCpl"="RtHDVCpl.exe" [2008-08-12 6265376]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-08-17 102400]
"ASUS Screen Saver Protector"="c:\windows\AsScrPro.exe" [2008-11-18 3054136]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-03-06 4767304]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-07-02 13789728]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-4-10 752168]
HP Digital Imaging Monitor.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe [2009-5-21 275768]
hp psc 1000 series.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe [2003-4-6 147456]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-06-09 18:14 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-03-16 10:43 1629648 ----a-w- c:\program files\Google\Chrome\Application\25.0.1364.172\Installer\chrmstp.exe
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://seznam.cz/
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\vladimír\AppData\Roaming\Mozilla\Firefox\Profiles\flwl4y5x.default\
FF - prefs.js: keyword.URL -
FF - ExtSQL: 2013-03-07 22:08; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
FF - ExtSQL: 2013-03-20 23:44; {ea614400-e918-4741-9a97-7a972ff7c30b}; c:\users\vladimír\AppData\Roaming\Mozilla\Firefox\Profiles\flwl4y5x.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
FF - ExtSQL: !HIDDEN! 2011-06-02 15:03; smartwebprinting@hp.com; c:\program files\Hewlett-Packard\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
SafeBoot-WudfPf
SafeBoot-WudfRd
AddRemove-USB2.0 1.3M UVC WebCam - c:\windows\Uninstall.exe
AddRemove-{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}_is1 - c:\program files\SiteRanker\unins000.exe
AddRemove-{1D975A5E-1126-4F46-A423-41781934A63E} - c:\programdata\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\Setup.exe
AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-05_Sloan - c:\program files\Samsung\USB Drivers\05_Sloan\Uninstall.exe
AddRemove-06_Spencer - c:\program files\Samsung\USB Drivers\06_Spencer\Uninstall.exe
AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-08_EMPChipset - c:\program files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe
AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-17_EMP_Chipset2 - c:\program files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe
AddRemove-18_Zinia_Serial_Driver - c:\program files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe
AddRemove-19_VIA_driver - c:\program files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-22_WiBro_WiMAX - c:\program files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe
AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-03-28 12:12
Windows 6.0.6002 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Celkový čas: 2013-03-28 12:15:28
ComboFix-quarantined-files.txt 2013-03-28 11:15
.
Před spuštěním: Volných bajtů: 85 461 553 152
Po spuštění: Volných bajtů: 85 401 989 120
.
- - End Of File - - 2B8168E2632C0FF584A7E5FF898EB1F2

[Márty84]

Najdete tento soubor c:\windows\system32\acovcnt.exe a otestujte ho na virustotal a jotti http://forum.viry.cz/viewtopic.php?f=29&t=5846 Vysledky sem zkopirujte, nebo dejte odkaz.