Preventivka mojeho PC

Zpráva

#16 Příspěvek od **Márty84** » 03 kvě 2014 13:14

Vypnete trvale Windows Defender

Presunte ComboFix na plochu, jinak to nebude fungovat.

Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

KillAll::

File::
c:\windows\SysWow64\mnccrssr.vbe
c:\windows\SysWow64\mncgllsx.vbe

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"mncgllsxSrv"=-
"mnccrssrSrv"=-

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

Driver::
SkypeUpdate

Reboot::

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev CFScript a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Pretahntete mysi tento vytvoreny textovy dokument nad ikonu ComboFix a pustte.
ComboFix by se mel spustit a vykonat prikazy.
Az skonci (muze dojit k restartu pc), mel by se objevit novy log, ten mi sem zase zkopirujte.

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace

Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

toox · #17 Příspěvek od **toox** » 03 kvě 2014 14:50

Defender Aktualizoval a vypl !

nejsem si jist jestli se to smazalo žadné načítání rozdílné od toho prvního nebylo ale udělal sem vše podle rad a ne poprvé
ComboFix 14-04-30.01 - Honza 03.05.2014 15:26:10.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4087.2671 [GMT 2:00]
Spuštěný z: c:\users\Honza\Downloads\ComboFix.exe
Použité ovládací přepínače :: c:\users\Honza\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\SysWow64\mnccrssr.vbe"
"c:\windows\SysWow64\mncgllsx.vbe"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-04-03 do 2014-05-03 )))))))))))))))))))))))))))))))
.
.
2014-05-03 13:31 . 2014-05-03 13:31 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp
2014-05-03 13:31 . 2014-05-03 13:31 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-05-03 13:20 . 2014-04-17 03:31 10651704 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6968FADA-D009-4601-AA8C-0BE3095CEFA8}\mpengine.dll
2014-05-02 22:25 . 2014-05-02 22:25 -------- d-----w- c:\users\Honza\AppData\Local\CrashDumps
2014-05-02 15:56 . 2014-05-03 11:25 -------- d-----w- C:\AdwCleaner
2014-05-02 11:42 . 2014-05-02 11:42 -------- d-----w- C:\rsit
2014-04-24 09:23 . 2014-04-24 09:25 -------- d-----w- c:\users\Honza\AppData\Roaming\.minecraft
2014-04-24 06:43 . 2014-04-24 06:43 943044 ----a-w- c:\windows\SysWow64\scrypt130511GeForce GTX 460glg2tc1984w256l4.bin
2014-04-23 14:16 . 2014-03-05 20:19 7670 --s-a-w- c:\windows\SysWow64\mnccrssr.vbe
2014-04-23 14:16 . 2014-04-23 14:16 -------- d-----w- c:\program files (x86)\Minecraft free launcher
2014-04-23 14:15 . 2014-03-05 21:19 7670 --s-a-w- c:\windows\SysWow64\mncgllsx.vbe
2014-04-23 14:15 . 2014-04-23 14:16 -------- d-----w- c:\windows\SysWow64\bitstreams
2014-04-23 14:15 . 2013-10-26 18:30 364544 --s-a-w- c:\windows\SysWow64\ssleay32.dll
2014-04-23 14:15 . 2013-10-26 18:30 192512 --s-a-w- c:\windows\SysWow64\libidn-11.dll
2014-04-23 14:15 . 2013-10-26 18:30 171008 --s-a-w- c:\windows\SysWow64\libssh2.dll
2014-04-23 14:15 . 2013-10-26 18:30 1704448 --s-a-w- c:\windows\SysWow64\libeay32.dll
2014-04-23 14:15 . 2013-10-26 18:30 133632 --s-a-w- c:\windows\SysWow64\librtmp.dll
2014-04-23 14:15 . 2013-06-12 13:15 119888 --s-a-w- c:\windows\SysWow64\pthreadGC2.dll
2014-04-23 14:15 . 2013-06-12 13:15 100864 --s-a-w- c:\windows\SysWow64\zlib1.dll
2014-04-23 14:15 . 2012-05-26 23:36 55808 --s-a-w- c:\windows\SysWow64\pthreadVC2.dll
2014-04-23 14:15 . 2013-10-26 18:30 538126 --s-a-w- c:\windows\SysWow64\libcurl-4.dll
2014-04-23 14:15 . 2012-09-25 21:46 472424 --s-a-w- c:\windows\SysWow64\cudart32_50_35.dll
2014-04-15 18:12 . 2014-04-15 18:12 61112 ----a-w- c:\windows\system32\drivers\wStLibG64.sys
2014-04-15 16:55 . 2014-04-15 16:55 -------- d-----w- c:\program files (x86)\WebSpades
2014-04-15 16:43 . 2014-04-15 16:43 -------- d-----w- c:\programdata\Copernic
2014-04-15 16:43 . 2014-04-15 16:43 -------- d-----w- c:\users\Honza\AppData\Roaming\Copernic
2014-04-15 16:38 . 2014-04-15 16:43 -------- d-----w- c:\users\Honza\AppData\Local\Copernic
2014-04-11 19:19 . 2014-04-11 19:19 -------- d-----w- c:\program files (x86)\ASIO4ALL v2
2014-04-11 19:19 . 2014-04-11 19:19 -------- d-----w- c:\program files (x86)\VstPlugins
2014-04-11 19:19 . 2013-03-12 10:47 1431552 ----a-w- c:\windows\SysWow64\rewire.dll
2014-04-11 19:19 . 2014-04-11 19:19 -------- d-----w- c:\users\Honza\AppData\Roaming\Image-Line
2014-04-11 19:19 . 2014-04-11 19:19 -------- d-----w- c:\program files\Image-Line
2014-04-11 19:19 . 2009-09-15 09:14 1554944 ----a-w- c:\windows\SysWow64\vorbis.acm
2014-04-11 19:19 . 2014-04-11 19:19 -------- d-----w- c:\users\Honza\AppData\Roaming\FlowStone
2014-04-11 19:19 . 2014-04-11 19:19 -------- d-----w- c:\program files (x86)\DSPRobotics
2014-04-11 19:16 . 2014-04-11 19:19 -------- d-----w- c:\program files (x86)\Image-Line
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-05-02 08:06 . 2013-07-22 09:19 70832 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-02 08:06 . 2013-07-22 09:19 692400 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-04-10 13:01 . 2012-12-27 22:23 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2014-04-10 13:01 . 2013-01-12 18:59 281768 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2014-04-10 13:01 . 2012-12-27 22:23 281768 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-03-31 07:35 . 2012-12-27 18:30 270496 ------w- c:\windows\system32\MpSigStub.exe
2014-03-29 19:08 . 2014-03-29 19:08 84816 ----a-w- c:\windows\system32\drivers\aswStm.sys
2014-03-29 19:08 . 2014-03-29 19:08 43152 ----a-w- c:\windows\avastSS.scr
2014-03-29 19:08 . 2013-03-22 19:50 208928 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-03-29 19:08 . 2013-03-22 19:50 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-03-29 19:08 . 2012-12-27 18:32 423240 ----a-w- c:\windows\system32\drivers\aswSP.sys
2014-03-29 19:08 . 2012-12-27 18:32 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-03-29 19:08 . 2012-12-27 18:32 1039096 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-03-29 19:08 . 2012-12-27 18:32 79184 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-03-29 19:08 . 2012-12-27 18:32 334648 ----a-w- c:\windows\system32\aswBoot.exe
2014-03-05 20:36 . 2014-03-03 16:49 466456 ----a-w- c:\windows\system32\wrap_oal.dll
2014-03-05 20:36 . 2014-03-03 16:49 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2014-03-05 20:36 . 2014-03-03 16:49 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2014-03-05 20:36 . 2014-03-03 16:49 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2014-03-04 14:35 . 2014-03-12 11:34 947808 ----a-w- c:\windows\system32\nvumdshimx.dll
2014-03-04 14:35 . 2014-03-12 11:34 832936 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2014-03-04 14:35 . 2014-03-12 11:34 18302384 ----a-w- c:\windows\system32\nvwgf2umx.dll
2014-03-04 14:35 . 2014-03-12 11:34 15783992 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2014-03-04 14:35 . 2014-03-12 11:34 9690424 ----a-w- c:\windows\SysWow64\nvopencl.dll
2014-03-04 14:35 . 2014-03-12 11:34 353504 ----a-w- c:\windows\system32\nvoglshim64.dll
2014-03-04 14:35 . 2014-03-12 11:34 31474976 ----a-w- c:\windows\system32\nvoglv64.dll
2014-03-04 14:35 . 2014-03-12 11:34 305600 ----a-w- c:\windows\SysWow64\nvoglshim32.dll
2014-03-04 14:35 . 2014-03-12 11:34 23716640 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2014-03-04 14:35 . 2014-03-12 11:34 12708128 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2014-03-04 14:35 . 2014-03-12 11:34 11589272 ----a-w- c:\windows\system32\nvopencl.dll
2014-03-04 14:35 . 2014-03-12 11:34 892704 ----a-w- c:\windows\system32\NvIFR64.dll
2014-03-04 14:35 . 2014-03-12 11:34 877856 ----a-w- c:\windows\system32\NvFBC64.dll
2014-03-04 14:35 . 2014-03-12 11:34 863064 ----a-w- c:\windows\SysWow64\NvIFR.dll
2014-03-04 14:35 . 2014-03-12 11:34 846168 ----a-w- c:\windows\SysWow64\NvFBC.dll
2014-03-04 14:35 . 2014-03-12 11:34 1885472 ----a-w- c:\windows\system32\nvdispco6433523.dll
2014-03-04 14:35 . 2014-03-12 11:34 174296 ----a-w- c:\windows\system32\nvinitx.dll
2014-03-04 14:35 . 2014-03-12 11:34 1516488 ----a-w- c:\windows\system32\nvdispgenco6433523.dll
2014-03-04 14:35 . 2014-03-12 11:34 148016 ----a-w- c:\windows\SysWow64\nvinit.dll
2014-03-04 14:35 . 2014-03-12 11:34 9728064 ----a-w- c:\windows\SysWow64\nvcuda.dll
2014-03-04 14:35 . 2014-03-12 11:34 3143456 ----a-w- c:\windows\system32\nvcuvid.dll
2014-03-04 14:35 . 2014-03-12 11:34 3093280 ----a-w- c:\windows\system32\nvapi64.dll
2014-03-04 14:35 . 2014-03-12 11:34 2958792 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2014-03-04 14:35 . 2014-03-12 11:34 2783008 ----a-w- c:\windows\system32\nvcuvenc.dll
2014-03-04 14:35 . 2014-03-12 11:34 2715264 ----a-w- c:\windows\SysWow64\nvapi.dll
2014-03-04 14:35 . 2014-03-12 11:34 25255256 ----a-w- c:\windows\system32\nvcompiler.dll
2014-03-04 14:35 . 2014-03-12 11:34 2411976 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2014-03-04 14:35 . 2014-03-12 11:34 17755424 ----a-w- c:\windows\system32\nvd3dumx.dll
2014-03-04 14:35 . 2014-03-12 11:34 17561544 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2014-03-04 14:35 . 2014-03-12 11:34 14709720 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2014-03-04 14:35 . 2014-03-12 11:34 11636176 ----a-w- c:\windows\system32\nvcuda.dll
2014-03-04 13:06 . 2014-03-12 11:38 6714312 ----a-w- c:\windows\system32\nvcpl.dll
2014-03-04 13:06 . 2014-03-12 11:38 3497816 ----a-w- c:\windows\system32\nvsvc64.dll
2014-03-04 13:05 . 2014-03-12 11:38 64968 ----a-w- c:\windows\system32\nvshext.dll
2014-03-04 13:05 . 2014-03-12 11:38 922968 ----a-w- c:\windows\system32\nvvsvc.exe
2014-03-04 13:05 . 2014-03-12 11:38 2558808 ----a-w- c:\windows\system32\nvsvcr.dll
2014-03-04 13:05 . 2014-03-12 11:38 386336 ----a-w- c:\windows\system32\nvmctray.dll
2014-03-04 13:05 . 2014-03-12 11:38 3649185 ----a-w- c:\windows\system32\nvcoproc.bin
2014-02-09 14:24 . 2014-02-09 14:24 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-02-05 09:31 . 2014-02-20 10:07 1048152 ----a-w- c:\windows\SysWow64\nvspcap.dll
2014-02-05 09:30 . 2014-02-20 10:07 1179576 ----a-w- c:\windows\system32\nvspcap64.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2010-01-19 43632]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-03-29 3854640]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer9"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena Plus\Room\safedrv.sys;c:\program files (x86)\Garena Plus\Room\safedrv.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\users\Honza\Downloads\TuneUpPortable1\APP\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys;c:\users\Honza\Downloads\TuneUpPortable1\APP\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [x]
R3 usbrndis6;Adaptér USB RNDIS6;c:\windows\system32\DRIVERS\usb80236.sys;c:\windows\SYSNATIVE\DRIVERS\usb80236.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S3 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S3 CompFilter64;UVCCompositeFilter;c:\windows\system32\DRIVERS\lvbflt64.sys;c:\windows\SYSNATIVE\DRIVERS\lvbflt64.sys [x]
S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
S3 LVUVC64;Logitech HD Webcam C510(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2014-05-02 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-22 08:06]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-03-29 19:08 290888 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-12-06 14:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-12-06 14:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2013-12-06 14:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-12-06 14:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-12-06 14:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-03-26 10135584]
"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2009-11-05 2345848]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-02-05 1179576]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SYSTEM32\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 8.8.8.8 62.129.50.20
FF - ProfilePath - c:\users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\c7qdeahl.default-1390425784843\
FF - prefs.js: browser.startup.homepage - hxxps://www.facebook.com/
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
.
**************************************************************************
.
Celkový čas: 2014-05-03 15:36:32 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-05-03 13:36
ComboFix2.txt 2014-05-03 11:45
.
Před spuštěním: Volných bajtů: 503 727 321 088
Po spuštění: Volných bajtů: 503 349 997 568
.
- - End Of File - - 4A51BF62572DB848A9B43FD4E9D1B495
A36C5E4F47E84449FF07ED3517B43A31

#18 Příspěvek od **Márty84** » 03 kvě 2014 15:02

Postupujte podle navodu kolegy

vyosek píše: Stahnete Malwarebytes Anti-Rootkit http://www.bleepingcomputer.com/downloa ... i-rootkit/
Ulozte nejlepe na Plochu a rozbalte

Spustte kliknutim na mbar

Nyni postupne kliknete na Next a Update

Po dokonceni update (aktualizace) databaze kliknete opet na Next

Nechte zaskrtnute vsechny tri moznosti a klinete na Scan cimz spustite prohledavani PC

Po dokonceni skenu (cca 5 minutek) zkontrolujte, zda-li je u vsech nalezu (samozrejme pokud budou) zatrzitko

Tez zkontrolujte, jetsli je zatrzitko u Create Restore point

Nyni kliknete na CleanUp cimz nalezenou infekci odstranime

PC bude restartovan

Slozka mbar by mela obsahovat log (a zrejme se i sam otevre) mbar-log-rok-mesic-den (hodina-minuta-sekunda).txt, ten mi sem dejte

toox · #19 Příspěvek od **toox** » 03 kvě 2014 15:15

No malware found !

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1009

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Administrative

Internet Explorer version: 9.0.8112.16421

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 3.064000 GHz
Memory total: 4286046208, free: 2462736384

Downloaded database version: v2014.05.03.04
Downloaded database version: v2014.03.27.01
Initializing...
======================
------------ Kernel report ------------
05/03/2014 16:06:55
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\system32\drivers\pciide.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\DRIVERS\jraid.sys
\SystemRoot\system32\DRIVERS\SCSIPORT.SYS
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\DRIVERS\disk.sys
\SystemRoot\system32\DRIVERS\CLASSPNP.SYS
\SystemRoot\System32\Drivers\aswVmm.sys
\SystemRoot\System32\Drivers\aswRvrt.sys
\SystemRoot\system32\DRIVERS\dtsoftbus01.sys
\SystemRoot\system32\drivers\cdrom.sys
\SystemRoot\system32\drivers\aswSnx.sys
\SystemRoot\system32\drivers\aswSP.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\drivers\aswRdr2.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\ws2ifsl.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\serial.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\nvlddmkm.sys
\SystemRoot\System32\Drivers\nvBridge.kmd
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\drivers\HDAudBus.sys
\SystemRoot\system32\drivers\usbuhci.sys
\SystemRoot\system32\drivers\USBPORT.SYS
\SystemRoot\system32\drivers\usbehci.sys
\SystemRoot\system32\DRIVERS\Rt64win7.sys
\SystemRoot\system32\DRIVERS\serenum.sys
\SystemRoot\system32\DRIVERS\parport.sys
\SystemRoot\system32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\drivers\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\drivers\umbus.sys
\SystemRoot\system32\drivers\nvvad64v.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\nvhda64v.sys
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_dumpata.sys
\SystemRoot\System32\Drivers\dump_atapi.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\DRIVERS\USBSTOR.SYS
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\System32\TSDDD.dll
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\lvbflt64.sys
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\usbaudio.sys
\SystemRoot\system32\DRIVERS\lvrs64.sys
\SystemRoot\system32\DRIVERS\lvuvc64.sys
\SystemRoot\system32\drivers\kbdhid.sys
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\drivers\aswMonFlt.sys
\SystemRoot\system32\DRIVERS\xusb21.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\drivers\aswStm.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\WUDFRd.sys
\SystemRoot\system32\DRIVERS\asyncmac.sys
\??\C:\Windows\system32\Drivers\PROCEXP113.SYS
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\urlmon.dll
\Windows\System32\oleaut32.dll
\Windows\System32\gdi32.dll
\Windows\System32\imagehlp.dll
\Windows\System32\lpk.dll
\Windows\System32\advapi32.dll
\Windows\System32\msvcrt.dll
\Windows\System32\shlwapi.dll
\Windows\System32\normaliz.dll
\Windows\System32\kernel32.dll
\Windows\System32\iertutil.dll
\Windows\System32\usp10.dll
\Windows\System32\clbcatq.dll
\Windows\System32\shell32.dll
\Windows\System32\psapi.dll
\Windows\System32\comdlg32.dll
\Windows\System32\Wldap32.dll
\Windows\System32\ole32.dll
\Windows\System32\ws2_32.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\user32.dll
\Windows\System32\msctf.dll
\Windows\System32\wininet.dll
\Windows\System32\imm32.dll
\Windows\System32\nsi.dll
\Windows\System32\sechost.dll
\Windows\System32\setupapi.dll
\Windows\System32\difxapi.dll
\Windows\System32\KernelBase.dll
\Windows\System32\comctl32.dll
\Windows\System32\crypt32.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\devobj.dll
\Windows\System32\wintrust.dll
\Windows\System32\msasn1.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk4\DR4
Upper Device Object: 0xfffffa8005a1e060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\0000007b\
Lower Device Object: 0xfffffa8005b20060
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk3\DR3
Upper Device Object: 0xfffffa8005a1f060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\0000007a\
Lower Device Object: 0xfffffa8005a88b60
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk2\DR2
Upper Device Object: 0xfffffa8005a84060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\00000079\
Lower Device Object: 0xfffffa8005b12060
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk1\DR1
Upper Device Object: 0xfffffa8005b1e060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\00000078\
Lower Device Object: 0xfffffa8005b0c060
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa8004606060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP1T0L0-1\
Lower Device Object: 0xfffffa80041fd060
Lower Device Driver Name: \Driver\atapi\
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa8004606060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa80046052a0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8004606060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa80041d7810, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa80041fd060, DeviceName: \Device\Ide\IdeDeviceP1T0L0-1\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 7F2C3E95

Partition information:

Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 2048 Numsec = 204800
Partition file system is NTFS
Partition is bootable

Partition 1 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 206848 Numsec = 1953314816

Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Disk Size: 1000204886016 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-2047-1953505168-1953525168)...
Done!
Physical Sector Size: 0
Drive: 1, DevicePointer: 0xfffffa8005b1e060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8005b20690, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8005b1e060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8005b0c060, DeviceName: \Device\00000078\, DriverName: \Driver\USBSTOR\
------------ End ----------
Physical Sector Size: 0
Drive: 2, DevicePointer: 0xfffffa8005a84060, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8005b1eb90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8005a84060, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8005b12060, DeviceName: \Device\00000079\, DriverName: \Driver\USBSTOR\
------------ End ----------
Physical Sector Size: 0
Drive: 3, DevicePointer: 0xfffffa8005a1f060, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8005a84b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8005a1f060, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8005a88b60, DeviceName: \Device\0000007a\, DriverName: \Driver\USBSTOR\
------------ End ----------
Physical Sector Size: 0
Drive: 4, DevicePointer: 0xfffffa8005a1e060, DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8005a1fb90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8005a1e060, DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8005b20060, DeviceName: \Device\0000007b\, DriverName: \Driver\USBSTOR\
------------ End ----------
Scan finished
=======================================

Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-2048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removal finished

#20 Příspěvek od **Márty84** » 03 kvě 2014 16:08

Dejte novy log z RSIT

toox · #21 Příspěvek od **toox** » 03 kvě 2014 16:18

Logfile of random's system information tool 1.09 (written by random/random)
Run by Honza at 2014-05-03 17:16:45
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 480 GB (50%) free of 954 GB
Total RAM: 4087 MB (53% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:16:48, on 3.5.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16483)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Users\Honza\AppData\Roaming\BitTorrent\BitTorrent.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe
C:\Program Files\trend micro\Honza.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [BitTorrent] "C:\Users\Honza\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 5874 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Windows\system32\Dwm.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "-1878025038-703306295-961210660772342371343108910-1085266844-470211820-250062847
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-e28f6411-890c-49af-84cc-791038c9ebab -SystemEventPortName:HostProcess-ec30d5f9-e658-45e2-8a1b-88f07b3af4da -IoCancelEventPortName:HostProcess-476fcaea-5af4-4709-80f6-14f3001fc6a1 -NonStateChangingEventPortName:HostProcess-9eecbf67-e7ca-49c8-8175-fb9f5d6e3244 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:b696f959-02c2-4f64-a4a0-3075eea07574 -DeviceGroupId:WpdFsGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\explorer.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe"
"C:\Users\Honza\AppData\Roaming\BitTorrent\BitTorrent.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=2428.1d838590.604570133 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 2428 "\\.\pipe\gecko-crash-server-pipe.2428" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe" --proxy-stub-channel=Flash484.60C77F48.16967 --host-broker-channel=Flash484.60C77F48.15898 --host-pid=484 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe" --channel=468.0026F5C4.961501603 --proxy-stub-channel=Flash484.60C77F48.16967 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll" --host-npapi-version=27 --type=renderer
"C:\Users\Honza\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\c7qdeahl.default-1390425784843

prefs.js - "browser.startup.homepage" - "https://www.facebook.com/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 13.0.0.206 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.51.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@t.garena.com/garenatalk]
"Description"=Garena Talk Plugin
"Path"=C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 13.0.0.206 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
NPOFF12.DLL
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\c7qdeahl.default-1390425784843\extensions\
youtubemp3podcaster@jeremy.d.gregorio.com
{bee6eb20-01e0-ebd1-da83-080329fb9a3a}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-02-09 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-02-09 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-03-26 10135584]
"itype"=C:\Program Files\Microsoft IntelliType Pro\itype.exe [2009-11-05 2345848]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2014-02-05 1179576]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"BitTorrent"=C:\Users\Honza\AppData\Roaming\BitTorrent\BitTorrent.exe [2014-04-30 900696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-11-06 3673728]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Honza\AppData\Local\Google\Update\GoogleUpdate.exe [2014-01-24 116648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\icq]
C:\Users\Honza\AppData\Roaming\ICQM\icq.exe -CU []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvBackend]
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-02-05 2234144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-02-10 20924064]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"=C:\Windows\RaidTool\xInsIDE.exe [2010-01-19 43632]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-03-29 3854640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=lvcod64.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo"=vfwwdm32.dll
"VIDC.FPS1"=frapsv64.dll
"msacm.ac3filter"=ac3filter64.acm
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2014-05-03 16:06:55 ----D---- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-05-03 16:06:55 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2014-05-03 16:06:36 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2014-05-03 15:36:33 ----A---- C:\ComboFix.txt
2014-05-03 15:33:27 ----SHD---- C:\$RECYCLE.BIN
2014-05-03 13:31:30 ----A---- C:\Windows\zip.exe
2014-05-03 13:31:30 ----A---- C:\Windows\SWSC.exe
2014-05-03 13:31:30 ----A---- C:\Windows\SWREG.exe
2014-05-03 13:31:30 ----A---- C:\Windows\sed.exe
2014-05-03 13:31:30 ----A---- C:\Windows\PEV.exe
2014-05-03 13:31:30 ----A---- C:\Windows\NIRCMD.exe
2014-05-03 13:31:30 ----A---- C:\Windows\MBR.exe
2014-05-03 13:31:30 ----A---- C:\Windows\grep.exe
2014-05-03 13:31:22 ----D---- C:\Qoobox
2014-05-03 13:31:07 ----D---- C:\Windows\erdnt
2014-05-02 17:56:28 ----D---- C:\AdwCleaner
2014-05-02 13:42:49 ----D---- C:\rsit
2014-04-25 09:36:58 ----A---- C:\Windows\system32\FNTCACHE.DAT
2014-04-24 11:23:17 ----D---- C:\Users\Honza\AppData\Roaming\.minecraft
2014-04-23 16:16:40 ----D---- C:\Program Files (x86)\Minecraft free launcher
2014-04-23 16:15:09 ----D---- C:\Windows\SYSWOW64\bitstreams
2014-04-23 16:15:09 ----AS---- C:\Windows\SYSWOW64\zlib1.dll
2014-04-23 16:15:09 ----AS---- C:\Windows\SYSWOW64\ssleay32.dll
2014-04-23 16:15:09 ----AS---- C:\Windows\SYSWOW64\pthreadVC2.dll
2014-04-23 16:15:09 ----AS---- C:\Windows\SYSWOW64\pthreadGC2.dll
2014-04-23 16:15:09 ----AS---- C:\Windows\SYSWOW64\libssh2.dll
2014-04-23 16:15:09 ----AS---- C:\Windows\SYSWOW64\librtmp.dll
2014-04-23 16:15:09 ----AS---- C:\Windows\SYSWOW64\libidn-11.dll
2014-04-23 16:15:09 ----AS---- C:\Windows\SYSWOW64\libeay32.dll
2014-04-23 16:15:08 ----AS---- C:\Windows\SYSWOW64\libcurl-4.dll
2014-04-23 16:15:08 ----AS---- C:\Windows\SYSWOW64\cudart32_50_35.dll
2014-04-15 20:12:31 ----A---- C:\Windows\system32\drivers\wStLibG64.sys
2014-04-15 18:55:51 ----D---- C:\Program Files (x86)\WebSpades
2014-04-15 18:43:06 ----D---- C:\Users\Honza\AppData\Roaming\Copernic
2014-04-15 18:43:06 ----D---- C:\ProgramData\Copernic
2014-04-11 21:19:59 ----D---- C:\Program Files (x86)\ASIO4ALL v2
2014-04-11 21:19:50 ----D---- C:\Program Files (x86)\VstPlugins
2014-04-11 21:19:50 ----A---- C:\Windows\SYSWOW64\rewire.dll
2014-04-11 21:19:32 ----D---- C:\Users\Honza\AppData\Roaming\Image-Line
2014-04-11 21:19:30 ----D---- C:\Program Files\Image-Line
2014-04-11 21:19:15 ----D---- C:\Users\Honza\AppData\Roaming\FlowStone
2014-04-11 21:19:14 ----D---- C:\Program Files (x86)\DSPRobotics
2014-04-11 21:16:02 ----D---- C:\Program Files (x86)\Image-Line

======List of files/folders modified in the last 1 month======

2014-05-03 17:16:48 ----D---- C:\Program Files\trend micro
2014-05-03 17:16:09 ----D---- C:\Users\Honza\AppData\Roaming\BitTorrent
2014-05-03 16:45:23 ----D---- C:\Windows\Temp
2014-05-03 16:06:55 ----D---- C:\Windows\system32\drivers
2014-05-03 16:06:55 ----D---- C:\ProgramData
2014-05-03 15:37:20 ----D---- C:\Windows\System32
2014-05-03 15:37:20 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-05-03 15:33:30 ----D---- C:\Windows
2014-05-03 15:33:30 ----A---- C:\Windows\system.ini
2014-05-03 15:33:14 ----D---- C:\Windows\system32\drivers\etc
2014-05-03 15:32:03 ----D---- C:\Windows\system32\config
2014-05-03 15:29:23 ----D---- C:\Windows\SYSWOW64\drivers
2014-05-03 15:29:23 ----D---- C:\Windows\SysWOW64
2014-05-03 15:29:23 ----D---- C:\Windows\AppPatch
2014-05-03 15:29:22 ----D---- C:\Program Files (x86)\Common Files
2014-05-03 15:19:54 ----SHD---- C:\System Volume Information
2014-05-02 20:33:21 ----D---- C:\Users\Honza\AppData\Roaming\Skype
2014-05-02 18:46:07 ----RD---- C:\Program Files
2014-05-02 18:46:07 ----D---- C:\Windows\system32\Tasks
2014-05-02 18:45:36 ----D---- C:\Config.Msi
2014-05-02 18:44:57 ----SHD---- C:\Windows\Installer
2014-05-02 18:42:07 ----D---- C:\Windows\inf
2014-05-02 18:12:43 ----D---- C:\Windows\system32\DriverStore
2014-05-02 18:12:43 ----D---- C:\Windows\system32\catroot
2014-05-02 18:02:48 ----D---- C:\Windows\Prefetch
2014-05-02 18:02:47 ----RD---- C:\Program Files (x86)
2014-05-02 16:51:10 ----D---- C:\Windows\system32\catroot2
2014-05-02 16:49:09 ----D---- C:\Windows\Tasks
2014-05-02 10:06:25 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-04-28 20:28:19 ----D---- C:\Users\Honza\AppData\Roaming\Winamp
2014-04-23 19:41:40 ----D---- C:\TEMP
2014-04-17 11:59:54 ----D---- C:\Windows\winsxs
2014-04-16 10:20:05 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-04-15 18:37:44 ----D---- C:\Program Files\Common Files\Microsoft Shared
2014-04-14 23:25:30 ----D---- C:\Users\Honza\AppData\Roaming\DAEMON Tools Lite
2014-04-14 23:25:29 ----D---- C:\Windows\Logs
2014-04-11 14:01:59 ----D---- C:\Program Files (x86)\Activision
2014-04-10 15:01:50 ----A---- C:\Windows\SYSWOW64\PnkBstrA.exe
2014-04-10 15:01:42 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2014-04-10 14:41:48 ----D---- C:\Users\Honza\AppData\Roaming\GarenaPlus
2014-04-10 14:41:48 ----D---- C:\ProgramData\GarenaMessenger
2014-04-10 14:41:34 ----D---- C:\Program Files (x86)\Garena Plus

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-03-29 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-03-29 208928]
R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2010-01-27 115312]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-03-29 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-03-29 1039096]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-03-29 423240]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-12-27 283200]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-03-29 79184]
R3 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-03-29 84816]
R3 CompFilter64;UVCCompositeFilter; C:\Windows\system32\DRIVERS\lvbflt64.sys [2012-09-21 24608]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-03-26 2307616]
R3 LVRS64;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs64.sys [2012-09-21 351520]
R3 LVUVC64;Logitech HD Webcam C510(UVC); C:\Windows\system32\DRIVERS\lvuvc64.sys [2012-09-21 4763680]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2012-12-19 194488]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2013-12-27 39200]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-03-04 346144]
R3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\Windows\system32\DRIVERS\xusb21.sys [2009-08-13 73984]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2013-06-04 103448]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys []
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2013-02-06 203544]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Users\Honza\Downloads\TuneUpPortable1\APP\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys []
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 usbrndis6;Adaptér USB RNDIS6; C:\Windows\system32\DRIVERS\usb80236.sys [2013-02-12 19968]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2011-02-17 14464]
S3 WinUsb;SAMSUNG Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-03-29 50344]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-02-05 1593632]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-02-05 16941856]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-03-04 922968]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2014-04-10 76888]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-02 257712]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-03-20 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-12-27 1255736]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

#22 Příspěvek od **Márty84** » 03 kvě 2014 16:28

Jeste jeden sken a budem mazat.

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

toox · #23 Příspěvek od **toox** » 03 kvě 2014 17:13

OTL Extras logfile created on: 3.5.2014 17:35:41 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Honza\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,99 Gb Total Physical Memory | 2,08 Gb Available Physical Memory | 51,99% Memory free
7,98 Gb Paging File | 5,95 Gb Available in Paging File | 74,58% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,41 Gb Total Space | 468,76 Gb Free Space | 50,33% Space Free | Partition Type: NTFS

Computer Name: HONZA-PC | User Name: Honza | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1379411598-525497723-484556184-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office 2007\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office 2007\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{2547633F-FD1E-4D14-A6AE-C50BBC1797B7}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{36998759-E3CA-4EA2-8EE5-637867CAE303}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{6818BDFA-4EDB-4138-BC67-F85CF1EEEE3A}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{946CF733-5FDF-44EF-8E8A-1970B28D8CC1}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office 2007\office12\outlook.exe |
"{CA642421-C042-4D1A-ACCD-5FC8A1A802BC}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{F0E801B1-D52E-4E49-BF7D-7701C087653A}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{FF9A42B2-927B-44F1-8C5B-21650BE29C3F}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{057CD502-064F-4D93-8115-BC4ED7ADF3C3}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\acbmp.exe |
"{16452542-C4F7-4E6C-9F84-AE26BD00BB72}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\tom clancy's splinter cell® blacklist™\src\system\blacklist_dx11_game.exe |
"{37A887D9-D671-49AB-BB64-2EF1B88CFD7F}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\tom clancy's splinter cell® blacklist™\src\system\blacklist_game.exe |
"{3C4FC53B-B2B4-465D-823D-B056CBCC8114}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\acbmp.exe |
"{49D64E06-A434-4D3E-A352-2524E369E510}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{56422133-A2FB-4AC7-BEDF-20DAE9A4B4E1}" = protocol=6 | dir=in | app=c:\program files (x86)\nfs mw 12\need for speed most wanted 2012\nfs13.exe |
"{5739205F-0198-402C-A455-868278D6CF54}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{66FEE370-87F1-4C8C-9FBF-881264F2DA02}" = dir=in | app=c:\program files (x86)\garena plus\room\garena_room.exe |
"{69FEC0A3-35B2-4593-845A-7901D3BFD665}" = protocol=17 | dir=in | app=c:\users\honza\appdata\roaming\bittorrent\bittorrent.exe |
"{7DEE2606-27E4-4626-BEA3-FE6E0F0B8F53}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\assassinscreedbrotherhood.exe |
"{81277BB2-4BEC-4F55-9980-D0B5863C6C6E}" = protocol=6 | dir=in | app=c:\users\honza\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{820EF4D3-217C-43B3-BC6B-3443FB50C3D4}" = dir=in | app=c:\program files (x86)\garena plus\ggdllhost.exe |
"{8EB0245B-A74F-4E32-A2CB-39F5CDD16F2B}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\tom clancy's splinter cell® blacklist™\src\system\blacklist_dx11_game.exe |
"{9625FB99-5145-4D72-A770-E9133081B2F5}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\tom clancy's splinter cell® blacklist™\blacklist_launcher.exe |
"{A21203EF-E766-4B90-9813-5C3AF42BF8A0}" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"{A5A53FA4-A759-41FA-8F69-DB5A04B7B445}" = protocol=17 | dir=in | app=c:\program files (x86)\2k sports\nba 2k14\nba2k14.exe |
"{A8F53C45-B545-45A7-991F-D453DCE2072C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B7BA82E5-264B-4132-9AC4-3EB42122AC14}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\acbsp.exe |
"{BE887F4E-4C34-44C0-BCFD-592A6A43E4D1}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{C014F719-C459-4B62-9065-33D751911CBE}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\tom clancy's splinter cell® blacklist™\src\system\blacklist_game.exe |
"{C1D360C5-278B-4A67-83D3-0BD91CE2E82A}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{C1F6A90A-A22F-4AB9-BC20-5B4538D937A9}" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{D55BA0FB-08F5-4DB2-BA5D-FCD3C101DBF2}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\tom clancy's splinter cell® blacklist™\src\system\gu.exe |
"{D9793D20-AEF0-431C-B739-912788D06965}" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{DBCE76CF-75D0-495D-9199-7B330F71715E}" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"{E57ABE73-5904-4601-849C-1A536D8C563B}" = dir=in | app=c:\windows\syswow64\rundll32.exe |
"{EA1C24C6-D95C-4585-A048-136474646EEB}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\uplaybrowser.exe |
"{EAC13163-F2D0-461D-B50F-76360A23FDBC}" = protocol=17 | dir=in | app=c:\users\honza\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{EAF4BF82-E935-470E-B877-CA2A2D0F19EC}" = protocol=6 | dir=in | app=c:\users\honza\appdata\roaming\bittorrent\bittorrent.exe |
"{ED531F6A-6295-4579-AA6D-A200617A8BDA}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\tom clancy's splinter cell® blacklist™\src\system\gu.exe |
"{F6A45BF9-AA2E-4681-B08F-EC1887BA54C0}" = protocol=6 | dir=in | app=c:\program files (x86)\2k sports\nba 2k14\nba2k14.exe |
"{F6A57AAC-3DD0-4937-B3A9-90CCA77422CC}" = protocol=17 | dir=in | app=c:\program files (x86)\nfs mw 12\need for speed most wanted 2012\nfs13.exe |
"{F984B721-652B-49FD-A833-CB7916E13FA7}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\assassinscreedbrotherhood.exe |
"{FB11E40E-4B30-4ED0-A135-38C94C912C7E}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\acbsp.exe |
"{FCE10FCF-515A-402E-8984-4B968664493F}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\tom clancy's splinter cell® blacklist™\blacklist_launcher.exe |
"{FF4AA53D-91D8-4D05-BD23-1844254BD976}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\uplaybrowser.exe |
"TCP Query User{5C85D8C1-D972-4E3A-B8C3-825999DF5E0D}C:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |
"TCP Query User{742D6BFA-7CD1-455F-9EDF-A33346D07820}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{80226EDF-CA62-4C09-8676-1C4C58122382}C:\program files\onone software\perfect effects 4\perfect effects 4.exe" = protocol=6 | dir=in | app=c:\program files\onone software\perfect effects 4\perfect effects 4.exe |
"TCP Query User{8C334242-962B-4D4D-9B4E-2E6C18C0F9CF}C:\program files\onone software\perfect effects 4\perfect effects 4.exe" = protocol=6 | dir=in | app=c:\program files\onone software\perfect effects 4\perfect effects 4.exe |
"TCP Query User{AC890508-A04B-49E7-A5AE-E82773934AE8}C:\program files (x86)\garena plus\bbtalk\bbtalk.exe" = protocol=6 | dir=in | app=c:\program files (x86)\garena plus\bbtalk\bbtalk.exe |
"TCP Query User{AD4A209E-BA14-4599-A47F-9F7FD3462180}C:\program files (x86)\ubisoft\assassin's creed brotherhood\acbsp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\acbsp.exe |
"TCP Query User{C9928B1A-FB63-4298-B3E8-62406711023F}C:\windows\syswow64\javaw.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\javaw.exe |
"TCP Query User{CE942AD7-EE5D-431D-999B-6DEC4C42B4E1}C:\program files\totalcmd\totalcmd64.exe" = protocol=6 | dir=in | app=c:\program files\totalcmd\totalcmd64.exe |
"TCP Query User{D01E023D-76A9-406F-B084-306AC9F08487}C:\program files (x86)\fifa 14 cz v1.4.0.0 - reapck by danik1b9\fifa14.exe" = protocol=6 | dir=in | app=c:\program files (x86)\fifa 14 cz v1.4.0.0 - reapck by danik1b9\fifa14.exe |
"TCP Query User{E807C801-7956-431D-ACDD-8241CC6AF180}C:\program files (x86)\mortal kombat komplete edition\disccontentpc\mkke.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mortal kombat komplete edition\disccontentpc\mkke.exe |
"TCP Query User{FFB05FF6-0F38-431A-A18A-7DF39DE4E36A}C:\program files (x86)\garena plus\room\garena_room.exe" = protocol=6 | dir=in | app=c:\program files (x86)\garena plus\room\garena_room.exe |
"UDP Query User{047486DE-B09D-4F4F-AAB5-B7ED09202152}C:\program files (x86)\mortal kombat komplete edition\disccontentpc\mkke.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mortal kombat komplete edition\disccontentpc\mkke.exe |
"UDP Query User{0C26E5D9-10ED-426F-A111-BDFE084888D3}C:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |
"UDP Query User{217BD54A-ED1C-4549-9164-2DB219E143F5}C:\program files (x86)\garena plus\room\garena_room.exe" = protocol=17 | dir=in | app=c:\program files (x86)\garena plus\room\garena_room.exe |
"UDP Query User{404A19BF-E29F-48E5-9C9C-8DF92D0BC1E3}C:\program files (x86)\fifa 14 cz v1.4.0.0 - reapck by danik1b9\fifa14.exe" = protocol=17 | dir=in | app=c:\program files (x86)\fifa 14 cz v1.4.0.0 - reapck by danik1b9\fifa14.exe |
"UDP Query User{540FFC3D-0512-447A-A1F7-5BA042B88E66}C:\windows\syswow64\javaw.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\javaw.exe |
"UDP Query User{6FA5CC03-7A76-4301-AC38-D36530DC5B05}C:\program files\onone software\perfect effects 4\perfect effects 4.exe" = protocol=17 | dir=in | app=c:\program files\onone software\perfect effects 4\perfect effects 4.exe |
"UDP Query User{76C76728-E4E7-4132-9BF8-2215D71EB41B}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{79AF41D9-8DA3-41ED-8AE3-50B9F948FEF5}C:\program files (x86)\ubisoft\assassin's creed brotherhood\acbsp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\acbsp.exe |
"UDP Query User{7FBDDC72-4A10-4808-B68E-01D0C5417B59}C:\program files\onone software\perfect effects 4\perfect effects 4.exe" = protocol=17 | dir=in | app=c:\program files\onone software\perfect effects 4\perfect effects 4.exe |
"UDP Query User{F70775A6-E40D-4D83-B7FC-ED8298178B0C}C:\program files (x86)\garena plus\bbtalk\bbtalk.exe" = protocol=17 | dir=in | app=c:\program files (x86)\garena plus\bbtalk\bbtalk.exe |
"UDP Query User{FA2E753C-4E44-4754-9D4B-B143796A390A}C:\program files\totalcmd\totalcmd64.exe" = protocol=17 | dir=in | app=c:\program files\totalcmd\totalcmd64.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{083808D6-6235-37A8-82C1-98D226EB681F}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60830
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{30048BC0-4093-11E1-9406-F04DA23A5C58}" = Vegas Pro 11.0 (64-bit)
"{331F3940-4093-11E1-9565-F04DA23A5C58}" = MSVCRT Redists
"{3C28BFD4-90C7-3138-87EF-418DC16E9598}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 335.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 335.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.8.2.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Ovladač řídící jednotky 3D Vision 335.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.13.1220
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 11.10.13
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamC" = GeForce Experience NvStream Client Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovladač HD audia 1.3.23.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 11.10.13
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.20
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{E6B7BD80-A921-4C72-A68B-44A9EB438BE4}" = Microsoft IntelliType Pro 7.1
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"Defraggler" = Defraggler
"doPDF 7 printer_is1" = doPDF 7.3 printer
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"Totalcmd64" = Total Commander 64-bit (Remove or Repair)
"WinRAR archiver" = WinRAR 5.01 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{26A24AE4-039D-4CA4-87B4-2F83217051FF}" = Java 7 Update 51
"{2A83AD05-56E6-3FBD-8752-B4143162EF59}" = Google Talk Plugin
"{385E6A4D-A440-43E2-9BAF-A012FB5FC2E2}" = Perfect Effects 4.0.1
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = Gigabyte Raid Configurer
"{3BD633E0-4BF8-4499-9149-88F0767D449C}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth
"{4FE0545A-1BF3-4B9B-A044-6E1EE719E197}" = NBA 2K14
"{50AF8559-F490-381F-A6E7-06A07DE227DC}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60830
"{56D4499E-AC3E-4B8D-91C9-C700C148C44B}" = Google Drive
"{5B65A92F-CDE2-D1F3-3963-BB6CA4942540}_is1" = Minecraft free launcher version for Windows
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6C772996-BFF3-3C8C-860B-B3D48FF05D65}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106
"{6e8f74e0-43bd-4dce-8477-6ff6828acc07}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.14
"{80407BA7-7763-4395-AB98-5233F1B34E65}" = NVIDIA PhysX
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{84CFA690-937F-4F95-B4FC-F7AE3251431D}" = Chicago 1930
"{8503C901-85D7-4262-88D2-8D8B2A7B08B8}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Patch
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8e70e4e1-06d7-470b-9f74-a51bef21088e}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{9F012408-04EC-4989-932F-4C096117D2DD}_is1" = Mortal Kombat Komplete Edition
"{A0087DDE-69D0-11E2-AD57-43CA6188709B}" = Adobe AIR
"{A6356F2F-D3E1-4D83-9AA2-72871DD0C298}" = Tom Clancy's Splinter Cell® Blacklist™
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{BE4BA698-8533-4F77-9559-C7F3F78C0B05}" = Assassin's Creed Brotherhood
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"{FB0127F3-985B-44CE-AE29-378CAF60B361}" = Need for Speed™ Most Wanted
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"AC3Filter_is1" = AC3Filter 2.5b
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 12 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 13 Plugin
"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE v.6.83
"ASIO4ALL" = ASIO4ALL
"avast" = avast! Free Antivirus
"Call of Duty Modern Warfare 2_is1" = Call of Duty Modern Warfare 2
"DAEMON Tools Lite" = DAEMON Tools Lite
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Fifa 14 CZ v1.4.0.0 - Reapck by Danik1B9_is1" = Fifa 14 CZ v1.4.0.0 - Reapck by Danik1B9
"FL Studio 11" = FL Studio 11
"FlowStone" = FlowStone FL 3.0
"Foxit Reader_is1" = Foxit Reader
"Fraps" = Fraps (remove only)
"GOM Player" = GOM Player
"HyperCam 3" = HyperCam 3
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"IL Download Manager" = IL Download Manager
"IL Shared Libraries" = IL Shared Libraries
"InstallShield_{3BD633E0-4BF8-4499-9149-88F0767D449C}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{8503C901-85D7-4262-88D2-8D8B2A7B08B8}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"IrfanView" = IrfanView (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.75.0.1300
"Mozilla Firefox 28.0 (x86 cs)" = Mozilla Firefox 28.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"OpenAL" = OpenAL
"PSPad editor_is1" = PSPad editor
"PunkBusterSvc" = PunkBuster Services
"RjEyMDEz_is1" = F1 2013
"SmartPCRecorder" = Smart PC Recorder - by freebird
"Tony Hawks Pro Skater HD_is1" = Tony Hawks Pro Skater HD
"Uplay" = Uplay
"virtualPhotographer_is1" = virtualPhotographer 1.5.6
"Winamp" = Winamp

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1379411598-525497723-484556184-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"7f4182272b52fd8f" = CZShare Manager
"BitTorrent" = BitTorrent

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 3.5.2014 7:46:17 | Computer Name = Honza-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error - 3.5.2014 7:46:17 | Computer Name = Honza-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error - 3.5.2014 7:46:17 | Computer Name = Honza-PC | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Uvolnění řetězců čítačů výkonu pro službu WmiApRpl (WmiApRpl) se nezdařilo.
První hodnota DWORD v datové oblasti obsahuje kód chyby.

Error - 3.5.2014 9:20:51 | Computer Name = Honza-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error - 3.5.2014 9:20:52 | Computer Name = Honza-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error - 3.5.2014 9:20:52 | Computer Name = Honza-PC | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Uvolnění řetězců čítačů výkonu pro službu WmiApRpl (WmiApRpl) se nezdařilo.
První hodnota DWORD v datové oblasti obsahuje kód chyby.

Error - 3.5.2014 9:32:07 | Computer Name = Honza-PC | Source = C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe | ID = 131073
Description =

Error - 3.5.2014 9:37:17 | Computer Name = Honza-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error - 3.5.2014 9:37:17 | Computer Name = Honza-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error - 3.5.2014 9:37:17 | Computer Name = Honza-PC | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Uvolnění řetězců čítačů výkonu pro službu WmiApRpl (WmiApRpl) se nezdařilo.
První hodnota DWORD v datové oblasti obsahuje kód chyby.

[ System Events ]
Error - 3.5.2014 7:40:26 | Computer Name = Honza-PC | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 3.5.2014 9:17:19 | Computer Name = Honza-PC | Source = DCOM | ID = 10005
Description =

Error - 3.5.2014 9:17:19 | Computer Name = Honza-PC | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby Windows Search bylo dosaženo časového
limitu (30000 ms).

Error - 3.5.2014 9:17:19 | Computer Name = Honza-PC | Source = Service Control Manager | ID = 7000
Description = Služba Windows Search neuspěla při spuštění v důsledku následující
chyby: %%1053

Error - 3.5.2014 9:17:28 | Computer Name = Honza-PC | Source = WMPNetworkSvc | ID = 866300
Description =

Error - 3.5.2014 9:26:00 | Computer Name = Honza-PC | Source = Application Popup | ID = 1060
Description = Načtení \??\C:\ComboFix\catchme.sys bylo zablokováno kvůli nekompatibilitě
s tímto systémem. Požádejte dodavatele softwaru o kompatibilní verzi ovladače.

Error - 3.5.2014 9:26:00 | Computer Name = Honza-PC | Source = Application Popup | ID = 1060
Description = Načtení \??\C:\ComboFix\catchme.sys bylo zablokováno kvůli nekompatibilitě
s tímto systémem. Požádejte dodavatele softwaru o kompatibilní verzi ovladače.

Error - 3.5.2014 9:29:17 | Computer Name = Honza-PC | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 3.5.2014 9:31:54 | Computer Name = Honza-PC | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 3.5.2014 9:31:59 | Computer Name = Honza-PC | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

< End of report >

OTL logfile created on: 3.5.2014 17:35:41 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Honza\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,99 Gb Total Physical Memory | 2,08 Gb Available Physical Memory | 51,99% Memory free
7,98 Gb Paging File | 5,95 Gb Available in Paging File | 74,58% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,41 Gb Total Space | 468,76 Gb Free Space | 50,33% Space Free | Partition Type: NTFS

Computer Name: HONZA-PC | User Name: Honza | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014.05.03 17:32:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Honza\Downloads\OTL.exe
PRC - [2014.05.02 10:06:25 | 001,864,368 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe
PRC - [2014.04.30 09:13:18 | 000,900,696 | ---- | M] (BitTorrent Inc.) -- C:\Users\Honza\AppData\Roaming\BitTorrent\BitTorrent.exe
PRC - [2014.04.10 15:01:50 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2014.03.29 21:08:51 | 003,854,640 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014.03.29 21:08:51 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014.03.20 13:09:44 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2014.02.05 11:32:47 | 002,234,144 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2014.02.05 11:32:34 | 001,593,632 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

========== Modules (No Company Name) ==========

MOD - [2014.05.02 10:06:25 | 016,351,920 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll
MOD - [2014.03.29 21:08:51 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2014.03.20 13:09:43 | 003,642,480 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

========== Services (SafeList) ==========

SRV:64bit: - [2014.03.29 21:08:51 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2014.02.05 11:32:24 | 016,941,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2014.05.02 10:06:25 | 000,257,712 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014.04.10 15:01:50 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2014.03.20 13:09:43 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014.02.05 11:32:34 | 001,593,632 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2014.03.29 21:08:52 | 001,039,096 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2014.03.29 21:08:52 | 000,423,240 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2014.03.29 21:08:52 | 000,208,928 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2014.03.29 21:08:52 | 000,093,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2014.03.29 21:08:52 | 000,084,816 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm)
DRV:64bit: - [2014.03.29 21:08:52 | 000,079,184 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2014.03.29 21:08:52 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013.12.27 20:42:26 | 000,039,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2013.06.04 09:15:02 | 000,103,448 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2013.02.12 06:12:06 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2013.02.12 06:12:05 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb80236.sys -- (usbrndis6)
DRV:64bit: - [2013.02.06 07:42:10 | 000,203,544 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2012.12.27 22:05:56 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012.12.19 07:41:52 | 000,194,488 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012.09.21 21:04:24 | 000,024,608 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvbflt64.sys -- (CompFilter64)
DRV:64bit: - [2012.09.21 21:04:22 | 004,763,680 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64)
DRV:64bit: - [2012.09.21 21:04:22 | 000,351,520 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2012.08.23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 16:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.02.17 02:53:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.03.04 15:43:00 | 000,346,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010.01.27 10:58:38 | 000,115,312 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID)
DRV:64bit: - [2009.08.13 22:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.03.18 18:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1379411598-525497723-484556184-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-1379411598-525497723-484556184-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1379411598-525497723-484556184-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-1379411598-525497723-484556184-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1379411598-525497723-484556184-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "https://www.facebook.com/"
FF - prefs.js..extensions.enabledAddons: youtubemp3podcaster%40jeremy.d.gregorio.com:3.2.8
FF - prefs.js..extensions.enabledAddons: %7Bbee6eb20-01e0-ebd1-da83-080329fb9a3a%7D:1.54
FF - prefs.js..extensions.enabledAddons: %7B37fa1426-b82d-11db-8314-0800200c9a66%7D:3.3.16
FF - prefs.js..extensions.enabledAddons: %7B7b1bf0b6-a1b9-42b0-b75d-252036438bdc%7D:8.2
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:28.0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@t.garena.com/garenatalk: C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll ( Garena)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Honza\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Honza\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Honza\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Honza\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Honza\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Trials Evolution Gold Edition\datapack\orbit\npuplaypc.dll (Ubisoft)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014.03.20 13:09:35 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{b9aa91db-385d-4c69-8a2f-96790aa9405b}: c:\program files (x86)\copernic\desktopsearch4\firefoxconnector

[2012.12.27 20:39:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Honza\AppData\Roaming\Mozilla\Extensions
[2014.05.03 00:02:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\c7qdeahl.default-1390425784843\extensions
[2014.04.24 20:07:03 | 000,000,000 | ---D | M] (Flash and Video Download) -- C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\c7qdeahl.default-1390425784843\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}
[2014.03.19 19:47:42 | 000,000,000 | ---D | M] (Youtube MP3 Podcaster) -- C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\c7qdeahl.default-1390425784843\extensions\youtubemp3podcaster@jeremy.d.gregorio.com
[2014.04.27 11:53:10 | 000,217,853 | ---- | M] () (No name found) -- C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\c7qdeahl.default-1390425784843\extensions\{37fa1426-b82d-11db-8314-0800200c9a66}.xpi
[2014.05.03 00:02:42 | 000,059,970 | ---- | M] () (No name found) -- C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\c7qdeahl.default-1390425784843\extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi
[2014.02.13 18:37:15 | 000,019,530 | ---- | M] () (No name found) -- C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\c7qdeahl.default-1390425784843\extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi
[2014.02.21 17:57:18 | 000,384,579 | ---- | M] () (No name found) -- C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\c7qdeahl.default-1390425784843\extensions\{c8d3bc80-0810-4d21-a2c2-be5f2b2832ac}.xpi
[2014.05.01 19:42:04 | 000,957,880 | ---- | M] () (No name found) -- C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\c7qdeahl.default-1390425784843\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014.03.20 13:09:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014.03.20 13:09:44 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

O1 HOSTS File: ([2014.05.03 15:33:14 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [itype] C:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()
O4 - HKU\S-1-5-21-1379411598-525497723-484556184-1000..\Run: [BitTorrent] C:\Users\Honza\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1379411598-525497723-484556184-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1379411598-525497723-484556184-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1379411598-525497723-484556184-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files (x86)\Microsoft Office 2007\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files (x86)\Microsoft Office 2007\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office 2007\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 8.8.8.8 62.129.50.20
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{352F853E-681C-4F46-870D-FEFB5989BC75}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7BAF1024-5AF0-4AA6-B66A-D571EBA383BC}: DhcpNameServer = 8.8.8.8 62.129.50.20
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{82AFDF49-4714-4A59-8F23-08F40BB6D7E8}: DhcpNameServer = 192.168.42.129
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

Drivers32:64bit: msacm.ac3filter - ac3filter64.acm ()
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32:64bit: vidc.i420 - lvcod64.dll (Logitech Inc.)
Drivers32: msacm.ac3filter - C:\Windows\SysWow64\ac3filter.acm ()
Drivers32: msacm.divxa32 - C:\Windows\SysWow64\msaud32_divx.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.vorbis - C:\Windows\SysWow64\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)
Drivers32: vidc.i420 - C:\Windows\SysWow64\lvcodec2.dll (Logitech Inc.)
Drivers32: vidc.VP60 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2014.05.03 16:06:55 | 000,119,000 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014.05.03 16:06:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
[2014.05.03 16:06:36 | 000,091,352 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014.05.03 16:06:34 | 000,000,000 | ---D | C] -- C:\Users\Honza\Desktop\mbar
[2014.05.03 16:06:22 | 012,589,848 | ---- | C] (Malwarebytes Corp.) -- C:\Users\Honza\Desktop\mbar-1.07.0.1009.exe
[2014.05.03 15:33:27 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2014.05.03 13:31:30 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2014.05.03 13:31:30 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2014.05.03 13:31:30 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2014.05.03 13:31:22 | 000,000,000 | ---D | C] -- C:\Qoobox
[2014.05.03 13:31:07 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2014.05.03 00:25:43 | 000,000,000 | ---D | C] -- C:\Users\Honza\AppData\Local\CrashDumps
[2014.05.02 20:08:39 | 000,000,000 | ---D | C] -- C:\Users\Honza\Desktop\RK_Quarantine
[2014.05.02 17:56:28 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014.05.02 13:42:49 | 000,000,000 | ---D | C] -- C:\rsit
[2014.04.28 19:44:05 | 000,000,000 | ---D | C] -- C:\Users\Honza\Desktop\zaloha
[2014.04.24 11:23:17 | 000,000,000 | ---D | C] -- C:\Users\Honza\AppData\Roaming\.minecraft
[2014.04.24 11:22:59 | 000,000,000 | ---D | C] -- C:\Users\Honza\Desktop\KN Launcher
[2014.04.24 11:16:16 | 000,000,000 | ---D | C] -- C:\Users\Honza\Documents\libraries
[2014.04.23 16:16:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft free launcher
[2014.04.23 16:16:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Minecraft free launcher
[2014.04.23 16:15:09 | 001,704,448 | --S- | C] (The OpenSSL Project, http://www.openssl.org/) -- C:\Windows\SysWow64\libeay32.dll
[2014.04.23 16:15:09 | 000,364,544 | --S- | C] (The OpenSSL Project, http://www.openssl.org/) -- C:\Windows\SysWow64\ssleay32.dll
[2014.04.23 16:15:09 | 000,171,008 | --S- | C] (The libssh2 library, http://www.libssh2.org/) -- C:\Windows\SysWow64\libssh2.dll
[2014.04.23 16:15:09 | 000,119,888 | --S- | C] (Open Source Software community LGPL) -- C:\Windows\SysWow64\pthreadGC2.dll
[2014.04.23 16:15:09 | 000,055,808 | --S- | C] (Open Source Software community LGPL) -- C:\Windows\SysWow64\pthreadVC2.dll
[2014.04.23 16:15:09 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\bitstreams
[2014.04.23 16:15:08 | 000,472,424 | --S- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\cudart32_50_35.dll
[2014.04.15 20:12:31 | 000,061,112 | ---- | C] (StdLib) -- C:\Windows\SysNative\drivers\wStLibG64.sys
[2014.04.15 18:55:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WebSpades
[2014.04.15 18:43:06 | 000,000,000 | ---D | C] -- C:\Users\Honza\AppData\Roaming\Copernic
[2014.04.15 18:43:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Copernic
[2014.04.15 18:38:36 | 000,000,000 | ---D | C] -- C:\Users\Honza\AppData\Local\Copernic
[2014.04.11 21:19:59 | 000,000,000 | ---D | C] -- C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
[2014.04.11 21:19:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASIO4ALL v2
[2014.04.11 21:19:50 | 001,431,552 | ---- | C] (Propellerhead Software AB) -- C:\Windows\SysWow64\rewire.dll
[2014.04.11 21:19:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VstPlugins
[2014.04.11 21:19:32 | 000,000,000 | ---D | C] -- C:\Users\Honza\AppData\Roaming\Image-Line
[2014.04.11 21:19:31 | 000,000,000 | ---D | C] -- C:\Users\Honza\Documents\Image-Line
[2014.04.11 21:19:31 | 000,000,000 | ---D | C] -- C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
[2014.04.11 21:19:30 | 000,000,000 | ---D | C] -- C:\Program Files\Image-Line
[2014.04.11 21:19:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line
[2014.04.11 21:19:21 | 001,554,944 | ---- | C] (HMS http://hp.vector.co.jp/authors/VA012897/) -- C:\Windows\SysWow64\vorbis.acm
[2014.04.11 21:19:15 | 000,000,000 | ---D | C] -- C:\Users\Honza\AppData\Roaming\FlowStone
[2014.04.11 21:19:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DSPRobotics
[2014.04.11 21:16:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Image-Line
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014.05.03 17:37:15 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.05.03 16:06:55 | 000,119,000 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014.05.03 16:06:36 | 000,091,352 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014.05.03 16:06:25 | 012,589,848 | ---- | M] (Malwarebytes Corp.) -- C:\Users\Honza\Desktop\mbar-1.07.0.1009.exe
[2014.05.03 15:40:30 | 000,020,128 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.05.03 15:40:30 | 000,020,128 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.05.03 15:37:20 | 006,974,354 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2014.05.03 15:37:20 | 002,824,668 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014.05.03 15:37:20 | 002,273,166 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2014.05.03 15:37:20 | 002,193,620 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014.05.03 15:37:20 | 000,006,440 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014.05.03 15:33:14 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2014.05.03 15:32:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.05.03 15:32:41 | 3214,532,608 | -HS- | M] () -- C:\hiberfil.sys
[2014.05.03 15:19:33 | 000,000,003 | ---- | M] () -- C:\Users\Honza\stut
[2014.05.02 22:48:46 | 000,000,132 | ---- | M] () -- C:\Users\Honza\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
[2014.05.02 20:08:20 | 003,972,608 | ---- | M] () -- C:\Users\Honza\Desktop\RogueKiller.exe
[2014.05.02 17:56:09 | 001,310,621 | ---- | M] () -- C:\Users\Honza\Desktop\adwcleaner.exe
[2014.05.02 16:50:43 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014.05.02 13:40:54 | 000,935,175 | ---- | M] () -- C:\Users\Honza\Desktop\RSITx64.exe
[2014.05.02 10:07:03 | 000,001,380 | ---- | M] () -- C:\Users\Honza\rgut
[2014.05.02 10:06:25 | 000,692,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014.05.02 10:06:25 | 000,070,832 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014.04.30 09:13:18 | 000,000,833 | ---- | M] () -- C:\Users\Honza\Desktop\BitTorrent.lnk
[2014.04.28 13:13:11 | 040,675,306 | ---- | M] () -- C:\Users\Honza\Documents\Dirty Russia Irina v Ostravě(Karolína)-zadarmo promo pro bizarní šunkohlavku - YouTube.mp4
[2014.04.25 09:37:14 | 004,958,336 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014.04.24 08:43:23 | 000,943,044 | ---- | M] () -- C:\Windows\SysWow64\scrypt130511GeForce GTX 460glg2tc1984w256l4.bin
[2014.04.22 19:07:09 | 000,001,080 | ---- | M] () -- C:\Users\Honza\Desktop\Google Drive.lnk
[2014.04.17 14:32:01 | 000,017,920 | ---- | M] () -- C:\Users\Honza\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014.04.15 20:12:31 | 000,061,112 | ---- | M] (StdLib) -- C:\Windows\SysNative\drivers\wStLibG64.sys
[2014.04.11 21:19:49 | 000,002,040 | ---- | M] () -- C:\Users\Public\Desktop\FL Studio 11.lnk
[2014.04.11 14:36:46 | 000,001,189 | ---- | M] () -- C:\Users\Public\Desktop\Call of Duty Modern Warfare 2 SP.lnk
[2014.04.10 15:05:33 | 000,045,270 | ---- | M] () -- C:\Users\Honza\AppData\Roaming\room_v3.dat
[2014.04.10 15:01:50 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2014.04.10 15:01:42 | 000,281,768 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2014.04.10 15:01:42 | 000,281,768 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014.05.03 17:37:15 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.05.03 13:31:30 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2014.05.03 13:31:30 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2014.05.03 13:31:30 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2014.05.03 13:31:30 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2014.05.03 13:31:30 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2014.05.02 20:08:18 | 003,972,608 | ---- | C] () -- C:\Users\Honza\Desktop\RogueKiller.exe
[2014.05.02 17:56:06 | 001,310,621 | ---- | C] () -- C:\Users\Honza\Desktop\adwcleaner.exe
[2014.05.02 13:40:51 | 000,935,175 | ---- | C] () -- C:\Users\Honza\Desktop\RSITx64.exe
[2014.04.28 13:13:00 | 040,675,306 | ---- | C] () -- C:\Users\Honza\Documents\Dirty Russia Irina v Ostravě(Karolína)-zadarmo promo pro bizarní šunkohlavku - YouTube.mp4
[2014.04.25 09:36:58 | 004,958,336 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014.04.24 11:22:59 | 001,167,284 | ---- | C] () -- C:\Users\Honza\Desktop\KeiNett Launcher.exe
[2014.04.24 08:43:23 | 000,943,044 | ---- | C] () -- C:\Windows\SysWow64\scrypt130511GeForce GTX 460glg2tc1984w256l4.bin
[2014.04.24 08:43:13 | 000,000,003 | ---- | C] () -- C:\Users\Honza\stut
[2014.04.24 08:41:01 | 000,001,380 | ---- | C] () -- C:\Users\Honza\rgut
[2014.04.23 16:16:41 | 000,007,670 | --S- | C] () -- C:\Windows\SysWow64\mnccrssr.vbe
[2014.04.23 16:15:10 | 000,007,670 | --S- | C] () -- C:\Windows\SysWow64\mncgllsx.vbe
[2014.04.23 16:15:09 | 000,192,512 | --S- | C] () -- C:\Windows\SysWow64\libidn-11.dll
[2014.04.23 16:15:09 | 000,133,632 | --S- | C] () -- C:\Windows\SysWow64\librtmp.dll
[2014.04.23 16:15:09 | 000,100,864 | --S- | C] () -- C:\Windows\SysWow64\zlib1.dll
[2014.04.23 16:15:09 | 000,043,810 | --S- | C] () -- C:\Windows\SysWow64\poclbm130302.cl
[2014.04.23 16:15:09 | 000,023,825 | --S- | C] () -- C:\Windows\SysWow64\scrypt130511.cl
[2014.04.23 16:15:09 | 000,013,062 | --S- | C] () -- C:\Windows\SysWow64\phatk121016.cl
[2014.04.23 16:15:08 | 000,538,126 | --S- | C] () -- C:\Windows\SysWow64\libcurl-4.dll
[2014.04.23 16:15:08 | 000,044,727 | --S- | C] () -- C:\Windows\SysWow64\diablo130302.cl
[2014.04.23 16:15:08 | 000,030,802 | --S- | C] () -- C:\Windows\SysWow64\diakgcn121016.cl
[2014.04.22 19:07:09 | 000,001,080 | ---- | C] () -- C:\Users\Honza\Desktop\Google Drive.lnk
[2014.04.11 21:19:49 | 000,002,040 | ---- | C] () -- C:\Users\Public\Desktop\FL Studio 11.lnk
[2014.04.11 21:19:29 | 000,002,052 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FL Studio 11.lnk
[2014.04.11 14:36:46 | 000,001,189 | ---- | C] () -- C:\Users\Public\Desktop\Call of Duty Modern Warfare 2 SP.lnk
[2013.07.20 14:20:16 | 003,123,272 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2013.06.21 20:22:04 | 000,000,700 | -HS- | C] () -- C:\Users\Honza\AppData\Local\systemFL7.dat
[2013.06.21 20:19:49 | 000,040,960 | ---- | C] () -- C:\Windows\SysWow64\nwsftUninstall.exe
[2013.06.15 00:04:16 | 000,234,010 | ---- | C] () -- C:\Windows\SysWow64\poclbm130302GeForce GTX 460gv1w256l4.bin
[2013.06.06 18:33:14 | 001,563,616 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.06.03 21:25:07 | 000,000,132 | ---- | C] () -- C:\Users\Honza\AppData\Roaming\Adobe Formát GIF CS5 – předvolby
[2013.03.29 17:17:02 | 000,000,132 | ---- | C] () -- C:\Users\Honza\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
[2013.02.05 17:52:54 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2013.02.05 17:52:50 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2013.02.05 17:52:50 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2013.02.05 17:52:50 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll

toox · #24 Příspěvek od **toox** » 03 kvě 2014 17:13

OTL Extras logfile created on: 3.5.2014 17:35:41 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Honza\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,99 Gb Total Physical Memory | 2,08 Gb Available Physical Memory | 51,99% Memory free
7,98 Gb Paging File | 5,95 Gb Available in Paging File | 74,58% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,41 Gb Total Space | 468,76 Gb Free Space | 50,33% Space Free | Partition Type: NTFS

Computer Name: HONZA-PC | User Name: Honza | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1379411598-525497723-484556184-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office 2007\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office 2007\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{2547633F-FD1E-4D14-A6AE-C50BBC1797B7}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{36998759-E3CA-4EA2-8EE5-637867CAE303}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{6818BDFA-4EDB-4138-BC67-F85CF1EEEE3A}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{946CF733-5FDF-44EF-8E8A-1970B28D8CC1}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office 2007\office12\outlook.exe |
"{CA642421-C042-4D1A-ACCD-5FC8A1A802BC}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{F0E801B1-D52E-4E49-BF7D-7701C087653A}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{FF9A42B2-927B-44F1-8C5B-21650BE29C3F}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{057CD502-064F-4D93-8115-BC4ED7ADF3C3}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\acbmp.exe |
"{16452542-C4F7-4E6C-9F84-AE26BD00BB72}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\tom clancy's splinter cell® blacklist™\src\system\blacklist_dx11_game.exe |
"{37A887D9-D671-49AB-BB64-2EF1B88CFD7F}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\tom clancy's splinter cell® blacklist™\src\system\blacklist_game.exe |
"{3C4FC53B-B2B4-465D-823D-B056CBCC8114}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\acbmp.exe |
"{49D64E06-A434-4D3E-A352-2524E369E510}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{56422133-A2FB-4AC7-BEDF-20DAE9A4B4E1}" = protocol=6 | dir=in | app=c:\program files (x86)\nfs mw 12\need for speed most wanted 2012\nfs13.exe |
"{5739205F-0198-402C-A455-868278D6CF54}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{66FEE370-87F1-4C8C-9FBF-881264F2DA02}" = dir=in | app=c:\program files (x86)\garena plus\room\garena_room.exe |
"{69FEC0A3-35B2-4593-845A-7901D3BFD665}" = protocol=17 | dir=in | app=c:\users\honza\appdata\roaming\bittorrent\bittorrent.exe |
"{7DEE2606-27E4-4626-BEA3-FE6E0F0B8F53}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\assassinscreedbrotherhood.exe |
"{81277BB2-4BEC-4F55-9980-D0B5863C6C6E}" = protocol=6 | dir=in | app=c:\users\honza\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{820EF4D3-217C-43B3-BC6B-3443FB50C3D4}" = dir=in | app=c:\program files (x86)\garena plus\ggdllhost.exe |
"{8EB0245B-A74F-4E32-A2CB-39F5CDD16F2B}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\tom clancy's splinter cell® blacklist™\src\system\blacklist_dx11_game.exe |
"{9625FB99-5145-4D72-A770-E9133081B2F5}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\tom clancy's splinter cell® blacklist™\blacklist_launcher.exe |
"{A21203EF-E766-4B90-9813-5C3AF42BF8A0}" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"{A5A53FA4-A759-41FA-8F69-DB5A04B7B445}" = protocol=17 | dir=in | app=c:\program files (x86)\2k sports\nba 2k14\nba2k14.exe |
"{A8F53C45-B545-45A7-991F-D453DCE2072C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B7BA82E5-264B-4132-9AC4-3EB42122AC14}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\acbsp.exe |
"{BE887F4E-4C34-44C0-BCFD-592A6A43E4D1}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{C014F719-C459-4B62-9065-33D751911CBE}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\tom clancy's splinter cell® blacklist™\src\system\blacklist_game.exe |
"{C1D360C5-278B-4A67-83D3-0BD91CE2E82A}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{C1F6A90A-A22F-4AB9-BC20-5B4538D937A9}" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{D55BA0FB-08F5-4DB2-BA5D-FCD3C101DBF2}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\tom clancy's splinter cell® blacklist™\src\system\gu.exe |
"{D9793D20-AEF0-431C-B739-912788D06965}" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{DBCE76CF-75D0-495D-9199-7B330F71715E}" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"{E57ABE73-5904-4601-849C-1A536D8C563B}" = dir=in | app=c:\windows\syswow64\rundll32.exe |
"{EA1C24C6-D95C-4585-A048-136474646EEB}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\uplaybrowser.exe |
"{EAC13163-F2D0-461D-B50F-76360A23FDBC}" = protocol=17 | dir=in | app=c:\users\honza\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{EAF4BF82-E935-470E-B877-CA2A2D0F19EC}" = protocol=6 | dir=in | app=c:\users\honza\appdata\roaming\bittorrent\bittorrent.exe |
"{ED531F6A-6295-4579-AA6D-A200617A8BDA}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\tom clancy's splinter cell® blacklist™\src\system\gu.exe |
"{F6A45BF9-AA2E-4681-B08F-EC1887BA54C0}" = protocol=6 | dir=in | app=c:\program files (x86)\2k sports\nba 2k14\nba2k14.exe |
"{F6A57AAC-3DD0-4937-B3A9-90CCA77422CC}" = protocol=17 | dir=in | app=c:\program files (x86)\nfs mw 12\need for speed most wanted 2012\nfs13.exe |
"{F984B721-652B-49FD-A833-CB7916E13FA7}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\assassinscreedbrotherhood.exe |
"{FB11E40E-4B30-4ED0-A135-38C94C912C7E}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\acbsp.exe |
"{FCE10FCF-515A-402E-8984-4B968664493F}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\tom clancy's splinter cell® blacklist™\blacklist_launcher.exe |
"{FF4AA53D-91D8-4D05-BD23-1844254BD976}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\uplaybrowser.exe |
"TCP Query User{5C85D8C1-D972-4E3A-B8C3-825999DF5E0D}C:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |
"TCP Query User{742D6BFA-7CD1-455F-9EDF-A33346D07820}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{80226EDF-CA62-4C09-8676-1C4C58122382}C:\program files\onone software\perfect effects 4\perfect effects 4.exe" = protocol=6 | dir=in | app=c:\program files\onone software\perfect effects 4\perfect effects 4.exe |
"TCP Query User{8C334242-962B-4D4D-9B4E-2E6C18C0F9CF}C:\program files\onone software\perfect effects 4\perfect effects 4.exe" = protocol=6 | dir=in | app=c:\program files\onone software\perfect effects 4\perfect effects 4.exe |
"TCP Query User{AC890508-A04B-49E7-A5AE-E82773934AE8}C:\program files (x86)\garena plus\bbtalk\bbtalk.exe" = protocol=6 | dir=in | app=c:\program files (x86)\garena plus\bbtalk\bbtalk.exe |
"TCP Query User{AD4A209E-BA14-4599-A47F-9F7FD3462180}C:\program files (x86)\ubisoft\assassin's creed brotherhood\acbsp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\acbsp.exe |
"TCP Query User{C9928B1A-FB63-4298-B3E8-62406711023F}C:\windows\syswow64\javaw.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\javaw.exe |
"TCP Query User{CE942AD7-EE5D-431D-999B-6DEC4C42B4E1}C:\program files\totalcmd\totalcmd64.exe" = protocol=6 | dir=in | app=c:\program files\totalcmd\totalcmd64.exe |
"TCP Query User{D01E023D-76A9-406F-B084-306AC9F08487}C:\program files (x86)\fifa 14 cz v1.4.0.0 - reapck by danik1b9\fifa14.exe" = protocol=6 | dir=in | app=c:\program files (x86)\fifa 14 cz v1.4.0.0 - reapck by danik1b9\fifa14.exe |
"TCP Query User{E807C801-7956-431D-ACDD-8241CC6AF180}C:\program files (x86)\mortal kombat komplete edition\disccontentpc\mkke.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mortal kombat komplete edition\disccontentpc\mkke.exe |
"TCP Query User{FFB05FF6-0F38-431A-A18A-7DF39DE4E36A}C:\program files (x86)\garena plus\room\garena_room.exe" = protocol=6 | dir=in | app=c:\program files (x86)\garena plus\room\garena_room.exe |
"UDP Query User{047486DE-B09D-4F4F-AAB5-B7ED09202152}C:\program files (x86)\mortal kombat komplete edition\disccontentpc\mkke.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mortal kombat komplete edition\disccontentpc\mkke.exe |
"UDP Query User{0C26E5D9-10ED-426F-A111-BDFE084888D3}C:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |
"UDP Query User{217BD54A-ED1C-4549-9164-2DB219E143F5}C:\program files (x86)\garena plus\room\garena_room.exe" = protocol=17 | dir=in | app=c:\program files (x86)\garena plus\room\garena_room.exe |
"UDP Query User{404A19BF-E29F-48E5-9C9C-8DF92D0BC1E3}C:\program files (x86)\fifa 14 cz v1.4.0.0 - reapck by danik1b9\fifa14.exe" = protocol=17 | dir=in | app=c:\program files (x86)\fifa 14 cz v1.4.0.0 - reapck by danik1b9\fifa14.exe |
"UDP Query User{540FFC3D-0512-447A-A1F7-5BA042B88E66}C:\windows\syswow64\javaw.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\javaw.exe |
"UDP Query User{6FA5CC03-7A76-4301-AC38-D36530DC5B05}C:\program files\onone software\perfect effects 4\perfect effects 4.exe" = protocol=17 | dir=in | app=c:\program files\onone software\perfect effects 4\perfect effects 4.exe |
"UDP Query User{76C76728-E4E7-4132-9BF8-2215D71EB41B}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{79AF41D9-8DA3-41ED-8AE3-50B9F948FEF5}C:\program files (x86)\ubisoft\assassin's creed brotherhood\acbsp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\acbsp.exe |
"UDP Query User{7FBDDC72-4A10-4808-B68E-01D0C5417B59}C:\program files\onone software\perfect effects 4\perfect effects 4.exe" = protocol=17 | dir=in | app=c:\program files\onone software\perfect effects 4\perfect effects 4.exe |
"UDP Query User{F70775A6-E40D-4D83-B7FC-ED8298178B0C}C:\program files (x86)\garena plus\bbtalk\bbtalk.exe" = protocol=17 | dir=in | app=c:\program files (x86)\garena plus\bbtalk\bbtalk.exe |
"UDP Query User{FA2E753C-4E44-4754-9D4B-B143796A390A}C:\program files\totalcmd\totalcmd64.exe" = protocol=17 | dir=in | app=c:\program files\totalcmd\totalcmd64.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{083808D6-6235-37A8-82C1-98D226EB681F}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60830
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{30048BC0-4093-11E1-9406-F04DA23A5C58}" = Vegas Pro 11.0 (64-bit)
"{331F3940-4093-11E1-9565-F04DA23A5C58}" = MSVCRT Redists
"{3C28BFD4-90C7-3138-87EF-418DC16E9598}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 335.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 335.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.8.2.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Ovladač řídící jednotky 3D Vision 335.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.13.1220
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 11.10.13
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamC" = GeForce Experience NvStream Client Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovladač HD audia 1.3.23.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 11.10.13
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.20
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{E6B7BD80-A921-4C72-A68B-44A9EB438BE4}" = Microsoft IntelliType Pro 7.1
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"Defraggler" = Defraggler
"doPDF 7 printer_is1" = doPDF 7.3 printer
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"Totalcmd64" = Total Commander 64-bit (Remove or Repair)
"WinRAR archiver" = WinRAR 5.01 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{26A24AE4-039D-4CA4-87B4-2F83217051FF}" = Java 7 Update 51
"{2A83AD05-56E6-3FBD-8752-B4143162EF59}" = Google Talk Plugin
"{385E6A4D-A440-43E2-9BAF-A012FB5FC2E2}" = Perfect Effects 4.0.1
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = Gigabyte Raid Configurer
"{3BD633E0-4BF8-4499-9149-88F0767D449C}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth
"{4FE0545A-1BF3-4B9B-A044-6E1EE719E197}" = NBA 2K14
"{50AF8559-F490-381F-A6E7-06A07DE227DC}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60830
"{56D4499E-AC3E-4B8D-91C9-C700C148C44B}" = Google Drive
"{5B65A92F-CDE2-D1F3-3963-BB6CA4942540}_is1" = Minecraft free launcher version for Windows
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6C772996-BFF3-3C8C-860B-B3D48FF05D65}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106
"{6e8f74e0-43bd-4dce-8477-6ff6828acc07}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.14
"{80407BA7-7763-4395-AB98-5233F1B34E65}" = NVIDIA PhysX
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{84CFA690-937F-4F95-B4FC-F7AE3251431D}" = Chicago 1930
"{8503C901-85D7-4262-88D2-8D8B2A7B08B8}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Patch
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8e70e4e1-06d7-470b-9f74-a51bef21088e}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{9F012408-04EC-4989-932F-4C096117D2DD}_is1" = Mortal Kombat Komplete Edition
"{A0087DDE-69D0-11E2-AD57-43CA6188709B}" = Adobe AIR
"{A6356F2F-D3E1-4D83-9AA2-72871DD0C298}" = Tom Clancy's Splinter Cell® Blacklist™
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{BE4BA698-8533-4F77-9559-C7F3F78C0B05}" = Assassin's Creed Brotherhood
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"{FB0127F3-985B-44CE-AE29-378CAF60B361}" = Need for Speed™ Most Wanted
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"AC3Filter_is1" = AC3Filter 2.5b
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 12 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 13 Plugin
"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE v.6.83
"ASIO4ALL" = ASIO4ALL
"avast" = avast! Free Antivirus
"Call of Duty Modern Warfare 2_is1" = Call of Duty Modern Warfare 2
"DAEMON Tools Lite" = DAEMON Tools Lite
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Fifa 14 CZ v1.4.0.0 - Reapck by Danik1B9_is1" = Fifa 14 CZ v1.4.0.0 - Reapck by Danik1B9
"FL Studio 11" = FL Studio 11
"FlowStone" = FlowStone FL 3.0
"Foxit Reader_is1" = Foxit Reader
"Fraps" = Fraps (remove only)
"GOM Player" = GOM Player
"HyperCam 3" = HyperCam 3
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"IL Download Manager" = IL Download Manager
"IL Shared Libraries" = IL Shared Libraries
"InstallShield_{3BD633E0-4BF8-4499-9149-88F0767D449C}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{8503C901-85D7-4262-88D2-8D8B2A7B08B8}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"IrfanView" = IrfanView (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.75.0.1300
"Mozilla Firefox 28.0 (x86 cs)" = Mozilla Firefox 28.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"OpenAL" = OpenAL
"PSPad editor_is1" = PSPad editor
"PunkBusterSvc" = PunkBuster Services
"RjEyMDEz_is1" = F1 2013
"SmartPCRecorder" = Smart PC Recorder - by freebird
"Tony Hawks Pro Skater HD_is1" = Tony Hawks Pro Skater HD
"Uplay" = Uplay
"virtualPhotographer_is1" = virtualPhotographer 1.5.6
"Winamp" = Winamp

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1379411598-525497723-484556184-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"7f4182272b52fd8f" = CZShare Manager
"BitTorrent" = BitTorrent

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 3.5.2014 7:46:17 | Computer Name = Honza-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error - 3.5.2014 7:46:17 | Computer Name = Honza-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error - 3.5.2014 7:46:17 | Computer Name = Honza-PC | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Uvolnění řetězců čítačů výkonu pro službu WmiApRpl (WmiApRpl) se nezdařilo.
První hodnota DWORD v datové oblasti obsahuje kód chyby.

Error - 3.5.2014 9:20:51 | Computer Name = Honza-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error - 3.5.2014 9:20:52 | Computer Name = Honza-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error - 3.5.2014 9:20:52 | Computer Name = Honza-PC | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Uvolnění řetězců čítačů výkonu pro službu WmiApRpl (WmiApRpl) se nezdařilo.
První hodnota DWORD v datové oblasti obsahuje kód chyby.

Error - 3.5.2014 9:32:07 | Computer Name = Honza-PC | Source = C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe | ID = 131073
Description =

Error - 3.5.2014 9:37:17 | Computer Name = Honza-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error - 3.5.2014 9:37:17 | Computer Name = Honza-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error - 3.5.2014 9:37:17 | Computer Name = Honza-PC | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Uvolnění řetězců čítačů výkonu pro službu WmiApRpl (WmiApRpl) se nezdařilo.
První hodnota DWORD v datové oblasti obsahuje kód chyby.

[ System Events ]
Error - 3.5.2014 7:40:26 | Computer Name = Honza-PC | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 3.5.2014 9:17:19 | Computer Name = Honza-PC | Source = DCOM | ID = 10005
Description =

Error - 3.5.2014 9:17:19 | Computer Name = Honza-PC | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby Windows Search bylo dosaženo časového
limitu (30000 ms).

Error - 3.5.2014 9:17:19 | Computer Name = Honza-PC | Source = Service Control Manager | ID = 7000
Description = Služba Windows Search neuspěla při spuštění v důsledku následující
chyby: %%1053

Error - 3.5.2014 9:17:28 | Computer Name = Honza-PC | Source = WMPNetworkSvc | ID = 866300
Description =

Error - 3.5.2014 9:26:00 | Computer Name = Honza-PC | Source = Application Popup | ID = 1060
Description = Načtení \??\C:\ComboFix\catchme.sys bylo zablokováno kvůli nekompatibilitě
s tímto systémem. Požádejte dodavatele softwaru o kompatibilní verzi ovladače.

Error - 3.5.2014 9:26:00 | Computer Name = Honza-PC | Source = Application Popup | ID = 1060
Description = Načtení \??\C:\ComboFix\catchme.sys bylo zablokováno kvůli nekompatibilitě
s tímto systémem. Požádejte dodavatele softwaru o kompatibilní verzi ovladače.

Error - 3.5.2014 9:29:17 | Computer Name = Honza-PC | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 3.5.2014 9:31:54 | Computer Name = Honza-PC | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 3.5.2014 9:31:59 | Computer Name = Honza-PC | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

< End of report >

toox · #25 Příspěvek od **toox** » 03 kvě 2014 17:14

OTL logfile created on: 3.5.2014 17:35:41 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Honza\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,99 Gb Total Physical Memory | 2,08 Gb Available Physical Memory | 51,99% Memory free
7,98 Gb Paging File | 5,95 Gb Available in Paging File | 74,58% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,41 Gb Total Space | 468,76 Gb Free Space | 50,33% Space Free | Partition Type: NTFS

Computer Name: HONZA-PC | User Name: Honza | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014.05.03 17:32:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Honza\Downloads\OTL.exe
PRC - [2014.05.02 10:06:25 | 001,864,368 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe
PRC - [2014.04.30 09:13:18 | 000,900,696 | ---- | M] (BitTorrent Inc.) -- C:\Users\Honza\AppData\Roaming\BitTorrent\BitTorrent.exe
PRC - [2014.04.10 15:01:50 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2014.03.29 21:08:51 | 003,854,640 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014.03.29 21:08:51 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014.03.20 13:09:44 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2014.02.05 11:32:47 | 002,234,144 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2014.02.05 11:32:34 | 001,593,632 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

========== Modules (No Company Name) ==========

MOD - [2014.05.02 10:06:25 | 016,351,920 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll
MOD - [2014.03.29 21:08:51 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2014.03.20 13:09:43 | 003,642,480 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

========== Services (SafeList) ==========

SRV:64bit: - [2014.03.29 21:08:51 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2014.02.05 11:32:24 | 016,941,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2014.05.02 10:06:25 | 000,257,712 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014.04.10 15:01:50 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2014.03.20 13:09:43 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014.02.05 11:32:34 | 001,593,632 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2014.03.29 21:08:52 | 001,039,096 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2014.03.29 21:08:52 | 000,423,240 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2014.03.29 21:08:52 | 000,208,928 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2014.03.29 21:08:52 | 000,093,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2014.03.29 21:08:52 | 000,084,816 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm)
DRV:64bit: - [2014.03.29 21:08:52 | 000,079,184 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2014.03.29 21:08:52 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013.12.27 20:42:26 | 000,039,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2013.06.04 09:15:02 | 000,103,448 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2013.02.12 06:12:06 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2013.02.12 06:12:05 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb80236.sys -- (usbrndis6)
DRV:64bit: - [2013.02.06 07:42:10 | 000,203,544 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2012.12.27 22:05:56 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012.12.19 07:41:52 | 000,194,488 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012.09.21 21:04:24 | 000,024,608 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvbflt64.sys -- (CompFilter64)
DRV:64bit: - [2012.09.21 21:04:22 | 004,763,680 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64)
DRV:64bit: - [2012.09.21 21:04:22 | 000,351,520 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2012.08.23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 16:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.02.17 02:53:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.03.04 15:43:00 | 000,346,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010.01.27 10:58:38 | 000,115,312 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID)
DRV:64bit: - [2009.08.13 22:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.03.18 18:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1379411598-525497723-484556184-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-1379411598-525497723-484556184-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1379411598-525497723-484556184-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-1379411598-525497723-484556184-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1379411598-525497723-484556184-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "https://www.facebook.com/"
FF - prefs.js..extensions.enabledAddons: youtubemp3podcaster%40jeremy.d.gregorio.com:3.2.8
FF - prefs.js..extensions.enabledAddons: %7Bbee6eb20-01e0-ebd1-da83-080329fb9a3a%7D:1.54
FF - prefs.js..extensions.enabledAddons: %7B37fa1426-b82d-11db-8314-0800200c9a66%7D:3.3.16
FF - prefs.js..extensions.enabledAddons: %7B7b1bf0b6-a1b9-42b0-b75d-252036438bdc%7D:8.2
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:28.0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@t.garena.com/garenatalk: C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll ( Garena)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Honza\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Honza\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Honza\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Honza\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Honza\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Trials Evolution Gold Edition\datapack\orbit\npuplaypc.dll (Ubisoft)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014.03.20 13:09:35 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{b9aa91db-385d-4c69-8a2f-96790aa9405b}: c:\program files (x86)\copernic\desktopsearch4\firefoxconnector

[2012.12.27 20:39:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Honza\AppData\Roaming\Mozilla\Extensions
[2014.05.03 00:02:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\c7qdeahl.default-1390425784843\extensions
[2014.04.24 20:07:03 | 000,000,000 | ---D | M] (Flash and Video Download) -- C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\c7qdeahl.default-1390425784843\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}
[2014.03.19 19:47:42 | 000,000,000 | ---D | M] (Youtube MP3 Podcaster) -- C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\c7qdeahl.default-1390425784843\extensions\youtubemp3podcaster@jeremy.d.gregorio.com
[2014.04.27 11:53:10 | 000,217,853 | ---- | M] () (No name found) -- C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\c7qdeahl.default-1390425784843\extensions\{37fa1426-b82d-11db-8314-0800200c9a66}.xpi
[2014.05.03 00:02:42 | 000,059,970 | ---- | M] () (No name found) -- C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\c7qdeahl.default-1390425784843\extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi
[2014.02.13 18:37:15 | 000,019,530 | ---- | M] () (No name found) -- C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\c7qdeahl.default-1390425784843\extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi
[2014.02.21 17:57:18 | 000,384,579 | ---- | M] () (No name found) -- C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\c7qdeahl.default-1390425784843\extensions\{c8d3bc80-0810-4d21-a2c2-be5f2b2832ac}.xpi
[2014.05.01 19:42:04 | 000,957,880 | ---- | M] () (No name found) -- C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\c7qdeahl.default-1390425784843\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014.03.20 13:09:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014.03.20 13:09:44 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

O1 HOSTS File: ([2014.05.03 15:33:14 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [itype] C:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()
O4 - HKU\S-1-5-21-1379411598-525497723-484556184-1000..\Run: [BitTorrent] C:\Users\Honza\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1379411598-525497723-484556184-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1379411598-525497723-484556184-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1379411598-525497723-484556184-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files (x86)\Microsoft Office 2007\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files (x86)\Microsoft Office 2007\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office 2007\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 8.8.8.8 62.129.50.20
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{352F853E-681C-4F46-870D-FEFB5989BC75}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7BAF1024-5AF0-4AA6-B66A-D571EBA383BC}: DhcpNameServer = 8.8.8.8 62.129.50.20
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{82AFDF49-4714-4A59-8F23-08F40BB6D7E8}: DhcpNameServer = 192.168.42.129
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

Drivers32:64bit: msacm.ac3filter - ac3filter64.acm ()
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32:64bit: vidc.i420 - lvcod64.dll (Logitech Inc.)
Drivers32: msacm.ac3filter - C:\Windows\SysWow64\ac3filter.acm ()
Drivers32: msacm.divxa32 - C:\Windows\SysWow64\msaud32_divx.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.vorbis - C:\Windows\SysWow64\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)
Drivers32: vidc.i420 - C:\Windows\SysWow64\lvcodec2.dll (Logitech Inc.)
Drivers32: vidc.VP60 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2014.05.03 16:06:55 | 000,119,000 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014.05.03 16:06:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
[2014.05.03 16:06:36 | 000,091,352 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014.05.03 16:06:34 | 000,000,000 | ---D | C] -- C:\Users\Honza\Desktop\mbar
[2014.05.03 16:06:22 | 012,589,848 | ---- | C] (Malwarebytes Corp.) -- C:\Users\Honza\Desktop\mbar-1.07.0.1009.exe
[2014.05.03 15:33:27 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2014.05.03 13:31:30 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2014.05.03 13:31:30 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2014.05.03 13:31:30 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2014.05.03 13:31:22 | 000,000,000 | ---D | C] -- C:\Qoobox
[2014.05.03 13:31:07 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2014.05.03 00:25:43 | 000,000,000 | ---D | C] -- C:\Users\Honza\AppData\Local\CrashDumps
[2014.05.02 20:08:39 | 000,000,000 | ---D | C] -- C:\Users\Honza\Desktop\RK_Quarantine
[2014.05.02 17:56:28 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014.05.02 13:42:49 | 000,000,000 | ---D | C] -- C:\rsit
[2014.04.28 19:44:05 | 000,000,000 | ---D | C] -- C:\Users\Honza\Desktop\zaloha
[2014.04.24 11:23:17 | 000,000,000 | ---D | C] -- C:\Users\Honza\AppData\Roaming\.minecraft
[2014.04.24 11:22:59 | 000,000,000 | ---D | C] -- C:\Users\Honza\Desktop\KN Launcher
[2014.04.24 11:16:16 | 000,000,000 | ---D | C] -- C:\Users\Honza\Documents\libraries
[2014.04.23 16:16:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft free launcher
[2014.04.23 16:16:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Minecraft free launcher
[2014.04.23 16:15:09 | 001,704,448 | --S- | C] (The OpenSSL Project, http://www.openssl.org/) -- C:\Windows\SysWow64\libeay32.dll
[2014.04.23 16:15:09 | 000,364,544 | --S- | C] (The OpenSSL Project, http://www.openssl.org/) -- C:\Windows\SysWow64\ssleay32.dll
[2014.04.23 16:15:09 | 000,171,008 | --S- | C] (The libssh2 library, http://www.libssh2.org/) -- C:\Windows\SysWow64\libssh2.dll
[2014.04.23 16:15:09 | 000,119,888 | --S- | C] (Open Source Software community LGPL) -- C:\Windows\SysWow64\pthreadGC2.dll
[2014.04.23 16:15:09 | 000,055,808 | --S- | C] (Open Source Software community LGPL) -- C:\Windows\SysWow64\pthreadVC2.dll
[2014.04.23 16:15:09 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\bitstreams
[2014.04.23 16:15:08 | 000,472,424 | --S- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\cudart32_50_35.dll
[2014.04.15 20:12:31 | 000,061,112 | ---- | C] (StdLib) -- C:\Windows\SysNative\drivers\wStLibG64.sys
[2014.04.15 18:55:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WebSpades
[2014.04.15 18:43:06 | 000,000,000 | ---D | C] -- C:\Users\Honza\AppData\Roaming\Copernic
[2014.04.15 18:43:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Copernic
[2014.04.15 18:38:36 | 000,000,000 | ---D | C] -- C:\Users\Honza\AppData\Local\Copernic
[2014.04.11 21:19:59 | 000,000,000 | ---D | C] -- C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
[2014.04.11 21:19:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASIO4ALL v2
[2014.04.11 21:19:50 | 001,431,552 | ---- | C] (Propellerhead Software AB) -- C:\Windows\SysWow64\rewire.dll
[2014.04.11 21:19:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VstPlugins
[2014.04.11 21:19:32 | 000,000,000 | ---D | C] -- C:\Users\Honza\AppData\Roaming\Image-Line
[2014.04.11 21:19:31 | 000,000,000 | ---D | C] -- C:\Users\Honza\Documents\Image-Line
[2014.04.11 21:19:31 | 000,000,000 | ---D | C] -- C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
[2014.04.11 21:19:30 | 000,000,000 | ---D | C] -- C:\Program Files\Image-Line
[2014.04.11 21:19:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line
[2014.04.11 21:19:21 | 001,554,944 | ---- | C] (HMS http://hp.vector.co.jp/authors/VA012897/) -- C:\Windows\SysWow64\vorbis.acm
[2014.04.11 21:19:15 | 000,000,000 | ---D | C] -- C:\Users\Honza\AppData\Roaming\FlowStone
[2014.04.11 21:19:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DSPRobotics
[2014.04.11 21:16:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Image-Line
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014.05.03 17:37:15 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.05.03 16:06:55 | 000,119,000 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014.05.03 16:06:36 | 000,091,352 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014.05.03 16:06:25 | 012,589,848 | ---- | M] (Malwarebytes Corp.) -- C:\Users\Honza\Desktop\mbar-1.07.0.1009.exe
[2014.05.03 15:40:30 | 000,020,128 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.05.03 15:40:30 | 000,020,128 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.05.03 15:37:20 | 006,974,354 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2014.05.03 15:37:20 | 002,824,668 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014.05.03 15:37:20 | 002,273,166 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2014.05.03 15:37:20 | 002,193,620 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014.05.03 15:37:20 | 000,006,440 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014.05.03 15:33:14 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2014.05.03 15:32:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.05.03 15:32:41 | 3214,532,608 | -HS- | M] () -- C:\hiberfil.sys
[2014.05.03 15:19:33 | 000,000,003 | ---- | M] () -- C:\Users\Honza\stut
[2014.05.02 22:48:46 | 000,000,132 | ---- | M] () -- C:\Users\Honza\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
[2014.05.02 20:08:20 | 003,972,608 | ---- | M] () -- C:\Users\Honza\Desktop\RogueKiller.exe
[2014.05.02 17:56:09 | 001,310,621 | ---- | M] () -- C:\Users\Honza\Desktop\adwcleaner.exe
[2014.05.02 16:50:43 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014.05.02 13:40:54 | 000,935,175 | ---- | M] () -- C:\Users\Honza\Desktop\RSITx64.exe
[2014.05.02 10:07:03 | 000,001,380 | ---- | M] () -- C:\Users\Honza\rgut
[2014.05.02 10:06:25 | 000,692,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014.05.02 10:06:25 | 000,070,832 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014.04.30 09:13:18 | 000,000,833 | ---- | M] () -- C:\Users\Honza\Desktop\BitTorrent.lnk
[2014.04.28 13:13:11 | 040,675,306 | ---- | M] () -- C:\Users\Honza\Documents\Dirty Russia Irina v Ostravě(Karolína)-zadarmo promo pro bizarní šunkohlavku - YouTube.mp4
[2014.04.25 09:37:14 | 004,958,336 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014.04.24 08:43:23 | 000,943,044 | ---- | M] () -- C:\Windows\SysWow64\scrypt130511GeForce GTX 460glg2tc1984w256l4.bin
[2014.04.22 19:07:09 | 000,001,080 | ---- | M] () -- C:\Users\Honza\Desktop\Google Drive.lnk
[2014.04.17 14:32:01 | 000,017,920 | ---- | M] () -- C:\Users\Honza\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014.04.15 20:12:31 | 000,061,112 | ---- | M] (StdLib) -- C:\Windows\SysNative\drivers\wStLibG64.sys
[2014.04.11 21:19:49 | 000,002,040 | ---- | M] () -- C:\Users\Public\Desktop\FL Studio 11.lnk
[2014.04.11 14:36:46 | 000,001,189 | ---- | M] () -- C:\Users\Public\Desktop\Call of Duty Modern Warfare 2 SP.lnk
[2014.04.10 15:05:33 | 000,045,270 | ---- | M] () -- C:\Users\Honza\AppData\Roaming\room_v3.dat
[2014.04.10 15:01:50 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2014.04.10 15:01:42 | 000,281,768 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2014.04.10 15:01:42 | 000,281,768 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014.05.03 17:37:15 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.05.03 13:31:30 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2014.05.03 13:31:30 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2014.05.03 13:31:30 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2014.05.03 13:31:30 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2014.05.03 13:31:30 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2014.05.02 20:08:18 | 003,972,608 | ---- | C] () -- C:\Users\Honza\Desktop\RogueKiller.exe
[2014.05.02 17:56:06 | 001,310,621 | ---- | C] () -- C:\Users\Honza\Desktop\adwcleaner.exe
[2014.05.02 13:40:51 | 000,935,175 | ---- | C] () -- C:\Users\Honza\Desktop\RSITx64.exe
[2014.04.28 13:13:00 | 040,675,306 | ---- | C] () -- C:\Users\Honza\Documents\Dirty Russia Irina v Ostravě(Karolína)-zadarmo promo pro bizarní šunkohlavku - YouTube.mp4
[2014.04.25 09:36:58 | 004,958,336 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014.04.24 11:22:59 | 001,167,284 | ---- | C] () -- C:\Users\Honza\Desktop\KeiNett Launcher.exe
[2014.04.24 08:43:23 | 000,943,044 | ---- | C] () -- C:\Windows\SysWow64\scrypt130511GeForce GTX 460glg2tc1984w256l4.bin
[2014.04.24 08:43:13 | 000,000,003 | ---- | C] () -- C:\Users\Honza\stut
[2014.04.24 08:41:01 | 000,001,380 | ---- | C] () -- C:\Users\Honza\rgut
[2014.04.23 16:16:41 | 000,007,670 | --S- | C] () -- C:\Windows\SysWow64\mnccrssr.vbe
[2014.04.23 16:15:10 | 000,007,670 | --S- | C] () -- C:\Windows\SysWow64\mncgllsx.vbe
[2014.04.23 16:15:09 | 000,192,512 | --S- | C] () -- C:\Windows\SysWow64\libidn-11.dll
[2014.04.23 16:15:09 | 000,133,632 | --S- | C] () -- C:\Windows\SysWow64\librtmp.dll
[2014.04.23 16:15:09 | 000,100,864 | --S- | C] () -- C:\Windows\SysWow64\zlib1.dll
[2014.04.23 16:15:09 | 000,043,810 | --S- | C] () -- C:\Windows\SysWow64\poclbm130302.cl
[2014.04.23 16:15:09 | 000,023,825 | --S- | C] () -- C:\Windows\SysWow64\scrypt130511.cl
[2014.04.23 16:15:09 | 000,013,062 | --S- | C] () -- C:\Windows\SysWow64\phatk121016.cl
[2014.04.23 16:15:08 | 000,538,126 | --S- | C] () -- C:\Windows\SysWow64\libcurl-4.dll
[2014.04.23 16:15:08 | 000,044,727 | --S- | C] () -- C:\Windows\SysWow64\diablo130302.cl
[2014.04.23 16:15:08 | 000,030,802 | --S- | C] () -- C:\Windows\SysWow64\diakgcn121016.cl
[2014.04.22 19:07:09 | 000,001,080 | ---- | C] () -- C:\Users\Honza\Desktop\Google Drive.lnk
[2014.04.11 21:19:49 | 000,002,040 | ---- | C] () -- C:\Users\Public\Desktop\FL Studio 11.lnk
[2014.04.11 21:19:29 | 000,002,052 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FL Studio 11.lnk
[2014.04.11 14:36:46 | 000,001,189 | ---- | C] () -- C:\Users\Public\Desktop\Call of Duty Modern Warfare 2 SP.lnk
[2013.07.20 14:20:16 | 003,123,272 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2013.06.21 20:22:04 | 000,000,700 | -HS- | C] () -- C:\Users\Honza\AppData\Local\systemFL7.dat
[2013.06.21 20:19:49 | 000,040,960 | ---- | C] () -- C:\Windows\SysWow64\nwsftUninstall.exe
[2013.06.15 00:04:16 | 000,234,010 | ---- | C] () -- C:\Windows\SysWow64\poclbm130302GeForce GTX 460gv1w256l4.bin
[2013.06.06 18:33:14 | 001,563,616 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.06.03 21:25:07 | 000,000,132 | ---- | C] () -- C:\Users\Honza\AppData\Roaming\Adobe Formát GIF CS5 – předvolby
[2013.03.29 17:17:02 | 000,000,132 | ---- | C] () -- C:\Users\Honza\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
[2013.02.05 17:52:54 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2013.02.05 17:52:50 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2013.02.05 17:52:50 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2013.02.05 17:52:50 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2013.02.05 17:52:50 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2013.01.05 20:40:11 | 000,017,920 | ---- | C] () -- C:\Users\Honza\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.12.29 02:27:19 | 000,045,270 | ---- | C] () -- C:\Users\Honza\AppData\Roaming\room_v3.dat
[2012.12.28 00:23:13 | 000,281,768 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.12.28 00:23:11 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012.12.28 00:23:10 | 000,000,331 | ---- | C] () -- C:\Windows\game.ini
[2012.12.27 20:05:17 | 000,072,304 | R--- | C] () -- C:\Windows\SysWow64\XSrvSetup.exe
[2012.12.27 20:01:23 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2012.09.21 21:08:36 | 010,919,784 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2012.09.21 21:08:36 | 000,338,136 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2012.09.21 21:08:36 | 000,103,272 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
[2012.07.02 22:11:02 | 000,016,384 | ---- | C] () -- C:\Windows\SysWow64\theowl.dll

========== ZeroAccess Check ==========

[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2014.04.24 11:25:48 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\.minecraft
[2014.01.31 18:29:30 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\2K Sports
[2014.02.19 23:04:29 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\AC3Filter
[2013.07.11 12:07:20 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Ashampoo
[2014.03.30 10:46:51 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\AVAST Software
[2014.05.03 17:41:35 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\BitTorrent
[2014.02.27 18:19:10 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2014.04.15 18:43:06 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Copernic
[2014.04.14 23:25:30 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\DAEMON Tools Lite
[2014.04.11 21:19:15 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\FlowStone
[2013.01.20 10:14:30 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Foxit Software
[2013.01.01 17:53:40 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Garena
[2014.04.10 14:41:48 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\GarenaPlus
[2012.12.27 21:55:58 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\GHISLER
[2014.04.11 21:19:32 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Image-Line
[2014.02.05 20:34:59 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\IrfanView
[2012.12.28 01:48:04 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Leadertech
[2013.07.18 10:51:35 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\MKKE
[2013.05.22 17:26:38 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\onOne Software
[2013.06.14 15:19:33 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Publish Providers
[2013.07.20 15:12:59 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\PunkBuster
[2014.01.31 23:42:38 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\QuickScan
[2013.04.09 00:24:56 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Samsung
[2013.08.01 16:52:31 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Softland
[2013.04.18 21:31:12 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Solveig Multimedia
[2014.02.17 23:13:03 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Sony
[2013.06.23 02:30:26 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Sony Creative Software Inc
[2013.01.20 18:50:50 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2014.02.01 15:09:39 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\The Creative Assembly
[2013.06.17 22:10:45 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\TuneUp Software
[2013.06.17 22:09:01 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\TuneUp Software.BackupByTuneUpPortable

========== Purity Check ==========

========== Custom Scans ==========

< >
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,032,612 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2014.03.10 14:21:33 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job

< >

< MD5 for: AGP440.SYS >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\erdnt\cache64\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\erdnt\cache86\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\erdnt\cache64\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2012.06.02 06:52:32 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=063DD65889D21035311463337BD268E7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_788c7cc71232cc19\cryptsvc.dll
[2010.11.20 15:25:59 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2012.06.02 07:32:25 | 000,183,808 | ---- | M] (Microsoft Corporation) MD5=456107D69D4EE850A559434F19EFEE65 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21225_none_d2beeccacd6d6c07\cryptsvc.dll
[2012.06.04 09:52:35 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=7E7D2DACF65D750D466F36BD3D09AE20 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_d4ab184aca903d4f\cryptsvc.dll
[2009.07.14 03:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_d1f48b0bb4805490\cryptsvc.dll
[2012.06.02 06:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=96C0E38905CFD788313BE8E11DAE3F2F -- C:\Windows\erdnt\cache86\cryptsvc.dll
[2012.06.02 06:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=96C0E38905CFD788313BE8E11DAE3F2F -- C:\Windows\SysWOW64\cryptsvc.dll
[2012.06.02 06:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=96C0E38905CFD788313BE8E11DAE3F2F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_77ddc9e5f93000db\cryptsvc.dll
[2012.06.02 07:41:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=9C01375BE382E834CC26D1B7EAF2C4FE -- C:\Windows\erdnt\cache64\cryptsvc.dll
[2012.06.02 07:41:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=9C01375BE382E834CC26D1B7EAF2C4FE -- C:\Windows\SysNative\cryptsvc.dll
[2012.06.02 07:41:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=9C01375BE382E834CC26D1B7EAF2C4FE -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_d3fc6569b18d7211\cryptsvc.dll
[2009.07.14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
[2010.11.20 14:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
[2012.06.02 07:25:12 | 000,182,272 | ---- | M] (Microsoft Corporation) MD5=BAF19B633933A9FB4883D27D66C39E9A -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17035_none_d22a7e2db457eb07\cryptsvc.dll
[2012.06.02 06:41:59 | 000,141,312 | ---- | M] (Microsoft Corporation) MD5=EA8C26ECF1656D9647EF044F115EC6DA -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21225_none_76a05147150ffad1\cryptsvc.dll
[2012.06.02 06:45:21 | 000,139,264 | ---- | M] (Microsoft Corporation) MD5=F2FDE6C8DBAAD44CC58D1E07E4AF4EED -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17035_none_760be2a9fbfa79d1\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\erdnt\cache86\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009.08.03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009.08.03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: HAL.DLL >
[2009.07.14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: IASTORV.SYS >
[2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011.03.11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011.03.11 08:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\drivers\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\isapnp.sys

< MD5 for: LSASS.EXE >
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_023f7c69767c3edd\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_023e7e05767d22ad\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_02bd4ae48fa2de68\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe
[2011.11.17 08:20:34 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0A10B74FBB437FF9A23F1D5DE4446A83 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_04c1204e8cb39c3f\lsass.exe
[2011.11.17 09:05:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=156F6159457D0AA7E59B62681B56EB90 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16915_none_028b374176436a30\lsass.exe
[2011.11.17 09:05:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=156F6159457D0AA7E59B62681B56EB90 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.17035_none_02756f8b7653d554\lsass.exe
[2012.08.24 19:43:36 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=77119F1F9B492B260030C34F9BE327FA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22099_none_04a88ce28cc4eb33\lsass.exe
[2012.06.04 09:51:10 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=79C908CAA6F43021EB05F4C733A927D1 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_04f609a88c8c279c\lsass.exe
[2012.06.02 07:30:31 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=BF63CE11A25F3509129888710D5111FC -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21225_none_0309de288f695654\lsass.exe
[2011.11.17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\erdnt\cache64\lsass.exe
[2011.11.17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\SysNative\lsass.exe
[2011.11.17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_0466c45b7371f20d\lsass.exe
[2011.11.17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_044756c773895c5e\lsass.exe
[2011.11.17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17940_none_044c26dd7386a58a\lsass.exe
[2011.11.17 08:42:52 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=D21BD47E528CD62E79311FB5DF0150E6 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21092_none_02bb2a0a8fa4d398\lsass.exe

< MD5 for: NDIS.SYS >
[2012.08.22 20:06:07 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=5E74508FCB5820B29EEAFE24E6035BCF -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_06232d534c0a8d67\ndis.sys
[2012.08.22 20:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\erdnt\cache64\ndis.sys
[2012.08.22 20:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\SysNative\drivers\ndis.sys
[2012.08.22 20:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_05dc9a6832ba428a\ndis.sys
[2010.11.20 15:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys
[2009.07.14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\erdnt\cache64\netlogon.dll
[2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\erdnt\cache86\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

< MD5 for: NVRAID.SYS >
[2011.03.11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\drivers\nvraid.sys
[2011.03.11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvraid.sys
[2011.03.11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvraid.sys
[2009.07.14 03:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvraid.sys
[2010.11.20 15:33:48 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvraid.sys
[2010.11.20 15:33:48 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvraid.sys
[2011.03.11 08:19:21 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=666CA16F17914C1CD3616CF16DE0A6EA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvraid.sys
[2011.03.11 08:23:06 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A4D9C9A608A97F59307C2F2600EDC6A4 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvraid.sys
[2011.03.11 08:25:53 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A5C82EB2F72AA004887F90B84A771F73 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011.03.11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011.03.11 08:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\erdnt\cache86\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\erdnt\cache64\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SMSS.EXE >
[2009.07.14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe
[2013.03.19 04:57:17 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=498E2A20E145199709CD100CDBA8603D -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22280_none_0a9a7b3b492b4d05\smss.exe
[2013.03.19 05:20:12 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=7180204786A9DED8723B2D8CF3CDD388 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.21490_none_08a94e494c0cfd0a\smss.exe
[2013.03.19 05:06:33 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0371DE302FFFF8F086661611BE60848 -- C:\Windows\SysNative\smss.exe
[2013.03.19 05:06:33 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0371DE302FFFF8F086661611BE60848 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18113_none_0a5f8ec22fd235a9\smss.exe
[2013.03.19 05:19:03 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=FA64733BD65F52712F0545F56FDB4BE6 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.17273_none_0838504e32dc743c\smss.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\erdnt\cache86\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\erdnt\cache64\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

toox · #26 Příspěvek od **toox** » 03 kvě 2014 17:14

< MD5 for: TCPIP.SYS >
[2012.10.03 19:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2010.11.20 15:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2013.01.04 07:41:01 | 001,893,224 | ---- | M] (Microsoft Corporation) MD5=5CFB7AB8F9524D1A1E14369DE63B83CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_0f6a6af57fd59de6\tcpip.sys
[2012.03.30 12:19:17 | 001,877,872 | ---- | M] (Microsoft Corporation) MD5=5EFD096DEF47F8B88EF591DA92143440 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_0faa5514992a39a7\tcpip.sys
[2012.03.30 13:09:53 | 001,895,280 | ---- | M] (Microsoft Corporation) MD5=624C5B3AA4C99B3184BB922D9ECE3FF0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_0f140fa780164fde\tcpip.sys
[2013.01.03 07:57:12 | 001,876,824 | ---- | M] (Microsoft Corporation) MD5=692969AB90BDA19F56E27BF89A9260E2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_0fe8397098fc3d71\tcpip.sys
[2012.03.30 12:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2009.07.14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2012.03.30 13:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2013.01.03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\erdnt\cache64\tcpip.sys
[2013.01.03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\SysNative\drivers\tcpip.sys
[2013.01.03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2013.01.04 07:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys
[2012.10.03 19:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\erdnt\cache86\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\erdnt\cache64\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\erdnt\cache64\winlogon.exe
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< MD5 for: WS2_32.DLL >
[2010.11.20 15:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\erdnt\cache64\ws2_32.dll
[2010.11.20 15:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\SysNative\ws2_32.dll
[2010.11.20 15:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[2009.07.14 03:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_4eaca269e8070c6b\ws2_32.dll
[2010.11.20 14:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\erdnt\cache86\ws2_32.dll
[2010.11.20 14:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SysWOW64\ws2_32.dll
[2010.11.20 14:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
[2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[3 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[29 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2014.04.24 11:25:48 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\.minecraft
[2014.01.31 18:29:30 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\2K Sports
[2014.02.19 23:04:29 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\AC3Filter
[2013.05.22 13:09:36 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Adobe
[2013.01.20 18:50:50 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Adobe Mini Bridge CS5
[2013.07.11 12:07:20 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Ashampoo
[2014.03.30 10:46:51 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\AVAST Software
[2014.05.03 17:49:26 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\BitTorrent
[2014.02.27 18:19:10 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2014.04.15 18:43:06 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Copernic
[2014.04.14 23:25:30 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\DAEMON Tools Lite
[2014.04.11 21:19:15 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\FlowStone
[2013.01.20 10:14:30 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Foxit Software
[2013.01.01 17:53:40 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Garena
[2014.04.10 14:41:48 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\GarenaPlus
[2012.12.27 21:55:58 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\GHISLER
[2012.12.27 20:43:27 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\GRETECH
[2012.12.27 19:56:03 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Identities
[2014.04.11 21:19:32 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Image-Line
[2014.02.05 20:34:59 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\IrfanView
[2012.12.28 01:48:04 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Leadertech
[2013.01.06 21:45:58 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Logitech
[2012.12.27 20:50:39 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Macromedia
[2012.12.27 21:17:23 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Malwarebytes
[2009.07.14 17:36:31 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Media Center Programs
[2013.07.15 19:21:55 | 000,000,000 | --SD | M] -- C:\Users\Honza\AppData\Roaming\Microsoft
[2013.07.18 10:51:35 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\MKKE
[2014.01.24 19:20:56 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Mozilla
[2014.03.20 13:13:57 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\NVIDIA
[2013.05.22 17:26:38 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\onOne Software
[2013.04.25 20:33:05 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\PSpad
[2013.06.14 15:19:33 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Publish Providers
[2013.07.20 15:12:59 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\PunkBuster
[2014.01.31 23:42:38 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\QuickScan
[2013.04.09 00:24:56 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Samsung
[2014.05.03 17:48:57 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Skype
[2013.08.01 16:52:31 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Softland
[2013.04.18 21:31:12 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Solveig Multimedia
[2014.02.17 23:13:03 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Sony
[2013.06.23 02:30:26 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Sony Creative Software Inc
[2013.01.20 18:50:50 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2014.02.01 15:09:39 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\The Creative Assembly
[2013.06.17 22:10:45 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\TuneUp Software
[2013.06.17 22:09:01 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\TuneUp Software.BackupByTuneUpPortable
[2014.04.28 20:28:19 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Winamp
[2014.02.27 00:46:07 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2014.04.30 09:13:18 | 000,900,696 | ---- | M] (BitTorrent Inc.) -- C:\Users\Honza\AppData\Roaming\BitTorrent\BitTorrent.exe
[2013.07.22 20:18:57 | 001,125,464 | ---- | M] (BitTorrent Inc.) -- C:\Users\Honza\AppData\Roaming\BitTorrent\updates\7.8.1_29964.exe
[2013.08.01 15:11:53 | 000,883,552 | ---- | M] (BitTorrent Inc.) -- C:\Users\Honza\AppData\Roaming\BitTorrent\updates\7.8.1_29989.exe
[2014.02.07 12:44:02 | 000,900,696 | ---- | M] (BitTorrent Inc.) -- C:\Users\Honza\AppData\Roaming\BitTorrent\updates\7.8.2_30489.exe
[2007.03.22 12:46:42 | 000,126,976 | ---- | M] () -- C:\Users\Honza\AppData\Roaming\GRETECH\GomPlayer\GrLauncher.exe
[2014.02.05 20:22:14 | 014,784,096 | ---- | M] (Gretech Corporation) -- C:\Users\Honza\AppData\Roaming\GRETECH\GomPlayer\GrLauncherTempSetup.exe
[2013.05.24 15:41:10 | 000,054,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\Honza\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2012.12.28 01:48:04 | 000,053,248 | R--- | M] (Acresso Software Inc.) -- C:\Users\Honza\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
[2014.02.15 01:02:36 | 000,010,134 | R--- | M] () -- C:\Users\Honza\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2014.03.19 16:27:25 | 000,358,912 | ---- | M] () -- C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\c7qdeahl.default-1390425784843\extensions\youtubemp3podcaster@jeremy.d.gregorio.com\chrome\b64Launcher.exe
[2014.03.19 16:27:26 | 001,819,648 | ---- | M] () -- C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\c7qdeahl.default-1390425784843\extensions\youtubemp3podcaster@jeremy.d.gregorio.com\chrome\encMP3Tagger.exe
[2014.03.19 16:27:26 | 027,124,736 | ---- | M] () -- C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\c7qdeahl.default-1390425784843\extensions\youtubemp3podcaster@jeremy.d.gregorio.com\chrome\ffmpeg.exe
[2014.03.19 16:27:26 | 000,122,992 | ---- | M] () -- C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\c7qdeahl.default-1390425784843\extensions\youtubemp3podcaster@jeremy.d.gregorio.com\chrome\mp3gain.exe
[2011.02.17 23:46:25 | 000,835,440 | R--- | M] () -- C:\Users\Honza\AppData\Roaming\PunkBuster\pbsetup\pbsvc.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2014.05.02 10:06:25 | 000,692,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerApp.exe
[2014.05.02 10:06:25 | 000,070,832 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerCPLApp.cpl

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2010.11.20 15:25:17 | 001,475,584 | ---- | M] (Microsoft Corporation)
"BitTorrent" = "C:\Users\Honza\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED -- [2014.04.30 09:13:18 | 000,900,696 | ---- | M] (BitTorrent Inc.)

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014.05.03 17:37:15 | 000,000,512 | ---- | M] () MD5=7CA38B78C81CFDA4752E993C91CC4AE0 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2013.03.12 12:47:38 | 000,007,624 | ---- | M] () -- \Program Files (x86)\Image-Line\FL Studio 11\Data\Patches\Packs\Drums\Percussion\FPC Ice Crack.wav
[2012.10.02 10:41:48 | 000,000,400 | ---- | M] () -- \Program Files (x86)\Image-Line\FL Studio 11\Data\Patches\Plugin presets\Generators\Drumpad\Sound FX\Crack.fst
[2008.09.08 22:55:14 | 000,000,204 | ---- | M] () -- \Program Files (x86)\Image-Line\FL Studio 11\Plugins\Fruity\Effects\Hardcore\Presets\I cracked my Tube!.hdprg
[2010.01.15 22:56:40 | 000,000,272 | ---- | M] () -- \Program Files (x86)\Image-Line\FL Studio 11\Plugins\Fruity\Generators\Drumaxx\Drum Patches\Sound FX\Crack.dmpatch
[2010.01.15 22:56:40 | 000,000,272 | ---- | M] () -- \Program Files (x86)\Image-Line\FL Studio 11\Plugins\Fruity\Generators\DrumPad\Drum Patches\Sound FX\Crack.dmpatch
[2012.10.27 16:34:15 | 000,000,113 | ---- | M] () -- \Program Files (x86)\nfs mw 12\Need For Speed Most Wanted 2012\Support\readme\SKIDROW CRACK.url
[2012.12.17 22:33:54 | 001,484,270 | ---- | M] () -- \ProgramData\onOne Software\Perfect Effects 4\Textures\Walls\Large\Cracked Earth.jpg
[2012.12.17 22:33:54 | 000,706,359 | ---- | M] () -- \ProgramData\onOne Software\Perfect Effects 4\Textures\Walls\Large\Cracked Paint.jpg
[2012.12.17 22:33:56 | 000,156,398 | ---- | M] () -- \ProgramData\onOne Software\Perfect Effects 4\Textures\Walls\Small\Cracked Earth.jpg
[2012.12.17 22:33:56 | 000,053,579 | ---- | M] () -- \ProgramData\onOne Software\Perfect Effects 4\Textures\Walls\Small\Cracked Paint.jpg
[2012.12.17 22:33:54 | 001,484,270 | ---- | M] () -- \Users\All Users\onOne Software\Perfect Effects 4\Textures\Walls\Large\Cracked Earth.jpg
[2012.12.17 22:33:54 | 000,706,359 | ---- | M] () -- \Users\All Users\onOne Software\Perfect Effects 4\Textures\Walls\Large\Cracked Paint.jpg
[2012.12.17 22:33:56 | 000,156,398 | ---- | M] () -- \Users\All Users\onOne Software\Perfect Effects 4\Textures\Walls\Small\Cracked Earth.jpg
[2012.12.17 22:33:56 | 000,053,579 | ---- | M] () -- \Users\All Users\onOne Software\Perfect Effects 4\Textures\Walls\Small\Cracked Paint.jpg
[2014.03.01 20:11:18 | 000,012,616 | ---- | M] () -- \Users\Honza\AppData\Roaming\BitTorrent\Crack.torrent
[2014.03.02 12:42:52 | 000,018,146 | ---- | M] () -- \Users\Honza\AppData\Roaming\BitTorrent\FIFA 14 Crack Only V4.torrent
[2014.03.02 12:44:56 | 000,014,174 | ---- | M] () -- \Users\Honza\AppData\Roaming\BitTorrent\Fifa 14 Update 1+Crack fix-Skidrow.torrent
[2014.03.02 13:43:24 | 000,015,569 | ---- | M] () -- \Users\Honza\AppData\Roaming\BitTorrent\FIFA 14 [MULTI5][PCDVD][CRACK & UPDATE 1][3DM][WwW.GamesTorrents.CoM].torrent
[2014.03.02 13:45:32 | 000,045,303 | ---- | M] () -- \Users\Honza\AppData\Roaming\BitTorrent\FIFA.14-ULTIMIATE.EDITION-SKIDROWCRACK.torrent
[2014.03.05 21:05:42 | 000,020,812 | ---- | M] () -- \Users\Honza\AppData\Roaming\BitTorrent\FIFA.14.Ultimate.Edition.v1.3.0.0.Update-CRACKED.rar.torrent
[2014.02.25 16:03:56 | 000,005,255 | ---- | M] () -- \Users\Honza\AppData\Roaming\BitTorrent\Houdini 4 UCI Chess Engine (Full w32+x64 inc. Crack)!.torrent
[2014.03.02 18:14:46 | 000,019,459 | ---- | M] () -- \Users\Honza\AppData\Roaming\BitTorrent\PES2014 CRACK 1.04.torrent
[2011.09.08 23:04:06 | 000,005,280 | ---- | M] () -- \Users\Honza\Desktop\Ostatní\Other\Abstract (100)\Sounds (80)\Freeze icy crackling.sfk
[2007.06.30 05:13:39 | 000,667,308 | ---- | M] () -- \Users\Honza\Desktop\Ostatní\Other\Abstract (100)\Sounds (80)\Freeze icy crackling.wav
[2007.06.29 20:46:00 | 000,836,580 | ---- | M] () -- \Users\Honza\Desktop\Ostatní\Other\Abstract (100)\Sounds (80)\Ice crackling 01, thin ice.wav
[2007.06.29 20:46:00 | 001,785,908 | ---- | M] () -- \Users\Honza\Desktop\Ostatní\Other\Abstract (100)\Sounds (80)\Ice crackling 02, thin ice, louder.wav
[2007.06.29 21:44:16 | 000,127,540 | ---- | M] () -- \Users\Honza\Desktop\Ostatní\Other\Abstract (100)\Sounds (80)\Window crack 01.wav
[2007.06.29 21:44:16 | 000,199,220 | ---- | M] () -- \Users\Honza\Desktop\Ostatní\Other\Abstract (100)\Sounds (80)\Window crack 02.wav
[2007.06.29 20:11:16 | 001,151,328 | ---- | M] () -- \Users\Honza\Desktop\Ostatní\Other\Impacts (100)\Evil crack 01.wav
[2007.06.29 20:11:16 | 000,913,460 | ---- | M] () -- \Users\Honza\Desktop\Ostatní\Other\Impacts (100)\Evil crack 02.wav
[2007.06.29 21:56:09 | 000,632,480 | ---- | M] () -- \Users\Honza\Desktop\Ostatní\Other\Impacts (100)\Evil crack 03.wav
[2007.06.29 21:56:09 | 000,924,212 | ---- | M] () -- \Users\Honza\Desktop\Ostatní\Other\Impacts (100)\Evil crack 04.wav
[2007.06.29 21:56:09 | 000,617,416 | ---- | M] () -- \Users\Honza\Desktop\Ostatní\Other\Impacts (100)\Evil crack 05.wav
[2007.06.29 21:56:09 | 000,469,556 | ---- | M] () -- \Users\Honza\Desktop\Ostatní\Other\Impacts (100)\Evil crack 06.wav
[2014.02.18 16:44:03 | 000,006,064 | ---- | M] () -- \Users\Honza\Desktop\Ostatní\Other\Impacts (100)\Evil crack 07.sfk
[2007.06.29 21:57:24 | 000,767,540 | ---- | M] () -- \Users\Honza\Desktop\Ostatní\Other\Impacts (100)\Evil crack 07.wav
[2009.12.22 20:00:12 | 001,145,430 | ---- | M] () -- \Users\Honza\Desktop\Ostatní\Other\photoshop\ABR Brushes all\Cracks_-_by_birgitengelhardt.de.abr
[2014.03.30 14:18:56 | 000,004,021 | ---- | M] () -- \Users\Honza\Desktop\Ostatní\Other\photoshop\fonty\151 Fonts Collection\CF-Cracked-Stone-Regular\CF-Cracked-Stone-Regular.png
[2014.03.30 14:18:55 | 000,182,440 | ---- | M] () -- \Users\Honza\Desktop\Ostatní\Other\photoshop\fonty\151 Fonts Collection\CF-Cracked-Stone-Regular\CFCrackedStone.ttf
[2010.01.15 22:56:40 | 000,000,272 | ---- | M] () -- \Users\Honza\Documents\Image-Line\Data\Drumaxx\Drum Patches\Sound FX\Crack.dmpatch
[2014.02.14 21:35:29 | 007,894,218 | ---- | M] () -- \Users\Honza\Music\Hip hop\# DE #\Bushido\Bushido - Sonny Black [2014]\05. Crackdealer Sound.mp3
[2013.01.24 23:16:10 | 008,775,576 | ---- | M] () -- \Users\Honza\Music\Hip hop\# DE #\Haftbefehl\Haftbefehl - Blockplatin (Deluxe Version)\CD 1\13. Crackfurt.mp3
[2013.01.24 23:16:10 | 020,237,353 | ---- | M] () -- \Users\Honza\Music\Hip hop\# DE #\Haftbefehl\Haftbefehl - Blockplatin (Deluxe Version)\CD 1\15. Chabos wissen wer der Babo ist (Allstar Remix) [feat. Veysel, Mosh, Celo, Abdi, Milonair, Habesha, Al Gear, Doe, Crackaveli, 606.mp3
[2013.01.24 23:16:11 | 008,337,793 | ---- | M] () -- \Users\Honza\Music\Hip hop\# DE #\Haftbefehl\Haftbefehl - Blockplatin (Deluxe Version)\CD 1\28. Crackfurt (Instrumental).mp3
[2013.01.05 01:09:05 | 007,682,727 | ---- | M] () -- \Users\Honza\Music\Hip hop\# DE #\Massiv\Massiv - Blut gegen Blut\23 - Mein Crack feat VS. Mavia.mp3
[2013.07.13 15:10:32 | 012,262,418 | ---- | M] () -- \Users\Honza\Music\Hip hop\# USA HIP-HOP #\Brick Squad Monopoly\Bricksquad Monopoly\05 - - Make Crack Like This - Oj Da Juiceman.mp3
[2012.11.30 03:03:52 | 007,309,277 | ---- | M] () -- \Users\Honza\Music\Hip hop\# USA HIP-HOP #\Cash Money Records #\Tyga - 187\01. F %kn Crack.mp3
[2013.01.05 17:41:36 | 005,061,571 | ---- | M] () -- \Users\Honza\Music\Hip hop\# USA HIP-HOP #\Fat Joe\Fat Joe - The Elephant In The Room (2008)\03-fat_joe-the_crackhouse_(feat._lil_wayne).mp3
[2008.07.31 15:19:18 | 006,273,114 | ---- | M] () -- \Users\Honza\Music\Hip hop\# USA HIP-HOP #\Group home\Group Home_Presents_Lil_Dap-I.A.Dap-2008\12-lil_dap-real_group_home_(feat._melachi_the_nutcracker).mp3
[2010.12.07 19:46:27 | 009,108,706 | ---- | M] () -- \Users\Honza\Music\Hip hop\Indy & Wich & LA4 (CZ)\La4 - Gyzmo\04-Něco jako klid_crack (+James Cole).mp3
[2013.01.04 01:25:14 | 002,748,416 | ---- | M] () -- \Users\Honza\Music\Hip hop\Instrumentalky\USA\Conway - Nutcracka (instrumental).mp3
[2012.09.20 15:40:06 | 003,260,833 | ---- | M] () -- \Users\Honza\Music\Hip hop\rap\The Notorious B.I.G\Life After Death Disc 2\05 Ten Crack Commandments.mp3
[2012.09.20 16:02:04 | 003,260,833 | ---- | M] () -- \Users\Honza\Music\Hip hop\rap\The Notorious B.I.G\Nová složka\05 Ten Crack Commandments.mp3

< *keygen* /s >

< *AntiWPA* /s >

< *loader* /s >
[2013.05.16 16:41:22 | 001,152,288 | ---- | M] () -- \NVIDIA\DisplayDriver\320.18\Win8_WinVista_Win7_64\International\GFExperience\ExtensionLoader.dll
[2014.02.05 11:31:23 | 001,169,184 | ---- | M] () -- \NVIDIA\DisplayDriver\334.89\Win8_WinVista_Win7_64\International\GFExperience\ExtensionLoader.dll
[2014.02.05 11:31:23 | 001,169,184 | ---- | M] () -- \NVIDIA\DisplayDriver\GeForce335.23Driver\ExtensionLoader.dll
[2014.02.05 11:31:23 | 001,169,184 | ---- | M] () -- \NVIDIA\DisplayDriver\GeForce335.23Driver\GFExperience\ExtensionLoader.dll
[2012.09.18 22:01:26 | 000,064,280 | ---- | M] () -- \Program Files (x86)\Activision\Tony Hawks Pro Skater HD\Binaries\Win32\PhysXLoader.dll
[2010.03.09 05:28:40 | 005,297,608 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\Photodownloader.exe
[2010.03.09 02:38:58 | 000,011,161 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2010.03.09 02:38:58 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\de_de\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\en_us\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\es_es\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\it_it\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\no_no\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,308 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2006.10.26 13:40:34 | 000,057,344 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 13:40:34 | 000,005,120 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2013.10.04 01:06:54 | 000,001,924 | ---- | M] () -- \Program Files (x86)\F1 2013\ai\track_statistics_loader.xml
[2013.10.04 01:06:54 | 000,000,115 | ---- | M] () -- \Program Files (x86)\F1 2013\audio\audio_loader.xml
[2013.10.04 01:06:54 | 000,000,342 | ---- | M] () -- \Program Files (x86)\F1 2013\scenes\garage_loader.xml
[2013.10.04 01:06:54 | 000,001,042 | ---- | M] () -- \Program Files (x86)\F1 2013\scenes\paddock_gameloader.xml
[2013.10.04 01:06:54 | 000,000,645 | ---- | M] () -- \Program Files (x86)\F1 2013\scenes\paddock_loader.xml
[2013.10.04 01:06:54 | 000,001,986 | ---- | M] () -- \Program Files (x86)\F1 2013\scenes\parcferme_loader.xml
[2013.10.04 01:06:54 | 000,001,832 | ---- | M] () -- \Program Files (x86)\F1 2013\scenes\parcferme_loader_gaqa.xml
[2013.10.04 01:06:54 | 000,001,830 | ---- | M] () -- \Program Files (x86)\F1 2013\scenes\parcferme_loader_gara.xml
[2013.10.04 01:06:54 | 000,001,831 | ---- | M] () -- \Program Files (x86)\F1 2013\scenes\parcferme_loader_gate.xml
[2013.10.04 01:06:54 | 000,001,807 | ---- | M] () -- \Program Files (x86)\F1 2013\scenes\parcferme_loader_gate_nt.xml
[2013.10.04 01:06:54 | 000,001,832 | ---- | M] () -- \Program Files (x86)\F1 2013\scenes\parcferme_loader_gawc.xml
[2013.10.04 01:06:54 | 000,002,060 | ---- | M] () -- \Program Files (x86)\F1 2013\scenes\parcferme_loader_pfqa.xml
[2013.10.04 01:06:54 | 000,002,060 | ---- | M] () -- \Program Files (x86)\F1 2013\scenes\parcferme_loader_pfra.xml
[2013.10.04 01:06:54 | 000,002,058 | ---- | M] () -- \Program Files (x86)\F1 2013\scenes\parcferme_loader_pfwc.xml
[2013.10.04 01:06:54 | 000,000,629 | ---- | M] () -- \Program Files (x86)\F1 2013\scenes\pitstop_loader.xml
[2013.10.04 01:06:54 | 000,000,722 | ---- | M] () -- \Program Files (x86)\F1 2013\scenes\race_marshal_loader.xml
[2013.10.04 01:06:54 | 000,001,587 | ---- | M] () -- \Program Files (x86)\F1 2013\scenes\trackside_garage_loader.xml
[2013.10.04 01:06:54 | 000,001,578 | ---- | M] () -- \Program Files (x86)\F1 2013\scenes\trackside_garage_reloader.xml
[2013.10.04 01:06:54 | 000,000,149 | ---- | M] () -- \Program Files (x86)\F1 2013\system\osd_loader.xml
[2014.03.24 12:31:30 | 000,000,022 | ---- | M] () -- \Program Files (x86)\Fifa 14 CZ v1.4.0.0 - Reapck by Danik1B9\3DMLoader.ini
[2013.02.07 11:11:17 | 000,051,504 | ---- | M] () -- \Program Files (x86)\Garena Plus\FileLoader.dll
[2013.01.30 10:26:41 | 002,941,232 | ---- | M] () -- \Program Files (x86)\Garena Plus\ggdownloader.dll
[2013.12.19 13:34:02 | 000,255,280 | ---- | M] () -- \Program Files (x86)\Garena Plus\bbtalk\GarenaTalkLoader.exe
[2013.02.08 18:10:04 | 000,256,816 | ---- | M] () -- \Program Files (x86)\Garena Plus\bbtalk\update\temp\restore\10097\GarenaTalkLoader.exe
[2013.07.03 20:19:18 | 000,057,856 | ---- | M] () -- \Program Files (x86)\Mortal Kombat Komplete Edition\DiscContentPC\PhysXLocal\PhysXLoader.dll
[2014.02.05 11:31:23 | 001,169,184 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\ExtensionLoader.dll
[2013.12.20 02:37:56 | 000,065,344 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2013.12.20 02:37:56 | 000,067,904 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2013.12.20 02:37:44 | 000,073,536 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2013.12.20 02:37:44 | 000,080,704 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader64.dll
[2013.02.13 16:24:20 | 000,069,120 | ---- | M] () -- \Program Files (x86)\Samsung\Kies\Common\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.dll
[2011.02.17 16:50:18 | 000,234,104 | ---- | M] () -- \Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ubiorbitapi_r2_loader.dll
[2013.08.03 17:23:12 | 000,329,232 | ---- | M] () -- \Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\src\SYSTEM\ubiorbitapi_r2_loader.dll
[2013.08.21 05:41:00 | 000,037,376 | ---- | M] () -- \Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\src\SYSTEM\uplay_r1_loader.dll
[2013.03.18 21:05:39 | 000,330,040 | ---- | M] () -- \Program Files (x86)\Ubisoft\Trials Evolution Gold Edition\datapack\orbit\ubiorbitapi_r2_loader.dll
[2013.03.18 21:05:39 | 000,294,400 | ---- | M] () -- \Program Files (x86)\Ubisoft\Trials Evolution Gold Edition\datapack\orbit\uplay_r1_loader.dll
[2012.11.14 11:36:12 | 000,329,056 | ---- | M] () -- \Program Files (x86)\Ubisoft\Ubisoft Game Launcher\ubiorbitapi_r2_loader.dll
[2012.11.14 11:33:44 | 000,293,376 | ---- | M] () -- \Program Files (x86)\Ubisoft\Ubisoft Game Launcher\uplay_r1_loader.dll
[2014.02.05 11:31:23 | 001,169,184 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.GFExperience.{50B415A1-697B-4EF6-8691-89EE5527F498}\ExtensionLoader.dll
[2013.12.01 15:09:05 | 000,061,528 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2013.02.07 20:03:39 | 000,020,929 | ---- | M] () -- \ProgramData\GarenaMessenger\update\12177\FileLoader.dll
[2013.02.07 20:03:03 | 000,945,655 | ---- | M] () -- \ProgramData\GarenaMessenger\update\12177\ggdownloader.dll
[2013.01.20 12:16:49 | 000,020,813 | ---- | M] () -- \ProgramData\GarenaMessenger\UpdateManager\12169\FileLoader.dll
[2014.03.04 01:09:49 | 000,080,425 | ---- | M] () -- \ProgramData\GarenaMessenger\UpdateManager\12226\bbtalk\GarenaTalkLoader.exe
[2014.03.04 01:11:47 | 000,084,642 | ---- | M] () -- \ProgramData\GarenaMessenger\UpdateManager\12255\bbtalk\GarenaTalkLoader.exe
[2013.02.07 20:03:39 | 000,020,929 | ---- | M] () -- \Users\All Users\GarenaMessenger\update\12177\FileLoader.dll
[2013.02.07 20:03:03 | 000,945,655 | ---- | M] () -- \Users\All Users\GarenaMessenger\update\12177\ggdownloader.dll
[2013.01.20 12:16:49 | 000,020,813 | ---- | M] () -- \Users\All Users\GarenaMessenger\UpdateManager\12169\FileLoader.dll
[2014.03.04 01:09:49 | 000,080,425 | ---- | M] () -- \Users\All Users\GarenaMessenger\UpdateManager\12226\bbtalk\GarenaTalkLoader.exe
[2014.03.04 01:11:47 | 000,084,642 | ---- | M] () -- \Users\All Users\GarenaMessenger\UpdateManager\12255\bbtalk\GarenaTalkLoader.exe
[2014.05.03 17:30:20 | 000,112,122 | ---- | M] () -- \Users\Honza\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DSRIU01I\AdLoader-7b473315d0084c71df83cdee72aab144.min[1].js
[2014.05.03 17:30:27 | 000,001,870 | ---- | M] () -- \Users\Honza\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LENW3AE7\AdLoader[1].htm
[2014.05.03 17:30:20 | 000,001,870 | ---- | M] () -- \Users\Honza\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MYYRVLXA\AdLoader[1].htm
[2014.01.28 20:35:56 | 000,072,638 | ---- | M] () -- \Users\Honza\AppData\Local\Skype\Apps\login\images\loader.gif
[2014.01.28 20:35:56 | 000,003,032 | ---- | M] () -- \Users\Honza\AppData\Local\Skype\Apps\login\images\loader.png
[2014.01.28 20:35:56 | 000,006,012 | ---- | M] () -- \Users\Honza\AppData\Local\Skype\Apps\login\images\normal\loader_15fps.gif
[2014.01.28 20:35:56 | 000,021,956 | ---- | M] () -- \Users\Honza\AppData\Local\Skype\Apps\login\images\normal\loader_30fps.gif
[2014.01.28 20:35:56 | 000,009,772 | ---- | M] () -- \Users\Honza\AppData\Local\Skype\Apps\login\images\retina\loader@2x.png
[2014.04.24 21:42:35 | 000,001,140 | ---- | M] () -- \Users\Honza\AppData\Roaming\BitTorrent\RedTube Loader 1.21.apk.torrent
[2014.04.24 21:42:35 | 000,000,700 | ---- | M] () -- \Users\Honza\AppData\Roaming\Microsoft\Windows\Recent\[CzT]RedTube_Loader_Android_.lnk
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:28:57 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_66dcd6a595588d81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:41:11 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_66b5981d957562a1\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 07:26:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_66fe4899953f502c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:26:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_67667556ae762a72\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:36:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_67316604ae9dcf7e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 16:12:39 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_677d175eae65090e\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:38:48 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 07:32:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 17:17:49 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 17:17:49 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2009.07.14 17:17:49 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2009.07.14 17:17:49 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2009.07.14 17:17:49 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2013.03.14 00:36:39 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2013.03.14 00:36:39 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2013.03.14 00:36:39 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2013.03.14 00:36:39 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2013.03.14 00:36:39 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009.07.14 17:15:51 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 04:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011.02.05 15:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.02.05 15:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010.11.20 07:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:45:38 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:56:23 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_0a96fc99dd17f16b\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_0adfad15dce1def6\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:48:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:44:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_0b12ca80f6405e48\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:39:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_0b5e7bdaf60797d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2003.10.09 07:11:48 | 000,000,216 | ---- | M] () -- \Program Files (x86)\Image-Line\FL Studio 11\Plugins\Fruity\Generators\Sytrus\Artwork\DelSerialCache.bmp
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.05 03:53:39 | 000,090,112 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2013.08.03 17:22:08 | 000,120,336 | ---- | M] () -- \Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\src\SYSTEM\Launcher_SharePoint.XmlSerializers.dll
[2012.10.05 12:52:37 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.05 03:54:42 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2012.01.16 16:50:58 | 000,320,856 | ---- | M] () -- \Program Files\Sony\Vegas Pro 11.0\CoreUI.XmlSerializers.dll
[2012.01.16 16:51:08 | 000,460,120 | ---- | M] () -- \Program Files\Sony\Vegas Pro 11.0\Sony.MediaSoftware.TextGen.CoreGraphics.XmlSerializers.dll
[2014.04.15 18:34:28 | 000,001,706 | ---- | M] () -- \Users\Honza\AppData\Roaming\BitTorrent\Copernic Desktop Search 4.0.2 Build 1014 + Serial.torrent
[2008.01.03 16:40:12 | 003,477,376 | ---- | M] () -- \Users\Honza\Music\Hip hop\Instrumentalky\USA\Snoop Doggy Dogg - Serial Killer (instrumental).mp3
[2009.07.14 17:17:20 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.13 04:02:06 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.06.09 14:29:21 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\2ad51da1b752b19c992fcefd56eb7c01\System.Runtime.Serialization.ni.dll
[2013.06.09 14:29:04 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\eb4fa29ea9ab56d453b36696edbe6423\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.06.10 11:53:36 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\32072ac29ee7bc9e2ccab4fb8aa46d54\System.Runtime.Serialization.ni.dll
[2013.06.10 11:53:02 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\8e03b29f6562f1b7ce14fa3337d9cee2\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.06.10 11:49:00 | 002,647,040 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\2609614ca03927f7a99418c74844059b\System.Runtime.Serialization.ni.dll
[2013.06.10 11:48:47 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\77abf1693d291d374b58ffbbfe36d4dd\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.06.10 11:51:05 | 000,009,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\058c3947c450591cb81643529cfd5ca7\System.Xml.Serialization.ni.dll
[2013.06.10 15:37:41 | 003,412,992 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\b2b920fd7211cb0a65ebdaf5385e1f0e\System.Runtime.Serialization.ni.dll
[2013.06.10 15:38:39 | 000,376,832 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\c79d7323e38d906c09917fe1d40b2ad7\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.06.10 15:41:30 | 000,010,240 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.Serializ#\7711bba76f0bf9a22deaa8bb2e09bb16\System.Xml.Serialization.ni.dll
[2013.06.06 18:34:03 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.06.09 14:13:12 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.06.06 18:34:03 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2013.06.09 14:13:11 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.06.09 14:13:14 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.05 03:53:33 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.10.05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.06 16:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2010.06.15 02:33:16 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 02:33:16 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.06.10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.05 03:54:38 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2012.10.05 12:52:38 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.06 16:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2010.06.15 02:48:20 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 02:48:20 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2011.06.10 05:43:56 | 000,073,728 | ---- | M] () -- \Windows\System32\SerialPort.dll
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2009.07.14 17:17:13 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009.06.10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2011.06.10 05:43:56 | 000,073,728 | ---- | M] () -- \Windows\SysWOW64\SerialPort.dll
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2009.07.14 17:17:13 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\cs-CZ\serialui.dll.mui
[2009.07.14 17:17:19 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_1c215c9ac50719c5\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2010.11.05 03:54:38 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_1e527062c1f59d5f\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2009.07.14 17:17:22 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23\serialui.dll.mui
[2009.07.14 03:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2009.07.14 17:17:32 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_b96904386c2fe002\System.RunTime.Serialization.Resources.dll
[2010.11.05 03:54:42 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_bb9a1800691e639c\System.RunTime.Serialization.Resources.dll
[2009.07.14 17:17:25 | 000,009,728 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_20ab142d65ed6acc\serial.sys.mui
[2009.07.14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009.06.10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2009.06.10 22:30:46 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.16385_none_5943b25a748cb06c\System.Runtime.Serialization.dll
[2012.10.06 12:53:01 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.17136_none_593e9c4e749147df\System.Runtime.Serialization.dll
[2012.10.06 12:56:09 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.21337_none_4270dea28e38c1d7\System.Runtime.Serialization.dll
[2010.11.05 03:52:16 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722\System.Runtime.Serialization.dll
[2012.10.05 12:52:38 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b\System.Runtime.Serialization.dll
[2012.10.06 12:56:09 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53\System.Runtime.Serialization.dll
[2009.06.10 22:30:43 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_941abf24c884ab05\System.Runtime.Serialization.dll
[2012.10.06 12:53:00 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.17136_none_9415a918c8894278\System.Runtime.Serialization.dll
[2012.10.06 12:56:08 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.21337_none_7d47eb6ce230bc70\System.Runtime.Serialization.dll
[2010.11.05 03:52:08 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb\System.Runtime.Serialization.dll
[2012.10.05 12:52:37 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4\System.Runtime.Serialization.dll
[2012.10.06 12:56:08 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec\System.Runtime.Serialization.dll
[2013.03.14 00:36:27 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2013.03.14 00:36:27 | 000,017,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8_kdcom.dll_db5e7744
[2009.07.14 17:17:49 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23_serialui.dll.mui_7d29d2a3
[2009.07.14 04:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2009.07.14 17:17:47 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009.07.14 04:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009.07.14 04:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2011.02.05 15:10:43 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16757_none_6dccf6b5c641c933.manifest
[2011.02.05 15:05:47 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.20897_none_6e2b53d0df7fd8c1.manifest
[2011.02.05 19:35:45 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011.02.05 15:11:05 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009.07.14 04:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2009.07.14 04:26:23 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.16385_none_5943b25a748cb06c.manifest
[2012.10.06 20:44:48 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.17136_none_593e9c4e749147df.manifest
[2012.10.06 21:00:33 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.21337_none_4270dea28e38c1d7.manifest
[2010.11.20 07:21:24 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722.manifest
[2012.10.05 20:18:30 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b.manifest
[2012.10.05 20:10:31 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53.manifest
[2009.07.14 04:27:09 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_941abf24c884ab05.manifest
[2012.10.06 20:46:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.17136_none_9415a918c8894278.manifest
[2012.10.06 21:01:29 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.21337_none_7d47eb6ce230bc70.manifest
[2010.11.20 07:22:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb.manifest
[2012.10.05 20:19:07 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4.manifest
[2012.10.05 20:11:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec.manifest
[2009.07.14 03:52:33 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896.manifest
[2012.10.06 20:07:20 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.17136_none_a6a4fe887487d009.manifest
[2012.10.06 20:58:54 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.21337_none_8fd740dc8e2f4a01.manifest
[2010.11.20 06:06:16 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2012.10.05 19:15:39 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285.manifest
[2012.10.05 19:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d.manifest
[2009.07.14 17:16:38 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2012.10.06 22:42:01 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.17136_cs-cz_3450454183d3f023.manifest
[2012.10.07 00:05:03 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.21337_cs-cz_1d8287959d7b6a1b.manifest
[2012.10.05 22:12:17 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f.manifest
[2012.10.05 21:59:28 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797.manifest
[2009.07.14 03:51:52 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9.manifest
[2012.10.06 20:11:48 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.17136_none_d6e834229c2ed13c.manifest
[2012.10.06 21:03:01 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.21337_none_c01a7676b5d64b34.manifest
[2010.11.20 06:05:38 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2012.10.05 19:15:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8.manifest
[2012.10.05 19:17:15 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0.manifest
[2009.07.14 03:57:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b.manifest
[2012.10.06 20:09:38 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.17136_none_dbc2dfefdd056b7e.manifest
[2012.10.06 21:00:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.21337_none_c4f52243f6ace576.manifest
[2010.11.20 06:10:46 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2012.10.05 19:19:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa.manifest
[2012.10.05 19:22:10 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2.manifest
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2009.07.14 17:17:20 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 23:14:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896\System.Runtime.Serialization.dll
[2012.10.06 12:54:26 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.17136_none_a6a4fe887487d009\System.Runtime.Serialization.dll
[2012.10.06 12:57:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.21337_none_8fd740dc8e2f4a01\System.Runtime.Serialization.dll
[2010.11.05 03:52:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2012.10.05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285\System.Runtime.Serialization.dll
[2012.10.06 12:57:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d\System.Runtime.Serialization.dll
[2009.07.14 17:17:32 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2009.07.14 17:17:32 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.17136_cs-cz_3450454183d3f023\System.RunTime.Serialization.Resources.dll
[2009.07.14 17:17:32 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.21337_cs-cz_1d8287959d7b6a1b\System.RunTime.Serialization.Resources.dll
[2010.11.13 04:02:06 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f\System.RunTime.Serialization.Resources.dll
[2010.11.13 04:37:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797\System.RunTime.Serialization.Resources.dll
[2009.06.10 23:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9\System.Runtime.Serialization.dll
[2012.10.06 12:54:25 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.17136_none_d6e834229c2ed13c\System.Runtime.Serialization.dll
[2012.10.06 12:57:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.21337_none_c01a7676b5d64b34\System.Runtime.Serialization.dll
[2010.11.05 03:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8\System.Runtime.Serialization.dll
[2012.10.06 12:57:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0\System.Runtime.Serialization.dll
[2009.07.14 17:17:21 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_267606ecf967dbc0\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.05 03:53:33 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_28a71ab4f6565f5a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.07.14 17:17:13 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2009.07.14 17:17:32 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_5d4a68b4b3d26ecc\System.RunTime.Serialization.Resources.dll
[2010.11.05 03:53:39 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2009.06.10 23:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b\System.Runtime.Serialization.dll
[2012.10.06 12:54:25 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.17136_none_dbc2dfefdd056b7e\System.Runtime.Serialization.dll
[2012.10.06 12:57:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.21337_none_c4f52243f6ace576\System.Runtime.Serialization.dll
[2010.11.05 03:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa\System.Runtime.Serialization.dll
[2012.10.06 12:57:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2\System.Runtime.Serialization.dll

< *w7lxe* /s >

< End of report >

#27 Příspěvek od **Márty84** » 03 kvě 2014 17:24

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne

Znovu spustte OTL jako spravce
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[Purity]
[ClearAllRestorePoints]

:services
TuneUpUtilitiesDrv
AdobeFlashPlayerUpdateSvc

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\Windows\tasks\Adobe Flash Player Updater.job
c:\windows\SysWow64\mnccrssr.vbe
c:\windows\SysWow64\mncgllsx.vbe

:otl
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1379411598-525497723-484556184-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[3 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[29 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]

:reg
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BitTorrent"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\icq] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] /64

Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

toox · #28 Příspěvek od **toox** » 03 kvě 2014 17:28

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Honza
->Temp folder emptied: 11410432 bytes
->Temporary Internet Files folder emptied: 47635309 bytes
->Java cache emptied: 48012 bytes
->FireFox cache emptied: 77054146 bytes
->Flash cache emptied: 66717 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 17338586 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67 bytes
RecycleBin emptied: 1116 bytes

Total Files Cleaned = 146,00 mb

[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Honza
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb

System Restore Service not available.
========== SERVICES/DRIVERS ==========
Service TuneUpUtilitiesDrv stopped successfully!
Service TuneUpUtilitiesDrv deleted successfully!
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
C:\Windows\tasks\Adobe Flash Player Updater.job moved successfully.
c:\windows\SysWow64\mnccrssr.vbe moved successfully.
c:\windows\SysWow64\mncgllsx.vbe moved successfully.
========== OTL ==========
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-1379411598-525497723-484556184-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP6547.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP8DCD.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPC0F2.tmp folder deleted successfully.
C:\Windows\Installer\MSI142.tmp deleted successfully.
C:\Windows\Installer\MSI15DF.tmp deleted successfully.
C:\Windows\Installer\MSI1708.tmp deleted successfully.
C:\Windows\Installer\MSI18BE.tmp deleted successfully.
C:\Windows\Installer\MSI34B8.tmp- folder deleted successfully.
C:\Windows\Installer\MSI35C1.tmp- folder deleted successfully.
C:\Windows\Installer\MSI3758.tmp- folder deleted successfully.
C:\Windows\Installer\MSI3824.tmp- folder deleted successfully.
C:\Windows\Installer\MSI3B1F.tmp- folder deleted successfully.
C:\Windows\Installer\MSI3E4C.tmp- folder deleted successfully.
C:\Windows\Installer\MSI3EDA.tmp- folder deleted successfully.
C:\Windows\Installer\MSI5F6.tmp deleted successfully.
C:\Windows\Installer\MSI86.tmp deleted successfully.
C:\Windows\Installer\MSI89.tmp deleted successfully.
C:\Windows\Installer\MSI8BE2.tmp deleted successfully.
C:\Windows\Installer\MSI8D0C.tmp deleted successfully.
C:\Windows\Installer\MSI9887.tmp deleted successfully.
C:\Windows\Installer\MSI9BF2.tmp deleted successfully.
C:\Windows\Installer\MSIB344.tmp- folder deleted successfully.
C:\Windows\Installer\MSIB3C9.tmp deleted successfully.
C:\Windows\Installer\MSID9BF.tmp deleted successfully.
C:\Windows\Installer\MSIDBD2.tmp deleted successfully.
C:\Windows\Installer\MSIE343.tmp deleted successfully.
C:\Windows\Installer\MSIE75D.tmp deleted successfully.
C:\Windows\Installer\MSIEF16.tmp deleted successfully.
C:\Windows\Installer\MSIF3CE.tmp- folder deleted successfully.
C:\Windows\Installer\MSIFB36.tmp deleted successfully.
C:\Windows\Installer\MSIFE15.tmp deleted successfully.
C:\Windows\Installer\MSIFEC5.tmp deleted successfully.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\BitTorrent deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\icq\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched\ deleted successfully.

OTL by OldTimer - Version 3.2.69.0 log created on 05032014_182515

Files\Folders moved on Reboot...
C:\Users\Honza\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

#29 Příspěvek od **Márty84** » 03 kvě 2014 18:03

Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

Prejmenujte ComboFix na Uninstall a spustte ho. CF by se mel odinstalovat.

vyosek píše: T-Cleaner http://tharifas.sweb.cz/T-Cleaner.exe
Stahnete a spustte

Pro potvrzeni volby mackejte A, Enter

Po pouziti utilitu smazte

Antiviry mohou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.
Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.

Stahnete TFC http://oldtimer.geekstogo.com/TFC.exe , ulozte a spustte
Kliknete na START a pote OK - Po uklidu dojde k restartu pc.
Po pouziti muzete programek smazat

Stahnete Ccleaner http://www.piriform.com/ccleaner/download/slim a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!

Defragmentujte disk(y)
Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.

Pak napiste, jak je na tom pc.

toox · #30 Příspěvek od **toox** » 03 kvě 2014 18:29

Načítání se mi zdá trošku rychlejší, myslím si že bylo načase to pročistit po čase

VIRY.CZ

Preventivka mojeho PC

Re: Preventivka mojeho PC

Re: Preventivka mojeho PC

Re: Preventivka mojeho PC

Re: Preventivka mojeho PC

Re: Preventivka mojeho PC

Re: Preventivka mojeho PC

Re: Preventivka mojeho PC

Re: Preventivka mojeho PC

Re: Preventivka mojeho PC

Re: Preventivka mojeho PC

Re: Preventivka mojeho PC

Re: Preventivka mojeho PC

Re: Preventivka mojeho PC

Re: Preventivka mojeho PC

Re: Preventivka mojeho PC