Re: preventivka
Napsal: 28 úno 2015 14:00
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-545057319-1825036704-3933542431-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-545057319-1825036704-3933542431-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-545057319-1825036704-3933542431-1001\..\SearchScopes\{B3DC53AB-7CE7-4464-8484-17BA484C458A}: "URL" = http://tv.seznam.cz/hledej?w={searchTer ... arch_13415
IE - HKU\S-1-5-21-545057319-1825036704-3933542431-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.71.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.71.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.14\npapicomadapter.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKCU\Software\MozillaPlugins\hp.com/HPDetect: C:\Users\Marie\AppData\Roaming\HewlettPackard\HPDetect\1.0.0.0\npHPDetect.dll (HP)
========== Chrome ==========
CHR - default_search_provider: (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: Intel® Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
CHR - plugin: Intel® Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
CHR - plugin: Windows Live™ Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\windows\SysWOW64\Adobe\Director\np32dsw.dll
CHR - Extension: No name found = C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\
CHR - Extension: No name found = C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\
CHR - Extension: No name found = C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.18.1_0\
CHR - Extension: No name found = C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hekhdfjankbhklfkjmnmnefcacndeoll\1.2_0\
CHR - Extension: No name found = C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: No name found = C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb\6.2.2_0\
O1 HOSTS File: ([2015/02/26 22:33:51 | 000,000,035 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll (Microsoft Corporation)
O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll (Microsoft Corporation)
O2:64bit: - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
O2 - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\ochelper.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\office15\grooveex.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [BtTray] C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe (IVT Corporation)
O4 - HKLM..\Run: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKU\S-1-5-21-545057319-1825036704-3933542431-1001..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O8:64bit: - Extra context menu item: Append to existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert link target to existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Append to existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnie.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnie.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll (Microsoft Corporation)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnielinkednotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnielinkednotes.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll (Microsoft Corporation)
O9 - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\ochelper.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\ochelper.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\onbttnielinkednotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\onbttnielinkednotes.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-545057319-1825036704-3933542431-1001\..Trusted Domains: localhost ([]http in Internet)
O15 - HKU\S-1-5-21-545057319-1825036704-3933542431-1001\..Trusted Domains: sharepoint.com ([vutbr] https in Trusted sites)
O15 - HKU\S-1-5-21-545057319-1825036704-3933542431-1001\..Trusted Domains: sharepoint.com ([vutbr-my] https in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3BEA8B54-841D-4C56-853F-78499B4C54AA}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6713E7E4-8B52-4B76-8577-83DA837CA25D}: DhcpNameServer = 40.23.1.201 40.23.1.202
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\osf - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs:64bit: lfsvc - C:\Windows\SysNative\GeofenceMonitorService.dll (Microsoft Corporation)
NetSvcs:64bit: wlidsvc - C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
NetSvcs:64bit: DsmSvc - C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
NetSvcs:64bit: NcaSvc - C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\WINDOWS\SysWow64\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2015/02/28 08:50:44 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Marie\Desktop\OTL.exe
[2015/02/27 05:43:36 | 000,000,000 | ---D | C] -- C:\Program Files\Defraggler
[2015/02/25 06:00:04 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2015/02/15 19:46:35 | 000,000,000 | ---D | C] -- C:\Users\Marie\AppData\Local\Skype
[2015/02/15 19:46:05 | 000,000,000 | ---D | C] -- C:\Users\Marie\AppData\Roaming\Skype
[2015/02/15 19:45:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2015/02/15 19:45:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2015/02/15 19:45:24 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2015/02/15 19:44:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2015/02/12 15:41:44 | 006,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2015/02/11 21:21:02 | 000,788,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\oleaut32.dll
[2015/02/11 21:20:59 | 001,487,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppobjs.dll
[2015/02/11 21:20:54 | 001,098,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aeinv.dll
[2015/02/11 21:20:54 | 000,894,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appraiser.dll
[2015/02/11 21:20:54 | 000,609,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\generaltel.dll
[2015/02/11 21:20:53 | 000,761,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\invagent.dll
[2015/02/11 21:20:53 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\devinv.dll
[2015/02/11 21:20:45 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aepdu.dll
[2015/02/11 11:50:51 | 007,472,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2015/02/11 11:50:51 | 001,733,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll
[2015/02/11 11:50:51 | 000,538,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\scesrv.dll
[2015/02/11 11:50:51 | 000,393,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\scesrv.dll
[2015/02/11 11:50:50 | 000,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wow64.dll
[2015/02/11 11:50:50 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\setup16.exe
[2015/02/11 11:50:50 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntvdm64.dll
[2015/02/11 11:50:50 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ntvdm64.dll
[2015/02/11 11:50:50 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wow64cpu.dll
[2015/02/11 11:50:50 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\instnm.exe
[2015/02/11 11:50:50 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wow32.dll
[2015/02/11 11:50:50 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\user.exe
[2015/02/11 11:50:49 | 001,762,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WindowsCodecs.dll
[2015/02/11 11:50:48 | 000,445,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\certcli.dll
[2015/02/11 11:50:47 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\certcli.dll
[2015/02/11 11:50:37 | 000,816,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript.dll
[2015/02/11 11:50:36 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll
[2015/02/11 11:50:35 | 000,664,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript.dll
[2015/02/11 11:50:34 | 002,125,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl
[2015/02/11 11:50:34 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2015/02/11 11:50:34 | 000,490,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtmsft.dll
[2015/02/11 11:50:33 | 002,052,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl
[2015/02/11 11:50:33 | 000,718,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2015/02/11 11:50:33 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MshtmlDac.dll
[2015/02/11 11:50:32 | 002,865,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\actxprxy.dll
[2015/02/11 11:50:32 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MshtmlDac.dll
[2015/02/11 11:50:31 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mshtmled.dll
[2015/02/11 11:50:29 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iepeers.dll
[2015/02/11 11:50:26 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieapfltr.dll
[2015/02/11 11:50:21 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieapfltr.dll
[2015/02/09 19:13:32 | 000,000,000 | ---D | C] -- C:\Users\Marie\AppData\Roaming\GeoGebra 5.0
[2015/02/05 17:12:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GeoGebra 5
[2015/02/05 17:12:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GeoGebra 5.0
[2015/02/03 17:32:21 | 000,029,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aspnet_counters.dll
[2015/02/03 17:32:10 | 000,028,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\aspnet_counters.dll
[1 C:\Users\Marie\Desktop\*.tmp files -> C:\Users\Marie\Desktop\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2015/02/28 09:46:19 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2015/02/28 09:41:28 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2015/02/28 09:41:24 | 000,003,620 | ---- | M] () -- C:\WINDOWS\SysWow64\LOCALSERVICE.INI
[2015/02/28 09:41:17 | 000,000,983 | ---- | M] () -- C:\WINDOWS\SysWow64\bscs.ini
[2015/02/28 09:39:40 | 000,000,348 | ---- | M] () -- C:\WINDOWS\tasks\HPCeeScheduleForMarie.job
[2015/02/28 09:39:26 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2015/02/28 09:39:24 | 3345,604,608 | -HS- | M] () -- C:\hiberfil.sys
[2015/02/28 08:50:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Marie\Desktop\OTL.exe
[2015/02/27 16:26:32 | 000,007,607 | ---- | M] () -- C:\Users\Marie\AppData\Local\Resmon.ResmonCfg
[2015/02/27 05:51:54 | 000,802,206 | ---- | M] () -- C:\WINDOWS\SysNative\perfh005.dat
[2015/02/27 05:51:54 | 000,786,952 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2015/02/27 05:51:54 | 000,183,700 | ---- | M] () -- C:\WINDOWS\SysNative\perfc005.dat
[2015/02/27 05:51:54 | 000,161,212 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2015/02/27 05:51:53 | 001,934,988 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2015/02/26 22:33:51 | 000,000,035 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\etc\hosts
[2015/02/25 12:53:30 | 000,129,752 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2015/02/25 06:55:36 | 005,202,926 | ---- | M] () -- C:\Users\Marie\Desktop\šimoníčková_dětské mše.pdf
[2015/02/25 06:14:21 | 000,159,753 | ---- | M] () -- C:\Users\Marie\Desktop\Pattern Bunny Fluff.pdf
[2015/02/24 12:06:18 | 000,092,620 | ---- | M] () -- C:\Users\Marie\Desktop\cesta na web.pdf
[2015/02/19 21:53:46 | 001,489,294 | ---- | M] () -- C:\Users\Marie\Desktop\Liturgika.pdf
[2015/02/17 16:39:15 | 000,261,209 | ---- | M] () -- C:\Users\Marie\Desktop\VELIKONOČNÍ SLEPIČKA.pdf
[2015/02/12 05:27:32 | 000,489,640 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2015/02/11 18:23:36 | 000,125,033 | ---- | M] () -- C:\Users\Marie\Desktop\kočka na krk.pdf
[2015/02/04 00:38:41 | 000,227,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aepdu.dll
[2015/02/04 00:08:38 | 000,761,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\invagent.dll
[2015/02/04 00:08:37 | 000,414,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\devinv.dll
[2015/02/03 20:31:19 | 000,714,720 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2015/02/03 20:31:19 | 000,106,976 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2015/02/03 00:11:29 | 000,609,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\generaltel.dll
[2015/02/03 00:11:24 | 001,098,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aeinv.dll
[2015/02/03 00:11:24 | 000,894,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appraiser.dll
[1 C:\Users\Marie\Desktop\*.tmp files -> C:\Users\Marie\Desktop\*.tmp -> ]
========== Files Created - No Company Name ==========
[2015/02/28 08:55:55 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2015/02/25 10:34:34 | 000,000,348 | ---- | C] () -- C:\WINDOWS\tasks\HPCeeScheduleForMarie.job
[2015/02/25 06:55:33 | 005,202,926 | ---- | C] () -- C:\Users\Marie\Desktop\šimoníčková_dětské mše.pdf
[2015/02/25 06:14:19 | 000,159,753 | ---- | C] () -- C:\Users\Marie\Desktop\Pattern Bunny Fluff.pdf
[2015/02/24 12:06:06 | 000,092,620 | ---- | C] () -- C:\Users\Marie\Desktop\cesta na web.pdf
[2015/02/19 21:53:36 | 001,489,294 | ---- | C] () -- C:\Users\Marie\Desktop\Liturgika.pdf
[2015/02/17 16:39:14 | 000,261,209 | ---- | C] () -- C:\Users\Marie\Desktop\VELIKONOČNÍ SLEPIČKA.pdf
[2015/02/11 21:21:03 | 000,391,526 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml
[2015/02/11 18:23:34 | 000,125,033 | ---- | C] () -- C:\Users\Marie\Desktop\kočka na krk.pdf
[2014/11/28 11:24:26 | 000,107,008 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2014/11/28 11:22:31 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2014/10/01 19:54:10 | 000,183,808 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll
[2014/10/01 19:54:10 | 000,143,360 | ---- | C] () -- C:\WINDOWS\SysWow64\igdail32.dll
[2014/07/21 21:03:42 | 000,123,392 | ---- | C] () -- C:\WINDOWS\SysWow64\amdhdl32.dll
[2014/05/01 12:29:33 | 000,002,255 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2013/11/01 13:11:18 | 001,847,990 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2013/09/26 19:02:38 | 000,204,952 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsvl.dat
[2013/09/26 19:02:38 | 000,157,144 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsva.dat
[2013/09/26 19:02:36 | 000,003,917 | ---- | C] () -- C:\WINDOWS\SysWow64\atipblag.dat
[2013/09/26 19:02:18 | 000,995,342 | ---- | C] () -- C:\WINDOWS\SysWow64\amdocl_as32.exe
[2013/09/26 19:02:18 | 000,798,734 | ---- | C] () -- C:\WINDOWS\SysWow64\amdocl_ld32.exe
[2013/09/03 17:58:35 | 000,000,667 | ---- | C] () -- C:\WINDOWS\SysWow64\Settings.ini
[2013/08/22 16:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013/08/22 16:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013/08/22 15:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/08/22 08:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013/08/22 00:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013/08/22 00:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2013/08/17 19:14:55 | 000,003,620 | ---- | C] () -- C:\WINDOWS\SysWow64\LOCALSERVICE.INI
[2013/08/17 19:14:55 | 000,000,043 | ---- | C] () -- C:\WINDOWS\SysWow64\LOCALDEVICE.INI
[2013/07/17 18:44:42 | 000,000,161 | ---- | C] () -- C:\WINDOWS\AutoKMS.ini
[2013/07/17 16:59:37 | 000,007,607 | ---- | C] () -- C:\Users\Marie\AppData\Local\Resmon.ResmonCfg
[2013/03/22 09:00:08 | 000,000,983 | ---- | C] () -- C:\WINDOWS\SysWow64\bscs.ini
========== ZeroAccess Check ==========
[2013/11/05 21:18:05 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/10/29 04:57:39 | 022,295,200 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/10/29 04:10:55 | 019,734,424 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2014/10/29 02:19:43 | 001,013,760 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2014/10/29 01:59:23 | 000,786,944 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2014/10/29 02:16:01 | 000,512,512 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2013/07/17 19:35:18 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\.minecraft
[2014/09/15 12:01:58 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\calibre
[2015/01/08 21:18:41 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2014/11/19 05:57:27 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\DAEMON Tools Lite
[2014/09/26 06:15:41 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\e-academy Inc
[2013/09/22 10:47:42 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\Flood Light Games
[2015/02/09 19:13:32 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\GeoGebra 5.0
[2014/05/29 05:11:59 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\GHISLER
[2014/05/29 05:01:58 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\HewlettPackard
[2014/09/26 08:15:08 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\NuGet
[2013/09/22 10:45:56 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\Oberon Media
[2013/07/18 07:05:29 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\Philipp Winterberg
[2014/10/19 13:12:45 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\Seznam.cz
[2013/07/18 07:46:00 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\Softland
[2013/07/18 13:36:35 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\Subversion
[2014/10/29 20:57:26 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\SumatraPDF
[2013/07/17 14:33:15 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\Synaptics
[2014/09/17 06:37:40 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\uTorrent
========== Purity Check ==========
========== Custom Scans ==========
< >
[2013/08/22 15:45:54 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2013/11/01 13:08:59 | 000,000,264 | ---- | C] () -- C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job
[2015/02/25 10:34:34 | 000,000,348 | ---- | C] () -- C:\WINDOWS\Tasks\HPCeeScheduleForMarie.job
< >
< MD5 for: AGP440.SYS >
[2014/05/08 17:59:29 | 000,000,012 | ---- | M] () MD5=06C6E29A8643D00197E214F3AA26A4B9 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.3.9600.16384_none_aad14d4692a7dfee\AGP440.sys
[2013/08/22 13:43:40 | 000,062,304 | ---- | M] (Microsoft Corporation) MD5=7DFAEBA9AD62D20102B576D5CAC45EC8 -- C:\WINDOWS\SysNative\drivers\AGP440.sys
[2013/08/22 13:43:40 | 000,062,304 | ---- | M] (Microsoft Corporation) MD5=7DFAEBA9AD62D20102B576D5CAC45EC8 -- C:\WINDOWS\SysNative\DriverStore\FileRepository\machine.inf_amd64_36be84f8fc597ea3\AGP440.sys
[2013/08/22 13:43:40 | 000,062,304 | ---- | M] (Microsoft Corporation) MD5=7DFAEBA9AD62D20102B576D5CAC45EC8 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.3.9600.17238_none_ab0b455c927bd60f\AGP440.sys
[2014/10/08 20:19:27 | 000,000,012 | ---- | M] () MD5=AC26F500DB64617F336315BB5A0FDBE1 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.3.9600.17031_none_ab043f8a92822a60\AGP440.sys
< MD5 for: ATAPI.SYS >
[2013/08/22 13:43:41 | 000,026,464 | ---- | M] (Microsoft Corporation) MD5=74B14192CF79A72F7536B27CB8814FBD -- C:\WINDOWS\SysNative\drivers\atapi.sys
[2013/08/22 13:43:41 | 000,026,464 | ---- | M] (Microsoft Corporation) MD5=74B14192CF79A72F7536B27CB8814FBD -- C:\WINDOWS\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_64aa4354da84c2df\atapi.sys
[2013/08/22 13:43:41 | 000,026,464 | ---- | M] (Microsoft Corporation) MD5=74B14192CF79A72F7536B27CB8814FBD -- C:\Windows\WinSxS\amd64_mshdc.inf_31bf3856ad364e35_6.3.9600.16384_none_cdf68824f580d510\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2014/05/08 18:02:33 | 000,028,249 | ---- | M] () MD5=0CBDE27FB26761852F7B22AFB8C51ACB -- C:\Windows\WinSxS\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.3.9600.16384_none_d2b24d5495b82963\autochk.exe
[2014/02/22 12:24:36 | 000,792,576 | ---- | M] (Microsoft Corporation) MD5=1D31E78ED5C40B5C6CC8D3DE713177A5 -- C:\Windows\SysWOW64\autochk.exe
[2014/02/22 12:24:36 | 000,792,576 | ---- | M] (Microsoft Corporation) MD5=1D31E78ED5C40B5C6CC8D3DE713177A5 -- C:\Windows\WinSxS\x86_microsoft-windows-autochk_31bf3856ad364e35_6.3.9600.17031_none_76c6a414dd35029f\autochk.exe
[2014/02/22 13:17:06 | 000,890,880 | ---- | M] (Microsoft Corporation) MD5=387A1E98BE548E4F199343CBA01E9D6D -- C:\WINDOWS\SysNative\autochk.exe
[2014/02/22 13:17:06 | 000,890,880 | ---- | M] (Microsoft Corporation) MD5=387A1E98BE548E4F199343CBA01E9D6D -- C:\Windows\WinSxS\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.3.9600.17031_none_d2e53f98959273d5\autochk.exe
[2014/05/08 21:01:12 | 000,023,596 | ---- | M] () MD5=83A4C9BE342BC296EC09492FF7594F13 -- C:\Windows\WinSxS\x86_microsoft-windows-autochk_31bf3856ad364e35_6.3.9600.16384_none_7693b1d0dd5ab82d\autochk.exe
< MD5 for: CDROM.SYS >
[2013/08/22 09:46:35 | 000,164,352 | ---- | M] (Microsoft Corporation) MD5=C6796EA22B513E3457514D92DCDB1A3D -- C:\WINDOWS\SysNative\drivers\cdrom.sys
[2013/08/22 09:46:35 | 000,164,352 | ---- | M] (Microsoft Corporation) MD5=C6796EA22B513E3457514D92DCDB1A3D -- C:\WINDOWS\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_42e9c29f0affc440\cdrom.sys
[2013/08/22 09:46:35 | 000,164,352 | ---- | M] (Microsoft Corporation) MD5=C6796EA22B513E3457514D92DCDB1A3D -- C:\Windows\WinSxS\amd64_cdrom.inf_31bf3856ad364e35_6.3.9600.16384_none_5067bbed77be70be\cdrom.sys
< MD5 for: CRYPTSVC.DLL >
[2014/11/28 22:34:15 | 000,018,016 | ---- | M] () MD5=14E1348B6D5DD39C23C2F8FE569B52E0 -- C:\Windows\WinSxS\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.3.9600.16384_none_66bdf96f6ec6545d\cryptsvc.dll
[2014/10/29 02:27:24 | 000,131,584 | ---- | M] (Microsoft Corporation) MD5=6324F0D18FB52833BA64BC828E29054C -- C:\WINDOWS\SysNative\cryptsvc.dll
[2014/10/29 02:27:24 | 000,131,584 | ---- | M] (Microsoft Corporation) MD5=6324F0D18FB52833BA64BC828E29054C -- C:\Windows\WinSxS\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.3.9600.17415_none_670a944b6e8cc0e5\cryptsvc.dll
< MD5 for: EVENTLOG.DLL >
[2009/06/23 22:56:54 | 000,032,874 | ---- | M] () MD5=16D34E1EC42956262AA217352EC90597 -- C:\externi\G#(FAT32 1)_000\externi\4.semsetr\4.semestr\DIR4931\Bioinformatika\Perl\SITE\LIB\AUTO\Win32\EventLog\EventLog.dll
[2009/06/23 22:56:54 | 000,032,874 | ---- | M] () MD5=16D34E1EC42956262AA217352EC90597 -- C:\externi\G#(FAT32 1)_000\externi\4.semsetr\ABIN\Bioinformatika\Perl\SITE\LIB\AUTO\Win32\EventLog\EventLog.dll
[2010/01/26 22:29:28 | 000,028,797 | ---- | M] () MD5=4571E750E4A920D773511F50A2E62A20 -- C:\Program Files\MATLAB\R2013a\sys\perl\win32\lib\auto\Win32\EventLog\EventLog.dll
[2012/01/31 11:22:06 | 000,006,952 | ---- | M] () MD5=D9A27F35D231BAC3AD58E922C7644E8B -- C:\Program Files (x86)\CyberLink\PowerDirector10\EventLog.dll
< MD5 for: EXPLORER.EXE >
[2014/10/08 20:27:35 | 000,270,774 | ---- | M] () MD5=2195687491E604BA42961470EDA7660E -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17238_none_42acff334d876b54\explorer.exe
[2014/10/08 21:35:13 | 000,220,250 | ---- | M] () MD5=286928E00AD34E9F88EB5BFA52660A70 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17238_none_4d01a98581e82d4f\explorer.exe
[2014/05/08 20:39:18 | 000,015,546 | ---- | M] () MD5=347EFF7EC89C3EB4F72F2408E1C4E16D -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17031_none_4cfaa3b381ee81a0\explorer.exe
[2013/11/30 15:45:30 | 000,133,444 | ---- | M] () MD5=3DDF61E1B538A1205612192A61CC2376 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16408_none_42cd898b4d6ef82e\explorer.exe
[2014/11/28 22:46:04 | 000,395,976 | ---- | M] () MD5=45DD8FAA7B53ABD29BCB9BACABFFC818 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17284_none_4272ee6f4db391ad\explorer.exe
[2014/10/29 04:10:54 | 002,207,488 | ---- | M] (Microsoft Corporation) MD5=4B37A33F4F5237BF02E537F8D12D1129 -- C:\Windows\SysWOW64\explorer.exe
[2014/10/29 04:10:54 | 002,207,488 | ---- | M] (Microsoft Corporation) MD5=4B37A33F4F5237BF02E537F8D12D1129 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17415_none_4d144c4b81daa3b6\explorer.exe
[2014/05/08 20:39:14 | 000,238,918 | ---- | M] () MD5=5177BB4FECDDB9CDBCF10EF65916968D -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16441_none_4ceff22781f6788c\explorer.exe
[2014/10/08 20:27:30 | 000,271,249 | ---- | M] () MD5=667BC926C7CB889BF276A5FEA316CAEE -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17039_none_42adfbb14d868a5d\explorer.exe
[2014/05/08 19:34:00 | 000,169,957 | ---- | M] () MD5=6D919C26DCB567396CD2E119B8E4310E -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17031_none_42a5f9614d8dbfa5\explorer.exe
[2014/10/29 04:57:42 | 002,501,368 | ---- | M] (Microsoft Corporation) MD5=85D47EB257B06094F052E0C8AEFA3BEE -- C:\Windows\explorer.exe
[2014/10/29 04:57:42 | 002,501,368 | ---- | M] (Microsoft Corporation) MD5=85D47EB257B06094F052E0C8AEFA3BEE -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17415_none_42bfa1f94d79e1bb\explorer.exe
[2013/11/30 15:53:14 | 000,127,825 | ---- | M] () MD5=983D8A3EB94B05A199D3744C0F0C475F -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16408_none_4d2233dd81cfba29\explorer.exe
[2014/12/19 21:42:27 | 000,338,811 | ---- | M] () MD5=9E110FC1BA4AB7CB5F2F9D27DB534223 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17284_none_4cc798c1821453a8\explorer.exe
[2014/10/08 21:35:08 | 000,208,662 | ---- | M] () MD5=C131BC6F12417306A9C8469CA49110B1 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17039_none_4d02a60381e74c58\explorer.exe
[2014/05/08 19:33:57 | 000,283,735 | ---- | M] () MD5=FA98C5D746E7C9E0912E88AC44FF9926 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16441_none_429b47d54d95b691\explorer.exe
< MD5 for: HAL.DLL >
[2014/06/02 03:10:31 | 000,423,768 | ---- | M] (Microsoft Corporation) MD5=08DCA300264238F9AE941302321F3D54 -- C:\WINDOWS\SysNative\hal.dll
[2014/06/02 03:10:31 | 000,423,768 | ---- | M] (Microsoft Corporation) MD5=08DCA300264238F9AE941302321F3D54 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.3.9600.17196_none_9bde68c32da7abbb\hal.dll
[2014/10/08 20:29:47 | 000,024,467 | ---- | M] () MD5=2635F50EAF3E1B4A8D32B21E1203E130 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.3.9600.17031_none_9c1a44f32d7b883b\hal.dll
[2014/03/15 17:14:15 | 000,014,096 | ---- | M] () MD5=64D2873F32BB723BFFF3F8895032AA35 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.3.9600.16408_none_9c41d51d2d5cc0c4\hal.dll
[2014/05/08 19:35:26 | 000,066,843 | ---- | M] () MD5=D714202F057A317C8E31776EBEA0AEA2 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.3.9600.16500_none_9c39d4b32d63f333\hal.dll
< MD5 for: IASTORV.SYS >
[2013/08/22 13:43:45 | 000,412,000 | ---- | M] (Intel Corporation) MD5=A2200C3033FA4EF249FC096A7A7D02A2 -- C:\WINDOWS\SysNative\drivers\iaStorV.sys
[2013/08/22 13:43:45 | 000,412,000 | ---- | M] (Intel Corporation) MD5=A2200C3033FA4EF249FC096A7A7D02A2 -- C:\WINDOWS\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_5069105fb236ae4b\iaStorV.sys
[2013/08/22 13:43:45 | 000,412,000 | ---- | M] (Intel Corporation) MD5=A2200C3033FA4EF249FC096A7A7D02A2 -- C:\Windows\WinSxS\amd64_iastorv.inf_31bf3856ad364e35_6.3.9600.16384_none_9fcfb2835bbf0103\iaStorV.sys
< MD5 for: ISAPNP.SYS >
[2014/05/08 17:59:30 | 000,000,012 | ---- | M] () MD5=06C6E29A8643D00197E214F3AA26A4B9 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.3.9600.16384_none_aad14d4692a7dfee\isapnp.sys
[2013/08/22 13:43:45 | 000,021,856 | ---- | M] (Microsoft Corporation) MD5=8AFEEA3955AA43616A60F133B1D25F21 -- C:\WINDOWS\SysNative\drivers\isapnp.sys
[2013/08/22 13:43:45 | 000,021,856 | ---- | M] (Microsoft Corporation) MD5=8AFEEA3955AA43616A60F133B1D25F21 -- C:\WINDOWS\SysNative\DriverStore\FileRepository\machine.inf_amd64_36be84f8fc597ea3\isapnp.sys
[2013/08/22 13:43:45 | 000,021,856 | ---- | M] (Microsoft Corporation) MD5=8AFEEA3955AA43616A60F133B1D25F21 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.3.9600.17238_none_ab0b455c927bd60f\isapnp.sys
[2014/10/08 20:19:27 | 000,000,012 | ---- | M] () MD5=AC26F500DB64617F336315BB5A0FDBE1 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.3.9600.17031_none_ab043f8a92822a60\isapnp.sys
< MD5 for: LSASS.EXE >
[2014/10/29 04:51:48 | 000,047,024 | ---- | M] (Microsoft Corporation) MD5=382100E75B6F4668AEAEF228C6CEFFAD -- C:\WINDOWS\SysNative\lsass.exe
[2014/10/29 04:51:48 | 000,047,024 | ---- | M] (Microsoft Corporation) MD5=382100E75B6F4668AEAEF228C6CEFFAD -- C:\Windows\WinSxS\amd64_microsoft-windows-lsa-minwin_31bf3856ad364e35_6.3.9600.17415_none_2e769c84660bda1b\lsass.exe
[2014/11/28 22:53:59 | 000,008,089 | ---- | M] () MD5=3FFB8CD649DEDA6497FD97550BE82357 -- C:\Windows\WinSxS\amd64_microsoft-windows-lsa-minwin_31bf3856ad364e35_6.3.9600.16408_none_2e8484166600f08e\lsass.exe
< MD5 for: NDIS.SYS >
[2013/11/30 15:47:30 | 000,123,655 | ---- | M] () MD5=17F1BC1A73EECEA6394EFA770B41DDD3 -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.16405_none_4a6b5fcffbc14927\ndis.sys
[2014/10/13 03:41:49 | 001,114,432 | ---- | M] (Microsoft Corporation) MD5=21FE65E2E67C4E31EE95CBD1F91C4B24 -- C:\WINDOWS\SysNative\drivers\ndis.sys
[2014/10/13 03:41:49 | 001,114,432 | ---- | M] (Microsoft Corporation) MD5=21FE65E2E67C4E31EE95CBD1F91C4B24 -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.17399_none_4a0df8fdfc06c676\ndis.sys
[2014/02/28 19:02:41 | 000,046,734 | ---- | M] () MD5=68A9BA38BB275850F91165D1C1FCA8DA -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.16408_none_4a6e60adfbbe952c\ndis.sys
[2014/05/08 20:11:25 | 000,140,607 | ---- | M] () MD5=7B886741BDAE33AC4F116DF991D1E3CB -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.16475_none_4a1fb05bfbfa0cbe\ndis.sys
[2014/11/28 23:07:06 | 000,162,319 | ---- | M] () MD5=A627B5D38300791075615FF3C8BB3991 -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.17199_none_4a0df531fc06cc28\ndis.sys
[2014/10/08 20:43:57 | 000,025,682 | ---- | M] () MD5=D2D6A481A75207BF24E9D48C61B7F012 -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.17031_none_4a46d083fbdd5ca3\ndis.sys
< MD5 for: NETLOGON.DLL >
[2014/10/29 02:26:21 | 000,838,656 | ---- | M] (Microsoft Corporation) MD5=02D117FC638B768BD1A15F8000B83EAE -- C:\WINDOWS\SysNative\netlogon.dll
[2014/10/29 02:26:21 | 000,838,656 | ---- | M] (Microsoft Corporation) MD5=02D117FC638B768BD1A15F8000B83EAE -- C:\Windows\WinSxS\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.17415_none_eec2b22a0bb75b53\netlogon.dll
[2014/05/08 20:52:14 | 000,058,552 | ---- | M] () MD5=35048C9600694C3BF01D644D1AAE62BE -- C:\Windows\WinSxS\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.16384_none_f8cac1a04051b0c6\netlogon.dll
[2014/12/19 21:00:04 | 000,125,384 | ---- | M] () MD5=45C2C2EA335BD7FF360C7F006B915766 -- C:\Windows\WinSxS\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.17041_none_ee9e39a60bd3552e\netlogon.dll
[2014/12/19 21:54:23 | 000,105,907 | ---- | M] () MD5=B25E2DE4078511EB1747FA0BDB6E4FC5 -- C:\Windows\WinSxS\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.17041_none_f8f2e3f840341729\netlogon.dll
[2014/10/29 02:02:34 | 000,695,296 | ---- | M] (Microsoft Corporation) MD5=CCEC6CB98A00ECE7F5AFB9C0FC9427B3 -- C:\Windows\SysWOW64\netlogon.dll
[2014/10/29 02:02:34 | 000,695,296 | ---- | M] (Microsoft Corporation) MD5=CCEC6CB98A00ECE7F5AFB9C0FC9427B3 -- C:\Windows\WinSxS\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.17415_none_f9175c7c40181d4e\netlogon.dll
[2014/05/08 20:17:08 | 000,108,975 | ---- | M] () MD5=D817ED82C2A0E1CED9B396826F52F7CB -- C:\Windows\WinSxS\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.16384_none_ee76174e0bf0eecb\netlogon.dll
< MD5 for: NVRAID.SYS >
[2013/08/22 13:43:31 | 000,150,368 | ---- | M] (NVIDIA Corporation) MD5=BC6B5942AFF25EBAF62DE43C3807EDF8 -- C:\WINDOWS\SysNative\drivers\nvraid.sys
[2013/08/22 13:43:31 | 000,150,368 | ---- | M] (NVIDIA Corporation) MD5=BC6B5942AFF25EBAF62DE43C3807EDF8 -- C:\WINDOWS\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_7ba65ba4b222e751\nvraid.sys
[2013/08/22 13:43:31 | 000,150,368 | ---- | M] (NVIDIA Corporation) MD5=BC6B5942AFF25EBAF62DE43C3807EDF8 -- C:\Windows\WinSxS\amd64_nvraid.inf_31bf3856ad364e35_6.3.9600.16384_none_2a99233292f5aadb\nvraid.sys
< MD5 for: NVSTOR.SYS >
[2013/08/22 13:43:32 | 000,168,288 | ---- | M] (NVIDIA Corporation) MD5=1F43ABFFAC3D6CA356851D517392966E -- C:\WINDOWS\SysNative\drivers\nvstor.sys
[2013/08/22 13:43:32 | 000,168,288 | ---- | M] (NVIDIA Corporation) MD5=1F43ABFFAC3D6CA356851D517392966E -- C:\WINDOWS\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_7ba65ba4b222e751\nvstor.sys
[2013/08/22 13:43:32 | 000,168,288 | ---- | M] (NVIDIA Corporation) MD5=1F43ABFFAC3D6CA356851D517392966E -- C:\Windows\WinSxS\amd64_nvraid.inf_31bf3856ad364e35_6.3.9600.16384_none_2a99233292f5aadb\nvstor.sys
< MD5 for: SCECLI.DLL >
[2014/12/19 21:53:38 | 000,042,572 | ---- | M] () MD5=22CDB04B964A8D34C42BB7ED150784F8 -- C:\Windows\WinSxS\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.3.9600.16384_none_3320ecb8e1733781\scecli.dll
[2014/11/28 23:23:07 | 000,045,911 | ---- | M] () MD5=878EBE290BED3EE6AC21BF4EE1458F67 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.3.9600.16384_none_28cc4266ad127586\scecli.dll
[2014/10/29 02:23:16 | 000,274,944 | ---- | M] (Microsoft Corporation) MD5=9A475B8F19A15BFDE8DF84E40ECAE8AA -- C:\WINDOWS\SysNative\scecli.dll
[2014/10/29 02:23:16 | 000,274,944 | ---- | M] (Microsoft Corporation) MD5=9A475B8F19A15BFDE8DF84E40ECAE8AA -- C:\Windows\WinSxS\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.3.9600.17415_none_2918dd42acd8e20e\scecli.dll
[2014/10/29 02:01:41 | 000,214,016 | ---- | M] (Microsoft Corporation) MD5=FB740FE549197E7B08021EF30327921D -- C:\Windows\SysWOW64\scecli.dll
[2014/10/29 02:01:41 | 000,214,016 | ---- | M] (Microsoft Corporation) MD5=FB740FE549197E7B08021EF30327921D -- C:\Windows\WinSxS\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.3.9600.17415_none_336d8794e139a409\scecli.dll
< MD5 for: SMSS.EXE >
[2014/05/08 20:20:51 | 000,019,120 | ---- | M] () MD5=5FBA1F5F9AA1E09595F015118AE83A36 -- C:\Windows\WinSxS\amd64_microsoft-windows-smss-minwin_31bf3856ad364e35_6.3.9600.16384_none_6f1f364dbcc273d3\smss.exe
[2014/02/22 16:43:03 | 000,142,576 | ---- | M] (Microsoft Corporation) MD5=D8564418BAC13776E43DB5F6B4FA775E -- C:\WINDOWS\SysNative\smss.exe
[2014/02/22 16:43:03 | 000,142,576 | ---- | M] (Microsoft Corporation) MD5=D8564418BAC13776E43DB5F6B4FA775E -- C:\Windows\WinSxS\amd64_microsoft-windows-smss-minwin_31bf3856ad364e35_6.3.9600.17031_none_6f522891bc9cbe45\smss.exe
< MD5 for: SVCHOST.EXE >
[2014/11/21 06:12:42 | 000,761,656 | ---- | M] (MalwareBytes) MD5=625BB08813743947985B0DEEFC35ED12 -- C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\svchost.exe
[2014/12/20 08:54:04 | 000,007,517 | ---- | M] () MD5=73AA583D4FB0F05C313B38C091D94804 -- C:\Windows\WinSxS\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.3.9600.16384_none_4a5b1e2820e75323\svchost.exe
[2014/12/19 21:00:23 | 000,007,559 | ---- | M] () MD5=CFE97816CBBEF783FD8634109F1877D2 -- C:\Windows\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.3.9600.16384_none_a679b9abd944c459\svchost.exe
[2014/10/29 04:17:51 | 000,033,088 | ---- | M] (Microsoft Corporation) MD5=D0ABC231C0B3E88C6B612B28ABBF734D -- C:\Windows\SysWOW64\svchost.exe
[2014/10/29 04:17:51 | 000,033,088 | ---- | M] (Microsoft Corporation) MD5=D0ABC231C0B3E88C6B612B28ABBF734D -- C:\Windows\WinSxS\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.3.9600.17415_none_4aa7b90420adbfab\svchost.exe
[2014/10/29 05:11:20 | 000,038,792 | ---- | M] (Microsoft Corporation) MD5=E3A2AD05E24105B35E986CF9CB38EC47 -- C:\WINDOWS\SysNative\svchost.exe
[2014/10/29 05:11:20 | 000,038,792 | ---- | M] (Microsoft Corporation) MD5=E3A2AD05E24105B35E986CF9CB38EC47 -- C:\Windows\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.3.9600.17415_none_a6c65487d90b30e1\svchost.exe
< MD5 for: TCPIP.SYS >
[2014/02/28 19:04:11 | 000,210,441 | ---- | M] () MD5=01941724D120729E2B680B22F05D4123 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.16423_none_a41c53813a2d8394\tcpip.sys
[2014/10/08 20:57:21 | 000,445,462 | ---- | M] () MD5=19384DF1CE84A606FEF4C1E1A940CC89 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17085_none_a3dd562d3a5c82ed\tcpip.sys
[2014/03/15 17:17:30 | 000,271,861 | ---- | M] () MD5=2102610D6FD1D928A3D7155077A78B82 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.16456_none_a3fee49b3a43236c\tcpip.sys
[2014/05/08 20:23:32 | 000,481,295 | ---- | M] () MD5=2F83A7537A9B8CF98E6B4710A3E3D381 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.16521_none_a41a54d33a2f4e0d\tcpip.sys
[2014/10/29 04:52:15 | 002,485,056 | ---- | M] (Microsoft Corporation) MD5=468273F7089A3A33D149955F0F203FA4 -- C:\WINDOWS\SysNative\drivers\tcpip.sys
[2014/10/29 04:52:15 | 002,485,056 | ---- | M] (Microsoft Corporation) MD5=468273F7089A3A33D149955F0F203FA4 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17415_none_a4290d393a23b3f2\tcpip.sys
[2014/10/08 20:57:32 | 000,445,111 | ---- | M] () MD5=5F46548648648BE21060C8DED2B56238 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17238_none_a4166a733a313d8b\tcpip.sys
[2014/10/08 20:57:26 | 000,446,400 | ---- | M] () MD5=96F67EB5FD0CF6809C15A9530C68A8B7 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17136_none_a41467f93a330db6\tcpip.sys
[2014/10/08 20:57:16 | 000,447,007 | ---- | M] () MD5=CBBC133323549D9091F012AE8B8A3BBA -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17039_none_a41766f13a305c94\tcpip.sys
[2013/11/30 15:49:17 | 000,250,257 | ---- | M] () MD5=D051052CB1A286833805C2E0F7710F85 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.16408_none_a436f4cb3a18ca65\tcpip.sys
[2014/12/19 21:11:53 | 000,409,864 | ---- | M] () MD5=D0C41590A1BCB4C0BD592D8AB976FE2F -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17336_none_a4146bc53a330804\tcpip.sys
[2014/11/18 20:30:05 | 000,241,540 | ---- | M] () MD5=E7D9CAEE2A6C4007CB85632A13D4EEF3 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17278_none_a3eb2ac33a51ad4f\tcpip.sys
< MD5 for: USERINIT.EXE >
[2014/12/19 21:15:30 | 000,002,671 | ---- | M] () MD5=061AC3BD7ADC5DCBA6AC0F23895266F8 -- C:\Windows\WinSxS\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.3.9600.16384_none_cce71a20a5a6fe7f\userinit.exe
[2014/12/20 09:02:14 | 000,004,269 | ---- | M] () MD5=1AE98168631581DE1343C3A87A6CBCA9 -- C:\Windows\WinSxS\x86_microsoft-windows-userinit_31bf3856ad364e35_6.3.9600.16384_none_70c87e9ced498d49\userinit.exe
[2014/10/29 02:28:08 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=5C131534A3EA4A461A793FB507A8004F -- C:\WINDOWS\SysNative\userinit.exe
[2014/10/29 02:28:08 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=5C131534A3EA4A461A793FB507A8004F -- C:\Windows\WinSxS\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.3.9600.17415_none_cd33b4fca56d6b07\userinit.exe
[2014/10/29 02:05:25 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=D10643FC0095434C819316CA6CD748C0 -- C:\Windows\SysWOW64\userinit.exe
[2014/10/29 02:05:25 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=D10643FC0095434C819316CA6CD748C0 -- C:\Windows\WinSxS\x86_microsoft-windows-userinit_31bf3856ad364e35_6.3.9600.17415_none_71151978ed0ff9d1\userinit.exe
< MD5 for: WINLOGON.EXE >
[2014/11/21 06:12:42 | 000,761,656 | ---- | M] (MalwareBytes) MD5=625BB08813743947985B0DEEFC35ED12 -- C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\winlogon.exe
[2014/12/19 21:22:48 | 000,100,951 | ---- | M] () MD5=A176623494AF009927242266EF51DCFB -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.3.9600.17031_none_60b45365a8c2ccdb\winlogon.exe
[2014/05/08 20:27:55 | 000,089,459 | ---- | M] () MD5=E40DC8DF924E02F04F3620DBAC1ACE31 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.3.9600.16384_none_60816121a8e88269\winlogon.exe
[2014/10/29 02:22:52 | 000,572,416 | ---- | M] (Microsoft Corporation) MD5=EC498BAE1F0D3E0E401C963F8D76C437 -- C:\WINDOWS\SysNative\winlogon.exe
[2014/10/29 02:22:52 | 000,572,416 | ---- | M] (Microsoft Corporation) MD5=EC498BAE1F0D3E0E401C963F8D76C437 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.3.9600.17415_none_60cdfbfda8aeeef1\winlogon.exe
< MD5 for: WS2_32.DLL >
[2007/07/13 17:32:34 | 000,293,888 | ---- | M] (Microsoft Corporation) MD5=25A72E05F16F68846CFC74D0EAB6F459 -- C:\Program Files\Microsoft SDKs\Windows\V6.1\NoRedist\Ws2_32.dll
[2014/10/29 04:05:15 | 000,321,248 | ---- | M] (Microsoft Corporation) MD5=34E71A52A1BFA68411CAECCFB6D72F8C -- C:\Windows\SysWOW64\ws2_32.dll
[2014/10/29 04:05:15 | 000,321,248 | ---- | M] (Microsoft Corporation) MD5=34E71A52A1BFA68411CAECCFB6D72F8C -- C:\Windows\WinSxS\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.3.9600.17415_none_87a41025e9b6078a\ws2_32.dll
[2007/07/13 20:47:04 | 000,755,200 | ---- | M] (Microsoft Corporation) MD5=385A1CDF1BDEE74F46358CE4CEB0E20F -- C:\Program Files\Microsoft SDKs\Windows\V6.1\NoRedist\IA64\Ws2_32.dll
[2014/10/29 04:51:53 | 000,363,080 | ---- | M] (Microsoft Corporation) MD5=3A0B3B44C263DB1823360FF3E5C223CE -- C:\WINDOWS\SysNative\ws2_32.dll
[2014/10/29 04:51:53 | 000,363,080 | ---- | M] (Microsoft Corporation) MD5=3A0B3B44C263DB1823360FF3E5C223CE -- C:\Windows\WinSxS\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.3.9600.17415_none_e3c2aba9a21378c0\ws2_32.dll
[2014/12/20 13:18:43 | 000,062,052 | ---- | M] () MD5=58D09EFD883813FC9709A9D98A7209DF -- C:\Windows\WinSxS\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.3.9600.16384_none_87577549e9ef9b02\ws2_32.dll
[2007/07/13 21:07:38 | 000,402,944 | ---- | M] (Microsoft Corporation) MD5=C9D184998EA57BDA2B706A57A2353933 -- C:\Program Files\Microsoft SDKs\Windows\V6.1\NoRedist\x64\Ws2_32.dll
[2014/12/19 21:17:07 | 000,065,749 | ---- | M] () MD5=F77C96590EA4741EB62B0FBC7A9FFFE8 -- C:\Windows\WinSxS\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.3.9600.16384_none_e37610cda24d0c38\ws2_32.dll
< >
< %systemroot%*.* /U /s >
[1 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[7 C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[34 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\System32\Shared Memory\DSC\*.tmp files -> C:\WINDOWS\System32\Shared Memory\DSC\*.tmp -> ]
[1 C:\WINDOWS\SysWOW64\Shared Memory\DSC\*.tmp files -> C:\WINDOWS\SysWOW64\Shared Memory\DSC\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2013/07/17 19:35:18 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\.minecraft
[2015/01/08 21:56:57 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\Adobe
[2013/07/17 14:33:20 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\ATI
[2014/09/15 12:01:58 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\calibre
[2015/01/08 21:18:41 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2014/01/26 19:01:09 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\CyberLink
[2014/11/19 05:57:27 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\DAEMON Tools Lite
[2014/09/26 06:15:41 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\e-academy Inc
[2013/09/22 10:47:42 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\Flood Light Games
[2015/02/09 19:13:32 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\GeoGebra 5.0
[2014/05/29 05:11:59 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\GHISLER
[2013/07/26 20:49:04 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\Hewlett-Packard
[2014/05/29 05:01:58 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\HewlettPackard
[2013/07/26 20:40:38 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\hpqlog
[2013/11/01 14:20:18 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\Identities
[2014/03/14 16:22:00 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\InstallShield
[2013/07/18 06:54:28 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\Macromedia
[2014/02/18 18:43:11 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\Malwarebytes
[2013/07/18 12:15:29 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\MathWorks
[2014/12/29 05:56:02 | 000,000,000 | --SD | M] -- C:\Users\Marie\AppData\Roaming\Microsoft
[2014/11/29 19:53:56 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\Microsoft FxCop
[2014/09/19 19:11:12 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\MiKTeX
[2014/09/26 08:15:08 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\NuGet
[2013/09/22 10:45:56 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\Oberon Media
[2013/07/18 07:05:29 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\Philipp Winterberg
[2014/10/19 13:12:45 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\Seznam.cz
[2015/02/28 09:38:26 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\Skype
[2013/07/18 07:46:00 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\Softland
[2013/07/18 13:36:35 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\Subversion
[2014/10/29 20:57:26 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\SumatraPDF
[2013/07/17 14:33:15 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\Synaptics
[2014/09/17 06:37:40 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\uTorrent
[2014/11/30 21:17:41 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\vlc
< %APPDATA%\*.exe /s >
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2015/01/12 02:14:47 | 012,829,184 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\ieframe.dll
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
[2015/01/12 02:14:47 | 012,829,184 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\ieframe.dll
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2015/02/28 09:41:17 | 000,000,983 | ---- | M] () -- C:\WINDOWS\system32\bscs.ini
[2015/02/26 20:36:08 | 000,000,052 | ---- | M] () -- C:\WINDOWS\system32\DOErrors.log
[2015/02/28 09:41:24 | 000,003,620 | ---- | M] () -- C:\WINDOWS\system32\LOCALSERVICE.INI
[2015/02/28 09:42:03 | 000,000,018 | ---- | M] () -- C:\WINDOWS\system32\log.txt
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CCleaner Monitoring" = "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR -- [2014/10/23 16:21:34 | 006,501,656 | ---- | M] (Piriform Ltd)
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs
< >
< type c:\boot.ini >> test.txt /c >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2015/02/28 09:46:19 | 000,000,512 | ---- | M] () MD5=FECAA565BBD1FA9B1585896BBBDB857F -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2010/10/08 11:10:04 | 000,000,254 | ---- | M] () -- \Program Files\MATLAB\R2013a\resources\pde\en\crackg.xml
[2001/02/09 12:03:10 | 000,000,483 | ---- | M] () -- \Program Files\MATLAB\R2013a\toolbox\pde\crackb.m
[2012/08/20 20:10:46 | 000,002,865 | ---- | M] () -- \Program Files\MATLAB\R2013a\toolbox\pde\crackg.m
[2005/03/07 12:35:58 | 000,000,091 | ---- | M] () -- \Program Files\MATLAB\R2013a\toolbox\pde\ja\crackb.m
[2005/03/07 12:35:58 | 000,000,582 | ---- | M] () -- \Program Files\MATLAB\R2013a\toolbox\pde\ja\crackg.m
< *keygen* /s >
< *AntiWPA* /s >
< *loader* /s >
[2009/06/23 22:49:54 | 000,009,839 | ---- | M] () -- \externi\G#(FAT32 1)_000\externi\4.semsetr\4.semestr\DIR4931\Bioinformatika\Perl\HTML\LIB\AutoLoader.html
[2009/06/23 22:49:54 | 000,001,762 | ---- | M] () -- \externi\G#(FAT32 1)_000\externi\4.semsetr\4.semestr\DIR4931\Bioinformatika\Perl\HTML\LIB\ByteLoader.html
[2009/06/23 22:49:58 | 000,018,176 | ---- | M] () -- \externi\G#(FAT32 1)_000\externi\4.semsetr\4.semestr\DIR4931\Bioinformatika\Perl\HTML\LIB\DynaLoader.html
[2009/06/23 22:50:04 | 000,011,207 | ---- | M] () -- \externi\G#(FAT32 1)_000\externi\4.semsetr\4.semestr\DIR4931\Bioinformatika\Perl\HTML\LIB\SelfLoader.html
[2009/06/23 22:50:06 | 000,001,769 | ---- | M] () -- \externi\G#(FAT32 1)_000\externi\4.semsetr\4.semestr\DIR4931\Bioinformatika\Perl\HTML\LIB\XSLoader.html
[2009/06/23 22:48:56 | 000,011,013 | ---- | M] () -- \externi\G#(FAT32 1)_000\externi\4.semsetr\4.semestr\DIR4931\Bioinformatika\Perl\LIB\AutoLoader.pm
[2009/06/23 22:49:00 | 000,000,643 | ---- | M] () -- \externi\G#(FAT32 1)_000\externi\4.semsetr\4.semestr\DIR4931\Bioinformatika\Perl\LIB\ByteLoader.pm
[2009/06/23 22:49:04 | 000,028,119 | ---- | M] () -- \externi\G#(FAT32 1)_000\externi\4.semsetr\4.semestr\DIR4931\Bioinformatika\Perl\LIB\DynaLoader.pm
[2009/06/23 22:49:14 | 000,012,442 | ---- | M] () -- \externi\G#(FAT32 1)_000\externi\4.semsetr\4.semestr\DIR4931\Bioinformatika\Perl\LIB\SelfLoader.pm
[2009/06/23 22:49:20 | 000,003,749 | ---- | M] () -- \externi\G#(FAT32 1)_000\externi\4.semsetr\4.semestr\DIR4931\Bioinformatika\Perl\LIB\XSLoader.pm
[2009/06/23 22:55:10 | 000,028,758 | ---- | M] () -- \externi\G#(FAT32 1)_000\externi\4.semsetr\4.semestr\DIR4931\Bioinformatika\Perl\LIB\AUTO\ByteLoader\ByteLoader.dll
[2009/06/23 22:55:12 | 000,000,817 | ---- | M] () -- \externi\G#(FAT32 1)_000\externi\4.semsetr\4.semestr\DIR4931\Bioinformatika\Perl\LIB\AUTO\ByteLoader\ByteLoader.exp
[2009/06/23 22:55:12 | 000,002,212 | ---- | M] () -- \externi\G#(FAT32 1)_000\externi\4.semsetr\4.semestr\DIR4931\Bioinformatika\Perl\LIB\AUTO\ByteLoader\ByteLoader.lib
[2009/06/23 22:49:54 | 000,009,839 | ---- | M] () -- \externi\G#(FAT32 1)_000\externi\4.semsetr\ABIN\Bioinformatika\Perl\HTML\LIB\AutoLoader.html
[2009/06/23 22:49:54 | 000,001,762 | ---- | M] () -- \externi\G#(FAT32 1)_000\externi\4.semsetr\ABIN\Bioinformatika\Perl\HTML\LIB\ByteLoader.html
[2009/06/23 22:49:58 | 000,018,176 | ---- | M] () -- \externi\G#(FAT32 1)_000\externi\4.semsetr\ABIN\Bioinformatika\Perl\HTML\LIB\DynaLoader.html
[2009/06/23 22:50:04 | 000,011,207 | ---- | M] () -- \externi\G#(FAT32 1)_000\externi\4.semsetr\ABIN\Bioinformatika\Perl\HTML\LIB\SelfLoader.html
[2009/06/23 22:50:06 | 000,001,769 | ---- | M] () -- \externi\G#(FAT32 1)_000\externi\4.semsetr\ABIN\Bioinformatika\Perl\HTML\LIB\XSLoader.html
[2009/06/23 22:48:56 | 000,011,013 | ---- | M] () -- \externi\G#(FAT32 1)_000\externi\4.semsetr\ABIN\Bioinformatika\Perl\LIB\AutoLoader.pm
[2009/06/23 22:49:00 | 000,000,643 | ---- | M] () -- \externi\G#(FAT32 1)_000\externi\4.semsetr\ABIN\Bioinformatika\Perl\LIB\ByteLoader.pm
[2009/06/23 22:49:04 | 000,028,119 | ---- | M] () -- \externi\G#(FAT32 1)_000\externi\4.semsetr\ABIN\Bioinformatika\Perl\LIB\DynaLoader.pm
[2009/06/23 22:49:14 | 000,012,442 | ---- | M] () -- \externi\G#(FAT32 1)_000\externi\4.semsetr\ABIN\Bioinformatika\Perl\LIB\SelfLoader.pm
[2009/06/23 22:49:20 | 000,003,749 | ---- | M] () -- \externi\G#(FAT32 1)_000\externi\4.semsetr\ABIN\Bioinformatika\Perl\LIB\XSLoader.pm
[2009/06/23 22:55:10 | 000,028,758 | ---- | M] () -- \externi\G#(FAT32 1)_000\externi\4.semsetr\ABIN\Bioinformatika\Perl\LIB\AUTO\ByteLoader\ByteLoader.dll
[2009/06/23 22:55:12 | 000,000,817 | ---- | M] () -- \externi\G#(FAT32 1)_000\externi\4.semsetr\ABIN\Bioinformatika\Perl\LIB\AUTO\ByteLoader\ByteLoader.exp
[2009/06/23 22:55:12 | 000,002,212 | ---- | M] () -- \externi\G#(FAT32 1)_000\externi\4.semsetr\ABIN\Bioinformatika\Perl\LIB\AUTO\ByteLoader\ByteLoader.lib
[2008/03/18 07:31:00 | 000,009,216 | R--- | M] () -- \Program Files (x86)\Adobe\Acrobat 9.0\PDFMaker\AutoCAD\OD\AecDummyLoader_2.05_8.dll
[2014/08/22 08:06:22 | 000,044,032 | R--- | M] () -- \Program Files (x86)\Calibre2\DLLs\PyISAPI_loader.dll
[2014/08/22 08:06:22 | 000,008,704 | R--- | M] () -- \Program Files (x86)\Calibre2\DLLs\pythoncomloader27.dll
[2013/10/05 01:38:22 | 000,131,752 | ---- | M] () -- \Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\coloader80.dll
[2013/10/04 18:26:04 | 000,004,096 | ---- | M] () -- \Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\coloader80.tlb
[2014/09/02 23:27:24 | 000,268,432 | ---- | M] () -- \Program Files (x86)\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2014/09/02 23:27:24 | 000,019,096 | ---- | M] () -- \Program Files (x86)\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2012/09/17 08:46:25 | 002,475,832 | ---- | M] () -- \Program Files (x86)\CyberLink\PhotoDirector\Kernel\CES\CES_3DLoaderFBX.dll
[2012/09/17 09:10:24 | 000,127,504 | ---- | M] () -- \Program Files (x86)\CyberLink\PhotoDirector\Koan\pyloader.dll
[2012/09/17 08:46:38 | 000,006,629 | ---- | M] () -- \Program Files (x86)\CyberLink\PhotoDirector\Presentation\UI\Import\ThumbnailLoader.kc
[2012/09/17 08:46:41 | 000,012,172 | ---- | M] () -- \Program Files (x86)\CyberLink\PhotoDirector\System\PyUploader.kc
[2012/09/17 09:10:01 | 000,161,296 | ---- | M] () -- \Program Files (x86)\CyberLink\PhotoDirector\System\_PyUploader.pyd
[2012/09/17 08:46:42 | 000,007,658 | ---- | M] () -- \Program Files (x86)\CyberLink\PhotoDirector\System\Model\SlideShowProduction\ProfileLoader.kc
[2012/07/03 11:02:42 | 000,127,504 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD10\3DPhotoPlayer\Koan\pyloader.dll
[2012/07/19 11:05:52 | 000,126,064 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD10\PK\Koan\pyloader.dll
[2012/07/19 11:05:54 | 000,028,238 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD10\PK\subsys\PyImpLoader\PyImpLoader.kc
[2012/07/19 11:05:54 | 000,121,968 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD10\PK\subsys\PyImpLoader\_PyImpLoader.pyd
[2011/05/05 14:35:06 | 000,010,775 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cox\mm\MediaCtrl\ImageLoader.kc
[2011/05/05 14:35:08 | 000,003,567 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cox\widget\langloader.kc
[2011/05/05 14:35:08 | 000,013,369 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cox\widget\layoutloader.kc
[2013/08/19 15:07:03 | 002,535,688 | ---- | M] () -- \Program Files (x86)\CyberLink\Shared files\Plugin\8.0\CES_3DLoaderFBX.dll
[2015/02/10 23:42:50 | 000,037,176 | ---- | M] () -- \Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\HPResignFileLoader.exe
[2013/09/13 10:36:14 | 000,007,825 | ---- | M] () -- \Program Files (x86)\Microsoft ASP.NET\ASP.NET MVC 4\Packages\jquery.mobile.1.2.0\content\Content\images\ajax-loader.gif
[2013/09/13 10:36:14 | 000,007,825 | ---- | M] () -- \Program Files (x86)\Microsoft ASP.NET\ASP.NET Web Pages\v2.0\Packages\jquery.mobile.1.2.0\content\Content\images\ajax-loader.gif
[2013/10/05 01:38:22 | 000,042,768 | ---- | M] () -- \Program Files (x86)\Microsoft SDKs\LightSwitch\v4.0\Design\Microsoft.LightSwitch.Design.Loader.dll
[2013/05/15 18:23:42 | 000,007,825 | ---- | M] () -- \Program Files (x86)\Microsoft SDKs\LightSwitch\v4.0\Packages\jquery.mobile.1.3.0\Content\Content\Images\ajax-loader.gif
[2013/07/21 21:42:58 | 000,008,765 | ---- | M] () -- \Program Files (x86)\Microsoft SDKs\LightSwitch\v4.0\Packages\Microsoft.LightSwitch.Client.JavaScript.Runtime.2.0.0.0\Content\Content\Images\msls-loader-dark.gif
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-545057319-1825036704-3933542431-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-545057319-1825036704-3933542431-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-545057319-1825036704-3933542431-1001\..\SearchScopes\{B3DC53AB-7CE7-4464-8484-17BA484C458A}: "URL" = http://tv.seznam.cz/hledej?w={searchTer ... arch_13415
IE - HKU\S-1-5-21-545057319-1825036704-3933542431-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.71.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.71.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.14\npapicomadapter.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKCU\Software\MozillaPlugins\hp.com/HPDetect: C:\Users\Marie\AppData\Roaming\HewlettPackard\HPDetect\1.0.0.0\npHPDetect.dll (HP)
========== Chrome ==========
CHR - default_search_provider: (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: Intel® Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
CHR - plugin: Intel® Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
CHR - plugin: Windows Live™ Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\windows\SysWOW64\Adobe\Director\np32dsw.dll
CHR - Extension: No name found = C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\
CHR - Extension: No name found = C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\
CHR - Extension: No name found = C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.18.1_0\
CHR - Extension: No name found = C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hekhdfjankbhklfkjmnmnefcacndeoll\1.2_0\
CHR - Extension: No name found = C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: No name found = C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb\6.2.2_0\
O1 HOSTS File: ([2015/02/26 22:33:51 | 000,000,035 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll (Microsoft Corporation)
O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll (Microsoft Corporation)
O2:64bit: - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
O2 - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\ochelper.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\office15\grooveex.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [BtTray] C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe (IVT Corporation)
O4 - HKLM..\Run: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKU\S-1-5-21-545057319-1825036704-3933542431-1001..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O8:64bit: - Extra context menu item: Append to existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert link target to existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Append to existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnie.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnie.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll (Microsoft Corporation)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnielinkednotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnielinkednotes.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll (Microsoft Corporation)
O9 - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\ochelper.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\ochelper.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\onbttnielinkednotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\onbttnielinkednotes.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-545057319-1825036704-3933542431-1001\..Trusted Domains: localhost ([]http in Internet)
O15 - HKU\S-1-5-21-545057319-1825036704-3933542431-1001\..Trusted Domains: sharepoint.com ([vutbr] https in Trusted sites)
O15 - HKU\S-1-5-21-545057319-1825036704-3933542431-1001\..Trusted Domains: sharepoint.com ([vutbr-my] https in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3BEA8B54-841D-4C56-853F-78499B4C54AA}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6713E7E4-8B52-4B76-8577-83DA837CA25D}: DhcpNameServer = 40.23.1.201 40.23.1.202
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\osf - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs:64bit: lfsvc - C:\Windows\SysNative\GeofenceMonitorService.dll (Microsoft Corporation)
NetSvcs:64bit: wlidsvc - C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
NetSvcs:64bit: DsmSvc - C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
NetSvcs:64bit: NcaSvc - C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\WINDOWS\SysWow64\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2015/02/28 08:50:44 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Marie\Desktop\OTL.exe
[2015/02/27 05:43:36 | 000,000,000 | ---D | C] -- C:\Program Files\Defraggler
[2015/02/25 06:00:04 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2015/02/15 19:46:35 | 000,000,000 | ---D | C] -- C:\Users\Marie\AppData\Local\Skype
[2015/02/15 19:46:05 | 000,000,000 | ---D | C] -- C:\Users\Marie\AppData\Roaming\Skype
[2015/02/15 19:45:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2015/02/15 19:45:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2015/02/15 19:45:24 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2015/02/15 19:44:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2015/02/12 15:41:44 | 006,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2015/02/11 21:21:02 | 000,788,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\oleaut32.dll
[2015/02/11 21:20:59 | 001,487,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppobjs.dll
[2015/02/11 21:20:54 | 001,098,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aeinv.dll
[2015/02/11 21:20:54 | 000,894,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appraiser.dll
[2015/02/11 21:20:54 | 000,609,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\generaltel.dll
[2015/02/11 21:20:53 | 000,761,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\invagent.dll
[2015/02/11 21:20:53 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\devinv.dll
[2015/02/11 21:20:45 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aepdu.dll
[2015/02/11 11:50:51 | 007,472,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2015/02/11 11:50:51 | 001,733,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll
[2015/02/11 11:50:51 | 000,538,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\scesrv.dll
[2015/02/11 11:50:51 | 000,393,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\scesrv.dll
[2015/02/11 11:50:50 | 000,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wow64.dll
[2015/02/11 11:50:50 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\setup16.exe
[2015/02/11 11:50:50 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntvdm64.dll
[2015/02/11 11:50:50 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ntvdm64.dll
[2015/02/11 11:50:50 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wow64cpu.dll
[2015/02/11 11:50:50 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\instnm.exe
[2015/02/11 11:50:50 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wow32.dll
[2015/02/11 11:50:50 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\user.exe
[2015/02/11 11:50:49 | 001,762,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WindowsCodecs.dll
[2015/02/11 11:50:48 | 000,445,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\certcli.dll
[2015/02/11 11:50:47 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\certcli.dll
[2015/02/11 11:50:37 | 000,816,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript.dll
[2015/02/11 11:50:36 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll
[2015/02/11 11:50:35 | 000,664,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript.dll
[2015/02/11 11:50:34 | 002,125,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl
[2015/02/11 11:50:34 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2015/02/11 11:50:34 | 000,490,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtmsft.dll
[2015/02/11 11:50:33 | 002,052,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl
[2015/02/11 11:50:33 | 000,718,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2015/02/11 11:50:33 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MshtmlDac.dll
[2015/02/11 11:50:32 | 002,865,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\actxprxy.dll
[2015/02/11 11:50:32 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MshtmlDac.dll
[2015/02/11 11:50:31 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mshtmled.dll
[2015/02/11 11:50:29 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iepeers.dll
[2015/02/11 11:50:26 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieapfltr.dll
[2015/02/11 11:50:21 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieapfltr.dll
[2015/02/09 19:13:32 | 000,000,000 | ---D | C] -- C:\Users\Marie\AppData\Roaming\GeoGebra 5.0
[2015/02/05 17:12:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GeoGebra 5
[2015/02/05 17:12:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GeoGebra 5.0
[2015/02/03 17:32:21 | 000,029,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aspnet_counters.dll
[2015/02/03 17:32:10 | 000,028,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\aspnet_counters.dll
[1 C:\Users\Marie\Desktop\*.tmp files -> C:\Users\Marie\Desktop\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2015/02/28 09:46:19 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2015/02/28 09:41:28 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2015/02/28 09:41:24 | 000,003,620 | ---- | M] () -- C:\WINDOWS\SysWow64\LOCALSERVICE.INI
[2015/02/28 09:41:17 | 000,000,983 | ---- | M] () -- C:\WINDOWS\SysWow64\bscs.ini
[2015/02/28 09:39:40 | 000,000,348 | ---- | M] () -- C:\WINDOWS\tasks\HPCeeScheduleForMarie.job
[2015/02/28 09:39:26 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2015/02/28 09:39:24 | 3345,604,608 | -HS- | M] () -- C:\hiberfil.sys
[2015/02/28 08:50:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Marie\Desktop\OTL.exe
[2015/02/27 16:26:32 | 000,007,607 | ---- | M] () -- C:\Users\Marie\AppData\Local\Resmon.ResmonCfg
[2015/02/27 05:51:54 | 000,802,206 | ---- | M] () -- C:\WINDOWS\SysNative\perfh005.dat
[2015/02/27 05:51:54 | 000,786,952 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2015/02/27 05:51:54 | 000,183,700 | ---- | M] () -- C:\WINDOWS\SysNative\perfc005.dat
[2015/02/27 05:51:54 | 000,161,212 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2015/02/27 05:51:53 | 001,934,988 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2015/02/26 22:33:51 | 000,000,035 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\etc\hosts
[2015/02/25 12:53:30 | 000,129,752 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2015/02/25 06:55:36 | 005,202,926 | ---- | M] () -- C:\Users\Marie\Desktop\šimoníčková_dětské mše.pdf
[2015/02/25 06:14:21 | 000,159,753 | ---- | M] () -- C:\Users\Marie\Desktop\Pattern Bunny Fluff.pdf
[2015/02/24 12:06:18 | 000,092,620 | ---- | M] () -- C:\Users\Marie\Desktop\cesta na web.pdf
[2015/02/19 21:53:46 | 001,489,294 | ---- | M] () -- C:\Users\Marie\Desktop\Liturgika.pdf
[2015/02/17 16:39:15 | 000,261,209 | ---- | M] () -- C:\Users\Marie\Desktop\VELIKONOČNÍ SLEPIČKA.pdf
[2015/02/12 05:27:32 | 000,489,640 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2015/02/11 18:23:36 | 000,125,033 | ---- | M] () -- C:\Users\Marie\Desktop\kočka na krk.pdf
[2015/02/04 00:38:41 | 000,227,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aepdu.dll
[2015/02/04 00:08:38 | 000,761,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\invagent.dll
[2015/02/04 00:08:37 | 000,414,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\devinv.dll
[2015/02/03 20:31:19 | 000,714,720 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2015/02/03 20:31:19 | 000,106,976 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2015/02/03 00:11:29 | 000,609,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\generaltel.dll
[2015/02/03 00:11:24 | 001,098,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aeinv.dll
[2015/02/03 00:11:24 | 000,894,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appraiser.dll
[1 C:\Users\Marie\Desktop\*.tmp files -> C:\Users\Marie\Desktop\*.tmp -> ]
========== Files Created - No Company Name ==========
[2015/02/28 08:55:55 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2015/02/25 10:34:34 | 000,000,348 | ---- | C] () -- C:\WINDOWS\tasks\HPCeeScheduleForMarie.job
[2015/02/25 06:55:33 | 005,202,926 | ---- | C] () -- C:\Users\Marie\Desktop\šimoníčková_dětské mše.pdf
[2015/02/25 06:14:19 | 000,159,753 | ---- | C] () -- C:\Users\Marie\Desktop\Pattern Bunny Fluff.pdf
[2015/02/24 12:06:06 | 000,092,620 | ---- | C] () -- C:\Users\Marie\Desktop\cesta na web.pdf
[2015/02/19 21:53:36 | 001,489,294 | ---- | C] () -- C:\Users\Marie\Desktop\Liturgika.pdf
[2015/02/17 16:39:14 | 000,261,209 | ---- | C] () -- C:\Users\Marie\Desktop\VELIKONOČNÍ SLEPIČKA.pdf
[2015/02/11 21:21:03 | 000,391,526 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml
[2015/02/11 18:23:34 | 000,125,033 | ---- | C] () -- C:\Users\Marie\Desktop\kočka na krk.pdf
[2014/11/28 11:24:26 | 000,107,008 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2014/11/28 11:22:31 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2014/10/01 19:54:10 | 000,183,808 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll
[2014/10/01 19:54:10 | 000,143,360 | ---- | C] () -- C:\WINDOWS\SysWow64\igdail32.dll
[2014/07/21 21:03:42 | 000,123,392 | ---- | C] () -- C:\WINDOWS\SysWow64\amdhdl32.dll
[2014/05/01 12:29:33 | 000,002,255 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2013/11/01 13:11:18 | 001,847,990 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2013/09/26 19:02:38 | 000,204,952 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsvl.dat
[2013/09/26 19:02:38 | 000,157,144 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsva.dat
[2013/09/26 19:02:36 | 000,003,917 | ---- | C] () -- C:\WINDOWS\SysWow64\atipblag.dat
[2013/09/26 19:02:18 | 000,995,342 | ---- | C] () -- C:\WINDOWS\SysWow64\amdocl_as32.exe
[2013/09/26 19:02:18 | 000,798,734 | ---- | C] () -- C:\WINDOWS\SysWow64\amdocl_ld32.exe
[2013/09/03 17:58:35 | 000,000,667 | ---- | C] () -- C:\WINDOWS\SysWow64\Settings.ini
[2013/08/22 16:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013/08/22 16:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013/08/22 15:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/08/22 08:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013/08/22 00:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013/08/22 00:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2013/08/17 19:14:55 | 000,003,620 | ---- | C] () -- C:\WINDOWS\SysWow64\LOCALSERVICE.INI
[2013/08/17 19:14:55 | 000,000,043 | ---- | C] () -- C:\WINDOWS\SysWow64\LOCALDEVICE.INI
[2013/07/17 18:44:42 | 000,000,161 | ---- | C] () -- C:\WINDOWS\AutoKMS.ini
[2013/07/17 16:59:37 | 000,007,607 | ---- | C] () -- C:\Users\Marie\AppData\Local\Resmon.ResmonCfg
[2013/03/22 09:00:08 | 000,000,983 | ---- | C] () -- C:\WINDOWS\SysWow64\bscs.ini
========== ZeroAccess Check ==========
[2013/11/05 21:18:05 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/10/29 04:57:39 | 022,295,200 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/10/29 04:10:55 | 019,734,424 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2014/10/29 02:19:43 | 001,013,760 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2014/10/29 01:59:23 | 000,786,944 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2014/10/29 02:16:01 | 000,512,512 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2013/07/17 19:35:18 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\.minecraft
[2014/09/15 12:01:58 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\calibre
[2015/01/08 21:18:41 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2014/11/19 05:57:27 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\DAEMON Tools Lite
[2014/09/26 06:15:41 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\e-academy Inc
[2013/09/22 10:47:42 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\Flood Light Games
[2015/02/09 19:13:32 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\GeoGebra 5.0
[2014/05/29 05:11:59 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\GHISLER
[2014/05/29 05:01:58 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\HewlettPackard
[2014/09/26 08:15:08 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\NuGet
[2013/09/22 10:45:56 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\Oberon Media
[2013/07/18 07:05:29 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\Philipp Winterberg
[2014/10/19 13:12:45 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\Seznam.cz
[2013/07/18 07:46:00 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\Softland
[2013/07/18 13:36:35 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\Subversion
[2014/10/29 20:57:26 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\SumatraPDF
[2013/07/17 14:33:15 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\Synaptics
[2014/09/17 06:37:40 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\uTorrent
========== Purity Check ==========
========== Custom Scans ==========
< >
[2013/08/22 15:45:54 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2013/11/01 13:08:59 | 000,000,264 | ---- | C] () -- C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job
[2015/02/25 10:34:34 | 000,000,348 | ---- | C] () -- C:\WINDOWS\Tasks\HPCeeScheduleForMarie.job
< >
< MD5 for: AGP440.SYS >
[2014/05/08 17:59:29 | 000,000,012 | ---- | M] () MD5=06C6E29A8643D00197E214F3AA26A4B9 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.3.9600.16384_none_aad14d4692a7dfee\AGP440.sys
[2013/08/22 13:43:40 | 000,062,304 | ---- | M] (Microsoft Corporation) MD5=7DFAEBA9AD62D20102B576D5CAC45EC8 -- C:\WINDOWS\SysNative\drivers\AGP440.sys
[2013/08/22 13:43:40 | 000,062,304 | ---- | M] (Microsoft Corporation) MD5=7DFAEBA9AD62D20102B576D5CAC45EC8 -- C:\WINDOWS\SysNative\DriverStore\FileRepository\machine.inf_amd64_36be84f8fc597ea3\AGP440.sys
[2013/08/22 13:43:40 | 000,062,304 | ---- | M] (Microsoft Corporation) MD5=7DFAEBA9AD62D20102B576D5CAC45EC8 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.3.9600.17238_none_ab0b455c927bd60f\AGP440.sys
[2014/10/08 20:19:27 | 000,000,012 | ---- | M] () MD5=AC26F500DB64617F336315BB5A0FDBE1 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.3.9600.17031_none_ab043f8a92822a60\AGP440.sys
< MD5 for: ATAPI.SYS >
[2013/08/22 13:43:41 | 000,026,464 | ---- | M] (Microsoft Corporation) MD5=74B14192CF79A72F7536B27CB8814FBD -- C:\WINDOWS\SysNative\drivers\atapi.sys
[2013/08/22 13:43:41 | 000,026,464 | ---- | M] (Microsoft Corporation) MD5=74B14192CF79A72F7536B27CB8814FBD -- C:\WINDOWS\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_64aa4354da84c2df\atapi.sys
[2013/08/22 13:43:41 | 000,026,464 | ---- | M] (Microsoft Corporation) MD5=74B14192CF79A72F7536B27CB8814FBD -- C:\Windows\WinSxS\amd64_mshdc.inf_31bf3856ad364e35_6.3.9600.16384_none_cdf68824f580d510\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2014/05/08 18:02:33 | 000,028,249 | ---- | M] () MD5=0CBDE27FB26761852F7B22AFB8C51ACB -- C:\Windows\WinSxS\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.3.9600.16384_none_d2b24d5495b82963\autochk.exe
[2014/02/22 12:24:36 | 000,792,576 | ---- | M] (Microsoft Corporation) MD5=1D31E78ED5C40B5C6CC8D3DE713177A5 -- C:\Windows\SysWOW64\autochk.exe
[2014/02/22 12:24:36 | 000,792,576 | ---- | M] (Microsoft Corporation) MD5=1D31E78ED5C40B5C6CC8D3DE713177A5 -- C:\Windows\WinSxS\x86_microsoft-windows-autochk_31bf3856ad364e35_6.3.9600.17031_none_76c6a414dd35029f\autochk.exe
[2014/02/22 13:17:06 | 000,890,880 | ---- | M] (Microsoft Corporation) MD5=387A1E98BE548E4F199343CBA01E9D6D -- C:\WINDOWS\SysNative\autochk.exe
[2014/02/22 13:17:06 | 000,890,880 | ---- | M] (Microsoft Corporation) MD5=387A1E98BE548E4F199343CBA01E9D6D -- C:\Windows\WinSxS\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.3.9600.17031_none_d2e53f98959273d5\autochk.exe
[2014/05/08 21:01:12 | 000,023,596 | ---- | M] () MD5=83A4C9BE342BC296EC09492FF7594F13 -- C:\Windows\WinSxS\x86_microsoft-windows-autochk_31bf3856ad364e35_6.3.9600.16384_none_7693b1d0dd5ab82d\autochk.exe
< MD5 for: CDROM.SYS >
[2013/08/22 09:46:35 | 000,164,352 | ---- | M] (Microsoft Corporation) MD5=C6796EA22B513E3457514D92DCDB1A3D -- C:\WINDOWS\SysNative\drivers\cdrom.sys
[2013/08/22 09:46:35 | 000,164,352 | ---- | M] (Microsoft Corporation) MD5=C6796EA22B513E3457514D92DCDB1A3D -- C:\WINDOWS\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_42e9c29f0affc440\cdrom.sys
[2013/08/22 09:46:35 | 000,164,352 | ---- | M] (Microsoft Corporation) MD5=C6796EA22B513E3457514D92DCDB1A3D -- C:\Windows\WinSxS\amd64_cdrom.inf_31bf3856ad364e35_6.3.9600.16384_none_5067bbed77be70be\cdrom.sys
< MD5 for: CRYPTSVC.DLL >
[2014/11/28 22:34:15 | 000,018,016 | ---- | M] () MD5=14E1348B6D5DD39C23C2F8FE569B52E0 -- C:\Windows\WinSxS\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.3.9600.16384_none_66bdf96f6ec6545d\cryptsvc.dll
[2014/10/29 02:27:24 | 000,131,584 | ---- | M] (Microsoft Corporation) MD5=6324F0D18FB52833BA64BC828E29054C -- C:\WINDOWS\SysNative\cryptsvc.dll
[2014/10/29 02:27:24 | 000,131,584 | ---- | M] (Microsoft Corporation) MD5=6324F0D18FB52833BA64BC828E29054C -- C:\Windows\WinSxS\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.3.9600.17415_none_670a944b6e8cc0e5\cryptsvc.dll
< MD5 for: EVENTLOG.DLL >
[2009/06/23 22:56:54 | 000,032,874 | ---- | M] () MD5=16D34E1EC42956262AA217352EC90597 -- C:\externi\G#(FAT32 1)_000\externi\4.semsetr\4.semestr\DIR4931\Bioinformatika\Perl\SITE\LIB\AUTO\Win32\EventLog\EventLog.dll
[2009/06/23 22:56:54 | 000,032,874 | ---- | M] () MD5=16D34E1EC42956262AA217352EC90597 -- C:\externi\G#(FAT32 1)_000\externi\4.semsetr\ABIN\Bioinformatika\Perl\SITE\LIB\AUTO\Win32\EventLog\EventLog.dll
[2010/01/26 22:29:28 | 000,028,797 | ---- | M] () MD5=4571E750E4A920D773511F50A2E62A20 -- C:\Program Files\MATLAB\R2013a\sys\perl\win32\lib\auto\Win32\EventLog\EventLog.dll
[2012/01/31 11:22:06 | 000,006,952 | ---- | M] () MD5=D9A27F35D231BAC3AD58E922C7644E8B -- C:\Program Files (x86)\CyberLink\PowerDirector10\EventLog.dll
< MD5 for: EXPLORER.EXE >
[2014/10/08 20:27:35 | 000,270,774 | ---- | M] () MD5=2195687491E604BA42961470EDA7660E -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17238_none_42acff334d876b54\explorer.exe
[2014/10/08 21:35:13 | 000,220,250 | ---- | M] () MD5=286928E00AD34E9F88EB5BFA52660A70 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17238_none_4d01a98581e82d4f\explorer.exe
[2014/05/08 20:39:18 | 000,015,546 | ---- | M] () MD5=347EFF7EC89C3EB4F72F2408E1C4E16D -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17031_none_4cfaa3b381ee81a0\explorer.exe
[2013/11/30 15:45:30 | 000,133,444 | ---- | M] () MD5=3DDF61E1B538A1205612192A61CC2376 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16408_none_42cd898b4d6ef82e\explorer.exe
[2014/11/28 22:46:04 | 000,395,976 | ---- | M] () MD5=45DD8FAA7B53ABD29BCB9BACABFFC818 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17284_none_4272ee6f4db391ad\explorer.exe
[2014/10/29 04:10:54 | 002,207,488 | ---- | M] (Microsoft Corporation) MD5=4B37A33F4F5237BF02E537F8D12D1129 -- C:\Windows\SysWOW64\explorer.exe
[2014/10/29 04:10:54 | 002,207,488 | ---- | M] (Microsoft Corporation) MD5=4B37A33F4F5237BF02E537F8D12D1129 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17415_none_4d144c4b81daa3b6\explorer.exe
[2014/05/08 20:39:14 | 000,238,918 | ---- | M] () MD5=5177BB4FECDDB9CDBCF10EF65916968D -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16441_none_4ceff22781f6788c\explorer.exe
[2014/10/08 20:27:30 | 000,271,249 | ---- | M] () MD5=667BC926C7CB889BF276A5FEA316CAEE -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17039_none_42adfbb14d868a5d\explorer.exe
[2014/05/08 19:34:00 | 000,169,957 | ---- | M] () MD5=6D919C26DCB567396CD2E119B8E4310E -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17031_none_42a5f9614d8dbfa5\explorer.exe
[2014/10/29 04:57:42 | 002,501,368 | ---- | M] (Microsoft Corporation) MD5=85D47EB257B06094F052E0C8AEFA3BEE -- C:\Windows\explorer.exe
[2014/10/29 04:57:42 | 002,501,368 | ---- | M] (Microsoft Corporation) MD5=85D47EB257B06094F052E0C8AEFA3BEE -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17415_none_42bfa1f94d79e1bb\explorer.exe
[2013/11/30 15:53:14 | 000,127,825 | ---- | M] () MD5=983D8A3EB94B05A199D3744C0F0C475F -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16408_none_4d2233dd81cfba29\explorer.exe
[2014/12/19 21:42:27 | 000,338,811 | ---- | M] () MD5=9E110FC1BA4AB7CB5F2F9D27DB534223 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17284_none_4cc798c1821453a8\explorer.exe
[2014/10/08 21:35:08 | 000,208,662 | ---- | M] () MD5=C131BC6F12417306A9C8469CA49110B1 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17039_none_4d02a60381e74c58\explorer.exe
[2014/05/08 19:33:57 | 000,283,735 | ---- | M] () MD5=FA98C5D746E7C9E0912E88AC44FF9926 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16441_none_429b47d54d95b691\explorer.exe
< MD5 for: HAL.DLL >
[2014/06/02 03:10:31 | 000,423,768 | ---- | M] (Microsoft Corporation) MD5=08DCA300264238F9AE941302321F3D54 -- C:\WINDOWS\SysNative\hal.dll
[2014/06/02 03:10:31 | 000,423,768 | ---- | M] (Microsoft Corporation) MD5=08DCA300264238F9AE941302321F3D54 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.3.9600.17196_none_9bde68c32da7abbb\hal.dll
[2014/10/08 20:29:47 | 000,024,467 | ---- | M] () MD5=2635F50EAF3E1B4A8D32B21E1203E130 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.3.9600.17031_none_9c1a44f32d7b883b\hal.dll
[2014/03/15 17:14:15 | 000,014,096 | ---- | M] () MD5=64D2873F32BB723BFFF3F8895032AA35 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.3.9600.16408_none_9c41d51d2d5cc0c4\hal.dll
[2014/05/08 19:35:26 | 000,066,843 | ---- | M] () MD5=D714202F057A317C8E31776EBEA0AEA2 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.3.9600.16500_none_9c39d4b32d63f333\hal.dll
< MD5 for: IASTORV.SYS >
[2013/08/22 13:43:45 | 000,412,000 | ---- | M] (Intel Corporation) MD5=A2200C3033FA4EF249FC096A7A7D02A2 -- C:\WINDOWS\SysNative\drivers\iaStorV.sys
[2013/08/22 13:43:45 | 000,412,000 | ---- | M] (Intel Corporation) MD5=A2200C3033FA4EF249FC096A7A7D02A2 -- C:\WINDOWS\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_5069105fb236ae4b\iaStorV.sys
[2013/08/22 13:43:45 | 000,412,000 | ---- | M] (Intel Corporation) MD5=A2200C3033FA4EF249FC096A7A7D02A2 -- C:\Windows\WinSxS\amd64_iastorv.inf_31bf3856ad364e35_6.3.9600.16384_none_9fcfb2835bbf0103\iaStorV.sys
< MD5 for: ISAPNP.SYS >
[2014/05/08 17:59:30 | 000,000,012 | ---- | M] () MD5=06C6E29A8643D00197E214F3AA26A4B9 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.3.9600.16384_none_aad14d4692a7dfee\isapnp.sys
[2013/08/22 13:43:45 | 000,021,856 | ---- | M] (Microsoft Corporation) MD5=8AFEEA3955AA43616A60F133B1D25F21 -- C:\WINDOWS\SysNative\drivers\isapnp.sys
[2013/08/22 13:43:45 | 000,021,856 | ---- | M] (Microsoft Corporation) MD5=8AFEEA3955AA43616A60F133B1D25F21 -- C:\WINDOWS\SysNative\DriverStore\FileRepository\machine.inf_amd64_36be84f8fc597ea3\isapnp.sys
[2013/08/22 13:43:45 | 000,021,856 | ---- | M] (Microsoft Corporation) MD5=8AFEEA3955AA43616A60F133B1D25F21 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.3.9600.17238_none_ab0b455c927bd60f\isapnp.sys
[2014/10/08 20:19:27 | 000,000,012 | ---- | M] () MD5=AC26F500DB64617F336315BB5A0FDBE1 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.3.9600.17031_none_ab043f8a92822a60\isapnp.sys
< MD5 for: LSASS.EXE >
[2014/10/29 04:51:48 | 000,047,024 | ---- | M] (Microsoft Corporation) MD5=382100E75B6F4668AEAEF228C6CEFFAD -- C:\WINDOWS\SysNative\lsass.exe
[2014/10/29 04:51:48 | 000,047,024 | ---- | M] (Microsoft Corporation) MD5=382100E75B6F4668AEAEF228C6CEFFAD -- C:\Windows\WinSxS\amd64_microsoft-windows-lsa-minwin_31bf3856ad364e35_6.3.9600.17415_none_2e769c84660bda1b\lsass.exe
[2014/11/28 22:53:59 | 000,008,089 | ---- | M] () MD5=3FFB8CD649DEDA6497FD97550BE82357 -- C:\Windows\WinSxS\amd64_microsoft-windows-lsa-minwin_31bf3856ad364e35_6.3.9600.16408_none_2e8484166600f08e\lsass.exe
< MD5 for: NDIS.SYS >
[2013/11/30 15:47:30 | 000,123,655 | ---- | M] () MD5=17F1BC1A73EECEA6394EFA770B41DDD3 -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.16405_none_4a6b5fcffbc14927\ndis.sys
[2014/10/13 03:41:49 | 001,114,432 | ---- | M] (Microsoft Corporation) MD5=21FE65E2E67C4E31EE95CBD1F91C4B24 -- C:\WINDOWS\SysNative\drivers\ndis.sys
[2014/10/13 03:41:49 | 001,114,432 | ---- | M] (Microsoft Corporation) MD5=21FE65E2E67C4E31EE95CBD1F91C4B24 -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.17399_none_4a0df8fdfc06c676\ndis.sys
[2014/02/28 19:02:41 | 000,046,734 | ---- | M] () MD5=68A9BA38BB275850F91165D1C1FCA8DA -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.16408_none_4a6e60adfbbe952c\ndis.sys
[2014/05/08 20:11:25 | 000,140,607 | ---- | M] () MD5=7B886741BDAE33AC4F116DF991D1E3CB -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.16475_none_4a1fb05bfbfa0cbe\ndis.sys
[2014/11/28 23:07:06 | 000,162,319 | ---- | M] () MD5=A627B5D38300791075615FF3C8BB3991 -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.17199_none_4a0df531fc06cc28\ndis.sys
[2014/10/08 20:43:57 | 000,025,682 | ---- | M] () MD5=D2D6A481A75207BF24E9D48C61B7F012 -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.17031_none_4a46d083fbdd5ca3\ndis.sys
< MD5 for: NETLOGON.DLL >
[2014/10/29 02:26:21 | 000,838,656 | ---- | M] (Microsoft Corporation) MD5=02D117FC638B768BD1A15F8000B83EAE -- C:\WINDOWS\SysNative\netlogon.dll
[2014/10/29 02:26:21 | 000,838,656 | ---- | M] (Microsoft Corporation) MD5=02D117FC638B768BD1A15F8000B83EAE -- C:\Windows\WinSxS\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.17415_none_eec2b22a0bb75b53\netlogon.dll
[2014/05/08 20:52:14 | 000,058,552 | ---- | M] () MD5=35048C9600694C3BF01D644D1AAE62BE -- C:\Windows\WinSxS\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.16384_none_f8cac1a04051b0c6\netlogon.dll
[2014/12/19 21:00:04 | 000,125,384 | ---- | M] () MD5=45C2C2EA335BD7FF360C7F006B915766 -- C:\Windows\WinSxS\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.17041_none_ee9e39a60bd3552e\netlogon.dll
[2014/12/19 21:54:23 | 000,105,907 | ---- | M] () MD5=B25E2DE4078511EB1747FA0BDB6E4FC5 -- C:\Windows\WinSxS\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.17041_none_f8f2e3f840341729\netlogon.dll
[2014/10/29 02:02:34 | 000,695,296 | ---- | M] (Microsoft Corporation) MD5=CCEC6CB98A00ECE7F5AFB9C0FC9427B3 -- C:\Windows\SysWOW64\netlogon.dll
[2014/10/29 02:02:34 | 000,695,296 | ---- | M] (Microsoft Corporation) MD5=CCEC6CB98A00ECE7F5AFB9C0FC9427B3 -- C:\Windows\WinSxS\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.17415_none_f9175c7c40181d4e\netlogon.dll
[2014/05/08 20:17:08 | 000,108,975 | ---- | M] () MD5=D817ED82C2A0E1CED9B396826F52F7CB -- C:\Windows\WinSxS\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.16384_none_ee76174e0bf0eecb\netlogon.dll
< MD5 for: NVRAID.SYS >
[2013/08/22 13:43:31 | 000,150,368 | ---- | M] (NVIDIA Corporation) MD5=BC6B5942AFF25EBAF62DE43C3807EDF8 -- C:\WINDOWS\SysNative\drivers\nvraid.sys
[2013/08/22 13:43:31 | 000,150,368 | ---- | M] (NVIDIA Corporation) MD5=BC6B5942AFF25EBAF62DE43C3807EDF8 -- C:\WINDOWS\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_7ba65ba4b222e751\nvraid.sys
[2013/08/22 13:43:31 | 000,150,368 | ---- | M] (NVIDIA Corporation) MD5=BC6B5942AFF25EBAF62DE43C3807EDF8 -- C:\Windows\WinSxS\amd64_nvraid.inf_31bf3856ad364e35_6.3.9600.16384_none_2a99233292f5aadb\nvraid.sys
< MD5 for: NVSTOR.SYS >
[2013/08/22 13:43:32 | 000,168,288 | ---- | M] (NVIDIA Corporation) MD5=1F43ABFFAC3D6CA356851D517392966E -- C:\WINDOWS\SysNative\drivers\nvstor.sys
[2013/08/22 13:43:32 | 000,168,288 | ---- | M] (NVIDIA Corporation) MD5=1F43ABFFAC3D6CA356851D517392966E -- C:\WINDOWS\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_7ba65ba4b222e751\nvstor.sys
[2013/08/22 13:43:32 | 000,168,288 | ---- | M] (NVIDIA Corporation) MD5=1F43ABFFAC3D6CA356851D517392966E -- C:\Windows\WinSxS\amd64_nvraid.inf_31bf3856ad364e35_6.3.9600.16384_none_2a99233292f5aadb\nvstor.sys
< MD5 for: SCECLI.DLL >
[2014/12/19 21:53:38 | 000,042,572 | ---- | M] () MD5=22CDB04B964A8D34C42BB7ED150784F8 -- C:\Windows\WinSxS\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.3.9600.16384_none_3320ecb8e1733781\scecli.dll
[2014/11/28 23:23:07 | 000,045,911 | ---- | M] () MD5=878EBE290BED3EE6AC21BF4EE1458F67 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.3.9600.16384_none_28cc4266ad127586\scecli.dll
[2014/10/29 02:23:16 | 000,274,944 | ---- | M] (Microsoft Corporation) MD5=9A475B8F19A15BFDE8DF84E40ECAE8AA -- C:\WINDOWS\SysNative\scecli.dll
[2014/10/29 02:23:16 | 000,274,944 | ---- | M] (Microsoft Corporation) MD5=9A475B8F19A15BFDE8DF84E40ECAE8AA -- C:\Windows\WinSxS\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.3.9600.17415_none_2918dd42acd8e20e\scecli.dll
[2014/10/29 02:01:41 | 000,214,016 | ---- | M] (Microsoft Corporation) MD5=FB740FE549197E7B08021EF30327921D -- C:\Windows\SysWOW64\scecli.dll
[2014/10/29 02:01:41 | 000,214,016 | ---- | M] (Microsoft Corporation) MD5=FB740FE549197E7B08021EF30327921D -- C:\Windows\WinSxS\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.3.9600.17415_none_336d8794e139a409\scecli.dll
< MD5 for: SMSS.EXE >
[2014/05/08 20:20:51 | 000,019,120 | ---- | M] () MD5=5FBA1F5F9AA1E09595F015118AE83A36 -- C:\Windows\WinSxS\amd64_microsoft-windows-smss-minwin_31bf3856ad364e35_6.3.9600.16384_none_6f1f364dbcc273d3\smss.exe
[2014/02/22 16:43:03 | 000,142,576 | ---- | M] (Microsoft Corporation) MD5=D8564418BAC13776E43DB5F6B4FA775E -- C:\WINDOWS\SysNative\smss.exe
[2014/02/22 16:43:03 | 000,142,576 | ---- | M] (Microsoft Corporation) MD5=D8564418BAC13776E43DB5F6B4FA775E -- C:\Windows\WinSxS\amd64_microsoft-windows-smss-minwin_31bf3856ad364e35_6.3.9600.17031_none_6f522891bc9cbe45\smss.exe
< MD5 for: SVCHOST.EXE >
[2014/11/21 06:12:42 | 000,761,656 | ---- | M] (MalwareBytes) MD5=625BB08813743947985B0DEEFC35ED12 -- C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\svchost.exe
[2014/12/20 08:54:04 | 000,007,517 | ---- | M] () MD5=73AA583D4FB0F05C313B38C091D94804 -- C:\Windows\WinSxS\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.3.9600.16384_none_4a5b1e2820e75323\svchost.exe
[2014/12/19 21:00:23 | 000,007,559 | ---- | M] () MD5=CFE97816CBBEF783FD8634109F1877D2 -- C:\Windows\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.3.9600.16384_none_a679b9abd944c459\svchost.exe
[2014/10/29 04:17:51 | 000,033,088 | ---- | M] (Microsoft Corporation) MD5=D0ABC231C0B3E88C6B612B28ABBF734D -- C:\Windows\SysWOW64\svchost.exe
[2014/10/29 04:17:51 | 000,033,088 | ---- | M] (Microsoft Corporation) MD5=D0ABC231C0B3E88C6B612B28ABBF734D -- C:\Windows\WinSxS\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.3.9600.17415_none_4aa7b90420adbfab\svchost.exe
[2014/10/29 05:11:20 | 000,038,792 | ---- | M] (Microsoft Corporation) MD5=E3A2AD05E24105B35E986CF9CB38EC47 -- C:\WINDOWS\SysNative\svchost.exe
[2014/10/29 05:11:20 | 000,038,792 | ---- | M] (Microsoft Corporation) MD5=E3A2AD05E24105B35E986CF9CB38EC47 -- C:\Windows\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.3.9600.17415_none_a6c65487d90b30e1\svchost.exe
< MD5 for: TCPIP.SYS >
[2014/02/28 19:04:11 | 000,210,441 | ---- | M] () MD5=01941724D120729E2B680B22F05D4123 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.16423_none_a41c53813a2d8394\tcpip.sys
[2014/10/08 20:57:21 | 000,445,462 | ---- | M] () MD5=19384DF1CE84A606FEF4C1E1A940CC89 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17085_none_a3dd562d3a5c82ed\tcpip.sys
[2014/03/15 17:17:30 | 000,271,861 | ---- | M] () MD5=2102610D6FD1D928A3D7155077A78B82 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.16456_none_a3fee49b3a43236c\tcpip.sys
[2014/05/08 20:23:32 | 000,481,295 | ---- | M] () MD5=2F83A7537A9B8CF98E6B4710A3E3D381 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.16521_none_a41a54d33a2f4e0d\tcpip.sys
[2014/10/29 04:52:15 | 002,485,056 | ---- | M] (Microsoft Corporation) MD5=468273F7089A3A33D149955F0F203FA4 -- C:\WINDOWS\SysNative\drivers\tcpip.sys
[2014/10/29 04:52:15 | 002,485,056 | ---- | M] (Microsoft Corporation) MD5=468273F7089A3A33D149955F0F203FA4 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17415_none_a4290d393a23b3f2\tcpip.sys
[2014/10/08 20:57:32 | 000,445,111 | ---- | M] () MD5=5F46548648648BE21060C8DED2B56238 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17238_none_a4166a733a313d8b\tcpip.sys
[2014/10/08 20:57:26 | 000,446,400 | ---- | M] () MD5=96F67EB5FD0CF6809C15A9530C68A8B7 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17136_none_a41467f93a330db6\tcpip.sys
[2014/10/08 20:57:16 | 000,447,007 | ---- | M] () MD5=CBBC133323549D9091F012AE8B8A3BBA -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17039_none_a41766f13a305c94\tcpip.sys
[2013/11/30 15:49:17 | 000,250,257 | ---- | M] () MD5=D051052CB1A286833805C2E0F7710F85 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.16408_none_a436f4cb3a18ca65\tcpip.sys
[2014/12/19 21:11:53 | 000,409,864 | ---- | M] () MD5=D0C41590A1BCB4C0BD592D8AB976FE2F -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17336_none_a4146bc53a330804\tcpip.sys
[2014/11/18 20:30:05 | 000,241,540 | ---- | M] () MD5=E7D9CAEE2A6C4007CB85632A13D4EEF3 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17278_none_a3eb2ac33a51ad4f\tcpip.sys
< MD5 for: USERINIT.EXE >
[2014/12/19 21:15:30 | 000,002,671 | ---- | M] () MD5=061AC3BD7ADC5DCBA6AC0F23895266F8 -- C:\Windows\WinSxS\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.3.9600.16384_none_cce71a20a5a6fe7f\userinit.exe
[2014/12/20 09:02:14 | 000,004,269 | ---- | M] () MD5=1AE98168631581DE1343C3A87A6CBCA9 -- C:\Windows\WinSxS\x86_microsoft-windows-userinit_31bf3856ad364e35_6.3.9600.16384_none_70c87e9ced498d49\userinit.exe
[2014/10/29 02:28:08 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=5C131534A3EA4A461A793FB507A8004F -- C:\WINDOWS\SysNative\userinit.exe
[2014/10/29 02:28:08 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=5C131534A3EA4A461A793FB507A8004F -- C:\Windows\WinSxS\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.3.9600.17415_none_cd33b4fca56d6b07\userinit.exe
[2014/10/29 02:05:25 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=D10643FC0095434C819316CA6CD748C0 -- C:\Windows\SysWOW64\userinit.exe
[2014/10/29 02:05:25 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=D10643FC0095434C819316CA6CD748C0 -- C:\Windows\WinSxS\x86_microsoft-windows-userinit_31bf3856ad364e35_6.3.9600.17415_none_71151978ed0ff9d1\userinit.exe
< MD5 for: WINLOGON.EXE >
[2014/11/21 06:12:42 | 000,761,656 | ---- | M] (MalwareBytes) MD5=625BB08813743947985B0DEEFC35ED12 -- C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\winlogon.exe
[2014/12/19 21:22:48 | 000,100,951 | ---- | M] () MD5=A176623494AF009927242266EF51DCFB -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.3.9600.17031_none_60b45365a8c2ccdb\winlogon.exe
[2014/05/08 20:27:55 | 000,089,459 | ---- | M] () MD5=E40DC8DF924E02F04F3620DBAC1ACE31 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.3.9600.16384_none_60816121a8e88269\winlogon.exe
[2014/10/29 02:22:52 | 000,572,416 | ---- | M] (Microsoft Corporation) MD5=EC498BAE1F0D3E0E401C963F8D76C437 -- C:\WINDOWS\SysNative\winlogon.exe
[2014/10/29 02:22:52 | 000,572,416 | ---- | M] (Microsoft Corporation) MD5=EC498BAE1F0D3E0E401C963F8D76C437 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.3.9600.17415_none_60cdfbfda8aeeef1\winlogon.exe
< MD5 for: WS2_32.DLL >
[2007/07/13 17:32:34 | 000,293,888 | ---- | M] (Microsoft Corporation) MD5=25A72E05F16F68846CFC74D0EAB6F459 -- C:\Program Files\Microsoft SDKs\Windows\V6.1\NoRedist\Ws2_32.dll
[2014/10/29 04:05:15 | 000,321,248 | ---- | M] (Microsoft Corporation) MD5=34E71A52A1BFA68411CAECCFB6D72F8C -- C:\Windows\SysWOW64\ws2_32.dll
[2014/10/29 04:05:15 | 000,321,248 | ---- | M] (Microsoft Corporation) MD5=34E71A52A1BFA68411CAECCFB6D72F8C -- C:\Windows\WinSxS\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.3.9600.17415_none_87a41025e9b6078a\ws2_32.dll
[2007/07/13 20:47:04 | 000,755,200 | ---- | M] (Microsoft Corporation) MD5=385A1CDF1BDEE74F46358CE4CEB0E20F -- C:\Program Files\Microsoft SDKs\Windows\V6.1\NoRedist\IA64\Ws2_32.dll
[2014/10/29 04:51:53 | 000,363,080 | ---- | M] (Microsoft Corporation) MD5=3A0B3B44C263DB1823360FF3E5C223CE -- C:\WINDOWS\SysNative\ws2_32.dll
[2014/10/29 04:51:53 | 000,363,080 | ---- | M] (Microsoft Corporation) MD5=3A0B3B44C263DB1823360FF3E5C223CE -- C:\Windows\WinSxS\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.3.9600.17415_none_e3c2aba9a21378c0\ws2_32.dll
[2014/12/20 13:18:43 | 000,062,052 | ---- | M] () MD5=58D09EFD883813FC9709A9D98A7209DF -- C:\Windows\WinSxS\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.3.9600.16384_none_87577549e9ef9b02\ws2_32.dll
[2007/07/13 21:07:38 | 000,402,944 | ---- | M] (Microsoft Corporation) MD5=C9D184998EA57BDA2B706A57A2353933 -- C:\Program Files\Microsoft SDKs\Windows\V6.1\NoRedist\x64\Ws2_32.dll
[2014/12/19 21:17:07 | 000,065,749 | ---- | M] () MD5=F77C96590EA4741EB62B0FBC7A9FFFE8 -- C:\Windows\WinSxS\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.3.9600.16384_none_e37610cda24d0c38\ws2_32.dll
< >
< %systemroot%*.* /U /s >
[1 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[7 C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[34 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\System32\Shared Memory\DSC\*.tmp files -> C:\WINDOWS\System32\Shared Memory\DSC\*.tmp -> ]
[1 C:\WINDOWS\SysWOW64\Shared Memory\DSC\*.tmp files -> C:\WINDOWS\SysWOW64\Shared Memory\DSC\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2013/07/17 19:35:18 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\.minecraft
[2015/01/08 21:56:57 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\Adobe
[2013/07/17 14:33:20 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\ATI
[2014/09/15 12:01:58 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\calibre
[2015/01/08 21:18:41 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2014/01/26 19:01:09 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\CyberLink
[2014/11/19 05:57:27 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\DAEMON Tools Lite
[2014/09/26 06:15:41 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\e-academy Inc
[2013/09/22 10:47:42 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\Flood Light Games
[2015/02/09 19:13:32 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\GeoGebra 5.0
[2014/05/29 05:11:59 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\GHISLER
[2013/07/26 20:49:04 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\Hewlett-Packard
[2014/05/29 05:01:58 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\HewlettPackard
[2013/07/26 20:40:38 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\hpqlog
[2013/11/01 14:20:18 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\Identities
[2014/03/14 16:22:00 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\InstallShield
[2013/07/18 06:54:28 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\Macromedia
[2014/02/18 18:43:11 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\Malwarebytes
[2013/07/18 12:15:29 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\MathWorks
[2014/12/29 05:56:02 | 000,000,000 | --SD | M] -- C:\Users\Marie\AppData\Roaming\Microsoft
[2014/11/29 19:53:56 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\Microsoft FxCop
[2014/09/19 19:11:12 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\MiKTeX
[2014/09/26 08:15:08 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\NuGet
[2013/09/22 10:45:56 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\Oberon Media
[2013/07/18 07:05:29 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\Philipp Winterberg
[2014/10/19 13:12:45 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\Seznam.cz
[2015/02/28 09:38:26 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\Skype
[2013/07/18 07:46:00 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\Softland
[2013/07/18 13:36:35 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\Subversion
[2014/10/29 20:57:26 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\SumatraPDF
[2013/07/17 14:33:15 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\Synaptics
[2014/09/17 06:37:40 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\uTorrent
[2014/11/30 21:17:41 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\vlc
< %APPDATA%\*.exe /s >
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2015/01/12 02:14:47 | 012,829,184 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\ieframe.dll
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
[2015/01/12 02:14:47 | 012,829,184 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\ieframe.dll
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2015/02/28 09:41:17 | 000,000,983 | ---- | M] () -- C:\WINDOWS\system32\bscs.ini
[2015/02/26 20:36:08 | 000,000,052 | ---- | M] () -- C:\WINDOWS\system32\DOErrors.log
[2015/02/28 09:41:24 | 000,003,620 | ---- | M] () -- C:\WINDOWS\system32\LOCALSERVICE.INI
[2015/02/28 09:42:03 | 000,000,018 | ---- | M] () -- C:\WINDOWS\system32\log.txt
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CCleaner Monitoring" = "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR -- [2014/10/23 16:21:34 | 006,501,656 | ---- | M] (Piriform Ltd)
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs
< >
< type c:\boot.ini >> test.txt /c >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2015/02/28 09:46:19 | 000,000,512 | ---- | M] () MD5=FECAA565BBD1FA9B1585896BBBDB857F -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2010/10/08 11:10:04 | 000,000,254 | ---- | M] () -- \Program Files\MATLAB\R2013a\resources\pde\en\crackg.xml
[2001/02/09 12:03:10 | 000,000,483 | ---- | M] () -- \Program Files\MATLAB\R2013a\toolbox\pde\crackb.m
[2012/08/20 20:10:46 | 000,002,865 | ---- | M] () -- \Program Files\MATLAB\R2013a\toolbox\pde\crackg.m
[2005/03/07 12:35:58 | 000,000,091 | ---- | M] () -- \Program Files\MATLAB\R2013a\toolbox\pde\ja\crackb.m
[2005/03/07 12:35:58 | 000,000,582 | ---- | M] () -- \Program Files\MATLAB\R2013a\toolbox\pde\ja\crackg.m
< *keygen* /s >
< *AntiWPA* /s >
< *loader* /s >
[2009/06/23 22:49:54 | 000,009,839 | ---- | M] () -- \externi\G#(FAT32 1)_000\externi\4.semsetr\4.semestr\DIR4931\Bioinformatika\Perl\HTML\LIB\AutoLoader.html
[2009/06/23 22:49:54 | 000,001,762 | ---- | M] () -- \externi\G#(FAT32 1)_000\externi\4.semsetr\4.semestr\DIR4931\Bioinformatika\Perl\HTML\LIB\ByteLoader.html
[2009/06/23 22:49:58 | 000,018,176 | ---- | M] () -- \externi\G#(FAT32 1)_000\externi\4.semsetr\4.semestr\DIR4931\Bioinformatika\Perl\HTML\LIB\DynaLoader.html
[2009/06/23 22:50:04 | 000,011,207 | ---- | M] () -- \externi\G#(FAT32 1)_000\externi\4.semsetr\4.semestr\DIR4931\Bioinformatika\Perl\HTML\LIB\SelfLoader.html
[2009/06/23 22:50:06 | 000,001,769 | ---- | M] () -- \externi\G#(FAT32 1)_000\externi\4.semsetr\4.semestr\DIR4931\Bioinformatika\Perl\HTML\LIB\XSLoader.html
[2009/06/23 22:48:56 | 000,011,013 | ---- | M] () -- \externi\G#(FAT32 1)_000\externi\4.semsetr\4.semestr\DIR4931\Bioinformatika\Perl\LIB\AutoLoader.pm
[2009/06/23 22:49:00 | 000,000,643 | ---- | M] () -- \externi\G#(FAT32 1)_000\externi\4.semsetr\4.semestr\DIR4931\Bioinformatika\Perl\LIB\ByteLoader.pm
[2009/06/23 22:49:04 | 000,028,119 | ---- | M] () -- \externi\G#(FAT32 1)_000\externi\4.semsetr\4.semestr\DIR4931\Bioinformatika\Perl\LIB\DynaLoader.pm
[2009/06/23 22:49:14 | 000,012,442 | ---- | M] () -- \externi\G#(FAT32 1)_000\externi\4.semsetr\4.semestr\DIR4931\Bioinformatika\Perl\LIB\SelfLoader.pm
[2009/06/23 22:49:20 | 000,003,749 | ---- | M] () -- \externi\G#(FAT32 1)_000\externi\4.semsetr\4.semestr\DIR4931\Bioinformatika\Perl\LIB\XSLoader.pm
[2009/06/23 22:55:10 | 000,028,758 | ---- | M] () -- \externi\G#(FAT32 1)_000\externi\4.semsetr\4.semestr\DIR4931\Bioinformatika\Perl\LIB\AUTO\ByteLoader\ByteLoader.dll
[2009/06/23 22:55:12 | 000,000,817 | ---- | M] () -- \externi\G#(FAT32 1)_000\externi\4.semsetr\4.semestr\DIR4931\Bioinformatika\Perl\LIB\AUTO\ByteLoader\ByteLoader.exp
[2009/06/23 22:55:12 | 000,002,212 | ---- | M] () -- \externi\G#(FAT32 1)_000\externi\4.semsetr\4.semestr\DIR4931\Bioinformatika\Perl\LIB\AUTO\ByteLoader\ByteLoader.lib
[2009/06/23 22:49:54 | 000,009,839 | ---- | M] () -- \externi\G#(FAT32 1)_000\externi\4.semsetr\ABIN\Bioinformatika\Perl\HTML\LIB\AutoLoader.html
[2009/06/23 22:49:54 | 000,001,762 | ---- | M] () -- \externi\G#(FAT32 1)_000\externi\4.semsetr\ABIN\Bioinformatika\Perl\HTML\LIB\ByteLoader.html
[2009/06/23 22:49:58 | 000,018,176 | ---- | M] () -- \externi\G#(FAT32 1)_000\externi\4.semsetr\ABIN\Bioinformatika\Perl\HTML\LIB\DynaLoader.html
[2009/06/23 22:50:04 | 000,011,207 | ---- | M] () -- \externi\G#(FAT32 1)_000\externi\4.semsetr\ABIN\Bioinformatika\Perl\HTML\LIB\SelfLoader.html
[2009/06/23 22:50:06 | 000,001,769 | ---- | M] () -- \externi\G#(FAT32 1)_000\externi\4.semsetr\ABIN\Bioinformatika\Perl\HTML\LIB\XSLoader.html
[2009/06/23 22:48:56 | 000,011,013 | ---- | M] () -- \externi\G#(FAT32 1)_000\externi\4.semsetr\ABIN\Bioinformatika\Perl\LIB\AutoLoader.pm
[2009/06/23 22:49:00 | 000,000,643 | ---- | M] () -- \externi\G#(FAT32 1)_000\externi\4.semsetr\ABIN\Bioinformatika\Perl\LIB\ByteLoader.pm
[2009/06/23 22:49:04 | 000,028,119 | ---- | M] () -- \externi\G#(FAT32 1)_000\externi\4.semsetr\ABIN\Bioinformatika\Perl\LIB\DynaLoader.pm
[2009/06/23 22:49:14 | 000,012,442 | ---- | M] () -- \externi\G#(FAT32 1)_000\externi\4.semsetr\ABIN\Bioinformatika\Perl\LIB\SelfLoader.pm
[2009/06/23 22:49:20 | 000,003,749 | ---- | M] () -- \externi\G#(FAT32 1)_000\externi\4.semsetr\ABIN\Bioinformatika\Perl\LIB\XSLoader.pm
[2009/06/23 22:55:10 | 000,028,758 | ---- | M] () -- \externi\G#(FAT32 1)_000\externi\4.semsetr\ABIN\Bioinformatika\Perl\LIB\AUTO\ByteLoader\ByteLoader.dll
[2009/06/23 22:55:12 | 000,000,817 | ---- | M] () -- \externi\G#(FAT32 1)_000\externi\4.semsetr\ABIN\Bioinformatika\Perl\LIB\AUTO\ByteLoader\ByteLoader.exp
[2009/06/23 22:55:12 | 000,002,212 | ---- | M] () -- \externi\G#(FAT32 1)_000\externi\4.semsetr\ABIN\Bioinformatika\Perl\LIB\AUTO\ByteLoader\ByteLoader.lib
[2008/03/18 07:31:00 | 000,009,216 | R--- | M] () -- \Program Files (x86)\Adobe\Acrobat 9.0\PDFMaker\AutoCAD\OD\AecDummyLoader_2.05_8.dll
[2014/08/22 08:06:22 | 000,044,032 | R--- | M] () -- \Program Files (x86)\Calibre2\DLLs\PyISAPI_loader.dll
[2014/08/22 08:06:22 | 000,008,704 | R--- | M] () -- \Program Files (x86)\Calibre2\DLLs\pythoncomloader27.dll
[2013/10/05 01:38:22 | 000,131,752 | ---- | M] () -- \Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\coloader80.dll
[2013/10/04 18:26:04 | 000,004,096 | ---- | M] () -- \Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\coloader80.tlb
[2014/09/02 23:27:24 | 000,268,432 | ---- | M] () -- \Program Files (x86)\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2014/09/02 23:27:24 | 000,019,096 | ---- | M] () -- \Program Files (x86)\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2012/09/17 08:46:25 | 002,475,832 | ---- | M] () -- \Program Files (x86)\CyberLink\PhotoDirector\Kernel\CES\CES_3DLoaderFBX.dll
[2012/09/17 09:10:24 | 000,127,504 | ---- | M] () -- \Program Files (x86)\CyberLink\PhotoDirector\Koan\pyloader.dll
[2012/09/17 08:46:38 | 000,006,629 | ---- | M] () -- \Program Files (x86)\CyberLink\PhotoDirector\Presentation\UI\Import\ThumbnailLoader.kc
[2012/09/17 08:46:41 | 000,012,172 | ---- | M] () -- \Program Files (x86)\CyberLink\PhotoDirector\System\PyUploader.kc
[2012/09/17 09:10:01 | 000,161,296 | ---- | M] () -- \Program Files (x86)\CyberLink\PhotoDirector\System\_PyUploader.pyd
[2012/09/17 08:46:42 | 000,007,658 | ---- | M] () -- \Program Files (x86)\CyberLink\PhotoDirector\System\Model\SlideShowProduction\ProfileLoader.kc
[2012/07/03 11:02:42 | 000,127,504 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD10\3DPhotoPlayer\Koan\pyloader.dll
[2012/07/19 11:05:52 | 000,126,064 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD10\PK\Koan\pyloader.dll
[2012/07/19 11:05:54 | 000,028,238 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD10\PK\subsys\PyImpLoader\PyImpLoader.kc
[2012/07/19 11:05:54 | 000,121,968 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD10\PK\subsys\PyImpLoader\_PyImpLoader.pyd
[2011/05/05 14:35:06 | 000,010,775 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cox\mm\MediaCtrl\ImageLoader.kc
[2011/05/05 14:35:08 | 000,003,567 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cox\widget\langloader.kc
[2011/05/05 14:35:08 | 000,013,369 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cox\widget\layoutloader.kc
[2013/08/19 15:07:03 | 002,535,688 | ---- | M] () -- \Program Files (x86)\CyberLink\Shared files\Plugin\8.0\CES_3DLoaderFBX.dll
[2015/02/10 23:42:50 | 000,037,176 | ---- | M] () -- \Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\HPResignFileLoader.exe
[2013/09/13 10:36:14 | 000,007,825 | ---- | M] () -- \Program Files (x86)\Microsoft ASP.NET\ASP.NET MVC 4\Packages\jquery.mobile.1.2.0\content\Content\images\ajax-loader.gif
[2013/09/13 10:36:14 | 000,007,825 | ---- | M] () -- \Program Files (x86)\Microsoft ASP.NET\ASP.NET Web Pages\v2.0\Packages\jquery.mobile.1.2.0\content\Content\images\ajax-loader.gif
[2013/10/05 01:38:22 | 000,042,768 | ---- | M] () -- \Program Files (x86)\Microsoft SDKs\LightSwitch\v4.0\Design\Microsoft.LightSwitch.Design.Loader.dll
[2013/05/15 18:23:42 | 000,007,825 | ---- | M] () -- \Program Files (x86)\Microsoft SDKs\LightSwitch\v4.0\Packages\jquery.mobile.1.3.0\Content\Content\Images\ajax-loader.gif
[2013/07/21 21:42:58 | 000,008,765 | ---- | M] () -- \Program Files (x86)\Microsoft SDKs\LightSwitch\v4.0\Packages\Microsoft.LightSwitch.Client.JavaScript.Runtime.2.0.0.0\Content\Content\Images\msls-loader-dark.gif
Vypnete antivir, at nebrani programu v praci.
Znovu spustte OTL jako spravce
Ja pouzivam uz radu let Avast free. 