VIRY.CZ

Tak nevím co vlastně si představit pod slovem normál

přece jen mám notebook už nějakej ten rok. Ovšem pokud na mě máte čas, rad to vyčistím důkladněji

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

Tak mě to hlásí hlášku
"Cannot create file C:\Users\PC\Desktop\cmd.bat"

dal jsem OK ale nic se neděje. Vespod je řádek

HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CurrentVersion\Run\CCleaner Monitoring...

nevím jestli sem něco udělal blbě...

Obcas se to stane, ze OTL tuhle chybku vyhodi

Spustte ho podle stejneho navodu jeste jednou, ale s timto upravenym skriptem

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Já už jsem se leknul že jsem něco pokazil

, zde jsou logy:

OTL:

OTL logfile created on: 17.5.2015 15:39:40 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\PC\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17801)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,99 Gb Total Physical Memory | 1,44 Gb Available Physical Memory | 48,16% Memory free
5,98 Gb Paging File | 4,04 Gb Available in Paging File | 67,63% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 128,04 Gb Free Space | 54,98% Space Free | Partition Type: NTFS
Drive D: | 232,49 Gb Total Space | 0,32 Gb Free Space | 0,14% Space Free | Partition Type: NTFS

Computer Name: PC-T | User Name: PC | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2015.05.17 13:04:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\PC\Desktop\OTL.exe
PRC - [2015.05.15 20:42:02 | 000,376,944 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2015.05.11 20:02:20 | 005,515,496 | ---- | M] (Avast Software s.r.o.) -- C:\Program Files\AVAST Software\Avast\avastui.exe
PRC - [2015.05.01 20:10:42 | 001,533,160 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe
PRC - [2015.04.24 18:49:04 | 000,343,336 | ---- | M] (Avast Software s.r.o.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2015.04.24 18:47:58 | 003,207,800 | ---- | M] (Avast Software) -- C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
PRC - [2015.04.24 18:47:49 | 000,107,448 | ---- | M] (Avast Software s.r.o.) -- C:\Program Files\AVAST Software\Avast\afwServ.exe
PRC - [2014.10.31 21:48:59 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2013.04.30 05:53:00 | 000,453,632 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2013.04.30 05:52:26 | 000,217,088 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2012.06.08 08:53:32 | 001,057,408 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Epson Software\Event Manager\EEventManager.exe
PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011.02.10 10:25:42 | 001,546,720 | ---- | M] (Toshiba Europe GmbH) -- C:\Program Files\Toshiba TEMPRO\TemproTray.exe
PRC - [2011.02.10 10:25:36 | 000,112,080 | ---- | M] (Toshiba Europe GmbH) -- C:\Program Files\Toshiba TEMPRO\TemproSvc.exe
PRC - [2010.02.05 18:41:00 | 000,111,960 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
PRC - [2010.02.05 18:40:44 | 001,021,272 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
PRC - [2009.10.28 12:15:10 | 000,304,496 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
PRC - [2009.10.02 14:26:12 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2009.10.02 14:26:10 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2009.09.30 20:34:22 | 002,314,240 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009.09.30 20:33:08 | 000,262,144 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009.07.28 21:26:42 | 000,062,848 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
PRC - [2009.07.28 15:43:04 | 000,128,344 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe
PRC - [2009.05.14 17:07:14 | 000,759,048 | ---- | M] (ABBYY) -- C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe

========== Modules (No Company Name) ==========

MOD - [2015.05.15 21:37:59 | 001,669,632 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\12dc10e5c0e8d176cf21a16a6fc5fc3b\Microsoft.VisualBasic.ni.dll
MOD - [2015.05.15 21:37:45 | 002,297,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\63e9d5c341d64a753cde97f5a3d65c71\System.Core.ni.dll
MOD - [2015.05.15 21:36:16 | 000,240,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\c2911165184a56d6290dc782efa022b3\WindowsFormsIntegration.ni.dll
MOD - [2015.05.13 21:16:17 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\b3eb55fa5864a2fc7accbbbbe7fa7246\PresentationFramework.Aero.ni.dll
MOD - [2015.05.13 21:16:03 | 014,340,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ea543310204d0addfaf9792d820e958d\PresentationFramework.ni.dll
MOD - [2015.05.13 21:15:48 | 012,438,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6949c4470a81970ec3de0a575d93babc\System.Windows.Forms.ni.dll
MOD - [2015.05.13 21:15:40 | 000,060,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\2c7ef3683326a24dd7ea93cf3e1bc884\UIAutomationProvider.ni.dll
MOD - [2015.05.13 21:15:39 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\007fc007edc388d9806dff94ee04f129\System.Configuration.ni.dll
MOD - [2015.05.13 21:15:37 | 012,254,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\ef204c8310562595a0518e356fb15387\PresentationCore.ni.dll
MOD - [2015.05.13 21:15:26 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\1c3513960037508558358652f2d202a1\WindowsBase.ni.dll
MOD - [2015.05.13 20:54:27 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\716ee14dc9aafde2b5f7f387d842661d\System.ServiceProcess.ni.dll
MOD - [2015.05.13 20:54:16 | 011,923,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\21f876e85bfaa433a999a410eda373bc\System.Web.ni.dll
MOD - [2015.05.13 20:53:19 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5a401fd2a7689ff13fb54182953f9c40\System.Drawing.ni.dll
MOD - [2015.04.24 18:49:22 | 000,104,400 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\log.dll
MOD - [2015.04.24 18:49:07 | 000,081,728 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
MOD - [2015.04.15 20:30:48 | 000,774,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\0967cf5c31691f38d013263304d2dacb\System.Runtime.Remoting.ni.dll
MOD - [2015.03.15 10:58:59 | 040,540,672 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2014.11.01 13:19:33 | 005,467,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d49908aa93a23c84847b1f8b1b667860\System.Xml.ni.dll
MOD - [2014.11.01 13:19:11 | 007,991,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\908ba9e296e92b4e14bdc2437edac603\System.ni.dll
MOD - [2014.11.01 13:18:42 | 011,497,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dll
MOD - [2013.07.08 14:43:43 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2013.06.18 16:49:28 | 000,016,384 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
MOD - [2013.04.30 00:08:08 | 000,369,152 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2012.09.23 21:43:36 | 000,313,992 | ---- | M] () -- C:\Program Files\Adobe\Reader 11.0\Reader\sqlite.dll
MOD - [2010.11.05 03:53:44 | 000,237,568 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_cs_31bf3856ad364e35\PresentationFramework.resources.dll
MOD - [2010.11.05 03:53:33 | 000,204,800 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_cs_b77a5c561934e089\System.resources.dll
MOD - [2010.02.05 18:40:28 | 000,079,192 | ---- | M] () -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll

========== Services (SafeList) ==========

SRV - [2015.05.17 11:44:12 | 000,268,464 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2015.05.15 20:42:02 | 000,148,080 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2015.04.27 21:05:39 | 000,851,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\diagtrack.dll -- (DiagTrack)
SRV - [2015.04.24 18:49:04 | 000,343,336 | ---- | M] (Avast Software s.r.o.) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2015.04.24 18:47:58 | 003,207,800 | ---- | M] (Avast Software) [On_Demand | Running] -- C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe -- (AvastVBoxSvc)
SRV - [2015.04.24 18:47:49 | 000,107,448 | ---- | M] (Avast Software s.r.o.) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV - [2015.04.21 17:58:44 | 000,102,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2015.02.12 22:36:45 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2013.05.27 06:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013.04.30 05:52:26 | 000,217,088 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2011.02.10 10:25:36 | 000,112,080 | ---- | M] (Toshiba Europe GmbH) [Auto | Running] -- C:\Program Files\Toshiba TEMPRO\TemproSvc.exe -- (TemproMonitoringService)
SRV - [2010.02.05 18:41:00 | 000,111,960 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV - [2009.10.02 14:26:12 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2009.09.30 20:34:22 | 002,314,240 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2009.09.30 20:33:08 | 000,262,144 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009.07.28 15:43:04 | 000,128,344 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
SRV - [2009.07.14 03:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.05.14 17:07:14 | 000,759,048 | ---- | M] (ABBYY) [Auto | Running] -- C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Sprint.9.0)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Unknown] -- -- (ar80488d)
DRV - [2015.04.24 18:49:43 | 000,427,992 | ---- | M] (Avast Software s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2015.04.24 18:49:43 | 000,209,048 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2015.04.24 18:49:43 | 000,106,912 | ---- | M] (Avast Software s.r.o.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\aswStm.sys -- (aswStm)
DRV - [2015.04.24 18:49:42 | 000,081,728 | ---- | M] (Avast Software s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2015.04.24 18:49:42 | 000,074,976 | ---- | M] (Avast Software s.r.o.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2015.04.24 18:49:42 | 000,049,904 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2015.04.24 18:49:42 | 000,024,144 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\aswHwid.sys -- (aswHwid)
DRV - [2015.04.24 18:48:41 | 000,787,760 | ---- | M] (Avast Software s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2015.04.24 18:48:40 | 000,026,096 | ---- | M] (Avast Software s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2015.04.24 18:47:58 | 000,220,752 | ---- | M] (Avast Software) [Kernel | Auto | Running] -- C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys -- (VBoxAswDrv)
DRV - [2015.04.24 18:47:50 | 000,271,248 | ---- | M] (Avast Software s.r.o.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswNdisFlt.sys -- (aswNdisFlt)
DRV - [2014.12.21 18:13:07 | 000,320,120 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2014.10.29 19:45:29 | 000,243,128 | ---- | M] (Disc Soft Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2014.06.21 19:00:20 | 000,077,824 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtihdW73.sys -- (AtiHDAudioService)
DRV - [2013.04.30 06:14:44 | 010,070,016 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2013.04.30 06:14:44 | 010,070,016 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2013.04.30 04:47:52 | 000,290,304 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2011.06.20 10:07:08 | 001,117,800 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl8192se.sys -- (rtl8192se)
DRV - [2010.11.20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009.10.26 13:39:04 | 000,125,696 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Impcd.sys -- (Impcd)
DRV - [2009.09.22 18:40:48 | 000,174,592 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2009.09.17 13:54:14 | 000,041,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (HECI)
DRV - [2009.07.30 22:02:34 | 000,036,208 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\LPCFilter.sys -- (LPCFilter)
DRV - [2009.07.30 17:45:56 | 000,022,912 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2009.07.24 16:57:06 | 000,275,536 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\tos_sps32.sys -- (tos_sps32)
DRV - [2009.07.14 17:28:42 | 000,023,512 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\TVALZ_O.SYS -- (TVALZ)
DRV - [2009.07.14 00:13:48 | 001,035,776 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2009.06.22 18:04:58 | 000,024,064 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PGEffect.sys -- (PGEffect)
DRV - [2009.06.19 20:31:08 | 000,012,920 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\TVALZFL.sys -- (TVALZFL)
DRV - [2009.05.20 19:04:40 | 000,157,536 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-21-808673984-1327769900-1736563967-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain ... &bmod=TSEH
IE - HKU\S-1-5-21-808673984-1327769900-1736563967-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain ... &bmod=TSEH
IE - HKU\S-1-5-21-808673984-1327769900-1736563967-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-808673984-1327769900-1736563967-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-808673984-1327769900-1736563967-1001\..\SearchScopes\{2C61EBED-03D9-4B67-986E-C64331FEB57A}: "URL" = http://rover.ebay.com/rover/1/710-71511 ... earchTerms}
IE - HKU\S-1-5-21-808673984-1327769900-1736563967-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.countryCode: "CZ"
FF - prefs.js..browser.search.hiddenOneOffs: "Google,Seznam,HeurĂ©ka,Mapy.cz,SluneÄŤnice,Wikipedie (cs)"
FF - prefs.js..browser.search.isUS: false
FF - prefs.js..browser.search.region: "CZ"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.centrum.cz"
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:10.2.0.187
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:38.0.1
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_188.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.45.2: C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.45.2: C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2015.04.24 18:48:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 38.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 38.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 38.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 38.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2014.10.29 00:42:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\PC\AppData\Roaming\Mozilla\Extensions
[2015.04.01 19:04:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\btadotgi.default\extensions
[2015.04.01 19:04:24 | 000,970,672 | ---- | M] () (No name found) -- C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\btadotgi.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2015.05.16 21:53:44 | 000,002,200 | ---- | M] () -- C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\btadotgi.default\searchplugins\heurekacz.xml
[2015.05.15 20:41:57 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2015.05.15 20:42:03 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2015.04.24 18:48:47 | 000,000,000 | ---D | M] ("Avast Online Security") -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF

O1 HOSTS File: ([2015.05.17 11:13:02 | 000,000,035 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (Avast Software s.r.o.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [AMD AVT] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o.)
O4 - HKLM..\Run: [EEventManager] C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [Toshiba TEMPRO] C:\Program Files\Toshiba TEMPRO\TemproTray.exe (Toshiba Europe GmbH)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TosWaitSrv] C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe (TOSHIBA Corporation)
O4 - HKU\.DEFAULT..\Run: [TOSHIBA Online Product Information] C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe (TOSHIBA)
O4 - HKU\S-1-5-18..\Run: [TOSHIBA Online Product Information] C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe (TOSHIBA)
O4 - HKU\S-1-5-21-808673984-1327769900-1736563967-1001..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd)
O4 - HKU\.DEFAULT..\RunOnce: [SPReview] C:\Windows\System32\SPReview\SPReview.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [SPReview] C:\Windows\System32\SPReview\SPReview.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.8.0/jinsta ... s-i586.cab (Java Plug-in 11.45.2)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.8.0/jinsta ... s-i586.cab (Java Plug-in 11.45.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{043E006D-E028-4443-8A54-BB039C334335}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.ac3filter - C:\Windows\System32\ac3filter.acm ()
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2015.05.17 13:04:16 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\PC\Desktop\OTL.exe
[2015.05.15 20:41:57 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2015.05.13 21:06:35 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2015.05.13 20:55:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2015.05.13 20:50:17 | 001,372,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dwmcore.dll
[2015.05.13 19:59:39 | 002,382,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2015.05.13 19:59:39 | 001,250,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2015.05.13 19:59:27 | 003,989,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2015.05.13 19:59:27 | 000,851,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diagtrack.dll
[2015.05.13 19:59:27 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UtcResources.dll
[2015.05.13 19:59:26 | 003,934,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2015.05.13 19:59:26 | 000,635,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tdh.dll
[2015.05.13 19:59:26 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2015.05.13 19:59:26 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tracerpt.exe
[2015.05.13 19:59:25 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adtschema.dll
[2015.05.13 19:59:25 | 000,262,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
[2015.05.13 19:59:25 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2015.05.13 19:59:25 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logman.exe
[2015.05.13 19:59:25 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\auditpol.exe
[2015.05.13 19:59:25 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\typeperf.exe
[2015.05.13 19:59:25 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2015.05.13 19:59:25 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\relog.exe
[2015.05.13 19:59:25 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskperf.exe
[2015.05.13 19:59:25 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sspisrv.dll
[2015.05.13 19:59:25 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apisetschema.dll
[2015.05.13 19:59:23 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msaudite.dll
[2015.05.13 19:59:23 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msobjs.dll
[2015.05.13 19:59:11 | 000,685,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2015.05.13 19:59:11 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe
[2015.05.13 19:59:11 | 000,342,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2015.05.13 19:59:11 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe
[2015.05.13 19:59:11 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\JavaScriptCollectionAgent.dll
[2015.05.13 19:59:11 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll
[2015.05.13 19:59:11 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2015.05.13 19:59:10 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2015.05.13 19:59:10 | 000,688,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2015.05.13 19:59:10 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll
[2015.05.13 19:59:10 | 000,418,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2015.05.13 19:59:10 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2015.05.13 19:59:10 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2015.05.13 19:59:09 | 002,724,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2015.05.13 19:59:09 | 002,052,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2015.05.13 19:59:09 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2015.05.13 19:59:08 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2015.05.13 19:59:08 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll
[2015.05.13 19:59:07 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2015.05.13 19:59:06 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2015.05.13 19:59:05 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2015.05.13 19:59:04 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll
[2015.05.13 19:59:04 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MshtmlDac.dll
[2015.05.13 19:59:01 | 004,305,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2015.05.13 19:57:54 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdbinst.exe
[2015.05.13 19:57:53 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\InkEd.dll
[2015.05.13 19:57:53 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jnwmon.dll
[2015.05.13 19:57:52 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\poqexec.exe
[2015.05.03 11:26:46 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\HpUpdate
[2015.05.03 11:26:43 | 000,580,712 | ---- | C] (Hewlett-Packard Co.) -- C:\Windows\System32\HPDiscoPM5B12.dll
[2015.05.03 11:26:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
[2015.05.03 11:26:32 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
[2015.05.03 11:26:32 | 000,000,000 | ---D | C] -- C:\Program Files\HP
[2015.05.03 11:24:56 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\HP
[2015.05.03 09:41:50 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\ABBYY
[2015.05.03 09:41:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 9.0 Sprint
[2015.05.03 09:41:23 | 000,000,000 | ---D | C] -- C:\Program Files\ABBYY FineReader 9.0 Sprint
[2015.05.03 09:41:23 | 000,000,000 | ---D | C] -- C:\ProgramData\ABBYY
[2015.05.03 09:41:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ABBYY
[2015.05.03 09:36:44 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\Epson
[2015.05.03 09:35:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software
[2015.05.03 09:35:40 | 000,000,000 | ---D | C] -- C:\Program Files\Epson Software
[2015.05.03 09:34:28 | 000,262,144 | ---- | C] (Seiko Epson Corporation) -- C:\Windows\System32\esintdd.dll
[2015.05.03 09:34:28 | 000,132,560 | ---- | C] (Seiko Epson Corporation) -- C:\Windows\System32\esdevapp.exe
[2015.05.03 09:34:28 | 000,076,288 | ---- | C] (Seiko Epson Corporation.) -- C:\Windows\System32\esw2_dd.dll
[2015.05.03 09:34:28 | 000,012,800 | ---- | C] (Seiko Epson Corporation) -- C:\Windows\System32\escdev.dll
[2015.05.03 09:34:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
[2015.05.03 09:34:17 | 000,000,000 | ---D | C] -- C:\Program Files\epson
[2015.04.24 18:49:52 | 000,291,312 | ---- | C] (Avast Software s.r.o.) -- C:\Windows\System32\aswBoot.exe
[2015.04.24 18:49:24 | 000,043,112 | ---- | C] (Avast Software s.r.o.) -- C:\Windows\avastSS.scr
[2015.04.24 18:47:50 | 000,271,248 | ---- | C] (Avast Software s.r.o.) -- C:\Windows\System32\drivers\aswNdisFlt.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2015.05.17 15:42:01 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2015.05.17 15:34:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015.05.17 15:08:07 | 000,022,208 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015.05.17 15:08:07 | 000,022,208 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015.05.17 13:04:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\PC\Desktop\OTL.exe
[2015.05.17 11:45:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015.05.17 11:45:31 | 2407,743,488 | -HS- | M] () -- C:\hiberfil.sys
[2015.05.17 11:44:12 | 000,778,416 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2015.05.17 11:44:12 | 000,142,512 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2015.05.17 11:13:02 | 000,000,035 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2015.05.16 22:20:47 | 000,668,792 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2015.05.16 22:20:47 | 000,654,140 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2015.05.16 22:20:47 | 000,141,420 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2015.05.16 22:20:47 | 000,122,012 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2015.05.13 21:13:34 | 000,412,552 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2015.05.03 11:35:51 | 000,000,323 | ---- | M] () -- C:\Users\PC\Desktop\Diagnostické nástroje pro tiskárny HP.url
[2015.05.03 11:26:42 | 000,002,207 | ---- | M] () -- C:\Users\Public\Desktop\HP Officejet Pro 8100.lnk
[2015.05.03 11:26:42 | 000,001,159 | ---- | M] () -- C:\Users\Public\Desktop\Zakoupit spotřební materiál - HP Officejet Pro 8100.lnk
[2015.05.03 11:25:39 | 000,000,057 | ---- | M] () -- C:\ProgramData\Ament.ini
[2015.05.03 09:40:09 | 000,002,414 | ---- | M] () -- C:\Users\Public\Desktop\Epson Uživatelská příručka EPSON Perfection V370 Photo.lnk
[2015.05.03 09:34:28 | 000,000,937 | ---- | M] () -- C:\Users\Public\Desktop\EPSON Scan.lnk
[2015.05.01 15:16:41 | 000,102,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2015.04.27 21:11:55 | 003,934,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2015.04.27 21:11:54 | 003,989,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2015.04.27 21:05:39 | 000,851,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\diagtrack.dll
[2015.04.27 21:05:34 | 000,635,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tdh.dll
[2015.04.27 21:05:33 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspisrv.dll
[2015.04.27 21:05:32 | 000,400,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2015.04.27 21:05:17 | 000,221,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2015.04.27 21:04:37 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2015.04.27 21:04:24 | 000,364,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tracerpt.exe
[2015.04.27 21:04:24 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\typeperf.exe
[2015.04.27 21:04:14 | 000,262,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
[2015.04.27 21:04:12 | 000,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\relog.exe
[2015.04.27 21:04:04 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\logman.exe
[2015.04.27 21:03:58 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\diskperf.exe
[2015.04.27 21:03:52 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\auditpol.exe
[2015.04.27 21:01:33 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msobjs.dll
[2015.04.27 21:01:22 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msaudite.dll
[2015.04.27 20:59:41 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apisetschema.dll
[2015.04.27 20:59:36 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\adtschema.dll
[2015.04.27 20:00:30 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\UtcResources.dll
[2015.04.26 09:13:50 | 000,000,972 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2015.04.24 18:49:43 | 000,427,992 | ---- | M] (Avast Software s.r.o.) -- C:\Windows\System32\drivers\aswSP.sys
[2015.04.24 18:49:43 | 000,209,048 | ---- | M] () -- C:\Windows\System32\drivers\aswVmm.sys
[2015.04.24 18:49:43 | 000,106,912 | ---- | M] (Avast Software s.r.o.) -- C:\Windows\System32\drivers\aswStm.sys
[2015.04.24 18:49:42 | 000,081,728 | ---- | M] (Avast Software s.r.o.) -- C:\Windows\System32\drivers\aswRdr2.sys
[2015.04.24 18:49:42 | 000,074,976 | ---- | M] (Avast Software s.r.o.) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2015.04.24 18:49:42 | 000,049,904 | ---- | M] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2015.04.24 18:49:42 | 000,024,144 | ---- | M] () -- C:\Windows\System32\drivers\aswHwid.sys
[2015.04.24 18:49:25 | 000,043,112 | ---- | M] (Avast Software s.r.o.) -- C:\Windows\avastSS.scr
[2015.04.24 18:49:24 | 000,291,312 | ---- | M] (Avast Software s.r.o.) -- C:\Windows\System32\aswBoot.exe
[2015.04.24 18:48:41 | 000,787,760 | ---- | M] (Avast Software s.r.o.) -- C:\Windows\System32\drivers\aswSnx.sys
[2015.04.24 18:48:40 | 000,026,096 | ---- | M] (Avast Software s.r.o.) -- C:\Windows\System32\drivers\aswKbd.sys
[2015.04.24 18:47:50 | 000,271,248 | ---- | M] (Avast Software s.r.o.) -- C:\Windows\System32\drivers\aswNdisFlt.sys
[2015.04.22 03:48:29 | 000,342,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2015.04.21 18:25:34 | 002,724,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2015.04.21 18:25:20 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll
[2015.04.21 18:11:07 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2015.04.21 18:10:12 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll
[2015.04.21 18:09:57 | 000,341,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2015.04.21 18:08:41 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MshtmlDac.dll
[2015.04.21 18:03:16 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2015.04.21 18:02:29 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2015.04.21 18:00:06 | 000,478,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2015.04.21 17:58:45 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2015.04.21 17:58:44 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe
[2015.04.21 17:57:57 | 000,620,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll
[2015.04.21 17:51:54 | 000,667,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe
[2015.04.21 17:48:45 | 000,418,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2015.04.21 17:43:28 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\JavaScriptCollectionAgent.dll
[2015.04.21 17:39:32 | 000,168,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2015.04.21 17:36:40 | 000,285,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2015.04.21 17:31:13 | 004,305,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2015.04.21 17:26:27 | 000,688,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2015.04.21 17:26:01 | 000,685,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2015.04.21 17:25:45 | 002,052,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2015.04.21 17:24:48 | 001,155,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll
[2015.04.21 16:56:39 | 000,710,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2015.04.20 04:56:29 | 001,250,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2015.04.20 04:03:22 | 002,382,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2015.05.17 13:07:36 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2015.05.17 11:44:13 | 000,000,914 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015.05.03 11:35:51 | 000,000,323 | ---- | C] () -- C:\Users\PC\Desktop\Diagnostické nástroje pro tiskárny HP.url
[2015.05.03 11:26:42 | 000,002,207 | ---- | C] () -- C:\Users\Public\Desktop\HP Officejet Pro 8100.lnk
[2015.05.03 11:26:42 | 000,001,159 | ---- | C] () -- C:\Users\Public\Desktop\Zakoupit spotřební materiál - HP Officejet Pro 8100.lnk
[2015.05.03 11:25:39 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2015.05.03 09:36:53 | 000,002,414 | ---- | C] () -- C:\Users\Public\Desktop\Epson Uživatelská příručka EPSON Perfection V370 Photo.lnk
[2015.05.03 09:34:28 | 000,065,793 | ---- | C] () -- C:\Windows\System32\esfwdd.bin
[2015.05.03 09:34:28 | 000,000,937 | ---- | C] () -- C:\Users\Public\Desktop\EPSON Scan.lnk
[2014.10.30 20:08:46 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2014.10.29 01:55:37 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2014.10.29 01:54:29 | 002,140,976 | ---- | C] () -- C:\Windows\System32\SStudio.dll
[2014.10.29 01:54:27 | 005,804,772 | ---- | C] () -- C:\Windows\System32\drivers\rtvienna.dat
[2014.10.29 01:54:23 | 001,099,203 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT
[2014.10.29 01:53:55 | 000,029,496 | ---- | C] () -- C:\Windows\System32\audioLibVc.dll
[2014.10.29 01:53:54 | 000,188,696 | ---- | C] () -- C:\Windows\System32\AcpiServiceVnA.dll
[2014.10.29 00:31:30 | 000,209,048 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2014.10.29 00:31:30 | 000,049,904 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2014.10.29 00:31:30 | 000,024,144 | ---- | C] () -- C:\Windows\System32\drivers\aswHwid.sys
[2014.10.29 00:06:21 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2014.10.28 23:54:50 | 000,045,056 | ---- | C] () -- C:\Windows\System32\HWS_Ctrl.dll
[2014.10.28 23:42:49 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin

========== ZeroAccess Check ==========

[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015.02.13 07:26:18 | 012,875,264 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2014.11.03 20:05:27 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\AC3Filter
[2014.10.29 00:32:19 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\AVAST Software
[2015.03.08 11:13:45 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\DAEMON Tools Lite
[2015.05.03 17:03:46 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Epson
[2015.02.08 10:44:57 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\GHISLER
[2014.10.29 01:14:54 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\rmi
[2014.11.08 17:54:43 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Steam
[2014.10.30 20:17:44 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Toshiba
[2014.10.30 00:53:47 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Wargaming.net
[2014.10.29 00:44:44 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\WinBatch
[2014.10.30 19:59:28 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Windows Live Writer
[2014.12.29 22:45:21 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Zoner

========== Purity Check ==========

========== Custom Scans ==========

< >
[2009.07.14 06:53:46 | 000,032,620 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 06:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2015.05.17 11:44:13 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_a5025d31bee4647c\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_df26d4d57fdef5b0\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_dfc9143c98e9a6c4\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2010.11.20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010.11.20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010.11.20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe

< MD5 for: HAL.DLL >
[2010.11.20 14:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010.11.20 14:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
[2009.07.14 03:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll

< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.04.25 06:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- C:\Windows\SoftwareDistribution\Download\819f2389c84fd99ac463e7d342b07134\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys
[2011.04.25 06:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\SoftwareDistribution\Download\819f2389c84fd99ac463e7d342b07134\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2009.07.14 03:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2010.11.20 14:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2014.04.05 04:25:01 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=5579DD18546999F5D0EC39D018726C6B -- C:\Windows\System32\drivers\tcpip.sys
[2014.04.05 04:25:01 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=5579DD18546999F5D0EC39D018726C6B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18438_none_b513c4dfc4b513b9\tcpip.sys
[2013.09.07 04:06:48 | 001,309,120 | ---- | M] (Microsoft Corporation) MD5=6C4F3D92764FFA22D28061A4D9235446 -- C:\Windows\SoftwareDistribution\Download\b30857111daf421dcc02ef6356b7b370\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_b58e8eb0ddde6cf1\tcpip.sys
[2014.10.31 21:49:13 | 001,309,120 | ---- | M] (Microsoft Corporation) MD5=6C4F3D92764FFA22D28061A4D9235446 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_b58e8eb0ddde6cf1\tcpip.sys
[2011.04.25 08:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\SoftwareDistribution\Download\819f2389c84fd99ac463e7d342b07134\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2011.04.25 06:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- C:\Windows\SoftwareDistribution\Download\819f2389c84fd99ac463e7d342b07134\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys
[2013.09.08 04:07:12 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=CA59F7C570AF70BC174F477CFE2D9EE3 -- C:\Windows\SoftwareDistribution\Download\b30857111daf421dcc02ef6356b7b370\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_b4fa2013c4c8ebf1\tcpip.sys
[2014.10.31 21:49:13 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=CA59F7C570AF70BC174F477CFE2D9EE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_b4fa2013c4c8ebf1\tcpip.sys
[2012.10.03 18:44:01 | 001,308,040 | ---- | M] (Microsoft Corporation) MD5=D490DD0A91B4EAC3B4EE08D11EE37C31 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_b5a428d6ddce3d9a\tcpip.sys
[2012.10.03 18:58:30 | 001,293,680 | ---- | M] (Microsoft Corporation) MD5=E23A56F843E2AEBBB209D0ACCA73C640 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_b4ef7439c4d0da52\tcpip.sys
[2014.04.05 04:16:21 | 001,310,144 | ---- | M] (Microsoft Corporation) MD5=EA47AB18E289333AB94397D77CA6E3A1 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22648_none_b59293a4dddacc9b\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2014.07.16 04:56:14 | 000,304,640 | ---- | M] (Microsoft Corporation) MD5=4F37B93C14AEE313BEC52A23AFB15C2E -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22750_none_7224b2134c7555fa\winlogon.exe
[2014.07.17 03:39:27 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=52449FD429D6053B78AE564DEF303870 -- C:\Windows\System32\winlogon.exe
[2014.07.17 03:39:27 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=52449FD429D6053B78AE564DEF303870 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18540_none_71a5e34e334f9d18\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
[2014.03.04 11:17:02 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=998507B046BA314CE8245364C686FA67 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_71da23b23327143c\winlogon.exe
[2014.03.04 12:39:02 | 000,304,640 | ---- | M] (Microsoft Corporation) MD5=D53972F87D850CD2EB4B29B60CAFDD77 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_7255f1994c4f8119\winlogon.exe

< >

< %systemroot%*.* /U /s >
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[5 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2014.11.03 20:05:27 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\AC3Filter
[2015.01.02 17:34:55 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Adobe
[2014.10.29 00:16:17 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\ATI
[2014.10.29 00:32:19 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\AVAST Software
[2015.03.08 11:13:45 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\DAEMON Tools Lite
[2015.05.03 17:03:46 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Epson
[2014.10.29 19:33:42 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\FastStone
[2015.02.08 10:44:57 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\GHISLER
[2014.10.29 00:17:28 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Google
[2014.10.29 01:16:01 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\GRETECH
[2015.05.10 11:42:52 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\HpUpdate
[2014.10.29 00:15:56 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Identities
[2015.03.01 11:10:42 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\InstallShield
[2014.10.29 00:16:19 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Intel Corporation
[2009.12.09 16:00:31 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Macromedia
[2009.07.14 11:20:15 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Media Center Programs
[2015.05.03 11:35:39 | 000,000,000 | --SD | M] -- C:\Users\PC\AppData\Roaming\Microsoft
[2014.10.29 00:42:33 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Mozilla
[2014.10.29 20:05:22 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Nero
[2014.10.29 01:14:54 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\rmi
[2014.11.08 17:54:43 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Steam
[2014.10.30 20:17:44 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Toshiba
[2014.10.30 00:53:47 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Wargaming.net
[2014.10.29 02:00:34 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Winamp
[2014.10.29 00:44:44 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\WinBatch
[2014.10.30 19:59:28 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Windows Live Writer
[2014.10.29 19:26:29 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\WinRAR
[2014.12.29 22:45:21 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Zoner

< %APPDATA%\*.exe /s >
[2014.10.02 07:31:16 | 001,922,152 | ---- | M] (Gretech Corporation) -- C:\Users\PC\AppData\Roaming\GRETECH\GomPlayer\GrLauncher.exe
[2009.11.11 03:14:22 | 000,038,208 | ---- | M] () -- C:\Users\PC\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2015.05.03 11:35:39 | 000,010,134 | R--- | M] () -- C:\Users\PC\AppData\Roaming\Microsoft\Installer\{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}\ARPPRODUCTICON.exe
[2012.11.26 20:11:13 | 000,690,983 | ---- | M] () -- C:\Users\PC\AppData\Roaming\Nero\Uninstall.exe
[2014.10.29 01:15:08 | 013,306,312 | ---- | M] (Gretech Corporation) -- C:\Users\PC\AppData\Roaming\rmi\gomplayerensetup_2.26.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2015.05.17 15:34:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2015.05.17 15:08:07 | 000,022,208 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015.05.17 15:08:07 | 000,022,208 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015.05.17 11:44:12 | 000,778,416 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerApp.exe
[2015.05.17 11:44:12 | 000,142,512 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerCPLApp.cpl
[2015.05.17 11:45:49 | 000,000,018 | ---- | M] () -- C:\Windows\system32\log.txt
[2015.05.16 22:20:47 | 000,141,420 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2015.05.16 22:20:47 | 000,122,012 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2015.05.16 22:20:47 | 000,668,792 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2015.05.16 22:20:47 | 000,654,140 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2015.05.16 22:20:47 | 001,583,226 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI

< %SYSTEMDRIVE%\*.exe >

< >

< *crack* /s >
[2014.09.17 13:48:49 | 000,213,184 | ---- | M] () -- \Games\World_of_Tanks\res\audio\objects_ice_crack.fsb

< *keygen* /s >
[2014.12.26 04:29:50 | 000,124,483 | R--- | M] () -- \Users\PC\Documents\Instalované PROGRAMY (2014)\Adobe Lightroom 5.7.1\Adobe.Photoshop.Lightroom.v5.7.1.Multilingual.x64.Incl.Keymaker-CORE\keygen.exe

< *AntiWPA* /s >

< *loader* /s >
[2014.09.17 13:48:49 | 000,071,208 | ---- | M] () -- \Games\World_of_Tanks\PhysXLoader.dll
[2015.02.05 16:49:34 | 000,001,512 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\eulaversionloader.pyc
[2014.09.17 13:48:49 | 000,002,209 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\graphicspresetsloader.pyc
[2014.09.17 13:48:49 | 000,007,130 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\guicolorsloader.pyc
[2014.09.17 13:48:49 | 000,003,955 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\guisoundsloader.pyc
[2015.04.16 02:09:10 | 000,006,425 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\logindataloader.pyc
[2014.09.17 13:48:49 | 000,002,753 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\windowsstoreddataloader.pyc
[2014.12.17 23:37:39 | 000,001,489 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\scaleform\framework\entities\abstract\loadermanagermeta.pyc
[2014.12.17 23:37:39 | 000,006,757 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\scaleform\framework\managers\loaders.pyc
[2015.04.16 02:09:10 | 000,011,886 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\shared\remotedatadownloader.pyc
[2014.12.17 23:37:39 | 000,003,419 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\helpers\rssdownloader.pyc
[2015.02.05 16:49:34 | 000,007,603 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\tutorial\loader.pyc
[2015.04.16 02:09:10 | 000,011,336 | ---- | M] () -- \Games\World_of_Tanks\res_bw\scripts\common\lib\unittest\loader.pyc
[2015.04.16 02:09:10 | 000,049,402 | ---- | M] () -- \Games\World_of_Tanks\res_bw\scripts\common\lib\unittest\test\test_loader.pyc
[2014.12.02 17:00:58 | 000,078,336 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop Lightroom 5.7.1\Helpers\DynamicLinkMediaServer\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_BinaryLoader_4.4.3.dll
[2014.12.02 17:00:58 | 000,155,136 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop Lightroom 5.7.1\Helpers\DynamicLinkMediaServer\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_XSDLoader2_4.4.3.dll
[2014.12.02 17:00:58 | 000,117,248 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop Lightroom 5.7.1\Helpers\DynamicLinkMediaServer\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_XSDLoader_4.4.3.dll
[2015.04.04 21:30:09 | 000,072,440 | ---- | M] () -- \Program Files\AVAST Software\Avast\aswWrcIELoader32.exe
[2006.10.26 14:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 14:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2009.10.06 06:08:30 | 000,145,082 | ---- | M] () -- \Program Files\HP\HP Officejet Pro 8100\Bin\HelpViewer\Resources\Loader.gif
[2009.07.17 14:47:26 | 000,135,168 | ---- | M] () -- \Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TosDVDTopoLoader.dll
[2014.12.08 14:40:30 | 000,148,992 | ---- | M] () -- \Program Files\Zoner\Photo Studio 17\Plugins\Facebook\ZPSFacebookUploader.exe
[2010.04.29 15:12:40 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 17\Plugins\Facebook\ZPSPluginLoader.exe
[2014.07.11 13:19:32 | 000,446,464 | ---- | M] () -- \Program Files\Zoner\Photo Studio 17\Plugins\Flickr\ZPSFlickrUploader.exe
[2010.04.29 15:12:42 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 17\Plugins\Flickr\ZPSPluginLoader.exe
[2013.03.05 13:34:20 | 000,192,512 | ---- | M] () -- \Program Files\Zoner\Photo Studio 17\Plugins\Picasa\ZPSPicasaUploader.exe
[2010.04.29 15:12:40 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 17\Plugins\Picasa\ZPSPluginLoader.exe
[2014.12.19 19:38:02 | 000,104,152 | ---- | M] () -- \Program Files\Zoner\Photo Studio 17\Program32\8bfLoader.exe
[2014.12.19 19:38:08 | 000,044,248 | ---- | M] () -- \Program Files\Zoner\Photo Studio 17\Program32\WICLoader.exe
[2014.11.09 12:02:22 | 000,891,224 | ---- | M] () -- \Users\PC\Documents\Instalované PROGRAMY (2014)\amddriverdownloader.exe
[2012.10.04 18:45:38 | 000,003,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\35b8ab475f97c94a8377dea1daeca5a8\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:48:05 | 000,003,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\35b8ab475f97c94a8377dea1daeca5a8\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\35b8ab475f97c94a8377dea1daeca5a8\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\35b8ab475f97c94a8377dea1daeca5a8\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.04.27 21:40:09 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\de605e3b944f78d90e8db6549a348e49\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23040_da-dk_d2e8aba76acb61b8.manifest
[2015.04.27 21:34:18 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\de605e3b944f78d90e8db6549a348e49\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23040_de-de_d01440e36ca1b652.manifest
[2015.04.27 21:38:51 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\de605e3b944f78d90e8db6549a348e49\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23040_el-gr_78aa6e765bb71ee0.manifest
[2015.04.27 21:04:39 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\de605e3b944f78d90e8db6549a348e49\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23040_en-us_790516dc5b7fc217.manifest
[2015.04.27 21:34:35 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\de605e3b944f78d90e8db6549a348e49\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23040_es-es_78d073c05ba6b3bc.manifest
[2015.04.27 21:38:32 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\de605e3b944f78d90e8db6549a348e49\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23040_fi-fi_17eb786d50c0a5e6.manifest
[2015.04.27 21:37:57 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\de605e3b944f78d90e8db6549a348e49\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23040_fr-fr_1b87e9bf4e78ca1e.manifest
[2015.04.27 21:41:50 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\de605e3b944f78d90e8db6549a348e49\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23040_hu-hu_62f86a0732d8993a.manifest
[2015.04.27 21:40:53 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\de605e3b944f78d90e8db6549a348e49\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23040_it-it_05afe00625aaaf9c.manifest
[2015.04.27 21:38:11 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\de605e3b944f78d90e8db6549a348e49\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23040_ja-jp_a7d55f1318c5c177.manifest
[2015.04.27 21:35:42 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\de605e3b944f78d90e8db6549a348e49\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23040_ko-kr_4b3f3bc80b36888d.manifest
[2015.04.27 21:39:24 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\de605e3b944f78d90e8db6549a348e49\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23040_nb-no_33d1bcfce35bb449.manifest
[2015.04.27 21:41:24 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\de605e3b944f78d90e8db6549a348e49\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23040_nl-nl_3211083ae487be1e.manifest
[2015.04.27 21:39:33 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\de605e3b944f78d90e8db6549a348e49\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23040_pl-pl_784d62bcc9aa2bd2.manifest
[2015.04.27 21:34:15 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\de605e3b944f78d90e8db6549a348e49\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23040_pt-br_7aa14d60c833bfb6.manifest
[2015.04.27 21:42:18 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\de605e3b944f78d90e8db6549a348e49\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23040_pt-pt_7b831cccc7a32f92.manifest
[2015.04.27 21:43:51 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\de605e3b944f78d90e8db6549a348e49\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23040_ru-ru_c2262e90ac84bdbe.manifest
[2015.04.27 21:41:00 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\de605e3b944f78d90e8db6549a348e49\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23040_sv-se_5e211905a3adc819.manifest
[2015.04.27 21:40:46 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\de605e3b944f78d90e8db6549a348e49\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23040_tr-tr_072e634c9269ca0a.manifest
[2015.04.27 21:36:40 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\de605e3b944f78d90e8db6549a348e49\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23040_zh-cn_d88b814a42a19c29.manifest
[2015.04.27 21:30:32 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\de605e3b944f78d90e8db6549a348e49\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23040_zh-hk_d73679d8437d0eb9.manifest
[2015.04.27 21:36:44 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\de605e3b944f78d90e8db6549a348e49\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23040_zh-tw_dc87bea040127899.manifest
[2015.04.27 21:40:57 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\de605e3b944f78d90e8db6549a348e49\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23040_cs-cz_43a1a26cafa21b15.manifest
[2015.04.27 21:40:08 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\de605e3b944f78d90e8db6549a348e49\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23040_da-dk_e0db8293a5e81714.manifest
[2015.04.27 21:34:00 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\de605e3b944f78d90e8db6549a348e49\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23040_de-de_de0717cfa7be6bae.manifest
[2015.04.27 21:38:50 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\de605e3b944f78d90e8db6549a348e49\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23040_el-gr_869d456296d3d43c.manifest
[2015.04.27 21:04:28 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\de605e3b944f78d90e8db6549a348e49\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23040_en-us_86f7edc8969c7773.manifest
[2015.04.27 21:34:22 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\de605e3b944f78d90e8db6549a348e49\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23040_es-es_86c34aac96c36918.manifest
[2015.04.27 21:38:31 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\de605e3b944f78d90e8db6549a348e49\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23040_fi-fi_25de4f598bdd5b42.manifest
[2015.04.27 21:37:44 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\de605e3b944f78d90e8db6549a348e49\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23040_fr-fr_297ac0ab89957f7a.manifest
[2015.04.27 21:41:01 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\de605e3b944f78d90e8db6549a348e49\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23040_hu-hu_70eb40f36df54e96.manifest
[2015.04.27 21:39:55 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\de605e3b944f78d90e8db6549a348e49\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23040_it-it_13a2b6f260c764f8.manifest
[2015.04.27 21:38:01 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\de605e3b944f78d90e8db6549a348e49\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23040_ja-jp_b5c835ff53e276d3.manifest
[2015.04.27 21:35:30 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\de605e3b944f78d90e8db6549a348e49\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23040_ko-kr_593212b446533de9.manifest
[2015.04.27 21:39:22 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\de605e3b944f78d90e8db6549a348e49\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23040_nb-no_41c493e91e7869a5.manifest
[2015.04.27 21:40:29 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\de605e3b944f78d90e8db6549a348e49\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23040_nl-nl_4003df271fa4737a.manifest
[2015.04.27 21:38:43 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\de605e3b944f78d90e8db6549a348e49\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23040_pl-pl_864039a904c6e12e.manifest
[2015.04.27 21:34:04 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\de605e3b944f78d90e8db6549a348e49\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23040_pt-br_8894244d03507512.manifest
[2015.04.27 21:41:40 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\de605e3b944f78d90e8db6549a348e49\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23040_pt-pt_8975f3b902bfe4ee.manifest
[2015.04.27 21:43:18 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\de605e3b944f78d90e8db6549a348e49\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23040_ru-ru_d019057ce7a1731a.manifest
[2015.04.27 21:40:11 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\de605e3b944f78d90e8db6549a348e49\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23040_sv-se_6c13eff1deca7d75.manifest
[2015.04.27 21:39:55 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\de605e3b944f78d90e8db6549a348e49\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23040_tr-tr_15213a38cd867f66.manifest
[2015.04.27 21:36:31 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\de605e3b944f78d90e8db6549a348e49\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23040_zh-cn_e67e58367dbe5185.manifest
[2015.04.27 21:30:31 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\de605e3b944f78d90e8db6549a348e49\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23040_zh-hk_e52950c47e99c415.manifest
[2015.04.27 21:36:35 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\de605e3b944f78d90e8db6549a348e49\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23040_zh-tw_ea7a958c7b2f2df5.manifest
[2015.04.27 21:17:33 | 000,004,249 | ---- | M] () -- \Windows\SoftwareDistribution\Download\de605e3b944f78d90e8db6549a348e49\x86_microsoft-windows-e..vironment-os-loader_31bf3856ad364e35_6.1.7601.23040_none_425aebb8e2132918.manifest
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2014.11.02 15:09:28 | 000,003,530 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2015.03.16 22:15:41 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2015.03.16 22:15:41 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winload.exe.mui_3bc5b827
[2015.03.16 22:15:41 | 000,030,272 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winresume.exe.mui_ff8b5358
[2015.03.16 22:15:50 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2015.03.16 22:15:51 | 000,508,904 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winload.exe_75835076
[2015.03.16 22:15:51 | 000,442,720 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winresume.exe_85cd1215
[2009.07.14 04:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 04:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2015.05.13 21:05:37 | 000,000,612 | ---- | M] () -- \Windows\winsxs\FileMaps\programdata_microsoft_diagnosis_asimovuploader_0413bca0c3dfdda4.cdf-ms
[2009.07.14 10:42:11 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2015.02.03 05:54:10 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_cs-cz_352654f75b66aedd.manifest
[2014.12.13 03:50:10 | 000,002,777 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22908_cs-cz_35e2355e745d8d6b.manifest
[2015.01.13 00:09:15 | 000,002,777 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22921_cs-cz_35c59380747413ec.manifest
[2015.01.16 08:24:33 | 000,002,777 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22923_cs-cz_35c794147472469a.manifest
[2015.01.27 06:12:13 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22943_cs-cz_35b1f43c74827e7c.manifest
[2015.02.03 06:04:47 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22948_cs-cz_35b6f5ae747dfd2f.manifest
[2015.03.17 07:30:44 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23002_cs-cz_35dc0bc4746328a3.manifest
[2015.04.27 21:41:46 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23040_cs-cz_35aecb80748565b9.manifest
[2009.07.14 03:47:46 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009.08.19 09:38:48 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed.manifest
[2009.08.19 09:21:21 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20509_none_5be12f8ee6d3987e.manifest
[2010.11.20 06:02:40 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2015.02.03 05:32:58 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18741_none_5d0aa07fcb041510.manifest
[2014.12.12 08:03:57 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22908_none_5dc680e6e3faf39e.manifest
[2015.01.12 05:35:19 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22921_none_5da9df08e4117a1f.manifest
[2015.01.14 08:45:13 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22923_none_5dabdf9ce40faccd.manifest
[2015.01.27 05:51:15 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22943_none_5d963fc4e41fe4af.manifest
[2015.02.03 05:54:42 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22948_none_5d9b4136e41b6362.manifest
[2015.03.17 07:06:11 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23002_none_5dc0574ce4008ed6.manifest
[2015.04.27 21:17:27 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23040_none_5d931708e422cbec.manifest
[2009.07.14 03:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.10.31 21:47:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_0ad4ff55dce9d030\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.10.31 21:48:27 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_0ae0ab79dce0fb26\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:56:23 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_0a96fc99dd17f16b\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.10.31 21:47:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_0b1fbd2cf6364a4e\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.10.31 21:48:26 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_0b6949e0f5ff7ec0\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:44:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_0b12ca80f6405e48\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.10.31 21:47:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.10.31 21:48:27 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:45:15 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.10.31 21:47:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.10.31 21:48:27 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.04 12:35:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_0d44e078f32df860\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.12 04:03:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_0d169feaf3511c1f\api-ms-win-core-libraryloader-l1-1-0.dll

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2015.04.16 02:09:10 | 000,005,785 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\shared\gui_items\serializers.pyc
[2015.04.15 23:18:10 | 000,434,368 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.40416.0\System.Runtime.Serialization.dll
[2015.05.13 20:55:23 | 001,164,288 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.40416.0\System.Runtime.Serialization.ni.dll
[2014.07.11 00:24:10 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.05 03:53:39 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2013.02.08 07:14:40 | 000,000,039 | ---- | M] () -- \Users\PC\Documents\Instalované PROGRAMY (2014)\Nero Micro 12.0.02900\Nero Micro 12.0.02900 (Serial).txt
[2013.10.04 17:40:24 | 000,000,029 | ---- | M] () -- \Users\PC\Documents\Instalované PROGRAMY (2014)\Zoner 16.3\Zoner Photo Studio Professional 16.3 CZ\Serial Key.txt
[2013.07.08 14:43:48 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014.06.24 01:43:20 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.07.08 14:45:28 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2014.07.11 00:24:10 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2014.11.01 13:19:47 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\91eb4f41130c65ef17f0fee1d3ab48fb\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.11.01 13:21:15 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\b1e0939384cc320d6ac7b8921ccc2877\System.Runtime.Serialization.ni.dll
[2015.03.05 23:19:25 | 000,306,176 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\a94049de665f1854ea5df1a857b2c68f\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2015.03.05 23:19:25 | 000,000,440 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\a94049de665f1854ea5df1a857b2c68f\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2015.03.05 23:21:45 | 002,855,424 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\187177229c00aec6dec613ea4b9ff209\System.Runtime.Serialization.ni.dll
[2015.03.05 23:21:45 | 000,000,996 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\187177229c00aec6dec613ea4b9ff209\System.Runtime.Serialization.ni.dll.aux
[2015.03.06 19:46:04 | 000,025,600 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\ad0261438ff8f46e093faa717226ebef\System.Xml.Serialization.ni.dll
[2015.03.06 19:46:04 | 000,000,284 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\ad0261438ff8f46e093faa717226ebef\System.Xml.Serialization.ni.dll.aux
[2014.04.12 01:48:40 | 001,051,888 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\65FC11932FE9AB9348A62CB73DDC6058\4.5.51209\System.Runtime.Serialization.dll.x86
[2014.04.12 01:48:40 | 001,051,888 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\65FC11932FE9AB9348A62CB73DDC6058\4.5.51209\System.Runtime.Serialization.dll_gac_x86
[2014.04.12 01:48:40 | 000,028,000 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014.04.12 01:48:40 | 000,133,432 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2014.04.12 00:08:06 | 000,029,472 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Json\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Json.dll
[2014.04.12 00:08:06 | 000,029,512 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Primitives\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Primitives.dll
[2014.04.12 01:48:40 | 000,113,952 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2014.04.12 00:08:06 | 000,029,976 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Xml\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Xml.dll
[2014.07.23 02:17:44 | 001,050,840 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2014.04.12 00:08:06 | 000,045,800 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2014.04.12 00:08:06 | 000,029,928 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.XmlSerializer\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Xml.XmlSerializer.dll
[2014.06.24 01:43:20 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.05 03:53:33 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014.07.11 00:24:11 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2014.07.23 02:17:44 | 001,050,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2014.04.12 01:48:40 | 000,133,432 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2014.04.12 00:08:06 | 000,029,472 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Json.dll
[2014.04.12 00:08:06 | 000,029,512 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2014.04.12 00:08:06 | 000,029,976 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2014.04.12 00:08:06 | 000,045,800 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2014.04.12 00:08:06 | 000,029,928 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.XmlSerializer.dll
[2014.04.12 01:48:40 | 000,028,000 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014.04.12 01:48:40 | 000,113,952 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2009.07.14 10:43:17 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 01:45:33 | 000,083,456 | ---- | M] () -- \Windows\System32\drivers\serial.sys
[2009.07.14 10:43:30 | 000,009,728 | ---- | M] () -- \Windows\System32\drivers\cs-CZ\serial.sys.mui
[2009.07.14 00:13:45 | 001,068,032 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\mdmmotsm.inf_x86_neutral_c1415d9789c54b89\smserial.sys
[2009.07.14 01:45:33 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_x86_neutral_c1a802e06677f73f\serial.sys
[2009.07.14 00:09:18 | 000,031,232 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_x86_neutral_63e72c669d043f14\grserial.sys
[2009.07.14 04:18:03 | 000,002,762 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486.manifest
[2009.07.14 04:18:03 | 000,015,952 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486_kdcom.dll_db5e7744
[2009.07.14 10:43:55 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009.07.14 04:18:51 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009.07.14 03:52:33 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896.manifest
[2010.11.20 06:06:16 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2014.07.02 07:57:49 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.18523_none_a6803b1074d97c29.manifest
[2014.07.14 04:04:09 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.18532_none_a681522274d87bdf.manifest
[2014.07.02 08:07:46 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22733_none_8fb394768e7ff5d7.manifest
[2014.07.14 04:04:27 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22743_none_8fb494c08e7f0f2e.manifest
[2009.07.14 10:42:43 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2014.07.02 08:50:42 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18523_cs-cz_342b81c984259c43.manifest
[2014.07.14 05:14:58 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_cs-cz_342c98db84249bf9.manifest
[2014.07.02 22:15:55 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22733_cs-cz_1d5edb2f9dcc15f1.manifest
[2014.07.14 05:04:07 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_cs-cz_1d5fdb799dcb2f48.manifest
[2009.07.14 03:51:52 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9.manifest
[2010.11.20 06:05:38 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2014.07.02 08:00:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.18523_none_d6c370aa9c807d5c.manifest
[2014.07.14 04:06:40 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.18532_none_d6c487bc9c7f7d12.manifest
[2014.07.02 08:10:04 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22733_none_bff6ca10b626f70a.manifest
[2014.07.14 04:06:53 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22743_none_bff7ca5ab6261061.manifest
[2009.07.14 03:49:26 | 000,002,762 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486.manifest
[2009.07.14 03:45:27 | 000,000,866 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_2c93290b67c98d09.manifest
[2009.07.14 03:57:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b.manifest
[2010.11.20 06:10:46 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2014.07.02 07:58:58 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18523_none_db9e1c77dd57179e.manifest
[2014.07.14 04:05:25 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18532_none_db9f3389dd561754.manifest
[2014.07.02 08:08:55 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22733_none_c4d175ddf6fd914c.manifest
[2014.07.14 04:05:41 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22743_none_c4d27627f6fcaaa3.manifest
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2014.06.24 01:43:20 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7601.18523_none_1c70653de072abde\System.Runtime.Serialization.Formatters.Soap.dll
[2014.06.24 01:43:36 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7601.22733_none_05a3bea3fa19258c\System.Runtime.Serialization.Formatters.Soap.dll
[2009.07.14 10:43:23 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.07.08 14:43:48 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7601.18523_cs-cz_d5997ba9da0ab4d7\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 23:14:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896\System.Runtime.Serialization.dll
[2010.11.05 03:52:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2014.03.09 23:47:42 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.18523_none_a6803b1074d97c29\System.Runtime.Serialization.dll
[2014.07.11 00:24:11 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.18532_none_a681522274d87bdf\System.Runtime.Serialization.dll
[2014.03.17 16:38:28 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22733_none_8fb394768e7ff5d7\System.Runtime.Serialization.dll
[2014.07.08 01:27:52 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22743_none_8fb494c08e7f0f2e\System.Runtime.Serialization.dll
[2009.07.14 10:43:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2013.07.08 14:45:28 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18523_cs-cz_342b81c984259c43\System.RunTime.Serialization.Resources.dll
[2013.07.08 14:45:28 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_cs-cz_342c98db84249bf9\System.RunTime.Serialization.Resources.dll
[2013.07.09 08:47:35 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22733_cs-cz_1d5edb2f9dcc15f1\System.RunTime.Serialization.Resources.dll
[2013.07.09 08:47:35 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_cs-cz_1d5fdb799dcb2f48\System.RunTime.Serialization.Resources.dll
[2009.06.10 23:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9\System.Runtime.Serialization.dll
[2010.11.05 03:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2014.03.09 23:47:42 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.18523_none_d6c370aa9c807d5c\System.Runtime.Serialization.dll
[2014.07.11 00:24:10 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.18532_none_d6c487bc9c7f7d12\System.Runtime.Serialization.dll
[2014.03.17 16:38:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22733_none_bff6ca10b626f70a\System.Runtime.Serialization.dll
[2014.07.08 01:27:52 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22743_none_bff7ca5ab6261061\System.Runtime.Serialization.dll
[2009.07.14 00:13:45 | 001,068,032 | ---- | M] () -- \Windows\winsxs\x86_mdmmotsm.inf_31bf3856ad364e35_6.1.7600.16385_none_7a97936f8a972896\smserial.sys
[2009.07.14 10:43:15 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_c002c1170ca9a88f\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.05 03:53:33 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_c233d4df09982c29\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.05 03:53:33 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.18523_cs-cz_c227ede109a14864\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.05 03:53:33 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.22731_cs-cz_c2a4bc1222c8ce98\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.07.14 10:43:17 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2009.07.14 10:43:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_5d4a68b4b3d26ecc\System.RunTime.Serialization.Resources.dll
[2010.11.05 03:53:39 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2010.11.05 03:53:39 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.18523_cs-cz_5f6f957eb0ca0ea1\System.RunTime.Serialization.Resources.dll
[2010.11.05 03:53:39 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.22733_cs-cz_5fee6443c9efc783\System.RunTime.Serialization.Resources.dll
[2009.07.14 10:43:30 | 000,009,728 | ---- | M] () -- \Windows\winsxs\x86_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_c48c78a9ad8ff996\serial.sys.mui
[2009.07.14 01:45:33 | 000,083,456 | ---- | M] () -- \Windows\winsxs\x86_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_f86e06d519b1d9a4\serial.sys
[2009.07.14 00:09:18 | 000,031,232 | ---- | M] () -- \Windows\winsxs\x86_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_7280378295916274\grserial.sys
[2009.06.10 23:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b\System.Runtime.Serialization.dll
[2010.11.05 03:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2014.03.09 23:47:42 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18523_none_db9e1c77dd57179e\System.Runtime.Serialization.dll
[2014.07.11 00:24:10 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18532_none_db9f3389dd561754\System.Runtime.Serialization.dll
[2014.03.17 16:38:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22733_none_c4d175ddf6fd914c\System.Runtime.Serialization.dll
[2014.07.08 01:27:52 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22743_none_c4d27627f6fcaaa3\System.Runtime.Serialization.dll

< *w7lxe* /s >

< End of report >

OTL Extras logfile created on: 17.5.2015 15:39:40 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\PC\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17801)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,99 Gb Total Physical Memory | 1,44 Gb Available Physical Memory | 48,16% Memory free
5,98 Gb Paging File | 4,04 Gb Available in Paging File | 67,63% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 128,04 Gb Free Space | 54,98% Space Free | Partition Type: NTFS
Drive D: | 232,49 Gb Total Space | 0,32 Gb Free Space | 0,14% Space Free | Partition Type: NTFS

Computer Name: PC-T | User Name: PC | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-808673984-1327769900-1736563967-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06323AB4-E9EF-4531-BAAC-B97E40DCAF3B}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0880B61F-8C6C-458E-BDCB-4CCB6200978A}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0E12131C-FB02-4800-94F0-E7BD6ACE637E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{127DAA2C-0580-4C2B-A71D-0CF0E9FF752E}" = lport=138 | protocol=17 | dir=in | app=system |
"{1FAA01AE-3E6D-45A3-8CB9-6800A917F0B3}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{397818F3-24DD-4188-AC4A-C7E2CF55C3C0}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{5F34F87A-870C-464E-99DD-7AE0157CE882}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{66AB12A9-3FA1-4334-A7A6-AE17FEF7C087}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6A2FA700-147E-4984-8756-5AA848844C90}" = lport=139 | protocol=6 | dir=in | app=system |
"{7232FD35-C40A-4AA7-BC32-E8CFCF824E93}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{7F17A7E8-8CF3-4E5F-B8E5-6B4397A93FE7}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9B432E97-A4AE-48CB-8AF1-82943CCA9AB5}" = rport=139 | protocol=6 | dir=out | app=system |
"{9BE1100D-1CC6-4612-97C5-C4B7DBAB92E7}" = lport=2869 | protocol=6 | dir=in | app=system |
"{A5486556-A2A2-487E-9EF3-0E51C0055260}" = lport=2869 | protocol=6 | dir=in | app=system |
"{B0FA4100-EE77-43BF-B3D4-6E007B9016C6}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{C0FA337C-91AB-4D31-90E5-87CEB2E4EAA2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C1956273-A46D-4FEF-A0A3-3D9202E64068}" = lport=10243 | protocol=6 | dir=in | app=system |
"{C707187E-3C4F-4DC0-A615-83A51D39D331}" = rport=137 | protocol=17 | dir=out | app=system |
"{C861BC20-ECC9-44A4-9152-65A6B51FBDB6}" = rport=445 | protocol=6 | dir=out | app=system |
"{D1D332CA-349C-4337-9A67-5A36F3D65B16}" = lport=137 | protocol=17 | dir=in | app=system |
"{D4EDFEF3-AD6D-40CF-B113-2DBDD6B4F29A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{E3AD14CA-FF8E-4B14-A1A3-10418C202000}" = rport=10243 | protocol=6 | dir=out | app=system |
"{E5C2AE18-7260-45AD-8BF1-B5106A2A2DAA}" = lport=445 | protocol=6 | dir=in | app=system |
"{EB34DFC3-8808-4CB4-9203-BAE1086E5344}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{ED8DFF7D-C523-4853-8DC2-731615D2CAE8}" = rport=138 | protocol=17 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{088BD836-C627-451B-8D6F-8E47F958C7E0}" = protocol=6 | dir=out | app=system |
"{1DD728BB-D456-40C2-B374-88500A8A7BEF}" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"{1E400E96-1776-4EDE-97ED-227357060D40}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{2F21C438-C966-4A99-BD42-C62A63EEE324}" = dir=in | app=c:\program files\hp\hp officejet pro 8100\bin\hpnetworkcommunicator.exe |
"{3194E26B-6D9A-4BA7-83CE-E6E38B5C47C1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3512C93F-3AA7-4322-8E56-89CD2C6619E3}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{356BFF6A-2688-4B7C-9CC3-2F437EC4F6E7}" = dir=in | app=c:\program files\zoner\photo studio 17\program32\mediaserver.exe |
"{4A326F84-BB92-45D0-A624-7A24E90FE070}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{4A55CC92-1C13-4126-A62A-01F6C829ECA4}" = protocol=6 | dir=in | app=c:\program files\avast software\avast\ng\vbox\aswfe.exe |
"{5029AAAE-BF59-4813-86E1-F1B7891EEB02}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5092415E-BCDB-4B6A-9899-6485F00B90CD}" = dir=in | app=c:\program files\hp\hp officejet pro 8100\bin\devicesetup.exe |
"{53264642-0D88-4147-BE29-F2918BC7C4A8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{54A2D205-538A-4401-9B2E-6B0B006D64F9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5B1A0149-F960-4522-B8F7-A74919DB3AE1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{675CF125-4D96-4E75-8211-7735C4C95022}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{745970A4-B0D8-47BF-84F5-ABDD0EF99B04}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{843C78C3-E18F-4518-9E7B-2561EFE5F1BF}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{850AB606-567F-4D54-8C38-D9B4A32BB651}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{92BA23EC-9931-4173-BF6C-21EE4BF3FECA}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{92CEE08B-50D9-4AA4-84DE-5D71E11D97EB}" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe |
"{9BC60D6C-007D-4D23-8A93-EF374B08D399}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{9E752F9C-7D48-4340-B16D-CF13B250F120}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A665D71C-2B63-42E0-9BE6-17EB0F79BFFD}" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe |
"{B0902B6C-8469-4B39-B726-F53581E35C3C}" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"{B3B80E3B-1B1D-44C8-9A51-F05C815CAB25}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{C0DCC3AE-5197-4EA9-9D6C-53018B2F9706}" = dir=in | app=c:\program files\hp\hp officejet pro 8100\bin\hpnetworkcommunicatorcom.exe |
"{E1219AB8-F7FA-480A-BDA8-093FE1D900E7}" = protocol=17 | dir=in | app=c:\program files\avast software\avast\ng\vbox\aswfe.exe |
"{E126B3C2-47D3-435D-BF5E-C3F885B8CC84}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{E25A8B65-5AFA-4AFB-9257-D85662FB3E73}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"TCP Query User{A51F2A87-3F04-45D7-9781-A065C40F56CE}C:\Games\World_of_Tanks\wotlauncher.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"UDP Query User{6ACB7CE0-8A98-4DD0-90F1-3D9C25EC50B4}C:\Games\World_of_Tanks\wotlauncher.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00F14E5B-E07A-2A1E-6788-580773CE1486}" = CCC Help English
"{02F2BA99-3AFA-F0E6-969B-E6443A469967}" = Catalyst Control Center InstallProxy
"{068B46A0-8858-4CEB-80BC-A4AE787A05FC}" = Windows Live Sync
"{0A036215-0A8D-6FBE-7EA3-7AED4F9E162A}" = CCC Help Turkish
"{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}" = Cisco PEAP Module
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0FB630AB-7BD8-40AE-B223-60397D57C3C9}" = Realtek WLAN Driver
"{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
"{148C8BF9-E1B4-445D-AC67-2CABAE63949A}" = Epson Event Manager
"{15A05AAA-37E7-D516-5BE9-C960C2170403}" = CCC Help Czech
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{21E9850E-58C2-FA88-D5AD-B64D253B8F82}" = CCC Help Thai
"{2290A680-4083-410A-ADCC-7092C67FC052}" = Toshiba Online Product Information
"{25A7270E-1B63-DFD1-ACBC-88852A305398}" = CCC Help Chinese Traditional
"{26A24AE4-039D-4CA4-87B4-2F83218045F0}" = Java 8 Update 45
"{28164BD8-81EA-639A-85E9-E659E3EE6DA7}" = Catalyst Control Center InstallProxy
"{2E69E784-F84A-9A18-7D8E-4EB8504EEE1E}" = CCC Help Danish
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{362614E4-9ABB-E7A7-CDDC-239AB168060A}" = CCC Help Japanese
"{3911CF56-9EF2-39BA-846A-C27BD3CD0685}" = Microsoft .NET Framework 4.5.2
"{3DF7D356-6225-8717-AFC2-91D5C1521036}" = AMD Media Foundation Decoders
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{415FA9AD-DA10-4ABE-97B6-5051D4795C90}" = HP FWUpdateEDO2
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{463F67F4-58D0-4C0D-BBC9-D0CC4E56D1B8}" = Windows Live UX Platform Language Pack
"{4745F6F8-09DA-CC39-EC19-0E8D764CF2B7}" = CCC Help Chinese Standard
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{4FA31DE2-B613-24BB-1738-B655C00B1C9D}" = CCC Help Hungarian
"{50300123-F8FC-4B50-B449-E847D04F1BA2}" = Windows Live Messenger
"{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"{53536479-DFB0-47ED-9D10-43F3708C222D}" = TOSHIBA eco Utility
"{58771CF6-F212-CC4D-61B1-45CC70B6375C}" = CCC Help Dutch
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{5E6F6CF3-BACC-4144-868C-E14622C658F3}" = TOSHIBA Web Camera Application
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69EDC871-8A8A-34A8-B511-FF7CE3C4B0B7}" = Microsoft .NET Framework 4.5.2 (CSY)
"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER
"{6D5CE5F1-CBB0-9ED4-1A1E-91DDCD6225FD}" = CCC Help Italian
"{707210B0-29F1-C550-BA96-6ECDA245CF24}" = CCC Help Spanish
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{744CD274-6303-4F1C-9423-DA709E6AFBB6}" = Základní software zařízení HP Officejet Pro 8100
"{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TOSHIBA Recovery Media Creator Reminder
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{7F644A4B-C9A7-E419-BFD9-75DFA0EE57DB}" = AMD Accelerated Video Transcoding
"{812B956B-37AB-24B9-4527-78A6D3ECE7F8}" = CCC Help Korean
"{83293709-B863-0EF6-00DA-B026D486E8B5}" = CCC Help Polish
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows Vista and Later
"{88B2ABCF-9C00-47C1-8FC4-369B98845DD7}" = Catalyst Control Center - Branding
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D5B19AA-3D3A-5870-C9A0-346EBC5DB21E}" = ccc-utility
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}" = Toshiba Manuals
"{911904DE-EBB6-BC8E-D5BD-762B7DB42C46}" = CCC Help Greek
"{912D30CF-F39E-4B31-AD9A-123C6B794EE2}" = HP Update
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.5.2 (čeština)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.2
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{956F2B16-DE59-482E-A248-98F63657080B}" = Adobe Photoshop Lightroom 5.7.1
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9903011B-5F1D-A2A1-8078-EE62B3324CCE}" = CCC Help Portuguese
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A7F1628-2126-34A5-852D-2B93328BCF3F}" = CCC Help German
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}" = TOSHIBA PC Health Monitor
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA72FB28-73B4-49E5-B6B4-E78F44BBD0AD}" = Epson Copy Utility 3.5
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station
"{AC76BA86-0804-1033-1959-001802114130}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.11) - Czech
"{AE6C422B-DADB-D547-411C-E9E56DF03D16}" = CCC Help Russian
"{AF312B06-5C5C-468E-89B3-BE6DE2645722}" = Cisco LEAP Module
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B09567CC-E43F-10F1-752D-549AC7FB0C43}" = CCC Help Finnish
"{B170B91D-E8E3-A6A3-D129-D8E36FEA8A0B}" = CCC Help Norwegian
"{B448BC74-1CB7-7A57-3313-5E075AFB413E}" = AMD Catalyst Install Manager
"{B4A3C072-87AF-4937-880D-3D7997111C0D}" = Document Capture Pro
"{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}" = HPDiagnosticAlert
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator
"{BD96ABD3-D1D4-5513-6C60-11476D6DCFC5}" = Catalyst Control Center Localization All
"{C39C7876-4D21-8A38-0A42-B5C8858EC6C7}" = CCC Help French
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D4236B82-213F-679E-09A2-9AEB5EF4CADC}" = Catalyst Control Center Graphics Previews Common
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = Výstraha HDD/SSD TOSHIBA
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel(R) Turbo Boost Technology Driver
"{DBA18992-B9F3-950D-E973-6ED23422EA73}" = AMD Drag and Drop Transcoding
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORMCLauncher
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EBBD4FE6-91DA-C397-6D56-FE85DBF24FCF}" = Catalyst Pro Control Center
"{F082CB11-4794-4259-99A1-D91BA762AD15}" = TOSHIBA TEMPRO
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3529665-D75E-4D6D-98F0-745C78C68E9B}" = TOSHIBA ConfigFree
"{F7635BFA-96BB-426D-91ED-1DB0E09585A9}" = HP Officejet Pro 8100 Nápověda
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F9000000-0018-0000-0000-074957833700}" = ABBYY FineReader 9.0 Sprint
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FCEFDA6B-63CD-BB17-B845-478A42E24D39}" = CCC Help Swedish
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"ABBYY FineReader 9.0 Sprint" = ABBYY FineReader 9.0 Sprint
"AC3Filter_is1" = AC3Filter 2.0a
"Adobe AIR" = Adobe AIR
"Adobe Flash Player NPAPI" = Adobe Flash Player 17 NPAPI
"Avast" = Avast Internet Security
"CCleaner" = CCleaner
"CZ Lokalizace pro Lightroom 5.x_is1" = C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.7.1\LRcestina_uninstall.exe
"DAEMON Tools Lite" = DAEMON Tools Lite
"Defraggler" = Defraggler
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EPSON Perfection V370 Photo Useg" = Epson Uživatelská příručka EPSON Perfection V370 Photo
"EPSON Scanner" = EPSON Scan
"FastStone Image Viewer" = FastStone Image Viewer 5.3
"GOM Player" = GOM Player
"GPL Ghostscript 9.00" = GPL Ghostscript 9.00
"InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Heslo správce
"InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}" = Nastaveni hadrware TOSHIBA
"InstallShield_{53536479-DFB0-47ED-9D10-43F3708C222D}" = TOSHIBA eco Utility
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TOSHIBA Recovery Media Creator Reminder
"InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = Výstraha HDD/SSD TOSHIBA
"InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORMCLauncher
"InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"Mozilla Firefox 38.0.1 (x86 cs)" = Mozilla Firefox 38.0.1 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"rajce.net_is1" = Rajče průvodce verze 1.59.54.269
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Totalcmd" = Total Commander (Remove or Repair)
"Winamp" = Winamp
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 5.11 (32-bit)
"ZonerPhotoStudio17_CZ_is1" = Zoner Photo Studio 17

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-808673984-1327769900-1736563967-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1" = World of Tanks

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 29.4.2015 0:03:35 | Computer Name = PC-T | Source = ESENT | ID = 439
Description = Windows (3932) Windows: Pro soubor C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk
nelze zapsat stínové záhlaví. Chyba -1032

Error - 29.4.2015 0:06:00 | Computer Name = PC-T | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\SLSTaskbar64.exe
se nezdařilo. Závislé sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 29.4.2015 0:10:54 | Computer Name = PC-T | Source = TOSHIBA Service Station | ID = 0
Description = Služba TMachInfo nebyla nalezena v počítači ..

Error - 29.4.2015 0:10:54 | Computer Name = PC-T | Source = TOSHIBA Service Station | ID = 0
Description = TSS Load: could not communicate with TMachInfo service

Error - 29.4.2015 0:11:58 | Computer Name = PC-T | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro c:\program files\common files\adobe
air\Versions\1.0\Adobe AIR.dll se nezdařilo. Chyba v souboru manifestu nebo zásady
c:\program files\common files\adobe air\Versions\1.0\Adobe AIR.dll na řádku 3. Hodnota
MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR atributu version
v prvku assemblyIdentity je neplatná.

Error - 29.4.2015 12:02:50 | Computer Name = PC-T | Source = TOSHIBA Service Station | ID = 0
Description = Služba TMachInfo nebyla nalezena v počítači ..

Error - 29.4.2015 12:02:50 | Computer Name = PC-T | Source = TOSHIBA Service Station | ID = 0
Description = TSS Load: could not communicate with TMachInfo service

Error - 29.4.2015 13:08:09 | Computer Name = PC-T | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\program files\ati technologies\ATI.ACE\core-static\SLSTaskbar64.exe
se nezdařilo. Závislé sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 30.4.2015 11:39:53 | Computer Name = PC-T | Source = TOSHIBA Service Station | ID = 0
Description = Služba TMachInfo nebyla nalezena v počítači ..

Error - 30.4.2015 11:39:53 | Computer Name = PC-T | Source = TOSHIBA Service Station | ID = 0
Description = TSS Load: could not communicate with TMachInfo service

[ System Events ]
Error - 15.4.2015 16:11:48 | Computer Name = PC-T | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR4.

Error - 15.4.2015 16:11:49 | Computer Name = PC-T | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR4.

Error - 16.4.2015 13:26:43 | Computer Name = PC-T | Source = BROWSER | ID = 8032
Description =

Error - 17.4.2015 14:50:54 | Computer Name = PC-T | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR1.

Error - 17.4.2015 14:50:55 | Computer Name = PC-T | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR1.

Error - 17.4.2015 14:50:55 | Computer Name = PC-T | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR1.

Error - 17.4.2015 14:50:56 | Computer Name = PC-T | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR1.

Error - 18.4.2015 15:08:29 | Computer Name = PC-T | Source = BROWSER | ID = 8032
Description =

Error - 19.4.2015 2:56:47 | Computer Name = PC-T | Source = DCOM | ID = 10010
Description =

Error - 19.4.2015 14:18:59 | Computer Name = PC-T | Source = BROWSER | ID = 8032
Description =

< End of report >

Znovu spustte OTL jako spravce
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[Purity]
[CreateRestorePoint]

:services
AdobeFlashPlayerUpdateSvc

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:otl
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-808673984-1327769900-1736563967-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
FF - prefs.js..browser.search.isUS: false
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
[2015.05.17 11:44:13 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[5 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]

Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

Tak, vše provedeno a tohle mě to vyhodilo:

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 41044 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: PC
->Temp folder emptied: 13304963 bytes
->Temporary Internet Files folder emptied: 142742 bytes
->Java cache emptied: 48335 bytes
->FireFox cache emptied: 110650656 bytes
->Flash cache emptied: 41815 bytes

User: Public

%systemdrive% .tmp files removed: 3066969 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 9768 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 121,00 mb

[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: PC
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb

Restore point Set: OTL Restore Point
========== SERVICES/DRIVERS ==========
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-808673984-1327769900-1736563967-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Prefs.js: false removed from browser.search.isUS
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
File/Folder C:\Windows\*.tmp not found.
File/Folder C:\*.tmp not found.
C:\Windows\Tasks\Adobe Flash Player Updater.job moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5E64.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8545.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPBB26.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPD307.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPEF5D.tmp folder deleted successfully.
C:\Windows\Installer\MSIC033.tmp deleted successfully.

OTL by OldTimer - Version 3.2.69.0 log created on 05172015_165007

Files\Folders moved on Reboot...
File\Folder C:\Users\PC\AppData\Local\Temp\etilqs_cQX47ulgHEcag3V not found!
File move failed. C:\Windows\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Znovu spustte OTL jako spravce a kliknete na napis Vycisti, program po sobe uklidi.

Ani v tomto logu neni videt zadna skodna, takze pokud neni s pc zadny problem, myslim, ze dalsi kroky nejsou potreba

Dobře tedy sem o moc klidnější (i když hokej mě rozhodil více

) děkuju moc za váš čas a rady a fajn zbytek večera přeju

No jo no, kdo neda gol, nemuze vyhrat

Ale abych to nejak moc prozival, z toho uz jsem vyrostl

Nemate zac!

Mejte se a treba zase nekdy

VIRY.CZ

Prosím o preventivku notebooku

Re: Prosím o preventivku notebooku

Re: Prosím o preventivku notebooku

Re: Prosím o preventivku notebooku

Re: Prosím o preventivku notebooku

Re: Prosím o preventivku notebooku

Re: Prosím o preventivku notebooku

Re: Prosím o preventivku notebooku

Re: Prosím o preventivku notebooku

Re: Prosím o preventivku notebooku

Re: Prosím o preventivku notebooku

Re: Prosím o preventivku notebooku

Re: Prosím o preventivku notebooku