VIRY.CZ

Zdravím viry.cz ,
nějak se mi extremně zpomalil notebook,a začal zasekávat při vypinání se stále vypinají programi na pozadí, žádné , ale nejsou zaplé
log s RITS

Zdravim

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

OTL hodil chybu, seknul se a stojí

Obcas se to stane, ze OTL tuhle chybku vyhodi

Spustte ho podle stejneho navodu jeste jednou, ale s timto upravenym skriptem
Nedavejte log do Code, blbe se to cte

OTL.TXT
OTL logfile created on: 17.7.2013 10:03:26 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Vita\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1015,30 Mb Total Physical Memory | 90,11 Mb Available Physical Memory | 8,87% Memory free
1,99 Gb Paging File | 0,79 Gb Available in Paging File | 39,43% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 148,95 Gb Total Space | 114,49 Gb Free Space | 76,87% Space Free | Partition Type: NTFS

Computer Name: VITA-PC | User Name: Vita | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013.07.17 09:03:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Vita\Downloads\OTL.exe
PRC - [2013.01.27 12:11:46 | 000,295,232 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\NisSrv.exe
PRC - [2013.01.27 12:11:46 | 000,020,456 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2013.01.27 12:11:06 | 000,947,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2012.11.23 04:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.12.03 21:28:08 | 000,026,112 | ---- | M] (LSI Corporation) -- C:\Program Files\LSI SoftModem\agrsmsvc.exe
PRC - [2007.02.06 12:44:24 | 000,069,632 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEADISRV.EXE


========== Modules (No Company Name) ==========

MOD - [2013.07.12 20:49:44 | 000,396,240 | ---- | M] () -- C:\Users\Vita\AppData\Local\Google\Chrome\Application\28.0.1500.72\ppgooglenaclpluginchrome.dll
MOD - [2013.07.12 20:49:43 | 013,599,184 | ---- | M] () -- C:\Users\Vita\AppData\Local\Google\Chrome\Application\28.0.1500.72\PepperFlash\pepflashplayer.dll
MOD - [2013.07.12 20:49:42 | 004,052,944 | ---- | M] () -- C:\Users\Vita\AppData\Local\Google\Chrome\Application\28.0.1500.72\pdf.dll
MOD - [2013.07.12 20:48:52 | 000,601,552 | ---- | M] () -- C:\Users\Vita\AppData\Local\Google\Chrome\Application\28.0.1500.72\libglesv2.dll
MOD - [2013.07.12 20:48:51 | 000,123,344 | ---- | M] () -- C:\Users\Vita\AppData\Local\Google\Chrome\Application\28.0.1500.72\libegl.dll
MOD - [2013.07.12 20:48:49 | 001,597,392 | ---- | M] () -- C:\Users\Vita\AppData\Local\Google\Chrome\Application\28.0.1500.72\ffmpegsumo.dll
MOD - [2011.05.28 23:04:58 | 000,140,288 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2011.03.17 01:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF


========== Services (SafeList) ==========

SRV - [2013.06.12 14:18:28 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.01.27 12:11:46 | 000,295,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2013.01.27 12:11:46 | 000,020,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012.09.20 14:28:48 | 030,785,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2012.04.22 13:51:04 | 000,720,936 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.11.03 22:49:31 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2009.12.03 21:28:08 | 000,026,112 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.02.06 12:44:24 | 000,069,632 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEADISRV.EXE -- (AEADIFilters)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - File not found [Kernel | Auto | Stopped] -- C:\Windows\system32\Drivers\SSPORT.sys -- (SSPORT)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\dgderdrv.sys -- (dgderdrv)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (.dfsc)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (.csc)
DRV - [2013.06.04 09:15:02 | 000,181,912 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudobex.sys -- (ssudobex)
DRV - [2013.06.04 09:15:02 | 000,181,912 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2013.06.04 09:15:02 | 000,084,248 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2013.01.20 16:59:04 | 000,100,328 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2012.04.22 13:51:38 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2012.01.09 17:28:20 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2012.01.09 17:28:20 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2012.01.09 17:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2012.01.09 17:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010.11.20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 12:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010.11.20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.11.20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010.02.25 01:02:30 | 000,015,544 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CPQBTTN.sys -- (HBtnKey)
DRV - [2010.01.26 18:38:06 | 001,163,328 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2009.12.15 14:05:42 | 000,102,912 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009.12.15 14:05:42 | 000,101,120 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbdev.sys -- (hwusbdev)
DRV - [2009.12.15 14:05:42 | 000,023,424 | ---- | M] (Huawei Tech. Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewdcsc.sys -- (Huawei)
DRV - [2009.08.20 07:15:30 | 000,306,688 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\averhbtv.sys -- (AVerHybrid)
DRV - [2009.07.14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009.07.14 00:02:50 | 000,211,456 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)
DRV - [2009.04.29 08:46:54 | 000,015,872 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2008.12.18 11:13:18 | 000,025,680 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\eusk2par.sys -- (eusk2par)
DRV - [2008.01.10 03:34:57 | 000,041,984 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\DGIVECP.SYS -- (DgiVecp)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-2342436354-1182876315-656592175-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-2342436354-1182876315-656592175-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2342436354-1182876315-656592175-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-2342436354-1182876315-656592175-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-2342436354-1182876315-656592175-1000\..\SearchScopes\{6B0D7567-5E77-4E45-A789-045A3C92E886}: "URL" = http://search.conduit.com/ResultsExt.as ... =CT1750559
IE - HKU\S-1-5-21-2342436354-1182876315-656592175-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: fe_7.0@nokia.com:1.7.110.333
FF - prefs.js..network.proxy.type: 0
FF - prefs.js..browser.search.defaulturl: ""
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.13.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Vita\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Vita\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.11.05 00:11:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.11.03 23:30:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.11.05 00:11:47 | 000,000,000 | ---D | M]

[2011.11.03 23:31:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vita\AppData\Roaming\Mozilla\Extensions
[2013.07.17 00:39:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vita\AppData\Roaming\Mozilla\Firefox\Profiles\cy824kgu.default\extensions
[2012.05.13 17:00:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) -- C:\PROGRAM FILES\NOKIA\NOKIA SUITE\CONNECTORS\BOOKMARKS CONNECTOR\FIREFOXEXTENSION_7.0
[2011.09.29 09:09:31 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.09.29 03:30:58 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2011.09.29 03:30:58 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2011.09.29 03:30:58 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2011.09.29 03:30:58 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2011.09.29 03:30:58 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Vita\AppData\Local\Google\Chrome\Application\28.0.1500.72\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Vita\AppData\Local\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Vita\AppData\Local\Google\Chrome\Application\28.0.1500.72\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL
CHR - plugin: Nokia Suite Enabler Plugin (Enabled) = C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Vita\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll
CHR - plugin: Java Deployment Toolkit 7.0.130.20 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll

Hosts file not found
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-2342436354-1182876315-656592175-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Od&eslat do aplikace OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{69043260-8668-4157-82DF-B84672F6CA28}: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AD18E8E7-84C2-4192-81F6-54D154B40C4F}: DhcpNameServer = 10.0.0.138
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{14ada627-b345-11e2-878c-00248166cfd3}\Shell - "" = AutoRun
O33 - MountPoints2\{14ada627-b345-11e2-878c-00248166cfd3}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{b96a5431-3b17-11e2-8625-00248166cfd3}\Shell - "" = AutoRun
O33 - MountPoints2\{b96a5431-3b17-11e2-8625-00248166cfd3}\Shell\AutoRun\command - "" = E:\Setup.exe
O33 - MountPoints2\{da2e09a9-d9ba-11e1-9f36-00248166cfd3}\Shell - "" = AutoRun
O33 - MountPoints2\{da2e09a9-d9ba-11e1-9f36-00248166cfd3}\Shell\AutoRun\command - "" = F:\Setup.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\Setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.ac3acm - C:\Windows\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Windows\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: VIDC.XVID - C:\Windows\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\Windows\System32\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2013.07.17 00:53:55 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.07.17 00:53:52 | 000,000,000 | ---D | C] -- C:\rsit
[2013.07.11 10:51:46 | 000,000,000 | ---D | C] -- C:\Users\Vita\Desktop\Oprávění plyn
[2013.07.11 08:47:04 | 000,229,648 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2013.07.11 08:44:04 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013.07.11 08:42:37 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2013.07.01 21:11:53 | 000,000,000 | ---D | C] -- C:\Users\Vita\Desktop\1.7.2013
[2013.07.01 08:31:07 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CrashDump
[2013.06.23 20:01:31 | 000,015,304 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\sscdwh.sys
[2013.06.23 19:27:11 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\NativeFus_Log
[2013.06.23 19:27:01 | 000,000,000 | ---D | C] -- C:\Users\Vita\AppData\Local\Samsung
[2013.06.23 19:26:56 | 000,000,000 | ---D | C] -- C:\Users\Vita\AppData\Roaming\Samsung
[2013.06.23 19:26:29 | 000,000,000 | ---D | C] -- C:\Users\Vita\Documents\samsung
[2013.06.23 19:21:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec
[2013.06.23 19:21:09 | 000,000,000 | ---D | C] -- C:\Program Files\MyFree Codec
[2013.06.23 19:19:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
[2013.06.23 19:18:52 | 004,659,712 | ---- | C] (Dmitry Streblechenko) -- C:\Windows\System32\Redemption.dll
[2013.06.23 19:18:08 | 000,821,824 | ---- | C] (Devguru Co., Ltd.) -- C:\Windows\System32\dgderapi.dll
[2013.06.23 19:15:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Samsung
[2013.06.23 19:01:37 | 069,438,144 | ---- | C] (Samsung Electronics Co., Ltd. ) -- C:\Users\Vita\Desktop\KiesSetup.exe

========== Files - Modified Within 30 Days ==========

[2013.07.17 10:05:40 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.07.17 09:49:22 | 000,283,991 | ---- | M] () -- C:\Users\Vita\Desktop\nejde.jpeg
[2013.07.17 09:46:00 | 000,000,970 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2342436354-1182876315-656592175-1001UA.job
[2013.07.17 09:40:37 | 000,283,991 | ---- | M] () -- C:\Users\Vita\Desktop\nejde.dib
[2013.07.17 09:22:39 | 000,000,958 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2342436354-1182876315-656592175-1000UA.job
[2013.07.17 09:17:29 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.07.17 09:05:13 | 000,020,480 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.07.17 09:05:13 | 000,020,480 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.07.17 09:00:13 | 000,000,266 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job
[2013.07.17 08:59:33 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.07.17 08:59:28 | 798,466,048 | -HS- | M] () -- C:\hiberfil.sys
[2013.07.17 00:41:51 | 000,409,288 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.07.17 00:37:46 | 000,662,345 | ---- | M] () -- C:\Users\Vita\Desktop\adwcleaner.exe
[2013.07.16 22:26:12 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2342436354-1182876315-656592175-1000Core.job
[2013.07.14 11:48:25 | 000,634,570 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2013.07.14 11:48:25 | 000,618,936 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.07.14 11:48:25 | 000,123,128 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2013.07.14 11:48:25 | 000,107,256 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.07.13 07:46:00 | 000,000,918 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2342436354-1182876315-656592175-1001Core.job
[2013.07.11 21:55:11 | 000,034,565 | ---- | M] () -- C:\Users\Vita\Documents\Zakázka.rtf
[2013.07.11 15:06:44 | 000,009,346 | ---- | M] () -- C:\Users\Vita\Documents\Faktura.rtf
[2013.07.11 08:47:28 | 000,000,175 | ---- | M] () -- C:\Windows\System32\drivers\aswVmm.sys.sum
[2013.07.11 08:47:28 | 000,000,175 | ---- | M] () -- C:\Windows\System32\drivers\aswSP.sys.sum
[2013.07.11 08:47:28 | 000,000,175 | ---- | M] () -- C:\Windows\System32\drivers\aswSnx.sys.sum
[2013.07.11 08:47:05 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2013.07.08 22:09:04 | 000,004,094 | ---- | M] () -- C:\Users\Vita\Documents\Pokladní doklad.rtf
[2013.06.23 19:26:07 | 000,001,908 | ---- | M] () -- C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
[2013.06.23 19:26:07 | 000,001,898 | ---- | M] () -- C:\Users\Public\Desktop\Samsung Kies.lnk
[2013.06.23 19:03:30 | 069,438,144 | ---- | M] (Samsung Electronics Co., Ltd. ) -- C:\Users\Vita\Desktop\KiesSetup.exe

========== Files Created - No Company Name ==========

[2013.07.17 09:49:22 | 000,283,991 | ---- | C] () -- C:\Users\Vita\Desktop\nejde.jpeg
[2013.07.17 09:40:36 | 000,283,991 | ---- | C] () -- C:\Users\Vita\Desktop\nejde.dib
[2013.07.17 09:10:04 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.07.17 00:41:34 | 000,409,288 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.07.17 00:37:30 | 000,662,345 | ---- | C] () -- C:\Users\Vita\Desktop\adwcleaner.exe
[2013.07.11 08:47:28 | 000,000,175 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys.sum
[2013.07.11 08:47:28 | 000,000,175 | ---- | C] () -- C:\Windows\System32\drivers\aswSP.sys.sum
[2013.07.11 08:47:28 | 000,000,175 | ---- | C] () -- C:\Windows\System32\drivers\aswSnx.sys.sum
[2013.06.23 19:26:07 | 000,001,908 | ---- | C] () -- C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
[2013.06.23 19:26:07 | 000,001,898 | ---- | C] () -- C:\Users\Public\Desktop\Samsung Kies.lnk
[2013.05.22 20:43:52 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2013.05.22 20:43:48 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2013.05.22 20:43:48 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2013.05.22 20:43:48 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2013.05.22 20:43:48 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2012.06.11 11:48:54 | 000,479,232 | ---- | C] () -- C:\Windows\ssndii.exe
[2012.06.11 11:47:56 | 000,022,723 | ---- | C] () -- C:\Windows\System32\ssp2ml3.dll
[2011.11.13 01:31:32 | 000,000,112 | ---- | C] () -- C:\ProgramData\KbrO1B8De.dat
[2011.11.05 00:40:16 | 000,000,384 | ---- | C] () -- C:\Windows\ODBC.INI
[2011.11.05 00:05:53 | 000,184,334 | ---- | C] () -- C:\Windows\hpoins14.dat
[2011.11.05 00:05:53 | 000,001,498 | ---- | C] () -- C:\Windows\hpomdl14.dat
[2011.11.04 01:39:17 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2011.11.04 01:37:23 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011.11.04 00:24:12 | 000,175,616 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2011.11.04 00:24:06 | 000,650,752 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2011.11.04 00:24:06 | 000,243,200 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011.11.04 00:24:05 | 000,074,752 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2011.11.03 23:28:05 | 000,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll

========== ZeroAccess Check ==========

[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2012.04.01 14:20:48 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\PC Suite
[2012.06.10 11:32:00 | 000,000,000 | ---D | M] -- C:\Users\Jituška\AppData\Roaming\PC Suite
[2012.11.30 20:05:15 | 000,000,000 | ---D | M] -- C:\Users\Vita\AppData\Roaming\APK
[2012.09.14 20:39:47 | 000,000,000 | ---D | M] -- C:\Users\Vita\AppData\Roaming\BSplayer
[2012.09.14 19:05:22 | 000,000,000 | ---D | M] -- C:\Users\Vita\AppData\Roaming\BSplayer Pro
[2012.07.06 12:18:15 | 000,000,000 | ---D | M] -- C:\Users\Vita\AppData\Roaming\Nokia
[2012.04.01 11:57:38 | 000,000,000 | ---D | M] -- C:\Users\Vita\AppData\Roaming\Nokia Suite
[2012.07.09 19:57:33 | 000,000,000 | ---D | M] -- C:\Users\Vita\AppData\Roaming\PC Suite
[2013.06.23 19:26:56 | 000,000,000 | ---D | M] -- C:\Users\Vita\AppData\Roaming\Samsung
[2011.11.18 09:08:01 | 000,000,000 | ---D | M] -- C:\Users\Vita\AppData\Roaming\TeamViewer
[2013.05.02 18:35:16 | 000,000,000 | ---D | M] -- C:\Users\Vita\AppData\Roaming\Telefónica Móviles

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009.07.14 06:53:46 | 000,032,606 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 06:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2011.11.04 00:20:33 | 000,000,266 | ---- | C] () -- C:\Windows\Tasks\AutoKMS.job
[2011.11.07 08:40:34 | 000,000,906 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2342436354-1182876315-656592175-1000Core.job
[2011.11.07 08:40:36 | 000,000,958 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2342436354-1182876315-656592175-1000UA.job
[2012.06.10 11:46:16 | 000,000,918 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2342436354-1182876315-656592175-1001Core.job
[2012.06.10 11:46:17 | 000,000,970 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2342436354-1182876315-656592175-1001UA.job
[2013.02.27 16:54:02 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2010.11.20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010.11.20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010.11.20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe

< MD5 for: HAL.DLL >
[2010.11.20 14:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010.11.20 14:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll

< MD5 for: SCECLI.DLL >
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.06.21 07:34:23 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=04E4A7D53A7ACE02E8C55B17A498F631 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_b513df73c4b4f466\tcpip.sys
[2012.08.22 19:05:21 | 001,306,992 | ---- | M] (Microsoft Corporation) MD5=23790A44D9A6B67F8690C34D4F516446 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_b55b785ade04500f\tcpip.sys
[2011.04.25 06:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2010.11.20 14:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2011.09.29 18:17:18 | 001,303,920 | ---- | M] (Microsoft Corporation) MD5=3C1C41E317710F74CEC1E7F0D5325993 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_b5a84e10ddca7566\tcpip.sys
[2013.01.04 06:56:23 | 001,308,504 | ---- | M] (Microsoft Corporation) MD5=4A95845C5F33A4DDEB6AEF6367FB6520 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_b5becc06ddb98192\tcpip.sys
[2011.09.29 18:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_b4d1ffa1c4e682b5\tcpip.sys
[2011.04.25 08:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2013.01.03 07:05:20 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=7C0507D2391AF5933600CBCED799F277 -- C:\Windows\System32\drivers\tcpip.sys
[2013.01.03 07:05:20 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=7C0507D2391AF5933600CBCED799F277 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_b502eb9fc4c2a304\tcpip.sys
[2012.03.30 12:23:11 | 001,291,632 | ---- | M] (Microsoft Corporation) MD5=7FA2E0F8B072BD04B77B421480B6CC22 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_b52e5147c4a202d7\tcpip.sys
[2012.03.30 11:04:23 | 001,306,480 | ---- | M] (Microsoft Corporation) MD5=88FCDB9923EFECA207B3CEBD24407126 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_b583df0adde66104\tcpip.sys
[2012.08.22 19:16:54 | 001,292,144 | ---- | M] (Microsoft Corporation) MD5=A5EBB8F648000E88B7D9390B514976BF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_b514e56fc4b40532\tcpip.sys
[2012.10.03 18:44:01 | 001,308,040 | ---- | M] (Microsoft Corporation) MD5=D490DD0A91B4EAC3B4EE08D11EE37C31 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_b5a428d6ddce3d9a\tcpip.sys
[2011.06.21 08:54:00 | 001,303,424 | ---- | M] (Microsoft Corporation) MD5=DEC4940487050AE13C60C86F40E07E75 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_b583db3edde666b6\tcpip.sys
[2012.10.03 18:58:30 | 001,293,680 | ---- | M] (Microsoft Corporation) MD5=E23A56F843E2AEBBB209D0ACCA73C640 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_b4ef7439c4d0da52\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe

< >

< %systemroot%*.* /U /s >
[14 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\Windows\twain_32\*.tmp files -> C:\Windows\twain_32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2011.12.14 23:08:02 | 000,000,000 | ---D | M] -- C:\Users\Vita\AppData\Roaming\Adobe
[2011.11.04 21:22:49 | 000,000,000 | ---D | M] -- C:\Users\Vita\AppData\Roaming\Ahead
[2012.11.30 20:05:15 | 000,000,000 | ---D | M] -- C:\Users\Vita\AppData\Roaming\APK
[2012.09.14 20:39:47 | 000,000,000 | ---D | M] -- C:\Users\Vita\AppData\Roaming\BSplayer
[2012.09.14 19:05:22 | 000,000,000 | ---D | M] -- C:\Users\Vita\AppData\Roaming\BSplayer Pro
[2011.11.05 00:16:38 | 000,000,000 | ---D | M] -- C:\Users\Vita\AppData\Roaming\HP
[2011.11.03 22:53:53 | 000,000,000 | ---D | M] -- C:\Users\Vita\AppData\Roaming\hpqLog
[2011.11.03 22:28:18 | 000,000,000 | ---D | M] -- C:\Users\Vita\AppData\Roaming\Identities
[2011.11.03 23:50:06 | 000,000,000 | ---D | M] -- C:\Users\Vita\AppData\Roaming\Macromedia
[2009.07.14 09:48:45 | 000,000,000 | ---D | M] -- C:\Users\Vita\AppData\Roaming\Media Center Programs
[2013.02.11 21:22:18 | 000,000,000 | --SD | M] -- C:\Users\Vita\AppData\Roaming\Microsoft
[2011.11.03 23:31:03 | 000,000,000 | ---D | M] -- C:\Users\Vita\AppData\Roaming\Mozilla
[2012.07.06 12:18:15 | 000,000,000 | ---D | M] -- C:\Users\Vita\AppData\Roaming\Nokia
[2012.04.01 11:57:38 | 000,000,000 | ---D | M] -- C:\Users\Vita\AppData\Roaming\Nokia Suite
[2012.07.09 19:57:33 | 000,000,000 | ---D | M] -- C:\Users\Vita\AppData\Roaming\PC Suite
[2013.06.23 19:26:56 | 000,000,000 | ---D | M] -- C:\Users\Vita\AppData\Roaming\Samsung
[2012.05.13 17:01:32 | 000,000,000 | ---D | M] -- C:\Users\Vita\AppData\Roaming\Skype
[2011.11.18 09:08:01 | 000,000,000 | ---D | M] -- C:\Users\Vita\AppData\Roaming\TeamViewer
[2013.05.02 18:35:16 | 000,000,000 | ---D | M] -- C:\Users\Vita\AppData\Roaming\Telefónica Móviles
[2013.07.11 14:42:06 | 000,000,000 | ---D | M] -- C:\Users\Vita\AppData\Roaming\vlc
[2011.11.18 09:22:23 | 000,000,000 | ---D | M] -- C:\Users\Vita\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2009.08.11 21:21:26 | 000,087,552 | ---- | M] () -- C:\Users\Vita\AppData\Roaming\BSplayer\AC3 Filter\ac3config.exe
[2009.08.11 21:21:30 | 000,090,112 | ---- | M] () -- C:\Users\Vita\AppData\Roaming\BSplayer\AC3 Filter\spdif_test.exe
[2010.03.22 14:52:04 | 000,697,690 | ---- | M] () -- C:\Users\Vita\AppData\Roaming\BSplayer\AC3 Filter\unins000.exe
[2010.02.23 17:01:52 | 001,185,871 | ---- | M] () -- C:\Users\Vita\AppData\Roaming\BSplayer\FFDShow\unins000.exe
[2010.08.14 10:42:54 | 000,113,152 | ---- | M] () -- C:\Users\Vita\AppData\Roaming\BSplayer\Haali media splitter\dsmux.exe
[2010.08.14 10:45:10 | 000,358,400 | ---- | M] () -- C:\Users\Vita\AppData\Roaming\BSplayer\Haali media splitter\gdsmux.exe
[2010.08.14 10:42:06 | 000,137,728 | ---- | M] () -- C:\Users\Vita\AppData\Roaming\BSplayer\Haali media splitter\mkv2vfr.exe
[2010.09.30 15:30:22 | 000,042,305 | ---- | M] () -- C:\Users\Vita\AppData\Roaming\BSplayer\Haali media splitter\uninstall.exe
[2011.12.18 22:44:01 | 000,010,134 | R--- | M] () -- C:\Users\Vita\AppData\Roaming\Microsoft\Installer\{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}\ARPPRODUCTICON.exe
[2013.06.26 21:30:53 | 002,536,768 | ---- | M] () -- C:\Users\Vita\AppData\Roaming\Samsung\Kies\FirmwareUpdateTemp\PLUGIN\GT-S5830i\adb-windows.exe
[2013.06.26 21:30:54 | 000,927,704 | ---- | M] () -- C:\Users\Vita\AppData\Roaming\Samsung\Kies\FirmwareUpdateTemp\PLUGIN\GT-S5830i\BinaryLoaderMgr.exe
[2013.06.26 21:31:18 | 000,815,072 | ---- | M] () -- C:\Users\Vita\AppData\Roaming\Samsung\Kies\FirmwareUpdateTemp\PLUGIN\GT-S5830i\DeviceController32.exe
[2013.06.26 21:31:30 | 000,024,032 | ---- | M] () -- C:\Users\Vita\AppData\Roaming\Samsung\Kies\FirmwareUpdateTemp\PLUGIN\GT-S5830i\DeviceController64.exe
[2013.06.26 21:32:01 | 000,990,664 | ---- | M] (Samsung) -- C:\Users\Vita\AppData\Roaming\Samsung\Kies\FirmwareUpdateTemp\PLUGIN\GT-S5830i\GT-S5830i.exe
[2013.05.23 15:17:02 | 000,604,528 | ---- | M] (ml) -- C:\Users\Vita\AppData\Roaming\Samsung\Kies\UpdateTemp\Temp\Kies.Update.exe
[2013.05.23 15:17:02 | 000,604,528 | ---- | M] (ml) -- C:\Users\Vita\AppData\Roaming\Samsung\Kies\UpdateTemp\Updater\Kies.Update.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2013.07.17 10:17:29 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.07.17 09:00:13 | 000,000,266 | ---- | M] () -- C:\Windows\Tasks\AutoKMS.job
[2013.07.16 22:26:12 | 000,000,906 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2342436354-1182876315-656592175-1000Core.job
[2013.07.17 09:22:39 | 000,000,958 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2342436354-1182876315-656592175-1000UA.job
[2013.07.13 07:46:00 | 000,000,918 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2342436354-1182876315-656592175-1001Core.job
[2013.07.17 09:46:00 | 000,000,970 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2342436354-1182876315-656592175-1001UA.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013.07.17 09:05:13 | 000,020,480 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.07.17 09:05:13 | 000,020,480 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.07.17 00:41:51 | 000,409,288 | ---- | M] () -- C:\Windows\system32\FNTCACHE.DAT
[2013.07.14 11:48:25 | 000,123,128 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2013.07.14 11:48:25 | 000,107,256 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2013.07.14 11:48:25 | 000,634,570 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2013.07.14 11:48:25 | 000,618,936 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2013.07.14 11:48:25 | 001,478,586 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI

< %SYSTEMDRIVE%\*.exe >

< >

< *crack* /s >
[2009.02.27 15:39:24 | 000,002,394 | ---- | M] () -- \ProgramData\IMSIDesign\TurboFLOORPLAN Dum & Interiér & Zahrada PRO 15\Textury\Natures Gallery Greige Crackle.jpg
[2009.02.27 15:39:24 | 000,002,394 | ---- | M] () -- \Users\All Users\IMSIDesign\TurboFLOORPLAN Dum & Interiér & Zahrada PRO 15\Textury\Natures Gallery Greige Crackle.jpg

< *keygen* /s >

< *AntiWPA* /s >

< *loader* /s >
[2006.11.09 23:31:32 | 000,163,840 | ---- | M] () -- \Program Files\Common Files\Ahead\Lib\NeGuideStoreLoader.dll
[2010.10.07 05:36:40 | 000,265,552 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2010.10.07 05:36:40 | 000,018,264 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2012.03.01 20:23:20 | 000,112,128 | ---- | M] () -- \Program Files\Common Files\Nokia\Tss\ProductApiLoader\ta_productapiloader.dll
[2009.05.21 21:21:18 | 000,007,507 | ---- | M] () -- \Program Files\HP\Digital Imaging\HelpViewer\Resources\Loader.swf
[2009.09.20 13:15:26 | 000,030,776 | ---- | M] () -- \Program Files\HP\Digital Imaging\smart web printing\RsrcLoaderLib.dll
[2009.09.20 13:15:26 | 000,002,713 | ---- | M] () -- \Program Files\HP\Digital Imaging\smart web printing\MozillaAddOn3\xre\components\uriloader.xpt
[2013.05.23 15:13:44 | 000,069,120 | ---- | M] () -- \Program Files\Samsung\Kies\Common\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.dll
[2013.06.26 21:30:54 | 000,927,704 | ---- | M] () -- \Users\Vita\AppData\Roaming\Samsung\Kies\FirmwareUpdateTemp\PLUGIN\GT-S5830i\BinaryLoaderMgr.exe
[2013.06.26 21:31:30 | 000,935,384 | ---- | M] () -- \Users\Vita\AppData\Roaming\Samsung\Kies\FirmwareUpdateTemp\PLUGIN\GT-S5830i\DeviceDownloader.dll
[2013.06.23 19:48:46 | 000,189,952 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\df834c343e35a061038e47b4c90d2a76\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.ni.dll
[2010.03.24 21:12:34 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.923C1899_09AE_418B_B39D_A7A9EB6A7951
[2010.03.24 21:12:34 | 000,249,680 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.923C1899_09AE_418B_B39D_A7A9EB6A7951
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2009.07.14 06:54:01 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2009.07.26 19:52:20 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.07.26 19:52:20 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winload.exe.mui_3bc5b827
[2009.07.26 19:52:20 | 000,030,272 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winresume.exe.mui_ff8b5358
[2009.07.14 06:56:40 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4.manifest
[2009.07.14 06:56:40 | 000,033,344 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4_winload.exe.mui_3bc5b827
[2009.07.14 06:56:40 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4_winresume.exe.mui_ff8b5358
[2011.11.04 02:22:23 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2011.11.04 02:22:23 | 000,508,904 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winload.exe_75835076
[2011.11.04 02:22:23 | 000,442,720 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winresume.exe_85cd1215
[2009.07.14 04:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 04:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2009.07.26 19:50:45 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.07.14 04:29:12 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4.manifest
[2010.11.20 06:02:40 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2009.07.14 03:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:32:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >
[2011.11.04 00:20:33 | 001,923,584 | ---- | M] () -- \Windows\AutoKMS\AutoKMS.exe
[2011.11.04 00:20:33 | 000,000,667 | ---- | M] () -- \Windows\AutoKMS\AutoKMS.ini
[2013.07.17 09:00:12 | 000,328,123 | ---- | M] () -- \Windows\AutoKMS\AutoKMS.log
[2013.07.17 00:43:11 | 000,054,822 | ---- | M] () -- \Windows\Prefetch\AUTOKMS.EXE-7CC2D49E.pf
[2013.07.17 09:00:12 | 000,002,896 | ---- | M] () -- \Windows\System32\Tasks\AutoKMS
[2013.07.17 09:00:13 | 000,000,266 | ---- | M] () -- \Windows\Tasks\AutoKMS.job

< *activator* /s >

< *serial* /s >
[2013.01.24 21:09:36 | 000,434,264 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.20125.0\System.Runtime.Serialization.dll
[2013.03.19 18:46:49 | 001,164,288 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.20125.0\System.Runtime.Serialization.ni.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.05 03:53:39 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2007.11.27 16:14:00 | 000,399,872 | ---- | M] () -- \Program Files\Vario11\serialcom.dll
[2009.09.20 11:19:22 | 000,004,185 | ---- | M] () -- \ProgramData\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009.09.20 11:19:22 | 000,004,185 | ---- | M] () -- \Users\All Users\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2007.11.27 16:14:00 | 000,399,872 | ---- | M] () -- \Users\Vita\Documents\zal vario\Vario11\serialcom.dll
[2009.07.26 19:51:17 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.13 03:55:26 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.01.19 17:51:41 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\2ad51da1b752b19c992fcefd56eb7c01\System.Runtime.Serialization.ni.dll
[2013.01.19 17:49:32 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\eb4fa29ea9ab56d453b36696edbe6423\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.06.23 19:26:27 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\518daa915c6d232fa5a3349972cc5199\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.06.23 19:25:49 | 002,647,040 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\8834e734c13d53e65982db2a00563ce7\System.Runtime.Serialization.ni.dll
[2013.06.23 21:59:01 | 000,009,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\2252e5d4dad3601caba4860ae876954b\System.Xml.Serialization.ni.dll
[2011.04.06 17:48:20 | 000,011,120 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\5C1093C35543A0E32A41B090A305076A\4.0.30319\System.Xml.Serialization.dll.x86
[2013.06.23 19:13:27 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.06.23 19:09:31 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.06.23 19:13:27 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2013.06.23 19:09:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.06.23 19:09:41 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.05 03:53:33 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.10.05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 14:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 14:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.01 12:26:40 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2010.06.15 03:33:16 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 03:33:16 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2009.07.26 19:51:08 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 01:45:33 | 000,083,456 | ---- | M] () -- \Windows\System32\drivers\serial.sys
[2009.07.26 19:51:20 | 000,009,728 | ---- | M] () -- \Windows\System32\drivers\cs-CZ\serial.sys.mui
[2009.07.14 04:09:30 | 000,010,240 | ---- | M] () -- \Windows\System32\drivers\en-US\serial.sys.mui
[2009.07.14 00:13:45 | 001,068,032 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\mdmmotsm.inf_x86_neutral_c1415d9789c54b89\smserial.sys
[2009.07.14 01:45:33 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_x86_neutral_c1a802e06677f73f\serial.sys
[2009.07.14 00:09:18 | 000,031,232 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_x86_neutral_63e72c669d043f14\grserial.sys
[2009.07.14 04:10:04 | 000,005,120 | ---- | M] () -- \Windows\System32\en-US\serialui.dll.mui
[2009.07.26 19:48:43 | 000,005,120 | ---- | M] () -- \Windows\System32\sk-SK\serialui.dll.mui
[2009.07.14 04:18:03 | 000,002,762 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486.manifest
[2009.07.14 04:18:03 | 000,015,952 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486_kdcom.dll_db5e7744
[2009.07.26 19:52:14 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009.07.14 06:56:40 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_en-us_919783112bf8b64b_serialui.dll.mui_7d29d2a3
[2009.07.26 19:49:01 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_79d39f727217a41c_serialui.dll.mui_7d29d2a3
[2009.07.14 04:18:51 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2010.11.20 06:06:16 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2012.10.05 19:15:39 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285.manifest
[2012.10.05 19:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d.manifest
[2009.07.26 19:50:40 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2009.07.14 04:28:14 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_en-us_8f71d563bf7aa3c2.manifest
[2012.10.05 21:04:43 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f.manifest
[2012.10.05 19:12:04 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_en-us_8f4bb639bfcd9db1.manifest
[2012.10.05 21:02:24 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797.manifest
[2012.10.05 19:12:20 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_en-us_787a117bd97892a9.manifest
[2010.11.20 06:05:38 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2012.10.05 19:15:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8.manifest
[2012.10.05 19:17:15 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0.manifest
[2009.07.14 03:49:26 | 000,002,762 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486.manifest
[2009.07.14 03:45:27 | 000,000,866 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_2c93290b67c98d09.manifest
[2010.11.20 06:10:46 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2012.10.05 19:19:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa.manifest
[2012.10.05 19:22:10 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2.manifest
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2009.07.26 19:51:17 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.05 03:52:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2012.10.05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285\System.Runtime.Serialization.dll
[2012.10.05 12:56:07 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d\System.Runtime.Serialization.dll
[2009.07.26 19:51:24 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2010.11.13 03:55:26 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f\System.RunTime.Serialization.Resources.dll
[2010.11.13 04:37:50 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797\System.RunTime.Serialization.Resources.dll
[2010.11.05 03:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8\System.Runtime.Serialization.dll
[2012.10.05 12:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0\System.Runtime.Serialization.dll
[2009.07.14 00:13:45 | 001,068,032 | ---- | M] () -- \Windows\winsxs\x86_mdmmotsm.inf_31bf3856ad364e35_6.1.7600.16385_none_7a97936f8a972896\smserial.sys
[2010.11.05 03:53:33 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_c233d4df09982c29\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.07.26 19:51:08 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 04:10:04 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_en-us_919783112bf8b64b\serialui.dll.mui
[2009.07.26 19:48:43 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_79d39f727217a41c\serialui.dll.mui
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2010.11.05 03:53:39 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2009.07.26 19:51:20 | 000,009,728 | ---- | M] () -- \Windows\winsxs\x86_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_c48c78a9ad8ff996\serial.sys.mui
[2009.07.14 04:09:30 | 000,010,240 | ---- | M] () -- \Windows\winsxs\x86_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_en-us_07e2c405948a55f4\serial.sys.mui
[2009.07.14 01:45:33 | 000,083,456 | ---- | M] () -- \Windows\winsxs\x86_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_f86e06d519b1d9a4\serial.sys
[2009.07.14 00:09:18 | 000,031,232 | ---- | M] () -- \Windows\winsxs\x86_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_7280378295916274\grserial.sys
[2010.11.05 03:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa\System.Runtime.Serialization.dll
[2012.10.05 12:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2\System.Runtime.Serialization.dll

< *w7lxe* /s >

========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\Windows\$NtUninstallKB33268$] -> Error: Cannot create file handle -> Unknown point type

< End of report >

Extras.TXT
OTL Extras logfile created on: 17.7.2013 10:03:26 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Vita\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1015,30 Mb Total Physical Memory | 90,11 Mb Available Physical Memory | 8,87% Memory free
1,99 Gb Paging File | 0,79 Gb Available in Paging File | 39,43% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 148,95 Gb Total Space | 114,49 Gb Free Space | 76,87% Space Free | Partition Type: NTFS

Computer Name: VITA-PC | User Name: Vita | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{069F873A-EA91-471B-8AA2-1425CB3BF8E0}" = rport=139 | protocol=6 | dir=out | app=system |
"{14033C20-D897-4B59-8382-78F1F7C17E9E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{268EBC38-A80A-41D8-A76F-58542492946F}" = lport=137 | protocol=17 | dir=in | app=system |
"{26C96074-16A7-45C6-AAAD-B8CBA70BA6D5}" = rport=137 | protocol=17 | dir=out | app=system |
"{3DA1384B-0264-4F4A-96A1-D2AF8468778B}" = lport=445 | protocol=6 | dir=in | app=system |
"{6116C916-FD5F-4E6A-90E5-DDC04F18986A}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{8BF758D7-36C9-4492-9512-B88799CBAFB5}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{8F6FD01D-6080-4B58-A8CB-C40AC15F00CD}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9B8F682D-038A-4FC1-A301-0CF76477B9E8}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9E0A20D8-14CE-44AC-AD58-C0ED221BA9D6}" = rport=445 | protocol=6 | dir=out | app=system |
"{AD5EFCF7-A0F7-4E79-904D-CCAE58B91804}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{ADDEE0DC-E812-436C-8B4F-0E8214DCB0BD}" = lport=139 | protocol=6 | dir=in | app=system |
"{C2396EC7-112F-45E8-AA86-65A86D5CE6F0}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C4AD6111-F1B3-4B63-97A3-8228E764FE0E}" = rport=138 | protocol=17 | dir=out | app=system |
"{EB923635-D54D-441D-8367-1A9CEAC8CE4B}" = lport=138 | protocol=17 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{021EB3FE-7F47-4F82-86C2-078F9066D308}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe |
"{15B3E518-28F6-4DC1-987F-AA5F64B479B4}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe |
"{19DC937F-C4F7-4648-B430-B6265DE0B0D1}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{23A38B3D-93BF-4128-A565-1092E2E846EF}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe |
"{30B305D9-85CD-4406-A4C5-0AA3E9E39FBC}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe |
"{37E1AF49-DE48-4DEA-B9F3-2CDC070DB465}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqsudi.exe |
"{42DD8C8D-7A49-4798-9502-F24D9DDFC6E1}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe |
"{5583CBB8-21AA-4DBB-BD39-281764B75A08}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{58F0B38E-8EC7-4966-8BEF-C824A4ADDC15}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe |
"{6857E723-8BDE-4BDF-9180-002827102AF2}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe |
"{70B932EB-B0FA-410C-A722-914FDFFAC4EA}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{7BB4A2EF-FD39-4352-9D32-4E993F296A51}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{7F24B0EA-5A1C-4CBD-B7DB-0FE32D142EB1}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{7FB1FAA4-C40D-4391-9512-8D4E0359861E}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqcopy2.exe |
"{8FEB782D-E399-46D2-ABB9-3EB89F132F6B}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{A3F44AE5-0BA0-4B89-BE95-CF4D3CBA6473}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe |
"{B296113E-163D-4731-944E-1478EFC65758}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{B6EC7948-D617-44AD-BC14-C2B863EEFD90}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe |
"{B76590C9-A84A-4242-B04F-82FD3DF5C8CF}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpse.exe |
"{C7515EC0-539B-4341-A8F3-2F2116464CFF}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpsapp.exe |
"{CF785BF5-006D-48E5-989F-2E420F932FEC}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqnrs08.exe |
"{D0336801-4E0C-4D43-AAB7-F8BCE5EEBA0C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{D3F8B77E-264A-46DC-9E27-C9B1843C7E8C}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe |
"{E106616F-4812-4BF2-A145-003DDE5666D2}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{EC3CEF81-FD69-4788-A6E2-596E8A1D4DFE}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe |
"{F7F5D211-4945-47DA-A9C9-5040DDB982C9}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"TCP Query User{0376E791-C40D-4634-8EAA-C2F9E74EB02E}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=6 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe |
"TCP Query User{0DF763BA-90F5-4288-9BC0-3399E11A52E1}C:\program files\microsoft office\office14\groove.exe" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"UDP Query User{66D3AD7C-0E5F-4875-AED0-AA7D0BFECFFC}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=17 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe |
"UDP Query User{82AE8427-77CE-4A4F-BCD7-8C0C9384BEE8}C:\program files\microsoft office\office14\groove.exe" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{17CA32D1-73BD-4990-B8F6-369D8D34B05D}" = Microsoft Antimalware Service CS-CZ Language Pack
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{2640314A-2D9A-4F58-B501-DB109CD9DBA2}" = DJ_AIO_ProductContext
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{32DACAC3-6538-405D-915E-8F2D026F199C}" = DJ_AIO_Software_min
"{33cc8e60-d6db-45be-9276-b6698187688a}" = F2100
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons
"{390DD8BB-BB57-4942-A029-2D913E4E9D74}" = Microsoft Security Client
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{4908C75E-E5E2-43F7-B1DF-023CBA831029}" = Nero 7 Ultra Edition
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{50779A29-834E-4E36-BBEB-B7CABC67A825}" = Microsoft Security Client CS-CZ Language Pack
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{7964AE02-9127-42C0-A917-2CE4CD4EFE3B}" = Nokia Suite
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0015-0405-0000-0000000FF1CE}_Office14.PROPLUS_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0016-0405-0000-0000000FF1CE}_Office14.PROPLUS_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0018-0405-0000-0000000FF1CE}_Office14.PROPLUS_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-0019-0405-0000-0000000FF1CE}_Office14.PROPLUS_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001A-0405-0000-0000000FF1CE}_Office14.PROPLUS_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001B-0405-0000-0000000FF1CE}_Office14.PROPLUS_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0405-0000-0000000FF1CE}_Office14.PROPLUS_{2304F942-79D2-46F7-A512-269A7F5B7EFC}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-001F-041B-0000-0000000FF1CE}_Office14.PROPLUS_{A162C5E6-7778-4D5B-9F0A-38F0122DD859}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-002C-0405-0000-0000000FF1CE}_Office14.PROPLUS_{8148DB19-71B1-4415-8B26-DF5B9E873FC3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-0044-0405-0000-0000000FF1CE}_Office14.PROPLUS_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-006E-0405-0000-0000000FF1CE}_Office14.PROPLUS_{EEF3E2C0-135B-44DC-BEDD-7F01CFBEFF46}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00A1-0405-0000-0000000FF1CE}_Office14.PROPLUS_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{90140000-00BA-0405-0000-0000000FF1CE}_Office14.PROPLUS_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{901C0405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Access 2003 Runtime
"{949815AB-D269-4DD3-AB1A-539432BAFC1E}" = TurboFLOORPLAN Dum & Interiér & Zahrada PRO
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A57025CC-5F2E-4D01-B387-06DB10500D43}" = Nokia Connectivity Cable Driver
"{A80FA752-C491-4ED9-ABF0-4278563160B2}" = 32 Bit HP CIO Components Installer
"{A89131FD-3D18-4DA8-84C8-622423011B51}_is1" = ALNO AG Kitchen Planner
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Czech
"{AD99B476-6FB7-4985-A3C3-E40595A7E6DE}" = DJ_AIO_Software
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C1920D73-7374-49d9-8C37-58A6E49078A5}" = F2100_Help
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{D86B0E2E-DF9A-441C-AF77-8D1A0FF00FA6}" = AIO_Scan
"{DA5B2BDC-F654-4A88-A669-4D34BC7846A1}" = PC Connectivity Solution
"{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{EB773820-0871-46A8-9B96-F2B04F8B34F0}" = HP Deskjet All-In-One Driver Software 13.0 Rel. 1
"{F1D7AC58-554A-4A58-B784-B61558B1449A}" = QLBCASL
"504244733D18C8F63FF584AEB290E3904E791693" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Altus Vario 12.0" = Altus Vario 12.0
"BSPlayerf" = BS.Player FREE
"CCleaner" = CCleaner
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"Hi Suite" = Hi Suite
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.51
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{949815AB-D269-4DD3-AB1A-539432BAFC1E}" = TurboFLOORPLAN Dum & Interiér & Zahrada PRO
"KitchenDraw_is1" = KitchenDraw 6.0
"KLiteCodecPack_is1" = K-Lite Codec Pack 7.9.0 (Full)
"LSI Soft Modem" = LSI HDA Modem
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox 7.0.1 (x86 cs)" = Mozilla Firefox 7.0.1 (x86 cs)
"Nokia Suite" = Nokia Suite
"O2CZ" = O2
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Samsung ML-1640 Series" = Samsung ML-1640 Series
"Shop for HP Supplies" = Shop for HP Supplies
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TVWiz" = Intel(R) TV Wizard
"VLC media player" = VLC media player 1.1.11
"WinRAR archiver" = WinRAR 4.01 (32-bit)

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2342436354-1182876315-656592175-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 26.6.2013 14:56:00 | Computer Name = Vita-PC | Source = Windows Search Service | ID = 3029
Description =

Error - 26.6.2013 14:56:09 | Computer Name = Vita-PC | Source = Windows Search Service | ID = 3029
Description =

Error - 26.6.2013 14:56:09 | Computer Name = Vita-PC | Source = Windows Search Service | ID = 3028
Description =

Error - 26.6.2013 14:56:09 | Computer Name = Vita-PC | Source = Windows Search Service | ID = 3058
Description =

Error - 26.6.2013 14:56:09 | Computer Name = Vita-PC | Source = Windows Search Service | ID = 7010
Description =

Error - 3.7.2013 1:54:27 | Computer Name = Vita-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Kies.exe, verze: 1.0.0.1328, časové razítko:
0x519db404 Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód
výjimky: 0xc0000005 Posun chyby: 0x326f2e77 ID chybujícího procesu: 0x9ac Čas spuštění
chybující aplikace: 0x01ce77b15b725dc6 Cesta k chybující aplikaci: C:\Program Files\Samsung\Kies\Kies.exe
Cesta
k chybujícímu modulu: unknown ID zprávy: 048e8b62-e3a5-11e2-bb93-00248166cfd3

Error - 3.7.2013 1:57:49 | Computer Name = Vita-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Kies.exe, verze: 1.0.0.1328, časové razítko:
0x519db404 Název chybujícího modulu: MACSSDK.dll, verze: 3.2.2009.1028, časové razítko:
0x4ae81513 Kód výjimky: 0xc0000005 Posun chyby: 0x0001d22d ID chybujícího procesu:
0x9ac Čas spuštění chybující aplikace: 0x01ce77b15b725dc6 Cesta k chybující aplikaci:
C:\Program Files\Samsung\Kies\Kies.exe Cesta k chybujícímu modulu: C:\Program Files\Samsung\Kies\External\MACSSDK.dll
ID
zprávy: 7d81c592-e3a5-11e2-bb93-00248166cfd3

Error - 4.7.2013 9:47:11 | Computer Name = Vita-PC | Source = MsiInstaller | ID = 11706
Description =

Error - 4.7.2013 9:47:37 | Computer Name = Vita-PC | Source = MsiInstaller | ID = 11706
Description =

Error - 11.7.2013 9:13:58 | Computer Name = Vita-PC | Source = Application Hang | ID = 1002
Description = Program iexplore.exe verze 9.0.8112.16470 přestal spolupracovat se
systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID
procesu: 1144 Čas spuštění: 01ce7e385c87572a Čas ukončení: 149 Cesta k aplikaci: C:\Program
Files\Internet Explorer\iexplore.exe ID hlášení:

[ System Events ]
Error - 17.7.2013 3:01:03 | Computer Name = Vita-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error - 17.7.2013 3:01:05 | Computer Name = Vita-PC | Source = Service Control Manager | ID = 7003
Description = Služba Podpora rozhraní NetBIOS nad protokolem TCP/IP závisí na následující
službě: NetBT. Tato služba pravděpodobně není nainstalována.

Error - 17.7.2013 3:01:05 | Computer Name = Vita-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error - 17.7.2013 3:01:07 | Computer Name = Vita-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error - 17.7.2013 3:01:09 | Computer Name = Vita-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error - 17.7.2013 3:01:09 | Computer Name = Vita-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error - 17.7.2013 3:01:09 | Computer Name = Vita-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error - 17.7.2013 3:01:10 | Computer Name = Vita-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error - 17.7.2013 3:01:10 | Computer Name = Vita-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error - 17.7.2013 3:01:29 | Computer Name = Vita-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Při pokusu o načtení souboru místních hostitelů došlo k chybě.


< End of report >

Jen se jeste zeptam, jak je to s legalitou office a taky systemu? Ultimate neni zrovna bezna domci verze


Udelejte !!!kompletni!!! kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

Notebook mám z druhé ruky, takže nevím...

screen zatím moc děkuji

A tady log:

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verze: v2013.07.17.03

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Vita :: VITA-PC [administrátor]

17.7.2013 13:03:16
MBAM-log-2013-07-17 (14-48-02).txt

Typ: Kompletní kontrola (C:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 365911
Uplynulý čas: 1 hodin, 1 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 1
C:\Windows\AutoKMS\AutoKMS.exe (Trojan.AutoKMS) -> Nebyla provedena žádná instrukce.

(konec)

Tak z druhe ruky, jo? A ci ruka to byla?

Tak ja vam napovim. Office je cracknute na 100%, windows na 99%. Jen blazen by daval W7 Ultimate na pocitac s 1GB RAM. Mate stesti, ze na ten windows v logu crack primo nevidim. Patrat po nem radeji nebudu. Nicmene ten office musi pryc, pravidla fora hovori jasne.

Takze jestli to chcete zkontrolovat, odinstalujte office a pak dejte novy log z RSIT.

MBAM taky odinstalujte

Z aviza,:) office odstraněn, po odstranění se mi zacal aktualizovat windows a už to šlape, bude tedy lepší zakoupit win xp? Děkuji moc za vás čas


Odesláno z iPhone.

Pravdepodobne byla v tom cracku na office nejaka havet.

Zkusime to jeste doladit a pak se uvidi.

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Prohledat a program zacne pracovat.
Az skonci, vyplivne na vas log (pokud ne, najdete ho zde C:\AdwCleaner[R?].txt ), ten mi sem zkopirujte.

omlouvam se ze pisu az tedkom(dovolena) notebook jsem byl vratit puvodnimu majitely, zarucil se ze veskery system v NTB je legalni, dle smlouvy, jak rikate office nebyl originalni,(polozka za 3ooo) byly mi navraceny penize dekuji tedy moc za pomoc!

Ja bych moc neveril ani tomu systemu, jedine ze by to mel taky z druhe ruky, treba z nejake firmy. Kdyz uz totiz nekdo zbytecne zaplati za Ultimate, nebude mu delat problem ani koupeni office. Ale tak mozne je vsechno

Cili tema uzavirame? Nebo budem pokracovat? Z te odpovedi si nejsem jisty, jestli vratil ty 3000 a pc jste si nechal, nebo jste ho vratil komplet

ne ne, vratil mi komplet penize za notebook. Tema tedy uzavreme, dekuji moc za pomoc a odhaleni ze se jednalo o ilegalní soft.