VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Preventivka

https://forum.viry.cz:443/viewtopic.php?t=131637

Stránka 1 z 2

Preventivka

Napsal: 22 črc 2013 20:52
od Jarda62
Dobrý večer, mohl bych poprosit o preventivní kontrolu? A dyštak celkové pročištění počítače :)
Před logem sem projel pc Malwarebytes Anti-Malware, MSE a pročistil registry pomocí CCleaneru. Vše v pořádku.

Logfile of random's system information tool 1.08 (written by random/random)
Run by Jarda at 2013-07-22 21:46:54
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 22 GB (5%) free of 477 GB
Total RAM: 8163 MB (74% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:46:56, on 22.7.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16635)
Boot mode: Normal

Running processes:
C:\Fraps\fraps.exe
C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
C:\Program Files (x86)\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
C:\Program Files\trend micro\Jarda.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O4 - HKCU\..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - Startup: Mozilla Thunderbird.lnk = C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files (x86)\Tunngle\TnglCtrl.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 5752 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
taskeng.exe {A84B1A8B-69C0-4776-AFAC-67A969ED99A4}
"taskhost.exe"
C:\Fraps\fraps.exe
"C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe" /s
"C:\Program Files\Core Temp\Core Temp.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files (x86)\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Program Files (x86)\Steam\Steam.exe" -silent
"C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Fraps\fraps64.dat"
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\msiexec.exe /V
C:\Windows\System32\svchost.exe -k swprv
"C:\Users\Jarda\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3344855712-2548836808-2162885872-1000Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3344855712-2548836808-2162885872-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3344855712-2548836808-2162885872-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3344855712-2548836808-2162885872-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 6670496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-06-23 553896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 689040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-06-23 211880]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 4171424]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2013-06-20 1356240]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2012-06-12 6548112]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-06-03 19604072]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-07-03 3673184]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2013-07-10 1672616]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 112512]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Jarda\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-23 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware]
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [2013-04-04 532040]

C:\Users\Jarda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Mozilla Thunderbird.lnk - C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2013-05-31 247296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 6670496]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 4171424]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 months======

2013-07-22 21:46:54 ----D---- C:\rsit
2013-07-22 21:46:54 ----D---- C:\Program Files\trend micro
2013-07-22 21:19:32 ----D---- C:\Users\Jarda\AppData\Roaming\Tunngle
2013-07-22 21:19:32 ----D---- C:\ProgramData\Tunngle
2013-07-22 21:19:30 ----D---- C:\Program Files (x86)\Tunngle
2013-07-22 16:56:27 ----D---- C:\Program Files (x86)\Saints Row The Third
2013-07-20 23:54:49 ----A---- C:\Windows\SYSWOW64\fmodex.dll
2013-07-20 23:54:49 ----A---- C:\Windows\SYSWOW64\fmod_event.dll
2013-07-20 23:51:00 ----D---- C:\Program Files (x86)\Ubisoft
2013-07-12 12:01:08 ----D---- C:\Windows\system32\MRT
2013-07-10 20:19:12 ----D---- C:\ProgramData\WarThunder
2013-07-10 20:19:01 ----D---- C:\Program Files (x86)\War Thunder
2013-07-10 14:45:09 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-07-10 14:45:08 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-07-10 14:45:08 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-07-10 14:45:08 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-07-10 14:45:08 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-07-10 14:45:08 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-10 14:45:08 ----A---- C:\Windows\system32\ieui.dll
2013-07-10 14:45:08 ----A---- C:\Windows\system32\iesetup.dll
2013-07-10 14:45:08 ----A---- C:\Windows\system32\iernonce.dll
2013-07-10 14:45:08 ----A---- C:\Windows\system32\ie4uinit.exe
2013-07-10 14:45:07 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-07-10 14:45:07 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-07-10 14:45:07 ----A---- C:\Windows\system32\msfeeds.dll
2013-07-10 14:45:07 ----A---- C:\Windows\system32\iesysprep.dll
2013-07-10 14:45:07 ----A---- C:\Windows\system32\iertutil.dll
2013-07-10 14:45:06 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-07-10 14:45:06 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-07-10 14:45:06 ----A---- C:\Windows\system32\jscript9.dll
2013-07-10 14:45:06 ----A---- C:\Windows\system32\jscript.dll
2013-07-10 14:45:05 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-07-10 14:45:05 ----A---- C:\Windows\system32\urlmon.dll
2013-07-10 14:45:04 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-07-10 14:45:04 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-07-10 14:45:04 ----A---- C:\Windows\system32\wininet.dll
2013-07-10 14:45:04 ----A---- C:\Windows\system32\jsproxy.dll
2013-07-10 14:45:03 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-07-10 14:45:03 ----A---- C:\Windows\system32\ieframe.dll
2013-07-10 14:45:02 ----A---- C:\Windows\system32\mshtml.dll
2013-07-10 14:45:01 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-07-10 14:38:26 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2013-07-10 14:38:26 ----A---- C:\Windows\system32\WMVDECOD.DLL
2013-07-10 14:38:24 ----A---- C:\Windows\SYSWOW64\qedit.dll
2013-07-10 14:38:24 ----A---- C:\Windows\system32\qedit.dll
2013-07-10 14:38:20 ----A---- C:\Windows\system32\win32k.sys
2013-07-10 14:38:19 ----A---- C:\Windows\system32\DWrite.dll
2013-07-10 14:38:18 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2013-07-08 01:18:20 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-07-08 01:16:43 ----A---- C:\Windows\system32\drivers\dtsoftbus01.sys
2013-07-08 01:16:40 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2013-07-06 14:23:38 ----D---- C:\ProgramData\Package Cache
2013-07-05 22:54:03 ----D---- C:\Users\Jarda\AppData\Roaming\OBS
2013-07-05 22:54:00 ----D---- C:\Program Files (x86)\OBS
2013-07-04 16:26:47 ----D---- C:\ProgramData\TrackMania
2013-07-03 19:49:08 ----SHD---- C:\Windows\SYSWOW64\AI_RecycleBin
2013-07-03 19:48:58 ----D---- C:\Users\Jarda\AppData\Roaming\.minecraft
2013-06-29 02:27:20 ----D---- C:\Program Files\GIMP 2
2013-06-27 17:58:14 ----D---- C:\Program Files (x86)\Company of Heroes 2
2013-06-25 22:59:04 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2013-06-25 01:08:56 ----D---- C:\Users\Jarda\AppData\Roaming\Media Player Classic
2013-06-25 01:08:21 ----D---- C:\Program Files\MPC-HC
2013-06-24 23:19:03 ----A---- C:\Windows\system32\drivers\hamachi.sys
2013-06-23 20:11:38 ----A---- C:\Windows\system32\javaws.exe
2013-06-23 20:11:35 ----A---- C:\Windows\system32\WindowsAccessBridge-64.dll
2013-06-23 20:11:35 ----A---- C:\Windows\system32\javaw.exe
2013-06-23 20:11:35 ----A---- C:\Windows\system32\java.exe
2013-06-23 20:11:29 ----D---- C:\Program Files\Java

======List of files/folders modified in the last 1 months======

2013-07-22 21:46:56 ----D---- C:\Windows\Prefetch
2013-07-22 21:46:54 ----RD---- C:\Program Files
2013-07-22 21:44:38 ----RD---- C:\Program Files (x86)
2013-07-22 21:44:21 ----D---- C:\Windows\temp
2013-07-22 21:43:56 ----D---- C:\Windows\system32\config
2013-07-22 21:42:02 ----D---- C:\Users\Jarda\AppData\Roaming\Skype
2013-07-22 21:41:37 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-07-22 21:41:33 ----SHD---- C:\System Volume Information
2013-07-22 21:40:10 ----D---- C:\Program Files (x86)\Steam
2013-07-22 21:40:03 ----SHD---- C:\Windows\Installer
2013-07-22 21:27:15 ----D---- C:\Windows\System32
2013-07-22 21:27:15 ----D---- C:\Windows\inf
2013-07-22 21:27:15 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-07-22 21:22:49 ----D---- C:\Fraps
2013-07-22 21:22:47 ----D---- C:\Windows\system32\Tasks
2013-07-22 21:21:41 ----D---- C:\ProgramData\NVIDIA
2013-07-22 21:19:57 ----D---- C:\Windows\system32\DriverStore
2013-07-22 21:19:57 ----D---- C:\Windows\system32\catroot
2013-07-22 21:19:32 ----RSD---- C:\Windows\Fonts
2013-07-22 21:19:32 ----AD---- C:\ProgramData
2013-07-22 20:45:09 ----D---- C:\Users\Jarda\AppData\Roaming\TS3Client
2013-07-22 17:17:59 ----D---- C:\Program Files (x86)\MSI Afterburner
2013-07-21 01:40:21 ----RD---- C:\DOWNLOAD
2013-07-21 01:15:52 ----D---- C:\Users\Jarda\AppData\Roaming\uTorrent
2013-07-20 23:55:16 ----RSD---- C:\Windows\assembly
2013-07-20 23:54:49 ----D---- C:\Windows\SysWOW64
2013-07-20 23:43:01 ----D---- C:\Users\Jarda\AppData\Roaming\DAEMON Tools Lite
2013-07-20 14:05:37 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-07-20 01:30:26 ----D---- C:\Program Files (x86)\Origin
2013-07-18 18:48:18 ----D---- C:\Windows
2013-07-18 18:47:26 ----D---- C:\Windows\Logs
2013-07-16 22:13:28 ----D---- C:\Program Files (x86)\Metro Last Light
2013-07-15 02:22:48 ----D---- C:\Windows\Panther
2013-07-15 02:22:48 ----D---- C:\Windows\debug
2013-07-12 15:15:35 ----D---- C:\Windows\Microsoft.NET
2013-07-12 10:22:48 ----D---- C:\Windows\winsxs
2013-07-12 03:25:53 ----D---- C:\Program Files\Windows Journal
2013-07-12 03:25:53 ----D---- C:\Program Files\Windows Defender
2013-07-12 03:25:53 ----D---- C:\Program Files\Internet Explorer
2013-07-12 03:25:53 ----D---- C:\Program Files (x86)\Windows Defender
2013-07-12 03:25:53 ----D---- C:\Program Files (x86)\Internet Explorer
2013-07-11 19:18:58 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2013-07-11 08:07:57 ----HD---- C:\Windows\msdownld.tmp
2013-07-11 08:07:56 ----D---- C:\Windows\SYSWOW64\directx
2013-07-10 15:03:10 ----D---- C:\Program Files\Microsoft Security Client
2013-07-10 15:02:57 ----D---- C:\Windows\system32\drivers
2013-07-10 15:02:55 ----D---- C:\Program Files (x86)\Microsoft Security Client
2013-07-10 14:45:22 ----D---- C:\Windows\system32\catroot2
2013-07-10 14:44:52 ----D---- C:\ProgramData\Microsoft Help
2013-07-08 01:14:42 ----D---- C:\Users\Jarda\AppData\Roaming\vlc
2013-07-08 01:10:33 ----D---- C:\Program Files (x86)\Grand Theft Auto Vice City Stories
2013-07-06 14:22:56 ----A---- C:\Windows\SYSWOW64\PnkBstrA.exe
2013-07-05 12:30:32 ----D---- C:\Windows\Tasks
2013-07-04 14:44:04 ----D---- C:\Users\Jarda\AppData\Roaming\Mozilla
2013-06-30 22:36:11 ----D---- C:\Program Files\CCleaner
2013-06-27 18:19:13 ----D---- C:\Program Files (x86)\GRID 2
2013-06-25 13:47:11 ----D---- C:\Users\Jarda\AppData\Roaming\NVIDIA
2013-06-24 00:57:12 ----A---- C:\Windows\system32\MRT.exe
2013-06-23 20:11:30 ----A---- C:\Windows\system32\npdeployJava1.dll
2013-06-23 20:11:30 ----A---- C:\Windows\system32\deployJava1.dll
2013-06-23 20:10:44 ----D---- C:\Program Files (x86)\Common Files
2013-06-23 19:53:34 ----A---- C:\Windows\SYSWOW64\npDeployJava1.dll
2013-06-23 19:53:34 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2013-06-23 18:45:39 ----D---- C:\Windows\system32\NDF

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-06-18 247216]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2011-11-03 56208]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-07-08 283064]
R1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VBoxDrv.sys [2012-12-19 237992]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [2012-12-19 120232]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2012-03-13 88480]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2012-03-13 46400]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-06-18 139616]
R3 ALSysIO;ALSysIO; \??\C:\Users\Jarda\AppData\Local\Temp\ALSysIO64.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-06-12 4060560]
R3 MBfilt;MBfilt; C:\Windows\system32\drivers\MBfilt64.sys [2009-11-18 32344]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2012-12-19 194488]
R3 RTCore64;RTCore64; \??\C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [2013-01-23 13368]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\Windows\system32\DRIVERS\seehcri.sys [2012-12-31 34032]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\Windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys [2012-12-19 146856]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2011-10-27 36328]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2012-09-19 102368]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2013-06-24 20576]
S3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2011-09-02 66840]
S3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2011-09-02 60696]
S3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\Windows\System32\Drivers\LUsbFilt.Sys [2011-09-02 42776]
S3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 25928]
S3 monectdevices;Monect Hid Device; C:\Windows\system32\DRIVERS\monectdevices.sys [2013-03-23 10432]
S3 ScreamBAudioSvc;ScreamBee Audio; C:\Windows\system32\drivers\ScreamingBAudio64.sys [2010-07-01 38992]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2011-10-27 127488]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\Windows\system32\DRIVERS\ss_bus.sys [2011-10-27 127488]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\Windows\system32\DRIVERS\ss_mdfl.sys [2011-10-27 18944]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\Windows\system32\DRIVERS\ss_mdm.sys [2011-10-27 161280]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-10-27 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-10-27 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-10-27 177640]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2011-10-27 136264]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2011-10-27 19016]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2011-10-27 172104]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2012-09-19 203104]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2012-12-19 132008]
S3 VBoxUSB;VirtualBox USB; C:\Windows\System32\Drivers\VBoxUSB.sys [2012-05-22 117080]
S3 WinUsb;SAMSUNG Android USB Driver; C:\Windows\system32\drivers\WinUsb.sys [2010-11-20 41984]
S3 xnacc;Služba ovladače pro řadič XBOX 360 pro systém Windows; C:\Windows\system32\DRIVERS\xnacc.sys [2009-07-14 679936]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-06-20 23808]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-03-15 877856]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-03-14 383264]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2013-06-20 366600]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
S3 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2012-09-20 50899608]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-07-10 559016]
S3 TunngleService;TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2013-06-24 754584]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]
S4 MonectServerService;MonectServerService; C:\Users\Jarda\Downloads\Monect_v2.0.3\MonectServerService.exe []
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-03-15 1266464]
S4 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-07-06 76888]
S4 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-06-03 162408]
S4 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-06-07 4150112]

-----------------EOF-----------------

Re: Preventivka

Napsal: 23 črc 2013 08:13
od Márty84
Zdravim :)

:arrow: Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Prohledat a program zacne pracovat.
Az skonci, vyplivne na vas log (pokud ne, najdete ho zde C:\AdwCleaner[R?].txt ), ten mi sem zkopirujte.

Re: Preventivka

Napsal: 23 črc 2013 15:44
od Jarda62
Tady je log.

# AdwCleaner v2.306 - Log vytvooen 23/07/2013 v 16:42:45
# Aktualizováno 19/07/2013 Xplode
# Operaení systém : Windows 7 Home Premium Service Pack 1 (64 bits)
# Uživatel : Jarda - JARDA-PC
# Spuštin systém : Normální
# Spuštino z : C:\Users\Jarda\Desktop\adwcleaner.exe
# Volba [Prohledat]


***** [Služby] *****


***** [Soubory / Složky] *****

Složka Nalezeno : C:\ProgramData\APN
Složka Nalezeno : C:\Users\Jarda\AppData\Local\APN

***** [Registry] *****

Klíe Nalezeno : HKCU\Software\APN PIP
Klíe Nalezeno : HKCU\Software\Conduit
Klíe Nalezeno : HKCU\Software\PIP
Klíe Nalezeno : HKCU\Software\Softonic
Klíe Nalezeno : HKLM\Software\Conduit
Klíe Nalezeno : HKLM\Software\Freeze.com
Klíe Nalezeno : HKLM\Software\InstallIQ
Klíe Nalezeno : HKLM\Software\PIP
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v10.0.9200.16635

[OK] Registry jsou eisté.

-\\ Mozilla Firefox v22.0 (cs)

Soubor : C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\bmqwkvg7.default\prefs.js

[OK] Soubor je eistý.

-\\ Google Chrome v28.0.1500.72

Soubor : C:\Users\Jarda\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Soubor je eistý.

-\\ Chromium v window_placement: {
bottom: 1030

Soubor : C:\Users\Jarda\AppData\Local\Chromium\User Data\Default\Preferences

[OK] Soubor je eistý.

*************************

AdwCleaner[R1].txt - [1585 octets] - [23/07/2013 16:42:45]

########## EOF - C:\AdwCleaner[R1].txt - [1645 octets] ##########

Re: Preventivka

Napsal: 23 črc 2013 16:21
od Márty84
:arrow: Znovu ukoncete vsechny programy a spustte AdwCleaner jako spravce.
Tentokrat kliknete na Smazat
Program zacne pracovat (muze dojit k restartu pc) a vyplivne dalsi log (pripadne bude zde C:\AdwCleaner [S1].txt ). Ten mi sem zase zkopirujte.

Re: Preventivka

Napsal: 23 črc 2013 19:10
od Jarda62
# AdwCleaner v2.306 - Log vytvooen 23/07/2013 v 20:05:49
# Aktualizováno 19/07/2013 Xplode
# Operaení systém : Windows 7 Home Premium Service Pack 1 (64 bits)
# Uživatel : Jarda - JARDA-PC
# Spuštin systém : Normální
# Spuštino z : C:\Users\Jarda\Desktop\adwcleaner.exe
# Volba [Vymazat]


***** [Služby] *****


***** [Soubory / Složky] *****

Složka Vymazáno : C:\ProgramData\APN
Složka Vymazáno : C:\Users\Jarda\AppData\Local\APN

***** [Registry] *****

Klíe Vymazáno : HKCU\Software\APN PIP
Klíe Vymazáno : HKCU\Software\Conduit
Klíe Vymazáno : HKCU\Software\PIP
Klíe Vymazáno : HKCU\Software\Softonic
Klíe Vymazáno : HKLM\Software\Conduit
Klíe Vymazáno : HKLM\Software\Freeze.com
Klíe Vymazáno : HKLM\Software\InstallIQ
Klíe Vymazáno : HKLM\Software\PIP
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v10.0.9200.16635

[OK] Registry jsou eisté.

-\\ Mozilla Firefox v22.0 (cs)

Soubor : C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\bmqwkvg7.default\prefs.js

[OK] Soubor je eistý.

-\\ Google Chrome v28.0.1500.72

Soubor : C:\Users\Jarda\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Soubor je eistý.

-\\ Chromium v window_placement: {
bottom: 1030

Soubor : C:\Users\Jarda\AppData\Local\Chromium\User Data\Default\Preferences

[OK] Soubor je eistý.

*************************

AdwCleaner[R1].txt - [1710 octets] - [23/07/2013 16:42:45]
AdwCleaner[R2].txt - [1770 octets] - [23/07/2013 20:05:38]
AdwCleaner[S1].txt - [1703 octets] - [23/07/2013 20:05:49]

########## EOF - C:\AdwCleaner[S1].txt - [1763 octets] ##########

Re: Preventivka

Napsal: 24 črc 2013 12:27
od Márty84
Dejte novy log z RSIT

Re: Preventivka

Napsal: 24 črc 2013 18:28
od Jarda62
Logfile of random's system information tool 1.08 (written by random/random)
Run by Jarda at 2013-07-24 19:27:35
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 44 GB (9%) free of 477 GB
Total RAM: 8163 MB (72% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:27:38, on 24.7.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16635)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
C:\Program Files (x86)\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Users\Jarda\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jarda\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jarda\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jarda\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jarda\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jarda\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jarda\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jarda\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Jarda.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O4 - HKCU\..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - Startup: Mozilla Thunderbird.lnk = C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files (x86)\Tunngle\TnglCtrl.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 6338 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Windows\system32\Dwm.exe"
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
taskeng.exe {E5159C12-FDA5-473D-BCCA-5651D242A37B}
"C:\Program Files\Core Temp\Core Temp.exe"
"C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe" /s
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files (x86)\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\system32\wuauclt.exe"
"taskhost.exe"
"C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe"
"C:\Program Files (x86)\Steam\Steam.exe"
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Users\Jarda\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\Jarda\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4236.0.32514228\643112222" --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,9,20,22 --gpu-vendor-id=0x10de --gpu-device-id=0x1200 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.1422 --ignored=" --type=renderer " /prefetch:822062411
"C:\Users\Jarda\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyPadding channel:stable/InstantExtended/Padding1 channel:stable/NewMenuStyle/Compact2/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-1-Percent/group_42/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="4236.1.606514999\1769490217" /prefetch:673131151
"C:\Users\Jarda\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyPadding channel:stable/InstantExtended/Padding1 channel:stable/NewMenuStyle/Compact2/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-1-Percent/group_42/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="4236.2.2006667288\204091289" /prefetch:673131151
"C:\Users\Jarda\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyPadding channel:stable/InstantExtended/Padding1 channel:stable/NewMenuStyle/Compact2/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-1-Percent/group_42/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="4236.3.1669454926\1783216215" /prefetch:673131151
"C:\Users\Jarda\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyPadding channel:stable/InstantExtended/Padding1 channel:stable/NewMenuStyle/Compact2/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-1-Percent/group_42/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="4236.4.1186823374\1440673191" /prefetch:673131151
"C:\Users\Jarda\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyPadding channel:stable/InstantExtended/Padding1 channel:stable/NewMenuStyle/Compact2/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-1-Percent/group_42/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/default/" --extension-process --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="4236.5.678170362\37539091" /prefetch:673131151
"C:\Users\Jarda\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyPadding channel:stable/InstantExtended/Padding1 channel:stable/NewMenuStyle/Compact2/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-1-Percent/group_42/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/default/" --extension-process --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="4236.6.2124144288\1717660265" /prefetch:673131151
"C:\Users\Jarda\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3344855712-2548836808-2162885872-1000Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3344855712-2548836808-2162885872-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3344855712-2548836808-2162885872-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3344855712-2548836808-2162885872-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-03-09 6669000]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-06-23 553896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-06-23 211880]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2013-03-09 4171464]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2013-06-20 1356240]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2012-06-12 6548112]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 108144]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-06-21 19875944]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-07-03 3673184]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2013-07-10 1672616]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 108144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Jarda\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-23 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware]
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [2013-04-04 532040]

C:\Users\Jarda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Mozilla Thunderbird.lnk - C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2013-05-31 247296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-03-09 6669000]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2013-03-09 4171464]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 months======

2013-07-24 13:10:40 ----SHD---- C:\Config.Msi
2013-07-23 20:05:49 ----A---- C:\AdwCleaner[S1].txt
2013-07-23 20:05:38 ----A---- C:\AdwCleaner[R2].txt
2013-07-23 16:42:45 ----A---- C:\AdwCleaner[R1].txt
2013-07-22 21:46:54 ----D---- C:\rsit
2013-07-22 21:46:54 ----D---- C:\Program Files\trend micro
2013-07-22 21:19:32 ----D---- C:\Users\Jarda\AppData\Roaming\Tunngle
2013-07-22 21:19:32 ----D---- C:\ProgramData\Tunngle
2013-07-22 21:19:30 ----D---- C:\Program Files (x86)\Tunngle
2013-07-20 23:54:49 ----A---- C:\Windows\SYSWOW64\fmodex.dll
2013-07-20 23:54:49 ----A---- C:\Windows\SYSWOW64\fmod_event.dll
2013-07-20 23:51:00 ----D---- C:\Program Files (x86)\Ubisoft
2013-07-12 12:01:08 ----D---- C:\Windows\system32\MRT
2013-07-10 20:19:12 ----D---- C:\ProgramData\WarThunder
2013-07-10 20:19:01 ----D---- C:\Program Files (x86)\War Thunder
2013-07-10 14:45:09 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-07-10 14:45:08 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-07-10 14:45:08 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-07-10 14:45:08 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-07-10 14:45:08 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-07-10 14:45:08 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-10 14:45:08 ----A---- C:\Windows\system32\ieui.dll
2013-07-10 14:45:08 ----A---- C:\Windows\system32\iesetup.dll
2013-07-10 14:45:08 ----A---- C:\Windows\system32\iernonce.dll
2013-07-10 14:45:08 ----A---- C:\Windows\system32\ie4uinit.exe
2013-07-10 14:45:07 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-07-10 14:45:07 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-07-10 14:45:07 ----A---- C:\Windows\system32\msfeeds.dll
2013-07-10 14:45:07 ----A---- C:\Windows\system32\iesysprep.dll
2013-07-10 14:45:07 ----A---- C:\Windows\system32\iertutil.dll
2013-07-10 14:45:06 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-07-10 14:45:06 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-07-10 14:45:06 ----A---- C:\Windows\system32\jscript9.dll
2013-07-10 14:45:06 ----A---- C:\Windows\system32\jscript.dll
2013-07-10 14:45:05 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-07-10 14:45:05 ----A---- C:\Windows\system32\urlmon.dll
2013-07-10 14:45:04 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-07-10 14:45:04 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-07-10 14:45:04 ----A---- C:\Windows\system32\wininet.dll
2013-07-10 14:45:04 ----A---- C:\Windows\system32\jsproxy.dll
2013-07-10 14:45:03 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-07-10 14:45:03 ----A---- C:\Windows\system32\ieframe.dll
2013-07-10 14:45:02 ----A---- C:\Windows\system32\mshtml.dll
2013-07-10 14:45:01 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-07-10 14:38:26 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2013-07-10 14:38:26 ----A---- C:\Windows\system32\WMVDECOD.DLL
2013-07-10 14:38:24 ----A---- C:\Windows\SYSWOW64\qedit.dll
2013-07-10 14:38:24 ----A---- C:\Windows\system32\qedit.dll
2013-07-10 14:38:20 ----A---- C:\Windows\system32\win32k.sys
2013-07-10 14:38:19 ----A---- C:\Windows\system32\DWrite.dll
2013-07-10 14:38:18 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2013-07-08 01:18:20 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-07-08 01:16:43 ----A---- C:\Windows\system32\drivers\dtsoftbus01.sys
2013-07-08 01:16:40 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2013-07-06 14:23:38 ----D---- C:\ProgramData\Package Cache
2013-07-05 22:54:03 ----D---- C:\Users\Jarda\AppData\Roaming\OBS
2013-07-05 22:54:00 ----D---- C:\Program Files (x86)\OBS
2013-07-04 16:26:47 ----D---- C:\ProgramData\TrackMania
2013-07-03 19:49:08 ----SHD---- C:\Windows\SYSWOW64\AI_RecycleBin
2013-07-03 19:48:58 ----D---- C:\Users\Jarda\AppData\Roaming\.minecraft
2013-06-29 02:27:20 ----D---- C:\Program Files\GIMP 2
2013-06-27 17:58:14 ----D---- C:\Program Files (x86)\Company of Heroes 2
2013-06-25 22:59:04 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2013-06-25 01:08:56 ----D---- C:\Users\Jarda\AppData\Roaming\Media Player Classic
2013-06-25 01:08:21 ----D---- C:\Program Files\MPC-HC

======List of files/folders modified in the last 1 months======

2013-07-24 19:27:38 ----D---- C:\Windows\Prefetch
2013-07-24 15:41:09 ----RSD---- C:\Windows\assembly
2013-07-24 15:41:09 ----D---- C:\Windows\Microsoft.NET
2013-07-24 15:02:52 ----D---- C:\Windows\System32
2013-07-24 15:02:52 ----D---- C:\Windows\inf
2013-07-24 15:02:52 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-07-24 13:24:36 ----D---- C:\Windows\temp
2013-07-24 13:24:15 ----D---- C:\Windows\system32\config
2013-07-24 13:14:51 ----D---- C:\Program Files (x86)\Steam
2013-07-24 13:14:06 ----SHD---- C:\Windows\Installer
2013-07-24 13:14:05 ----D---- C:\ProgramData\Microsoft Help
2013-07-24 13:09:09 ----SHD---- C:\System Volume Information
2013-07-24 08:31:11 ----D---- C:\Users\Jarda\AppData\Roaming\Skype
2013-07-24 08:24:48 ----D---- C:\Fraps
2013-07-24 08:24:45 ----D---- C:\Windows\system32\Tasks
2013-07-24 08:23:23 ----D---- C:\ProgramData\NVIDIA
2013-07-24 02:26:53 ----D---- C:\Users\Jarda\AppData\Roaming\TS3Client
2013-07-23 20:33:19 ----D---- C:\ProgramData\Skype
2013-07-23 20:33:18 ----RD---- C:\Program Files (x86)\Skype
2013-07-23 20:07:17 ----D---- C:\Windows
2013-07-23 20:05:55 ----AD---- C:\ProgramData
2013-07-23 16:58:21 ----D---- C:\Windows\system32\NDF
2013-07-22 23:11:10 ----RD---- C:\Program Files (x86)
2013-07-22 23:03:26 ----D---- C:\Windows\system32\catroot2
2013-07-22 22:44:12 ----D---- C:\Windows\system32\drivers
2013-07-22 22:41:23 ----D---- C:\Windows\system32\DriverStore
2013-07-22 22:41:23 ----D---- C:\Windows\system32\catroot
2013-07-22 21:46:54 ----RD---- C:\Program Files
2013-07-22 21:41:37 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-07-22 21:19:32 ----RSD---- C:\Windows\Fonts
2013-07-22 17:17:59 ----D---- C:\Program Files (x86)\MSI Afterburner
2013-07-21 01:40:21 ----RD---- C:\DOWNLOAD
2013-07-21 01:15:52 ----D---- C:\Users\Jarda\AppData\Roaming\uTorrent
2013-07-20 23:54:49 ----D---- C:\Windows\SysWOW64
2013-07-20 23:43:01 ----D---- C:\Users\Jarda\AppData\Roaming\DAEMON Tools Lite
2013-07-20 14:05:37 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-07-20 01:30:26 ----D---- C:\Program Files (x86)\Origin
2013-07-18 18:47:26 ----D---- C:\Windows\Logs
2013-07-16 22:13:28 ----D---- C:\Program Files (x86)\Metro Last Light
2013-07-15 02:22:48 ----D---- C:\Windows\Panther
2013-07-15 02:22:48 ----D---- C:\Windows\debug
2013-07-12 10:22:48 ----D---- C:\Windows\winsxs
2013-07-12 03:25:53 ----D---- C:\Program Files\Windows Journal
2013-07-12 03:25:53 ----D---- C:\Program Files\Windows Defender
2013-07-12 03:25:53 ----D---- C:\Program Files\Internet Explorer
2013-07-12 03:25:53 ----D---- C:\Program Files (x86)\Windows Defender
2013-07-12 03:25:53 ----D---- C:\Program Files (x86)\Internet Explorer
2013-07-11 19:18:58 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2013-07-11 08:08:03 ----D---- C:\Windows\SYSWOW64\directx
2013-07-11 08:07:57 ----HD---- C:\Windows\msdownld.tmp
2013-07-10 15:03:10 ----D---- C:\Program Files\Microsoft Security Client
2013-07-10 15:02:55 ----D---- C:\Program Files (x86)\Microsoft Security Client
2013-07-08 01:14:42 ----D---- C:\Users\Jarda\AppData\Roaming\vlc
2013-07-08 01:10:33 ----D---- C:\Program Files (x86)\Grand Theft Auto Vice City Stories
2013-07-06 14:22:56 ----A---- C:\Windows\SYSWOW64\PnkBstrA.exe
2013-07-05 12:30:32 ----D---- C:\Windows\Tasks
2013-07-04 14:44:04 ----D---- C:\Users\Jarda\AppData\Roaming\Mozilla
2013-06-30 22:36:11 ----D---- C:\Program Files\CCleaner
2013-06-27 18:19:13 ----D---- C:\Program Files (x86)\GRID 2
2013-06-25 13:47:11 ----D---- C:\Users\Jarda\AppData\Roaming\NVIDIA

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-06-18 247216]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2011-11-03 56208]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-07-08 283064]
R1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VBoxDrv.sys [2012-12-19 237992]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [2012-12-19 120232]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2012-03-13 88480]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2012-03-13 46400]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-06-18 139616]
R3 ALSysIO;ALSysIO; \??\C:\Users\Jarda\AppData\Local\Temp\ALSysIO64.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-06-12 4060560]
R3 MBfilt;MBfilt; C:\Windows\system32\drivers\MBfilt64.sys [2009-11-18 32344]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2012-12-19 194488]
R3 RTCore64;RTCore64; \??\C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [2013-01-23 13368]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\Windows\system32\DRIVERS\seehcri.sys [2012-12-31 34032]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\Windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys [2012-12-19 146856]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2011-10-27 36328]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2012-09-19 102368]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2011-09-02 66840]
S3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2011-09-02 60696]
S3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\Windows\System32\Drivers\LUsbFilt.Sys [2011-09-02 42776]
S3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 25928]
S3 monectdevices;Monect Hid Device; C:\Windows\system32\DRIVERS\monectdevices.sys [2013-03-23 10432]
S3 ScreamBAudioSvc;ScreamBee Audio; C:\Windows\system32\drivers\ScreamingBAudio64.sys [2010-07-01 38992]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2011-10-27 127488]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\Windows\system32\DRIVERS\ss_bus.sys [2011-10-27 127488]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\Windows\system32\DRIVERS\ss_mdfl.sys [2011-10-27 18944]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\Windows\system32\DRIVERS\ss_mdm.sys [2011-10-27 161280]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-10-27 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-10-27 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-10-27 177640]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2011-10-27 136264]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2011-10-27 19016]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2011-10-27 172104]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2012-09-19 203104]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2012-12-19 132008]
S3 VBoxUSB;VirtualBox USB; C:\Windows\System32\Drivers\VBoxUSB.sys [2012-05-22 117080]
S3 WinUsb;SAMSUNG Android USB Driver; C:\Windows\system32\drivers\WinUsb.sys [2010-11-20 41984]
S3 xnacc;Služba ovladače pro řadič XBOX 360 pro systém Windows; C:\Windows\system32\DRIVERS\xnacc.sys [2009-07-14 679936]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-06-20 23808]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-03-15 877856]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-03-14 383264]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2013-06-20 366600]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-06-21 162408]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
S3 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-03-09 50921648]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-07-10 559016]
S3 TunngleService;TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2013-06-24 754584]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]
S4 MonectServerService;MonectServerService; C:\Users\Jarda\Downloads\Monect_v2.0.3\MonectServerService.exe []
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-03-15 1266464]
S4 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-07-06 76888]
S4 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-06-07 4150112]

-----------------EOF-----------------

Re: Preventivka

Napsal: 25 črc 2013 14:42
od Márty84
:arrow: Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s
Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

Re: Preventivka

Napsal: 26 črc 2013 13:05
od Jarda62
OTL logfile created on: 26.7.2013 13:34:29 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jarda\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

7,97 Gb Total Physical Memory | 5,58 Gb Available Physical Memory | 69,94% Memory free
15,94 Gb Paging File | 12,94 Gb Available in Paging File | 81,17% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,66 Gb Total Space | 28,29 Gb Free Space | 6,08% Space Free | Partition Type: NTFS

Computer Name: JARDA-PC | User Name: Jarda | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013.07.26 13:33:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jarda\Desktop\OTL.exe
PRC - [2013.07.10 03:56:20 | 001,672,616 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2013.07.03 15:16:46 | 003,673,184 | ---- | M] (Disc Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2013.06.25 22:59:07 | 000,389,016 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
PRC - [2013.03.14 22:07:46 | 000,383,264 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013.01.23 08:12:40 | 000,425,016 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
PRC - [2012.08.30 15:20:14 | 002,550,968 | ---- | M] (Beepa P/L) -- C:\Fraps\fraps.exe
PRC - [2010.11.20 14:17:41 | 001,174,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Sidebar\sidebar.exe


========== Modules (No Company Name) ==========

MOD - [2013.07.12 20:49:44 | 000,396,240 | ---- | M] () -- C:\Users\Jarda\AppData\Local\Google\Chrome\Application\28.0.1500.72\ppgooglenaclpluginchrome.dll
MOD - [2013.07.12 20:49:43 | 013,599,184 | ---- | M] () -- C:\Users\Jarda\AppData\Local\Google\Chrome\Application\28.0.1500.72\PepperFlash\pepflashplayer.dll
MOD - [2013.07.12 20:49:42 | 004,052,944 | ---- | M] () -- C:\Users\Jarda\AppData\Local\Google\Chrome\Application\28.0.1500.72\pdf.dll
MOD - [2013.07.12 20:48:52 | 000,601,552 | ---- | M] () -- C:\Users\Jarda\AppData\Local\Google\Chrome\Application\28.0.1500.72\libglesv2.dll
MOD - [2013.07.12 20:48:51 | 000,123,344 | ---- | M] () -- C:\Users\Jarda\AppData\Local\Google\Chrome\Application\28.0.1500.72\libegl.dll
MOD - [2013.07.12 20:48:49 | 001,597,392 | ---- | M] () -- C:\Users\Jarda\AppData\Local\Google\Chrome\Application\28.0.1500.72\ffmpegsumo.dll
MOD - [2013.07.10 03:56:22 | 001,121,704 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2013.07.09 23:45:48 | 020,625,832 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2013.07.01 18:20:48 | 000,652,800 | ---- | M] () -- C:\Program Files (x86)\Steam\SDL2.dll
MOD - [2013.06.25 22:59:08 | 002,244,504 | ---- | M] () -- C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
MOD - [2013.06.25 22:59:08 | 000,158,104 | ---- | M] () -- C:\Program Files (x86)\Mozilla Thunderbird\nsldap32v60.dll
MOD - [2013.06.25 22:59:08 | 000,022,424 | ---- | M] () -- C:\Program Files (x86)\Mozilla Thunderbird\nsldappr32v60.dll
MOD - [2013.06.15 01:49:12 | 001,100,800 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2013.06.15 01:49:12 | 000,192,000 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2013.06.15 01:49:12 | 000,124,416 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll
MOD - [2013.04.04 01:09:40 | 004,300,456 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2013.02.21 01:08:36 | 000,081,920 | ---- | M] () -- C:\Program Files (x86)\DroidCam\lib\DroidCamFilter.ax
MOD - [2013.02.21 01:06:46 | 000,163,840 | ---- | M] () -- C:\Program Files (x86)\DroidCam\lib\DroidCam.dll
MOD - [2013.01.23 08:12:40 | 000,425,016 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
MOD - [2013.01.16 18:01:08 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
MOD - [2013.01.16 18:01:06 | 000,348,160 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
MOD - [2013.01.16 18:01:00 | 000,229,376 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTCore.dll
MOD - [2013.01.16 18:00:58 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTUI.dll
MOD - [2013.01.16 18:00:56 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTFC.dll
MOD - [2012.11.21 07:26:34 | 000,008,704 | ---- | M] () -- C:\Users\Jarda\AppData\Roaming\Thunderbird\Profiles\7gyeo3wk.default\extensions\mintrayr@tn123.ath.cx\lib\tray_x86-msvc.dll
MOD - [2011.04.30 21:04:54 | 000,013,312 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTTSH.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013.06.20 20:33:08 | 000,366,600 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2013.06.20 20:33:08 | 000,023,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2013.05.27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013.07.10 03:56:22 | 000,559,016 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013.07.06 14:22:56 | 000,076,888 | ---- | M] () [Disabled | Stopped] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2013.06.24 17:07:42 | 000,754,584 | ---- | M] (Tunngle.net GmbH) [On_Demand | Stopped] -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe -- (TunngleService)
SRV - [2013.06.21 10:13:12 | 000,162,408 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.06.07 14:39:25 | 004,150,112 | ---- | M] (TeamViewer GmbH) [Disabled | Stopped] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013.03.15 07:53:06 | 001,266,464 | ---- | M] (NVIDIA Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013.03.14 22:07:46 | 000,383,264 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013.07.08 01:16:43 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2013.06.18 21:50:08 | 000,139,616 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2013.04.04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2013.03.23 12:53:16 | 000,010,432 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\monectdevices.sys -- (monectdevices)
DRV:64bit: - [2012.12.31 00:58:50 | 000,034,032 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\seehcri.sys -- (seehcri)
DRV:64bit: - [2012.12.19 15:47:20 | 000,132,008 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV:64bit: - [2012.12.19 07:41:52 | 000,194,488 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012.09.19 11:02:08 | 000,102,368 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2012.09.19 11:02:06 | 000,203,104 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2012.03.13 23:47:20 | 000,088,480 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2012.03.13 23:47:20 | 000,046,400 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.11.03 03:01:00 | 000,056,208 | ---- | M] (Rovi Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2011.10.27 03:25:52 | 000,172,104 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdm.sys -- (sscdmdm)
DRV:64bit: - [2011.10.27 03:25:52 | 000,136,264 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdbus.sys -- (sscdbus)
DRV:64bit: - [2011.10.27 03:25:52 | 000,019,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV:64bit: - [2011.10.27 03:25:48 | 000,127,488 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bbus.sys -- (ss_bbus)
DRV:64bit: - [2011.10.27 03:25:44 | 000,161,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_mdm.sys -- (ss_mdm)
DRV:64bit: - [2011.10.27 03:25:44 | 000,127,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bus.sys -- (ss_bus)
DRV:64bit: - [2011.10.27 03:25:44 | 000,018,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_mdfl.sys -- (ss_mdfl)
DRV:64bit: - [2011.10.27 03:25:42 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2011.10.27 03:25:42 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus)
DRV:64bit: - [2011.10.27 03:25:42 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb)
DRV:64bit: - [2011.10.27 03:25:42 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV:64bit: - [2011.09.02 08:30:46 | 000,042,776 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV:64bit: - [2011.09.02 08:30:36 | 000,060,696 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2011.09.02 08:30:24 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2011.06.10 08:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.10.19 10:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010.07.01 14:21:50 | 000,038,992 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys -- (ScreamBAudioSvc)
DRV:64bit: - [2009.11.18 07:12:00 | 000,032,344 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBfilt64.sys -- (MBfilt)
DRV:64bit: - [2009.09.16 07:02:42 | 000,031,232 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901t.sys -- (tap0901t)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:01:09 | 000,679,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xnacc.sys -- (xnacc)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.03.18 18:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV - [2013.01.23 08:12:38 | 000,013,368 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\MSI Afterburner\RTCore64.sys -- (RTCore64)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-3344855712-2548836808-2162885872-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3344855712-2548836808-2162885872-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE10SR
IE - HKU\S-1-5-21-3344855712-2548836808-2162885872-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "www.seznam.cz"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.4: C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.7: C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Jarda\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Jarda\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Trials Evolution Gold Edition\datapack\orbit\npuplaypc.dll (Ubisoft)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.07.08 01:18:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.07.08 01:18:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.7\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.06.25 22:59:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.7\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2013.06.25 22:59:05 | 000,000,000 | ---D | M]

[2013.07.04 14:44:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jarda\AppData\Roaming\Mozilla\Extensions
[2013.05.26 01:50:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\bmqwkvg7.default\extensions
[2013.07.08 01:18:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013.07.08 01:18:34 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.seznam.cz/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Jarda\AppData\Local\Google\Chrome\Application\28.0.1500.72\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Jarda\AppData\Local\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Jarda\AppData\Local\Google\Chrome\Application\28.0.1500.72\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll
CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Uplay PC (Enabled) = C:\Program Files (x86)\Ubisoft\Trials Evolution Gold Edition\datapack\orbit\npuplaypc.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Jarda\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll
CHR - plugin: Java Deployment Toolkit 7.0.250.17 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - Extension: Classic Blue Chrome Theme - NonAero = C:\Users\Jarda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajoaehknogfmjmhchhifbcbmjfnfncpj\1.0_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\Jarda\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Google Translator Tooltip Expanded = C:\Users\Jarda\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbghbkiieahfdkdnljbcneheldkghgoi\1.8_0\
CHR - Extension: AdBlock = C:\Users\Jarda\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.2_0\
CHR - Extension: Youtube Center Aligned = C:\Users\Jarda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbbgkbcaacbldeocjpalpogghebdhpfg\2.8.7_0\
CHR - Extension: Twitch Now = C:\Users\Jarda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlmbdmpjmlijibeockamioakdpmhjnpk\1.1.36_0\

O1 HOSTS File: ([2012.11.05 23:40:53 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKU\S-1-5-21-3344855712-2548836808-2162885872-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKU\S-1-5-21-3344855712-2548836808-2162885872-1000..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O4 - HKU\S-1-5-21-3344855712-2548836808-2162885872-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3344855712-2548836808-2162885872-1000..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - Startup: C:\Users\Jarda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mozilla Thunderbird.lnk = C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3344855712-2548836808-2162885872-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3344855712-2548836808-2162885872-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3344855712-2548836808-2162885872-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O15 - HKU\.DEFAULT\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-19\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-21-3344855712-2548836808-2162885872-1000\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-3344855712-2548836808-2162885872-1000\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-3344855712-2548836808-2162885872-1000\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-3344855712-2548836808-2162885872-1000\..Trusted Domains: sony.com ([]* in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{51B7B1EB-D3C3-4B1D-8C79-C6D0875E712F}: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B6F61FF5-C0CC-4EFC-AC78-42F9D7AE4138}: DhcpNameServer = 7.254.254.254
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point


Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32:64bit: VIDC.RTV1 - rtvcvfw64.dll ()
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.vorbis - C:\Windows\SysWow64\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FMVC - C:\Windows\SysWow64\fmcodec.DLL (Fox Magic Software)
Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)
Drivers32: VIDC.RTV1 - C:\Windows\SysWow64\rtvcvfw32.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2013.07.26 13:33:33 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Jarda\Desktop\OTL.exe
[2013.07.26 00:45:31 | 000,000,000 | ---D | C] -- C:\Users\Jarda\AppData\Roaming\ts3overlay
[2013.07.25 08:07:13 | 000,000,000 | ---D | C] -- C:\Users\Jarda\AppData\Roaming\Wargaming.net
[2013.07.24 23:18:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks
[2013.07.24 23:18:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\World of Tanks
[2013.07.24 13:10:40 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013.07.22 23:08:17 | 000,000,000 | ---D | C] -- C:\Users\Jarda\AppData\Local\ElevatedDiagnostics
[2013.07.22 21:46:54 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.07.22 21:46:54 | 000,000,000 | ---D | C] -- C:\rsit
[2013.07.22 21:19:32 | 000,000,000 | ---D | C] -- C:\Users\Jarda\Documents\Tunngle
[2013.07.22 21:19:32 | 000,000,000 | ---D | C] -- C:\Users\Jarda\AppData\Roaming\Tunngle
[2013.07.22 21:19:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Tunngle
[2013.07.22 21:19:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tunngle
[2013.07.22 21:19:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tunngle
[2013.07.21 17:52:33 | 000,000,000 | ---D | C] -- C:\Users\Jarda\AppData\Local\Introversion
[2013.07.21 01:05:10 | 000,000,000 | R--D | C] -- C:\Users\Jarda\Documents\Ubisoft
[2013.07.20 23:54:49 | 000,804,384 | ---- | C] (Firelight Technologies) -- C:\Windows\SysWow64\fmodex.dll
[2013.07.20 23:54:49 | 000,312,864 | ---- | C] (Firelight Technologies) -- C:\Windows\SysWow64\fmod_event.dll
[2013.07.20 23:51:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ubisoft
[2013.07.18 18:49:07 | 000,000,000 | ---D | C] -- C:\Users\Jarda\Documents\Shiner
[2013.07.18 18:49:05 | 000,000,000 | ---D | C] -- C:\Users\Jarda\Documents\Robot Entertainment
[2013.07.18 18:49:05 | 000,000,000 | ---D | C] -- C:\Users\Jarda\AppData\Local\Robot Entertainment
[2013.07.14 21:08:10 | 000,000,000 | ---D | C] -- C:\Users\Jarda\Documents\Anomaly Warzone Earth
[2013.07.12 12:01:08 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2013.07.10 20:19:12 | 000,000,000 | ---D | C] -- C:\Users\Jarda\AppData\Local\WarThunder
[2013.07.10 20:19:12 | 000,000,000 | ---D | C] -- C:\ProgramData\WarThunder
[2013.07.10 20:19:03 | 000,000,000 | ---D | C] -- C:\Users\Jarda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\War Thunder
[2013.07.10 20:19:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\War Thunder
[2013.07.10 14:45:09 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.07.10 14:45:08 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.07.10 14:45:08 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013.07.10 14:45:08 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013.07.10 14:45:08 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013.07.10 14:45:08 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013.07.10 14:45:08 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013.07.10 14:45:08 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013.07.10 14:45:08 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013.07.10 14:45:08 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013.07.10 14:45:07 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.07.10 14:45:07 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013.07.10 14:45:06 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.07.10 14:45:06 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.07.10 14:45:06 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.07.10 14:38:26 | 001,887,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2013.07.10 14:38:26 | 001,620,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2013.07.10 14:38:24 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2013.07.10 14:38:24 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2013.07.10 14:38:19 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2013.07.08 01:18:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.07.08 01:16:43 | 000,283,064 | ---- | C] (Disc Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2013.07.08 01:16:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2013.07.07 18:07:36 | 000,000,000 | ---D | C] -- C:\Users\Jarda\Desktop\Gimp
[2013.07.06 14:23:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2013.07.05 22:54:03 | 000,000,000 | ---D | C] -- C:\Users\Jarda\AppData\Roaming\OBS
[2013.07.05 22:54:02 | 000,000,000 | ---D | C] -- C:\Users\Jarda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software
[2013.07.05 22:54:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OBS
[2013.07.04 19:55:08 | 000,000,000 | ---D | C] -- C:\Users\Jarda\AppData\Local\gtk-2.0
[2013.07.04 19:43:00 | 000,000,000 | ---D | C] -- C:\Users\Jarda\AppData\Local\webkit
[2013.07.04 19:36:21 | 000,000,000 | ---D | C] -- C:\Users\Jarda\.thumbnails
[2013.07.04 16:26:47 | 000,000,000 | ---D | C] -- C:\ProgramData\TrackMania
[2013.07.04 16:26:44 | 000,000,000 | ---D | C] -- C:\Users\Jarda\Documents\TrackMania
[2013.07.03 19:49:08 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\AI_RecycleBin
[2013.07.03 19:48:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft
[2013.07.03 19:48:58 | 000,000,000 | ---D | C] -- C:\Users\Jarda\AppData\Roaming\.minecraft
[2013.06.29 02:28:45 | 000,000,000 | ---D | C] -- C:\Users\Jarda\AppData\Local\gegl-0.2
[2013.06.29 02:28:45 | 000,000,000 | ---D | C] -- C:\Users\Jarda\.gimp-2.8
[2013.06.29 02:27:20 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP 2
[2013.06.28 00:52:21 | 000,000,000 | ---D | C] -- C:\Users\Jarda\AppData\Local\ESN Sonar
[2013.06.27 18:18:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Company of Heroes 2
[2013.06.27 17:58:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Company of Heroes 2
[6 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013.07.26 13:36:17 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.07.26 13:36:10 | 000,019,312 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.07.26 13:36:10 | 000,019,312 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.07.26 13:34:21 | 001,577,410 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.07.26 13:34:21 | 000,666,406 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2013.07.26 13:34:21 | 000,652,150 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.07.26 13:34:21 | 000,140,102 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2013.07.26 13:34:21 | 000,121,082 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.07.26 13:33:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jarda\Desktop\OTL.exe
[2013.07.26 13:28:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.07.26 13:28:41 | 2124,959,743 | -HS- | M] () -- C:\hiberfil.sys
[2013.07.24 23:18:17 | 000,001,068 | ---- | M] () -- C:\Users\Public\Desktop\World of Tanks.lnk
[2013.07.23 16:41:21 | 000,666,633 | ---- | M] () -- C:\Users\Jarda\Desktop\adwcleaner.exe
[2013.07.22 23:19:39 | 000,010,322 | ---- | M] () -- C:\Users\Jarda\AppData\Local\recently-used.xbel
[2013.07.22 21:21:38 | 004,965,296 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.07.22 21:19:32 | 000,000,995 | ---- | M] () -- C:\Users\Public\Desktop\Tunngle beta.lnk
[2013.07.22 18:18:51 | 000,054,530 | ---- | M] () -- C:\Users\Jarda\Desktop\27746_1141935325785_5825248_n.jpg
[2013.07.22 18:17:50 | 000,048,090 | ---- | M] () -- C:\Users\Jarda\Desktop\aA9CbGL.jpg
[2013.07.21 01:16:37 | 000,000,863 | ---- | M] () -- C:\Users\Jarda\Desktop\Prison Architect.lnk
[2013.07.21 01:15:23 | 000,001,991 | ---- | M] () -- C:\Users\Jarda\Desktop\Trials Evolution Gold Edition.lnk
[2013.07.20 14:05:37 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.07.20 14:05:37 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.07.18 19:34:20 | 000,000,222 | ---- | M] () -- C:\Users\Jarda\Desktop\Ace of Spades.url
[2013.07.18 17:32:35 | 000,000,222 | ---- | M] () -- C:\Users\Jarda\Desktop\Orcs Must Die! 2.url
[2013.07.15 14:02:28 | 000,000,962 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3344855712-2548836808-2162885872-1000UA.job
[2013.07.15 14:02:28 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3344855712-2548836808-2162885872-1000Core.job
[2013.07.14 23:53:16 | 000,000,219 | ---- | M] () -- C:\Users\Jarda\Desktop\Portal 2.url
[2013.07.11 20:55:45 | 000,000,219 | ---- | M] () -- C:\Users\Jarda\Desktop\Counter-Strike Global Offensive.url
[2013.07.11 19:18:58 | 000,290,776 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2013.07.11 19:18:58 | 000,290,776 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013.07.11 19:17:03 | 000,281,288 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2013.07.10 20:19:03 | 000,001,114 | ---- | M] () -- C:\Users\Public\Desktop\War Thunder.lnk
[2013.07.10 15:03:41 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
[2013.07.08 16:45:51 | 000,001,002 | ---- | M] () -- C:\Users\Public\Desktop\GIMP 2.lnk
[2013.07.08 01:16:43 | 000,283,064 | ---- | M] (Disc Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2013.07.06 14:22:56 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013.07.06 00:49:52 | 000,000,222 | ---- | M] () -- C:\Users\Jarda\Desktop\APB Reloaded.url
[2013.07.05 22:54:02 | 000,000,939 | ---- | M] () -- C:\Users\Jarda\Desktop\Open Broadcaster Software.lnk
[2013.07.05 22:45:52 | 000,000,028 | ---- | M] () -- C:\ProgramData\droidcam-settings
[2013.07.04 16:13:44 | 000,000,221 | ---- | M] () -- C:\Users\Jarda\Desktop\TrackMania Nations Forever.url
[2013.07.03 20:05:04 | 000,001,743 | ---- | M] () -- C:\Users\Jarda\Desktop\Minecraft.lnk
[2013.07.01 03:32:28 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\Access.dat
[2013.06.29 02:22:56 | 000,004,096 | ---- | M] () -- C:\Windows\d3dx.dat
[2013.06.28 00:49:30 | 000,001,746 | ---- | M] () -- C:\Users\Jarda\Desktop\MPC-HC.lnk
[2013.06.27 18:18:12 | 000,001,093 | ---- | M] () -- C:\Users\Public\Desktop\Company of Heroes 2.lnk
[6 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013.07.26 13:36:17 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.07.24 23:18:17 | 000,001,068 | ---- | C] () -- C:\Users\Public\Desktop\World of Tanks.lnk
[2013.07.23 16:42:28 | 000,666,633 | ---- | C] () -- C:\Users\Jarda\Desktop\adwcleaner.exe
[2013.07.22 23:19:39 | 000,010,322 | ---- | C] () -- C:\Users\Jarda\AppData\Local\recently-used.xbel
[2013.07.22 21:19:32 | 000,000,995 | ---- | C] () -- C:\Users\Public\Desktop\Tunngle beta.lnk
[2013.07.22 18:24:52 | 000,054,530 | ---- | C] () -- C:\Users\Jarda\Desktop\27746_1141935325785_5825248_n.jpg
[2013.07.22 18:17:50 | 000,048,090 | ---- | C] () -- C:\Users\Jarda\Desktop\aA9CbGL.jpg
[2013.07.21 01:16:37 | 000,000,863 | ---- | C] () -- C:\Users\Jarda\Desktop\Prison Architect.lnk
[2013.07.21 01:15:23 | 000,001,991 | ---- | C] () -- C:\Users\Jarda\Desktop\Trials Evolution Gold Edition.lnk
[2013.07.18 19:34:20 | 000,000,222 | ---- | C] () -- C:\Users\Jarda\Desktop\Ace of Spades.url
[2013.07.18 17:32:35 | 000,000,222 | ---- | C] () -- C:\Users\Jarda\Desktop\Orcs Must Die! 2.url
[2013.07.15 14:01:54 | 004,965,296 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.07.14 23:53:16 | 000,000,219 | ---- | C] () -- C:\Users\Jarda\Desktop\Portal 2.url
[2013.07.11 20:55:45 | 000,000,219 | ---- | C] () -- C:\Users\Jarda\Desktop\Counter-Strike Global Offensive.url
[2013.07.10 20:19:03 | 000,001,114 | ---- | C] () -- C:\Users\Public\Desktop\War Thunder.lnk
[2013.07.06 00:49:52 | 000,000,222 | ---- | C] () -- C:\Users\Jarda\Desktop\APB Reloaded.url
[2013.07.05 22:54:02 | 000,000,939 | ---- | C] () -- C:\Users\Jarda\Desktop\Open Broadcaster Software.lnk
[2013.07.04 16:13:44 | 000,000,221 | ---- | C] () -- C:\Users\Jarda\Desktop\TrackMania Nations Forever.url
[2013.07.03 20:05:04 | 000,001,743 | ---- | C] () -- C:\Users\Jarda\Desktop\Minecraft.lnk
[2013.06.29 02:28:00 | 000,001,002 | ---- | C] () -- C:\Users\Public\Desktop\GIMP 2.lnk
[2013.06.29 02:22:56 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2013.06.27 18:18:12 | 000,001,093 | ---- | C] () -- C:\Users\Public\Desktop\Company of Heroes 2.lnk
[2013.06.25 13:18:14 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat
[2013.06.12 22:18:21 | 000,000,021 | ---- | C] () -- C:\Windows\SurCode.INI
[2013.06.09 01:07:45 | 000,000,528 | ---- | C] () -- C:\Windows\eReg.dat
[2013.04.13 11:08:43 | 000,290,776 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013.04.13 11:08:42 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013.02.25 22:40:00 | 000,000,028 | ---- | C] () -- C:\ProgramData\droidcam-settings
[2013.02.17 15:04:40 | 001,065,984 | ---- | C] () -- C:\Users\Jarda\AppData\Local\file__0.localstorage
[2013.02.02 22:15:13 | 000,045,568 | ---- | C] () -- C:\Windows\UniFish3.exe
[2012.12.18 11:06:06 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2012.12.18 11:06:06 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2012.12.18 11:06:06 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2012.12.18 11:06:06 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2012.09.28 21:45:06 | 000,247,296 | ---- | C] () -- C:\Windows\SysWow64\rtvcvfw32.dll
[2012.08.23 16:27:44 | 000,069,632 | ---- | C] () -- C:\Windows\SysWow64\GkSui18.EXE
[2012.08.05 15:27:47 | 003,130,440 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_blr.exe
[2012.07.13 01:56:21 | 000,000,004 | ---- | C] () -- C:\Users\Jarda\AppData\Roaming\steam_md5.dat
[2012.07.07 11:26:44 | 002,580,552 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2012.05.23 18:05:26 | 000,151,552 | ---- | C] () -- C:\Windows\SysWow64\ngoyvsdf.dat
[2012.04.12 18:37:48 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Access.dat
[2011.12.21 15:19:41 | 001,555,696 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.12.16 16:25:09 | 000,007,597 | ---- | C] () -- C:\Users\Jarda\AppData\Local\Resmon.ResmonCfg
[2011.12.10 21:20:07 | 000,000,331 | ---- | C] () -- C:\Windows\game.ini
[2011.12.10 14:32:02 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011.09.28 18:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat

========== ZeroAccess Check ==========

[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013.07.21 01:35:18 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\.minecraft
[2013.07.20 23:43:01 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\DAEMON Tools Lite
[2011.12.09 19:04:16 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\Leadertech
[2013.07.05 22:54:03 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\OBS
[2013.03.04 00:19:19 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\Oracle SQL Developer Data Modeler
[2013.06.04 01:27:12 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\Origin
[2013.06.12 22:18:21 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\PACE Anti-Piracy
[2012.12.31 15:37:43 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\QIP
[2013.03.04 00:19:37 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\Subversion
[2013.05.12 15:44:57 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\TeamViewer
[2012.11.23 22:47:35 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\Theta
[2012.10.27 16:09:24 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\Thunderbird
[2013.07.26 02:54:37 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\TS3Client
[2013.07.26 00:45:33 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\ts3overlay
[2013.07.22 21:25:23 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\Tunngle
[2013.03.19 00:55:14 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\Unity
[2013.07.21 01:15:52 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\uTorrent
[2012.03.01 20:35:50 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\VitySoft
[2013.07.25 08:07:13 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\Wargaming.net
[2013.04.25 19:13:19 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\Windows Live Writer

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,032,634 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2013.02.21 23:31:09 | 000,000,910 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3344855712-2548836808-2162885872-1000Core.job
[2013.02.21 23:31:09 | 000,000,962 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3344855712-2548836808-2162885872-1000UA.job
[2013.03.20 23:30:40 | 000,000,906 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3344855712-2548836808-2162885872-1000Core.job
[2013.03.20 23:30:41 | 000,000,928 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3344855712-2548836808-2162885872-1000UA.job

< >

< MD5 for: AGP440.SYS >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\erdnt\cache64\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\erdnt\cache86\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\erdnt\cache64\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2012.06.02 06:52:32 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=063DD65889D21035311463337BD268E7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_788c7cc71232cc19\cryptsvc.dll
[2012.04.24 06:36:42 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=06E771AA596B8761107AB57E99F128D7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_77ff39f3f916c65f\cryptsvc.dll
[2010.11.20 15:25:59 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2012.04.24 06:28:22 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=21993009E0CCB9B4FA195F14D3408626 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_7854c7b7125b248c\cryptsvc.dll
[2013.05.10 06:49:59 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=33ADF6E0853AB39EA1723BE82842C1D3 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_77d7a417f9359661\cryptsvc.dll
[2013.05.13 06:45:55 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=3897DFF247D9ED0006190349DE264E14 -- C:\Windows\SysWOW64\cryptsvc.dll
[2013.05.13 06:45:55 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=3897DFF247D9ED0006190349DE264E14 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_77d8a461f934afb8\cryptsvc.dll
[2012.06.02 07:32:25 | 000,183,808 | ---- | M] (Microsoft Corporation) MD5=456107D69D4EE850A559434F19EFEE65 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21225_none_d2beeccacd6d6c07\cryptsvc.dll
[2012.04.24 07:37:37 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=4F5414602E2544A4554D95517948B705 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_d41dd577b1743795\cryptsvc.dll
[2012.04.24 06:47:04 | 000,139,264 | ---- | M] (Microsoft Corporation) MD5=520A108A2657F4BCA7FCED9CA7D885DE -- C:\Windows\erdnt\cache86\cryptsvc.dll
[2012.04.24 06:47:04 | 000,139,264 | ---- | M] (Microsoft Corporation) MD5=520A108A2657F4BCA7FCED9CA7D885DE -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17008_none_762f534bfbdf7203\cryptsvc.dll
[2012.06.04 09:52:35 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=7E7D2DACF65D750D466F36BD3D09AE20 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_d4ab184aca903d4f\cryptsvc.dll
[2013.05.10 07:49:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=7FDC4626B01106A8EF328C88C7C0DEE3 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_d3f63f9bb1930797\cryptsvc.dll
[2013.05.11 07:18:23 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=8122252F0A4ACFA92FA0C1D50D18493B -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_d4a24ea4ca968363\cryptsvc.dll
[2009.07.14 03:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_d1f48b0bb4805490\cryptsvc.dll
[2012.06.02 06:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=96C0E38905CFD788313BE8E11DAE3F2F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_77ddc9e5f93000db\cryptsvc.dll
[2012.06.02 07:41:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=9C01375BE382E834CC26D1B7EAF2C4FE -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_d3fc6569b18d7211\cryptsvc.dll
[2009.07.14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
[2010.11.20 14:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
[2013.05.11 06:59:05 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=AC04D05309BB2C418D0D80B9FB014642 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_7883b3211239122d\cryptsvc.dll
[2012.04.24 07:22:32 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=B7337E9C9E5936355BB700AA33E0936E -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_d473633acab895c2\cryptsvc.dll
[2012.06.02 07:25:12 | 000,182,272 | ---- | M] (Microsoft Corporation) MD5=BAF19B633933A9FB4883D27D66C39E9A -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17035_none_d22a7e2db457eb07\cryptsvc.dll
[2013.05.10 07:18:53 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=CA13C4F92BEE66DB48E58AB3223DDF6E -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_d4a14e5aca976a0c\cryptsvc.dll
[2012.04.24 07:36:46 | 000,183,808 | ---- | M] (Microsoft Corporation) MD5=CE8BF1423AEE47DA5275FBC8AD3BD642 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21199_none_d2773c98cda297d3\cryptsvc.dll
[2013.05.13 07:51:01 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=D8129C49798CBBFB2E4351D4B7B8EF9C -- C:\Windows\SysNative\cryptsvc.dll
[2013.05.13 07:51:01 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=D8129C49798CBBFB2E4351D4B7B8EF9C -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_d3f73fe5b19220ee\cryptsvc.dll
[2013.05.10 07:06:21 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=E122AA1C9A3CC46FF9DDDE46E5EB0C58 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_7882b2d71239f8d6\cryptsvc.dll
[2012.06.02 06:41:59 | 000,141,312 | ---- | M] (Microsoft Corporation) MD5=EA8C26ECF1656D9647EF044F115EC6DA -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21225_none_76a05147150ffad1\cryptsvc.dll
[2012.04.24 07:59:45 | 000,182,272 | ---- | M] (Microsoft Corporation) MD5=F02786B66375292E58C8777082D4396D -- C:\Windows\erdnt\cache64\cryptsvc.dll
[2012.04.24 07:59:45 | 000,182,272 | ---- | M] (Microsoft Corporation) MD5=F02786B66375292E58C8777082D4396D -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17008_none_d24deecfb43ce339\cryptsvc.dll
[2012.06.02 06:45:21 | 000,139,264 | ---- | M] (Microsoft Corporation) MD5=F2FDE6C8DBAAD44CC58D1E07E4AF4EED -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17035_none_760be2a9fbfa79d1\cryptsvc.dll
[2012.04.24 06:33:53 | 000,141,312 | ---- | M] (Microsoft Corporation) MD5=F522279B4717E2BFF269C771FAC2B78E -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21199_none_7658a1151545269d\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\erdnt\cache86\explorer.exe
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009.08.03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009.08.03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: HAL.DLL >
[2009.07.14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: IASTORV.SYS >
[2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011.03.11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011.03.11 08:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

Re: Preventivka

Napsal: 26 črc 2013 13:05
od Jarda62
< MD5 for: ISAPNP.SYS >
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\drivers\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\isapnp.sys

< MD5 for: LSASS.EXE >
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_023f7c69767c3edd\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_023e7e05767d22ad\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_02bd4ae48fa2de68\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe
[2011.11.17 08:20:34 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0A10B74FBB437FF9A23F1D5DE4446A83 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_04c1204e8cb39c3f\lsass.exe
[2011.11.17 09:05:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=156F6159457D0AA7E59B62681B56EB90 -- C:\Windows\erdnt\cache64\lsass.exe
[2011.11.17 09:05:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=156F6159457D0AA7E59B62681B56EB90 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16915_none_028b374176436a30\lsass.exe
[2011.11.17 09:05:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=156F6159457D0AA7E59B62681B56EB90 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.17035_none_02756f8b7653d554\lsass.exe
[2012.08.24 19:43:36 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=77119F1F9B492B260030C34F9BE327FA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22099_none_04a88ce28cc4eb33\lsass.exe
[2012.06.04 09:51:10 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=79C908CAA6F43021EB05F4C733A927D1 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_04f609a88c8c279c\lsass.exe
[2012.06.02 07:30:31 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=BF63CE11A25F3509129888710D5111FC -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21225_none_0309de288f695654\lsass.exe
[2011.11.17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\SysNative\lsass.exe
[2011.11.17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_0466c45b7371f20d\lsass.exe
[2011.11.17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_044756c773895c5e\lsass.exe
[2011.11.17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17940_none_044c26dd7386a58a\lsass.exe
[2011.11.17 08:42:52 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=D21BD47E528CD62E79311FB5DF0150E6 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21092_none_02bb2a0a8fa4d398\lsass.exe

< MD5 for: NDIS.SYS >
[2012.08.22 20:06:07 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=5E74508FCB5820B29EEAFE24E6035BCF -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_06232d534c0a8d67\ndis.sys
[2012.08.22 20:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\SysNative\drivers\ndis.sys
[2012.08.22 20:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_05dc9a6832ba428a\ndis.sys
[2010.11.20 15:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys
[2009.07.14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\erdnt\cache64\ndis.sys
[2009.07.14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\erdnt\cache64\netlogon.dll
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\erdnt\cache86\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

< MD5 for: NVRAID.SYS >
[2011.03.11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\drivers\nvraid.sys
[2011.03.11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvraid.sys
[2011.03.11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvraid.sys
[2009.07.14 03:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvraid.sys
[2010.11.20 15:33:48 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvraid.sys
[2010.11.20 15:33:48 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvraid.sys
[2011.03.11 08:19:21 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=666CA16F17914C1CD3616CF16DE0A6EA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvraid.sys
[2011.03.11 08:23:06 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A4D9C9A608A97F59307C2F2600EDC6A4 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvraid.sys
[2011.03.11 08:25:53 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A5C82EB2F72AA004887F90B84A771F73 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011.03.11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011.03.11 08:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\erdnt\cache86\scecli.dll
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\erdnt\cache64\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SMSS.EXE >
[2009.07.14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe
[2013.03.19 04:57:17 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=498E2A20E145199709CD100CDBA8603D -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22280_none_0a9a7b3b492b4d05\smss.exe
[2013.03.19 05:20:12 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=7180204786A9DED8723B2D8CF3CDD388 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.21490_none_08a94e494c0cfd0a\smss.exe
[2013.03.19 05:06:33 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0371DE302FFFF8F086661611BE60848 -- C:\Windows\SysNative\smss.exe
[2013.03.19 05:06:33 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0371DE302FFFF8F086661611BE60848 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18113_none_0a5f8ec22fd235a9\smss.exe
[2013.03.19 05:19:03 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=FA64733BD65F52712F0545F56FDB4BE6 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.17273_none_0838504e32dc743c\smss.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\erdnt\cache86\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\erdnt\cache64\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.04.25 07:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys
[2012.10.03 19:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2011.09.29 19:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2013.05.08 08:14:42 | 001,900,392 | ---- | M] (Microsoft Corporation) MD5=3E94650745D4DAB67E161F5F32CEA597 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22319_none_11d29984961f0be0\tcpip.sys
[2010.11.20 15:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2013.01.04 07:41:01 | 001,893,224 | ---- | M] (Microsoft Corporation) MD5=5CFB7AB8F9524D1A1E14369DE63B83CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_0f6a6af57fd59de6\tcpip.sys
[2012.03.30 12:19:17 | 001,877,872 | ---- | M] (Microsoft Corporation) MD5=5EFD096DEF47F8B88EF591DA92143440 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_0faa5514992a39a7\tcpip.sys
[2011.04.25 07:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys
[2012.03.30 13:09:53 | 001,895,280 | ---- | M] (Microsoft Corporation) MD5=624C5B3AA4C99B3184BB922D9ECE3FF0 -- C:\Windows\erdnt\cache64\tcpip.sys
[2012.03.30 13:09:53 | 001,895,280 | ---- | M] (Microsoft Corporation) MD5=624C5B3AA4C99B3184BB922D9ECE3FF0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_0f140fa780164fde\tcpip.sys
[2013.01.03 07:57:12 | 001,876,824 | ---- | M] (Microsoft Corporation) MD5=692969AB90BDA19F56E27BF89A9260E2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_0fe8397098fc3d71\tcpip.sys
[2010.04.09 13:06:28 | 001,898,376 | ---- | M] (Microsoft Corporation) MD5=7FC877A25796D8ADF539E64703FCA7E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16569_none_0f2ca8c580036f65\tcpip.sys
[2012.03.30 12:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2009.07.14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2011.04.25 07:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2013.05.08 08:39:01 | 001,910,632 | ---- | M] (Microsoft Corporation) MD5=9849EA3843A2ADBDD1497E97A85D8CAE -- C:\Windows\SysNative\drivers\tcpip.sys
[2013.05.08 08:39:01 | 001,910,632 | ---- | M] (Microsoft Corporation) MD5=9849EA3843A2ADBDD1497E97A85D8CAE -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18148_none_11278ac57d1aa96b\tcpip.sys
[2010.04.09 09:56:29 | 001,892,232 | ---- | M] (Microsoft Corporation) MD5=A9C0F786AC1F736891D05CE0A1D29DEB -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20687_none_0f9ea52499331463\tcpip.sys
[2011.09.29 18:17:51 | 001,886,064 | ---- | M] (Microsoft Corporation) MD5=AC3E29880DB5659532A1AA3439304A43 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_0fad20ca992955d7\tcpip.sys
[2012.03.30 13:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2013.01.03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2011.04.25 08:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2013.01.04 07:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys
[2012.10.03 19:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2011.09.29 18:24:44 | 001,897,328 | ---- | M] (Microsoft Corporation) MD5=F18F56EFC0BFB9C87BA01C37B27F4DA5 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_0f170e9f80139ebc\tcpip.sys
[2011.09.29 18:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\erdnt\cache86\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\erdnt\cache64\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\erdnt\cache64\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< MD5 for: WS2_32.DLL >
[2010.11.20 15:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\SysNative\ws2_32.dll
[2010.11.20 15:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[2009.07.14 03:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\erdnt\cache64\ws2_32.dll
[2009.07.14 03:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_4eaca269e8070c6b\ws2_32.dll
[2010.11.20 14:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SysWOW64\ws2_32.dll
[2010.11.20 14:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
[2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\erdnt\cache86\ws2_32.dll
[2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[5 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[6 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[6 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[6 C:\Windows\SysWOW64\*.tmp files -> C:\Windows\SysWOW64\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2013.07.21 01:35:18 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\.minecraft
[2013.06.15 02:32:40 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\Adobe
[2013.07.20 23:43:01 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\DAEMON Tools Lite
[2011.12.09 05:34:45 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\Identities
[2012.04.14 20:20:26 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\InstallShield
[2011.12.09 19:04:16 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\Leadertech
[2011.12.09 00:57:37 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\Macromedia
[2011.12.21 00:31:49 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\Malwarebytes
[2009.07.14 17:36:31 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\Media Center Programs
[2013.06.30 22:59:21 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\Media Player Classic
[2013.02.01 00:59:17 | 000,000,000 | --SD | M] -- C:\Users\Jarda\AppData\Roaming\Microsoft
[2013.07.04 14:44:04 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\Mozilla
[2013.06.25 13:47:11 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\NVIDIA
[2013.07.05 22:54:03 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\OBS
[2013.03.04 00:19:19 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\Oracle SQL Developer Data Modeler
[2013.06.04 01:27:12 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\Origin
[2013.06.12 22:18:21 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\PACE Anti-Piracy
[2012.12.31 15:37:43 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\QIP
[2011.12.08 23:36:12 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\SecuROM
[2013.07.26 13:30:23 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\Skype
[2013.03.04 00:19:37 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\Subversion
[2013.05.12 15:44:57 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\TeamViewer
[2012.11.23 22:47:35 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\Theta
[2012.10.27 16:09:24 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\Thunderbird
[2013.07.26 02:54:37 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\TS3Client
[2013.07.26 00:45:33 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\ts3overlay
[2013.07.22 21:25:23 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\Tunngle
[2011.12.20 21:08:38 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\U3
[2013.03.19 00:55:14 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\Unity
[2013.07.21 01:15:52 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\uTorrent
[2012.03.01 20:35:50 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\VitySoft
[2013.07.08 01:14:42 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\vlc
[2013.07.25 08:07:13 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\Wargaming.net
[2013.04.25 19:13:19 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\Windows Live Writer
[2011.12.08 23:35:31 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2013.07.11 16:09:59 | 000,350,720 | ---- | M] () -- C:\Users\Jarda\AppData\Roaming\.minecraft\Minecraft.exe
[2013.04.25 23:25:42 | 000,054,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\Jarda\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2012.02.22 21:30:17 | 000,053,248 | R--- | M] (Acresso Software Inc.) -- C:\Users\Jarda\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
[2012.01.14 18:35:39 | 000,010,134 | R--- | M] () -- C:\Users\Jarda\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2013.07.15 16:01:44 | 000,119,296 | ---- | M] (obsproject.com) -- C:\Users\Jarda\AppData\Roaming\OBS\updates\updater.exe
[2007.10.23 10:27:20 | 000,110,592 | ---- | M] () -- C:\Users\Jarda\AppData\Roaming\U3\temp\cleanup.exe
[2008.05.02 11:41:48 | 003,493,888 | -H-- | M] (SanDisk Corporation) -- C:\Users\Jarda\AppData\Roaming\U3\temp\Launchpad Removal.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[6 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >
[6 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[6 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files (x86)\Windows Sidebar\sidebar.exe /autoRun -- [2010.11.20 14:17:41 | 001,174,016 | ---- | M] (Microsoft Corporation)
"Skype" = "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun -- [2013.06.21 10:18:40 | 019,875,944 | R--- | M] (Skype Technologies S.A.)
"DAEMON Tools Lite" = "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun -- [2013.07.03 15:16:46 | 003,673,184 | ---- | M] (Disc Soft Ltd)
"Steam" = "C:\Program Files (x86)\Steam\steam.exe" -silent -- [2013.07.10 03:56:20 | 001,672,616 | ---- | M] (Valve Corporation)
"RESTART_STICKY_NOTES" = C:\Windows\System32\StikyNot.exe

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.07.26 13:36:17 | 000,000,512 | ---- | M] () MD5=19D086C89CCAA0E7D72CFF69C4DB74F0 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2010.02.15 12:51:58 | 000,000,149 | R--- | M] () -- \Program Files (x86)\Electronic Arts\SHIFT 2 UNLEASHED\GUI\glass_cracks.bspr
[2012.07.22 00:12:31 | 000,005,369 | ---- | M] () -- \Program Files (x86)\FreeRapid-0.92u2\plugins\crackle.frp
[2003.12.05 14:52:40 | 000,000,796 | ---- | M] () -- \Program Files (x86)\Grand Theft Auto Vice City Stories\data\Decision\Craig\crack1.ped
[2003.12.05 14:52:40 | 000,000,796 | ---- | M] () -- \Program Files (x86)\Rockstar Games\GTA SA\data\Decision\Craig\crack1.ped
[2013.07.18 19:46:04 | 000,267,862 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\aceofspades\png\high\sandycrack_sky_00.png
[2013.07.18 19:46:58 | 000,253,761 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\aceofspades\png\high\sandycrack_sky_01.png
[2013.07.18 19:46:44 | 000,248,285 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\aceofspades\png\high\sandycrack_sky_02.png
[2013.07.18 19:46:52 | 000,246,366 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\aceofspades\png\high\sandycrack_sky_03.png
[2013.07.18 19:47:00 | 000,246,106 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\aceofspades\png\high\sandycrack_sky_04.png
[2013.07.18 19:46:13 | 000,022,359 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\aceofspades\png\low\sandycrack_sky_00.png
[2013.07.18 19:46:13 | 000,020,738 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\aceofspades\png\low\sandycrack_sky_01.png
[2013.07.18 19:46:52 | 000,020,616 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\aceofspades\png\low\sandycrack_sky_02.png
[2013.07.18 19:46:54 | 000,019,509 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\aceofspades\png\low\sandycrack_sky_03.png
[2013.07.18 19:46:14 | 000,019,312 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\aceofspades\png\low\sandycrack_sky_04.png
[2013.07.18 19:46:42 | 000,075,146 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\aceofspades\png\med\sandycrack_sky_00.png
[2013.07.18 19:46:29 | 000,069,757 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\aceofspades\png\med\sandycrack_sky_01.png
[2013.07.18 19:47:22 | 000,069,450 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\aceofspades\png\med\sandycrack_sky_02.png
[2013.07.18 19:46:42 | 000,067,255 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\aceofspades\png\med\sandycrack_sky_03.png
[2013.07.18 19:47:29 | 000,067,053 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\aceofspades\png\med\sandycrack_sky_04.png
[2013.07.06 04:36:38 | 000,599,242 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\APB Reloaded\APBGame\Content\Release\Packages\SymbolEditor\Primitives_SplatsCracks.upk
[2013.06.24 21:20:50 | 000,062,238 | ---- | M] () -- \Program Files\GIMP 2\share\gimp\2.0\patterns\cracked.pat
[2013.06.03 13:00:44 | 000,001,857 | ---- | M] () -- \Users\Jarda\AppData\Local\Rockstar Games\GTA IV\User Music\Freestylers Cracks (Ft Belle Humble) (Flux Pavilion Remix).mp3 – zástupce.lnk
[2013.03.04 23:15:34 | 000,005,369 | ---- | M] () -- \Users\Jarda\AppData\Roaming\VitySoft\FRD\plugins\crackle.frp
[2009.05.24 15:52:22 | 006,525,265 | ---- | M] () -- \Users\Jarda\Desktop\Muzika\Eminem\Relapse\18-Crack A Bottle (Feat. Dr. Dre & 50 Cent.mp3
[2013.03.20 23:32:20 | 005,135,447 | ---- | M] () -- \Users\Jarda\Desktop\Muzika\UKF Dubstep\Freestylers Cracks (Ft Belle Humble) (Flux Pavilion Remix).mp3
[2012.09.03 14:32:36 | 012,850,968 | ---- | M] () -- \Users\Jarda\Desktop\Muzika\Vital Electronic\Magnifikate Nude Crackers [Electro House].mp3
[2013.05.05 21:00:28 | 000,001,698 | ---- | M] () -- \Users\Jarda\Documents\GTA San Andreas User Files\User Tracks\Freestylers Cracks (Ft Belle Humble) (Flux Pavilion Remix).mp3 – zástupce.lnk

< *keygen* /s >

< *AntiWPA* /s >

< *loader* /s >
[2012.03.11 23:33:29 | 000,000,195 | ---- | M] () -- \Program Files (x86)\Common Files\Blizzard Entertainment\BlizzardDownloader.ini
[2010.03.19 00:21:56 | 000,063,312 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7Debug\coloader80.dll
[2010.03.18 01:17:14 | 000,004,096 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7Debug\coloader80.tlb
[2013.03.09 08:17:04 | 000,268,440 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2013.03.09 08:17:04 | 000,019,080 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2012.10.24 05:22:54 | 000,468,131 | ---- | M] () -- \Program Files (x86)\datamodeler\modules\oracle.classloader_11.1.1.jar
[2013.02.15 10:43:04 | 000,154,624 | ---- | M] () -- \Program Files (x86)\DMC Devi May Cry\Binaries\Win32\NTPhysX_Loader_x86_r.dll
[2013.02.15 10:58:10 | 000,058,368 | ---- | M] () -- \Program Files (x86)\DMC Devi May Cry\Binaries\Win32\NTPhysX_Loader_x86_s.dll
[2013.02.15 10:57:58 | 000,064,280 | ---- | M] () -- \Program Files (x86)\DMC Devi May Cry\Binaries\Win32\PhysXLoader.dll
[2012.05.16 05:52:43 | 000,096,256 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\NexusBC2loader.exe
[2010.02.10 03:38:44 | 003,473,163 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Dist\win32\levels\mp_001\loader-00.fbrb
[2010.02.10 03:38:44 | 003,417,011 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Dist\win32\levels\mp_001sr\loader-00.fbrb
[2010.02.10 03:38:44 | 005,299,907 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Dist\win32\levels\mp_002\loader-00.fbrb
[2010.02.10 03:38:46 | 005,283,781 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Dist\win32\levels\mp_002sr\loader-00.fbrb
[2010.02.10 03:38:46 | 006,458,338 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Dist\win32\levels\mp_003\loader-00.fbrb
[2010.02.10 03:38:48 | 005,719,429 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Dist\win32\levels\mp_004\loader-00.fbrb
[2010.02.10 03:38:48 | 005,681,043 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Dist\win32\levels\mp_004sdm\loader-00.fbrb
[2010.02.10 03:38:48 | 005,975,692 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Dist\win32\levels\mp_005\loader-00.fbrb
[2010.02.10 03:38:50 | 005,952,738 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Dist\win32\levels\mp_005sr\loader-00.fbrb
[2010.02.10 03:38:50 | 003,625,529 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Dist\win32\levels\mp_006\loader-00.fbrb
[2010.02.10 03:38:50 | 003,618,790 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Dist\win32\levels\mp_006cq\loader-00.fbrb
[2010.02.10 03:38:50 | 003,609,949 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Dist\win32\levels\mp_006sdm\loader-00.fbrb
[2010.02.10 03:38:52 | 005,127,190 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Dist\win32\levels\mp_007\loader-00.fbrb
[2010.02.10 03:38:52 | 005,117,095 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Dist\win32\levels\mp_007sdm\loader-00.fbrb
[2010.02.10 03:38:52 | 003,702,695 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Dist\win32\levels\mp_008\loader-00.fbrb
[2010.02.10 03:38:52 | 003,568,288 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Dist\win32\levels\mp_009cq\loader-00.fbrb
[2010.02.10 03:38:54 | 003,565,006 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Dist\win32\levels\mp_009gr\loader-00.fbrb
[2010.02.10 03:38:54 | 003,544,807 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Dist\win32\levels\mp_009sdm\loader-00.fbrb
[2010.02.10 03:38:54 | 006,516,783 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Dist\win32\levels\mp_012gr\loader-00.fbrb
[2010.02.10 03:38:56 | 006,556,315 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Dist\win32\levels\mp_012sr\loader-00.fbrb
[2010.02.10 03:38:44 | 007,748,201 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Dist\win32\levels\mp_common\loader-00.fbrb
[2010.02.10 03:47:40 | 004,575,342 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Dist\win32\levels\sp_003_B\loader-00.fbrb
[2010.02.10 03:47:42 | 005,437,555 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Dist\win32\levels\sp_004_B\loader-00.fbrb
[2010.02.10 03:47:42 | 005,555,302 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Dist\win32\levels\sp_005\loader-00.fbrb
[2010.02.10 03:47:44 | 006,135,296 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Dist\win32\levels\sp_005_B\loader-00.fbrb
[2010.02.10 03:47:44 | 005,228,984 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Dist\win32\levels\sp_006\loader-00.fbrb
[2010.02.10 03:47:44 | 006,938,136 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Dist\win32\levels\sp_007\loader-00.fbrb
[2010.02.10 03:47:46 | 005,814,240 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Dist\win32\levels\sp_008\loader-00.fbrb
[2010.02.10 03:47:46 | 005,800,297 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Dist\win32\levels\sp_008_B\loader-00.fbrb
[2010.02.10 03:47:48 | 006,397,231 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Dist\win32\levels\sp_009\loader-00.fbrb
[2010.02.10 03:47:38 | 002,006,427 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Dist\win32\levels\sp_01\loader-00.fbrb
[2010.02.10 03:47:40 | 004,760,479 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Dist\win32\levels\sp_02\loader-00.fbrb
[2010.02.10 03:47:40 | 006,542,963 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Dist\win32\levels\sp_03\loader-00.fbrb
[2010.02.10 03:47:42 | 005,840,761 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Dist\win32\levels\sp_04\loader-00.fbrb
[2010.02.10 03:47:38 | 001,271,669 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Dist\win32\levels\sp_common\loader-00.fbrb
[2012.05.22 15:43:38 | 000,000,157 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\bc1_harvest_day_cq\loader-00.fbrb
[2012.05.22 15:43:40 | 000,000,157 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\bc1_harvest_day_gr\loader-00.fbrb
[2012.05.22 15:43:44 | 000,000,157 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\bc1_harvest_day_sdm\loader-00.fbrb
[2012.05.22 15:43:48 | 000,000,157 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\bc1_harvest_day_sr\loader-00.fbrb
[2012.05.22 15:43:51 | 000,000,157 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\bc1_oasis_cq\loader-00.fbrb
[2012.05.22 15:43:54 | 000,000,157 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\bc1_oasis_gr\loader-00.fbrb
[2012.05.22 15:43:57 | 000,000,157 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\bc1_oasis_sdm\loader-00.fbrb
[2012.05.22 15:44:00 | 000,000,157 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\bc1_oasis_sr\loader-00.fbrb
[2012.05.22 15:44:29 | 002,348,343 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\mp_001\loader-00.fbrb
[2012.05.22 15:44:34 | 007,538,086 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\mp_001sdm\loader-00.fbrb
[2012.05.22 15:44:37 | 002,348,343 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\mp_001sr\loader-00.fbrb
[2012.05.22 15:44:41 | 002,348,343 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\mp_002\loader-00.fbrb
[2012.05.22 15:44:45 | 002,348,343 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\mp_002sr\loader-00.fbrb
[2012.05.22 15:44:48 | 002,348,343 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\mp_003\loader-00.fbrb
[2012.05.22 15:44:53 | 005,837,142 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\mp_003sr\loader-00.fbrb
[2012.05.22 15:44:58 | 002,348,343 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\mp_004\loader-00.fbrb
[2012.05.22 15:45:03 | 002,348,343 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\mp_004sdm\loader-00.fbrb
[2012.05.22 15:45:09 | 002,348,343 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\mp_005\loader-00.fbrb
[2012.05.22 15:46:02 | 006,014,815 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\mp_005gr\loader-00.fbrb
[2012.05.22 15:46:24 | 002,348,343 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\mp_005sr\loader-00.fbrb
[2012.05.22 15:46:32 | 002,348,343 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\mp_006\loader-00.fbrb
[2012.05.22 15:46:38 | 002,348,343 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\mp_006cq\loader-00.fbrb
[2012.05.22 15:46:42 | 002,348,343 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\mp_006sdm\loader-00.fbrb
[2012.05.22 15:46:48 | 002,348,343 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\mp_007\loader-00.fbrb
[2012.05.22 15:46:56 | 006,098,333 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\mp_007gr\loader-00.fbrb
[2012.05.22 15:47:00 | 002,348,343 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\mp_007sdm\loader-00.fbrb
[2012.05.22 15:47:07 | 002,348,343 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\mp_008\loader-00.fbrb
[2012.05.22 15:47:14 | 006,029,512 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\mp_008cq\loader-00.fbrb
[2012.05.22 15:47:22 | 006,015,553 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\mp_008sdm\loader-00.fbrb
[2012.05.22 15:47:26 | 002,348,343 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\mp_009cq\loader-00.fbrb
[2012.05.22 15:47:30 | 002,348,343 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\mp_009gr\loader-00.fbrb
[2012.05.22 15:47:34 | 002,348,343 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\mp_009sdm\loader-00.fbrb
[2012.05.22 15:47:40 | 005,878,478 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\mp_009sr\loader-00.fbrb
[2012.05.22 15:47:48 | 006,018,369 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\mp_012cq\loader-00.fbrb
[2012.05.22 15:47:53 | 002,348,343 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\mp_012gr\loader-00.fbrb
[2012.05.22 15:47:58 | 002,348,343 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\mp_012sr\loader-00.fbrb
[2012.05.22 15:48:02 | 000,000,157 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\mp_sp_002gr\loader-00.fbrb
[2012.05.22 15:48:05 | 000,000,157 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\mp_sp_002sdm\loader-00.fbrb
[2012.05.22 15:48:08 | 000,000,157 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\mp_sp_002sr\loader-00.fbrb
[2012.05.22 15:48:12 | 001,612,131 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\mp_sp_005cq\loader-00.fbrb
[2012.05.22 15:48:16 | 000,000,157 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\mp_sp_005sdm\loader-00.fbrb
[2012.05.22 15:44:21 | 007,593,208 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\mp2_common\loader-00.fbrb
[2012.05.22 15:49:27 | 063,933,148 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\nam_common\loader-00.fbrb
[2012.05.22 15:49:30 | 000,001,006 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\nam_mp_002cq\loader-00.fbrb
[2012.05.22 15:49:32 | 000,001,006 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\nam_mp_002r\loader-00.fbrb
[2012.05.22 15:49:34 | 000,001,204 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\nam_mp_002sdm\loader-00.fbrb
[2012.05.22 15:49:36 | 000,001,006 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\nam_mp_002sr\loader-00.fbrb
[2012.05.22 15:49:37 | 000,001,006 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\nam_mp_003cq\loader-00.fbrb
[2012.05.22 15:49:39 | 000,001,006 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\nam_mp_003r\loader-00.fbrb
[2012.05.22 15:49:41 | 000,001,203 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\nam_mp_003sdm\loader-00.fbrb
[2012.05.22 15:49:43 | 000,001,006 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\nam_mp_003sr\loader-00.fbrb
[2012.05.22 15:49:44 | 000,001,009 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\nam_mp_005cq\loader-00.fbrb
[2012.05.22 15:49:46 | 000,001,009 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\nam_mp_005r\loader-00.fbrb
[2012.05.22 15:49:48 | 000,001,205 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\nam_mp_005sdm\loader-00.fbrb
[2012.05.22 15:49:50 | 000,001,009 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\nam_mp_005sr\loader-00.fbrb
[2012.05.22 15:49:54 | 000,001,008 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\nam_mp_006cq\loader-00.fbrb
[2012.05.22 15:49:56 | 000,001,008 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\nam_mp_006r\loader-00.fbrb
[2012.05.22 15:49:58 | 000,001,203 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\nam_mp_006sdm\loader-00.fbrb
[2012.05.22 15:50:00 | 000,001,008 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\nam_mp_006sr\loader-00.fbrb
[2012.05.22 15:50:03 | 000,001,008 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\nam_mp_007cq\loader-00.fbrb
[2012.05.22 15:50:05 | 000,001,008 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\nam_mp_007r\loader-00.fbrb
[2012.05.22 15:50:06 | 000,001,202 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\nam_mp_007sdm\loader-00.fbrb
[2012.05.22 15:50:08 | 000,001,008 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\nam_mp_007sr\loader-00.fbrb
[2012.05.22 15:50:12 | 001,131,640 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\sp_003_b\loader-00.fbrb
[2012.05.22 15:50:15 | 001,131,640 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\sp_004_b\loader-00.fbrb
[2012.05.22 15:50:18 | 001,131,640 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\sp_005\loader-00.fbrb
[2012.05.22 15:50:23 | 001,131,640 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\sp_005_b\loader-00.fbrb
[2012.05.22 15:50:27 | 001,131,640 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\sp_006\loader-00.fbrb
[2012.05.22 15:50:30 | 001,131,640 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\sp_007\loader-00.fbrb
[2012.05.22 15:50:34 | 001,131,640 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\sp_008\loader-00.fbrb
[2012.05.22 15:50:38 | 001,131,640 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\sp_008_b\loader-00.fbrb
[2012.05.22 15:50:40 | 001,131,640 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\sp_009\loader-00.fbrb
[2012.05.22 15:50:43 | 001,131,275 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\sp_01\loader-00.fbrb
[2012.05.22 15:50:46 | 001,131,640 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\sp_02\loader-00.fbrb
[2012.05.22 15:50:52 | 001,131,640 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\sp_03\loader-00.fbrb
[2012.05.22 15:50:55 | 001,131,640 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\sp_04\loader-00.fbrb
[2013.05.28 13:02:58 | 000,000,118 | ---- | M] () -- \Program Files (x86)\GRID 2\audio\audio_loader.xml
[2013.01.01 01:00:00 | 000,064,832 | ---- | M] () -- \Program Files (x86)\Metro Last Light\PhysXLoader.dll
[2010.03.19 00:21:56 | 000,063,312 | ---- | M] () -- \Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\coloader80.dll
[2010.03.18 02:57:18 | 000,001,373 | ---- | M] () -- \Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\coloader80.dll.manifest
[2010.03.18 01:17:14 | 000,004,096 | ---- | M] () -- \Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\coloader80.tlb
[2009.08.31 04:51:22 | 000,001,648 | ---- | M] () -- \Program Files (x86)\Microsoft Visual Studio 10.0\VC\atlmfc\include\afxribboninfoloader.h
[2009.08.31 04:51:22 | 000,004,525 | ---- | M] () -- \Program Files (x86)\Microsoft Visual Studio 10.0\VC\atlmfc\src\mfc\afxribboninfoloader.cpp
[2012.11.01 10:32:14 | 000,057,224 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2012.11.01 10:32:44 | 000,065,416 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2012.09.05 00:34:12 | 000,083,848 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2012.09.05 00:34:12 | 000,088,968 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader64.dll
[2012.02.27 23:58:46 | 000,008,787 | ---- | M] () -- \Program Files (x86)\Rockstar Games\Social Club\UI\images\loaderLargeBlue.gif
[2012.02.27 23:58:46 | 000,008,787 | ---- | M] () -- \Program Files (x86)\Rockstar Games\Social Club\UI\images\loaderLargeGrey.gif
[2012.02.27 23:58:46 | 000,001,737 | ---- | M] () -- \Program Files (x86)\Rockstar Games\Social Club\UI\images\loaderSmallBlue.gif
[2012.02.27 23:58:46 | 000,001,737 | ---- | M] () -- \Program Files (x86)\Rockstar Games\Social Club\UI\images\loaderSmallGold.gif
[2013.07.18 19:48:55 | 000,008,192 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\aceofspades\_win32sysloader.pyd
[2013.07.06 05:06:02 | 000,002,713 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\APB Reloaded\APBGame\Gecko\Data\components\uriloader.xpt
[2013.07.06 04:36:14 | 000,065,536 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\APB Reloaded\Binaries\PhysXLocal\PhysXLoader.dll
[2013.07.18 17:32:50 | 000,064,352 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Orcs Must Die 2\build\game\PHYSXLOADER.DLL
[2013.03.15 13:58:48 | 000,329,248 | ---- | M] () -- \Program Files (x86)\Ubisoft\Trials Evolution Gold Edition\datapack\ubiorbitapi_r2_loader.dll
[2013.03.15 13:58:50 | 000,300,064 | ---- | M] () -- \Program Files (x86)\Ubisoft\Trials Evolution Gold Edition\datapack\uplay_r1_loader.dll
[2013.07.21 00:53:30 | 000,330,040 | ---- | M] () -- \Program Files (x86)\Ubisoft\Trials Evolution Gold Edition\datapack\orbit\ubiorbitapi_r2_loader.dll
[2013.07.21 00:52:04 | 000,294,400 | ---- | M] () -- \Program Files (x86)\Ubisoft\Trials Evolution Gold Edition\datapack\orbit\uplay_r1_loader.dll
[2013.07.21 00:53:30 | 000,330,040 | ---- | M] () -- \Program Files (x86)\Ubisoft\Trials Evolution Gold Edition\orbit\ubiorbitapi_r2_loader.dll
[2013.07.21 00:52:04 | 000,294,400 | ---- | M] () -- \Program Files (x86)\Ubisoft\Trials Evolution Gold Edition\orbit\uplay_r1_loader.dll
[2013.07.16 09:35:19 | 000,071,208 | ---- | M] () -- \Program Files (x86)\World of Tanks\PhysXLoader.dll
[2013.07.16 09:35:19 | 000,003,668 | ---- | M] () -- \Program Files (x86)\World of Tanks\res\scripts\client\helpers\rssdownloader.pyc
[2013.07.16 09:35:19 | 000,006,463 | ---- | M] () -- \Program Files (x86)\World of Tanks\res\scripts\client\tutorial\loader.pyc
[2013.03.09 08:52:18 | 000,364,168 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2013.03.09 08:52:18 | 000,019,080 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2011.03.08 09:43:28 | 000,013,734 | ---- | M] () -- \Program Files\GIMP 2\Python\Lib\unittest\loader.py
[2013.06.23 20:28:35 | 000,000,948 | ---- | M] () -- \Program Files\Java\jdk1.7.0_25\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-loaders.xml
[2013.06.23 20:28:35 | 000,000,411 | ---- | M] () -- \Program Files\Java\jdk1.7.0_25\lib\visualvm\platform\config\Modules\org-openide-loaders.xml
[2013.06.23 20:28:36 | 001,170,520 | ---- | M] () -- \Program Files\Java\jdk1.7.0_25\lib\visualvm\platform\modules\org-openide-loaders.jar
[2013.06.23 20:28:35 | 000,006,244 | ---- | M] () -- \Program Files\Java\jdk1.7.0_25\lib\visualvm\platform\modules\locale\org-openide-loaders_ja.jar
[2013.06.23 20:28:35 | 000,005,873 | ---- | M] () -- \Program Files\Java\jdk1.7.0_25\lib\visualvm\platform\modules\locale\org-openide-loaders_zh_CN.jar
[2013.06.23 20:28:36 | 000,000,457 | ---- | M] () -- \Program Files\Java\jdk1.7.0_25\lib\visualvm\platform\update_tracking\org-openide-loaders.xml
[2012.06.09 19:19:38 | 000,055,296 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2012.12.04 18:00:50 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012.12.04 18:00:50 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2012.12.04 18:00:50 | 000,009,772 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\retina\loader@2x.png
[2012.12.04 18:00:50 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012.12.04 18:00:50 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2012.12.04 18:00:50 | 000,009,772 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\retina\loader@2x.png
[2013.06.24 22:16:03 | 000,001,511 | ---- | M] () -- \Users\Jarda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\763WONBG\AdLoader[1].htm
[2013.07.08 01:15:42 | 000,141,216 | ---- | M] () -- \Users\Jarda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\763WONBG\bi_downloader[1].exe
[2013.06.24 22:16:03 | 000,109,448 | ---- | M] () -- \Users\Jarda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J3A5E5CS\AdLoader-b3e321cab5fbc3c4ed10b513bb467bae.min[1].js
[2013.07.20 14:04:39 | 000,000,723 | ---- | M] () -- \Users\Jarda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J3A5E5CS\downloaderror[1].js
[2013.07.20 14:04:39 | 000,001,174 | ---- | M] () -- \Users\Jarda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J3A5E5CS\downloader[1].js
[2013.06.19 23:14:35 | 000,160,306 | ---- | M] () -- \Users\Jarda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KNNXBOZD\cssloader-46db62613d77[1].css
[2013.06.19 23:14:35 | 000,423,237 | ---- | M] () -- \Users\Jarda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KNNXBOZD\jsloader-b055ab478ab6[1].js
[2013.03.04 23:15:15 | 000,001,471 | ---- | M] () -- \Users\Jarda\Desktop\FreeRapid Downloader.lnk
[2010.03.24 21:35:48 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109110000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_amd64_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.03.24 21:12:34 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109110000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[6 \Windows\System32\*.tmp files -> \Windows\System32\*.tmp -> ]
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[6 \Windows\SysWOW64\*.tmp files -> \Windows\SysWOW64\*.tmp -> ]
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:04:54 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_66c2596d956d1920\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.18 17:22:27 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_66ff46fd953e6c5c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:28:57 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_66dcd6a595588d81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:41:11 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_66b5981d957562a1\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 07:26:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_66fe4899953f502c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:06:43 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_67770e0aae6a7c68\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 20:46:36 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_6787e564ae5ceff6\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:26:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_67667556ae762a72\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:36:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_67316604ae9dcf7e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 16:12:39 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_677d175eae65090e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:21:03 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 20:38:32 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_68c05c919281774d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:38:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 20:09:47 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_6907efc6abd0db81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 07:32:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 17:17:49 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 17:17:49 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2009.07.14 17:17:49 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2009.07.14 17:17:49 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2009.07.14 17:17:49 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2013.05.31 22:27:20 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2013.05.31 22:27:20 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2013.05.31 22:27:20 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2013.05.31 22:27:20 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2013.05.31 22:27:20 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009.07.14 17:15:51 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 04:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011.02.05 15:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.02.05 15:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010.11.20 06:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:19:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.18 13:09:17 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_0ae0ab79dce0fb26\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:45:38 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:56:23 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_0a96fc99dd17f16b\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_0adfad15dce1def6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:42:56 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_0b6949e0f5ff7ec0\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:48:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:44:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_0b12ca80f6405e48\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:39:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_0b5e7bdaf60797d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:15:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:32:13 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll

Re: Preventivka

Napsal: 26 črc 2013 13:06
od Jarda62
< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2012.10.24 05:22:54 | 000,188,993 | ---- | M] () -- \Program Files (x86)\datamodeler\datamodeler\lib\serializer-2.7.0.jar
[2012.10.24 05:22:54 | 000,003,541 | ---- | M] () -- \Program Files (x86)\datamodeler\modules\oracle.xdk_11.1.0\xsqlserializers.jar
[2009.09.30 20:16:22 | 000,000,602 | ---- | M] () -- \Program Files (x86)\Microsoft Visual Studio 10.0\VB\Snippets\1033\other\connectivity\EnumerateSerialPorts.snippet
[2009.09.30 20:16:22 | 000,001,173 | ---- | M] () -- \Program Files (x86)\Microsoft Visual Studio 10.0\VB\Snippets\1033\other\connectivity\ReadDatafromaSerialPort.snippet
[2009.09.30 20:16:22 | 000,001,498 | ---- | M] () -- \Program Files (x86)\Microsoft Visual Studio 10.0\VB\Snippets\1033\other\connectivity\UseaSerialPorttoDialaPhoneNumber.snippet
[2010.03.18 20:31:26 | 000,370,552 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\.NETFramework\v3.5\Profile\Client\System.Runtime.Serialization.dll
[2010.03.18 20:31:26 | 000,042,904 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\.NETFramework\v3.5\Profile\Client\System.Runtime.Serialization.Formatters.Soap.dll
[2009.08.31 04:48:08 | 000,009,272 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\.NETFramework\v3.5\Profile\Client\System.Runtime.Serialization.Formatters.Soap.xml
[2009.08.31 04:48:08 | 000,285,032 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\.NETFramework\v3.5\Profile\Client\System.Runtime.Serialization.xml
[2010.03.18 20:31:26 | 000,429,432 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\.NETFramework\v4.0\System.Runtime.Serialization.dll
[2010.03.18 20:31:26 | 000,032,664 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\.NETFramework\v4.0\System.Runtime.Serialization.Formatters.Soap.dll
[2009.10.22 20:47:54 | 000,007,862 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\.NETFramework\v4.0\System.Runtime.Serialization.Formatters.Soap.xml
[2010.01.10 23:09:56 | 000,332,539 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\.NETFramework\v4.0\System.Runtime.Serialization.xml
[2010.03.18 20:31:26 | 000,429,432 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\.NETFramework\v4.0\Profile\Client\System.Runtime.Serialization.dll
[2010.03.18 20:31:26 | 000,032,664 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\.NETFramework\v4.0\Profile\Client\System.Runtime.Serialization.Formatters.Soap.dll
[2009.10.22 20:47:54 | 000,007,862 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\.NETFramework\v4.0\Profile\Client\System.Runtime.Serialization.Formatters.Soap.xml
[2010.01.10 23:09:56 | 000,332,539 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\.NETFramework\v4.0\Profile\Client\System.Runtime.Serialization.xml
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.05 03:53:39 | 000,090,112 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2009.08.31 04:48:08 | 000,285,032 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\en\System.Runtime.Serialization.xml
[2013.07.06 04:44:41 | 000,027,728 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\APB Reloaded\Binaries\AutoReporter.XmlSerializers.dll
[2013.03.14 23:32:55 | 000,712,704 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Team Fortress 2\bin\dmserializers.dll
[2013.03.14 23:32:55 | 000,712,704 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\jarda62\team fortress 2\bin\dmserializers.dll
[2013.07.16 09:35:19 | 000,003,206 | ---- | M] () -- \Program Files (x86)\World of Tanks\res\scripts\client\gui\scaleform\gui_items\serializers.pyc
[2013.06.23 20:28:31 | 000,015,752 | ---- | M] () -- \Program Files\Java\jdk1.7.0_25\bin\serialver.exe
[2012.10.05 12:52:37 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.05 03:54:42 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2012.03.08 19:17:41 | 000,063,328 | ---- | M] () -- \Windows\assembly\GAC_MSIL\Microsoft.SqlServer.Management.DacSerialization\10.0.0.0__89845dcd8080cc91\Microsoft.SqlServer.Management.DacSerialization.dll
[2009.07.14 17:17:20 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.13 04:02:06 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.07.12 10:27:22 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\a300d50e46379ad6eca7f58e63f4ed70\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.07.12 10:27:50 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\c476801f82f0b0cff48afcafce7e919d\System.Runtime.Serialization.ni.dll
[2013.07.12 10:26:10 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\4258a9ffeaf0e191d644b7cb7ee72997\System.Runtime.Serialization.ni.dll
[2013.07.12 10:24:58 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\57b0253cccdd14c5745b9f1ff8eb3d67\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.07.10 15:46:17 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\019138f2a710692d0ee8fbc27ca67752\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.07.10 15:48:52 | 002,647,040 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\581738ee2908eb821c44dac62e43d104\System.Runtime.Serialization.ni.dll
[2013.07.10 15:50:19 | 000,009,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\be61526774283090a744630b4c69d2d0\System.Xml.Serialization.ni.dll
[2013.07.10 15:53:05 | 003,414,016 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\7a9f11a56b338479e458f63a2df7640e\System.Runtime.Serialization.ni.dll
[2013.07.10 15:53:47 | 000,376,832 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\d3d52021412bf6172019acb60b512baa\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.07.10 15:55:42 | 000,010,240 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.Serializ#\4d8d8f9950114debb359d9fbf09bb01c\System.Xml.Serialization.ni.dll
[2013.01.27 20:53:07 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.07.10 15:07:19 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.01.27 20:53:07 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2013.07.10 15:07:19 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.07.10 15:07:22 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.05 03:53:33 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.08.31 04:48:08 | 000,009,272 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\en\System.Runtime.Serialization.Formatters.Soap.xml
[2012.10.05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 14:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 14:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.01 13:26:40 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2010.06.15 03:33:16 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 03:33:16 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.06.10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.05 03:54:38 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2012.10.05 12:52:38 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 14:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 14:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.01 13:26:40 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2010.06.15 03:48:20 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 03:48:20 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[6 \Windows\System32\*.tmp files -> \Windows\System32\*.tmp -> ]
[2009.07.14 17:17:13 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009.06.10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[6 \Windows\SysWOW64\*.tmp files -> \Windows\SysWOW64\*.tmp -> ]
[2009.07.14 17:17:13 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\cs-CZ\serialui.dll.mui
[2009.07.14 17:17:19 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_1c215c9ac50719c5\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2010.11.05 03:54:38 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_1e527062c1f59d5f\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2009.07.14 17:17:22 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23\serialui.dll.mui
[2009.07.14 03:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2009.07.14 17:17:32 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_b96904386c2fe002\System.RunTime.Serialization.Resources.dll
[2010.11.05 03:54:42 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_bb9a1800691e639c\System.RunTime.Serialization.Resources.dll
[2009.07.14 17:17:25 | 000,009,728 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_20ab142d65ed6acc\serial.sys.mui
[2009.07.14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009.06.10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2009.06.10 22:30:46 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.16385_none_5943b25a748cb06c\System.Runtime.Serialization.dll
[2012.10.06 12:53:01 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.17136_none_593e9c4e749147df\System.Runtime.Serialization.dll
[2012.10.06 12:56:09 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.21337_none_4270dea28e38c1d7\System.Runtime.Serialization.dll
[2010.11.05 03:52:16 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722\System.Runtime.Serialization.dll
[2012.10.05 12:52:38 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b\System.Runtime.Serialization.dll
[2012.10.06 12:56:09 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53\System.Runtime.Serialization.dll
[2009.06.10 22:30:43 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_941abf24c884ab05\System.Runtime.Serialization.dll
[2012.10.06 12:53:00 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.17136_none_9415a918c8894278\System.Runtime.Serialization.dll
[2012.10.06 12:56:08 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.21337_none_7d47eb6ce230bc70\System.Runtime.Serialization.dll
[2010.11.05 03:52:08 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb\System.Runtime.Serialization.dll
[2012.10.05 12:52:37 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4\System.Runtime.Serialization.dll
[2012.10.06 12:56:08 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec\System.Runtime.Serialization.dll
[2013.05.31 22:26:31 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2013.05.31 22:26:32 | 000,017,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8_kdcom.dll_db5e7744
[2009.07.14 17:17:49 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23_serialui.dll.mui_7d29d2a3
[2009.07.14 04:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2009.07.14 17:17:47 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009.07.14 04:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009.07.14 04:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2011.02.05 15:10:43 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16757_none_6dccf6b5c641c933.manifest
[2011.02.05 15:05:47 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.20897_none_6e2b53d0df7fd8c1.manifest
[2011.02.05 19:35:45 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011.02.05 15:11:05 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009.07.14 04:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2009.07.14 04:26:23 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.16385_none_5943b25a748cb06c.manifest
[2012.10.06 20:44:48 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.17136_none_593e9c4e749147df.manifest
[2012.10.06 21:00:33 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.21337_none_4270dea28e38c1d7.manifest
[2010.11.20 06:21:24 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722.manifest
[2012.10.05 20:18:30 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b.manifest
[2012.10.05 20:10:31 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53.manifest
[2009.07.14 04:27:09 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_941abf24c884ab05.manifest
[2012.10.06 20:46:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.17136_none_9415a918c8894278.manifest
[2012.10.06 21:01:29 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.21337_none_7d47eb6ce230bc70.manifest
[2010.11.20 06:22:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb.manifest
[2012.10.05 20:19:07 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4.manifest
[2012.10.05 20:11:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec.manifest
[2009.07.14 03:52:33 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896.manifest
[2012.10.06 20:07:20 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.17136_none_a6a4fe887487d009.manifest
[2012.10.06 20:58:54 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.21337_none_8fd740dc8e2f4a01.manifest
[2010.11.20 05:06:16 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2012.10.05 19:15:39 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285.manifest
[2012.10.05 19:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d.manifest
[2009.07.14 17:16:38 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2012.10.06 22:42:01 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.17136_cs-cz_3450454183d3f023.manifest
[2012.10.07 00:05:03 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.21337_cs-cz_1d8287959d7b6a1b.manifest
[2012.10.05 22:12:17 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f.manifest
[2012.10.05 21:59:28 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797.manifest
[2009.07.14 03:51:52 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9.manifest
[2012.10.06 20:11:48 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.17136_none_d6e834229c2ed13c.manifest
[2012.10.06 21:03:01 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.21337_none_c01a7676b5d64b34.manifest
[2010.11.20 05:05:38 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2012.10.05 19:15:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8.manifest
[2012.10.05 19:17:15 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0.manifest
[2009.07.14 03:57:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b.manifest
[2012.10.06 20:09:38 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.17136_none_dbc2dfefdd056b7e.manifest
[2012.10.06 21:00:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.21337_none_c4f52243f6ace576.manifest
[2010.11.20 05:10:46 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2012.10.05 19:19:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa.manifest
[2012.10.05 19:22:10 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2.manifest
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2009.07.14 17:17:20 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 23:14:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896\System.Runtime.Serialization.dll
[2012.10.06 12:54:26 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.17136_none_a6a4fe887487d009\System.Runtime.Serialization.dll
[2012.10.06 12:57:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.21337_none_8fd740dc8e2f4a01\System.Runtime.Serialization.dll
[2010.11.05 03:52:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2012.10.05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285\System.Runtime.Serialization.dll
[2012.10.06 12:57:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d\System.Runtime.Serialization.dll
[2009.07.14 17:17:32 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2009.07.14 17:17:32 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.17136_cs-cz_3450454183d3f023\System.RunTime.Serialization.Resources.dll
[2009.07.14 17:17:32 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.21337_cs-cz_1d8287959d7b6a1b\System.RunTime.Serialization.Resources.dll
[2010.11.13 04:02:06 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f\System.RunTime.Serialization.Resources.dll
[2010.11.13 04:37:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797\System.RunTime.Serialization.Resources.dll
[2009.06.10 23:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9\System.Runtime.Serialization.dll
[2012.10.06 12:54:25 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.17136_none_d6e834229c2ed13c\System.Runtime.Serialization.dll
[2012.10.06 12:57:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.21337_none_c01a7676b5d64b34\System.Runtime.Serialization.dll
[2010.11.05 03:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8\System.Runtime.Serialization.dll
[2012.10.06 12:57:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0\System.Runtime.Serialization.dll
[2009.07.14 17:17:21 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_267606ecf967dbc0\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.05 03:53:33 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_28a71ab4f6565f5a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.07.14 17:17:13 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2009.07.14 17:17:32 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_5d4a68b4b3d26ecc\System.RunTime.Serialization.Resources.dll
[2010.11.05 03:53:39 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2009.06.10 23:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b\System.Runtime.Serialization.dll
[2012.10.06 12:54:25 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.17136_none_dbc2dfefdd056b7e\System.Runtime.Serialization.dll
[2012.10.06 12:57:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.21337_none_c4f52243f6ace576\System.Runtime.Serialization.dll
[2010.11.05 03:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa\System.Runtime.Serialization.dll
[2012.10.06 12:57:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2\System.Runtime.Serialization.dll

< *w7lxe* /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 971 bytes -> C:\ProgramData:$SS_DESCRIPTOR_SBXNV9VVGV1BFPVHRP275D836HNTHKP9KTLWJMHFSVF7JBCVPJGV
@Alternate Data Stream - 961 bytes -> C:\ProgramData\Microsoft:ykC2K75XRDRhWZdCqsF9oS2urE
@Alternate Data Stream - 209 bytes -> C:\ProgramData\TEMP:8927A071
@Alternate Data Stream - 1162 bytes -> C:\ProgramData\Microsoft:ley31hqI9sGSlLzQK8X
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:2BE9FEFC
@Alternate Data Stream - 1010 bytes -> C:\Users\Jarda\AppData\Local\KVhzhHTU:h9UuJNRkfxm06StgYRlAk5
< End of report >


OTL Extras logfile created on: 26.7.2013 13:34:29 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jarda\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

7,97 Gb Total Physical Memory | 5,58 Gb Available Physical Memory | 69,94% Memory free
15,94 Gb Paging File | 12,94 Gb Available in Paging File | 81,17% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,66 Gb Total Space | 28,29 Gb Free Space | 6,08% Space Free | Partition Type: NTFS

Computer Name: JARDA-PC | User Name: Jarda | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.hlp [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3344855712-2548836808-2162885872-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01F17357-FEB8-476F-A324-6AD6A892622C}" = lport=443 | protocol=6 | dir=in | name=war thunder |
"{108614A5-CF9C-4E78-8A31-193AC2810A64}" = lport=33333 | protocol=6 | dir=in | name=war thunder |
"{12C0265F-4193-44AC-87F3-6DABC24CDAAC}" = lport=8090 | protocol=6 | dir=in | name=war thunder |
"{12E2E97B-CC2F-40A4-8477-E5FBC5173709}" = rport=80 | protocol=6 | dir=out | app=c:\program files (x86)\steam\steamapps\common\warframe\warframe.exe |
"{34C352CF-980C-408D-99A8-590C820E91A7}" = lport=27022 | protocol=6 | dir=in | name=war thunder |
"{375F6370-8A9D-4BE2-A07A-5F3C56D9840B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{45A4BB1B-DA40-440B-9307-4A3E3B47573C}" = rport=80 | protocol=6 | dir=out | app=c:\program files (x86)\steam\steamapps\common\warframe\warframe.x64.exe |
"{56F7573D-B15F-4A29-BF51-6931681B51FA}" = lport=6881 | protocol=6 | dir=in | name=war thunder |
"{72BA7110-67DC-46E1-84B1-64FAC8A1217B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{75F58E47-B16D-49D4-B606-BE03A0B6A91F}" = lport=7850 | protocol=6 | dir=in | name=war thunder |
"{81377BC5-6D90-4959-86C9-0DE4DA56AA7D}" = rport=80 | protocol=6 | dir=out | app=c:\program files (x86)\steam\steamapps\common\warframe\tools\launcher.exe |
"{AA43952D-A249-4561-8D2D-D245F9DD46E1}" = lport=20443 | protocol=6 | dir=in | name=war thunder |
"{B0A2404B-BAF7-440A-BF81-E9CEC2E41649}" = rport=80 | protocol=6 | dir=out | app=c:\program files (x86)\steam\steamapps\common\warframe\warframe.exe |
"{E3EB0DD5-A796-447F-9F63-6B9666C3C3EC}" = lport=80 | protocol=6 | dir=in | name=war thunder |
"{EEC576CF-DDEE-4696-B916-D0AC4EB85D10}" = lport=20010 | protocol=17 | dir=in | name=war thunder |
"{FFA07287-409E-49A8-BA03-E2C6C44AA5EE}" = lport=3478 | protocol=17 | dir=in | name=war thunder |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{046F1958-7643-4D90-8119-53B71943CB57}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\apb reloaded\binaries\apb.exe |
"{08212602-8489-4F07-AB8C-279D44062EF4}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\apb reloaded\launcher\apblauncher.exe |
"{0A9D9865-7FF8-4042-A76A-24779116D4E7}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{0BEEE2A8-7082-4E96-8C41-8B4FFBC0D801}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{0BF1A476-B797-455F-85EF-897A752B56AF}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{0DE5355B-4E59-455A-84E9-82F3B51ABC15}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{0E2C7ECA-A848-44C2-AF8E-5F445D8ED110}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\warframe\tools\launcher.exe |
"{0E2CD3FB-BC4F-4512-BF49-DE211AF33A49}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{1726C051-D9E6-4D20-BB09-77CA961AA352}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\trackmania nations forever\tmforeverlauncher.exe |
"{1886048E-4D04-42D6-A9D9-6CC40B31BF3F}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\trials evolution gold edition\datapack\trialsfmx.exe |
"{190C196F-A9BB-4C2B-BD93-D7E0D056B229}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1DB8044C-0A90-458D-AF06-F0BA20AFE360}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\warframe\warframe.x64.exe |
"{1EF01B0A-123F-4E10-BFB7-8B34EB22A7A2}" = protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{218F222C-31A1-4465-A7F7-4DACF7B56E4B}" = protocol=6 | dir=in | app=c:\program files (x86)\tunngle\tnglctrl.exe |
"{234241BE-1115-45A1-A42F-0A84F6E0A63F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe |
"{29D52CA1-4BB5-4EAB-9D79-E0169D15872E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\aceofspades\aos.exe |
"{2A9574F3-8FDF-4CEF-A402-C7E67FA646E6}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{2D0B196D-EC67-424B-998E-37D339BE7F92}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{2ED61A8D-E27D-4EC8-8931-1CE080A88DB9}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{35127654-E49C-40CD-AC5F-ECF1593DEDF0}" = protocol=17 | dir=in | app=c:\program files (x86)\tunngle\tunngle.exe |
"{38E5A9D0-1856-4829-B587-E72269312928}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\trackmania nations forever\tmforever.exe |
"{39C9623A-84B4-4DE4-A4F9-64EC7A40E6EE}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{414CE891-DCEC-452E-828D-8DF967E28EC2}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\trials evolution gold edition\trials_launcher.exe |
"{44D50FD6-096E-49C9-A012-98639F6790CA}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{453AB77C-4F30-416C-B898-D4EC7C54778A}" = protocol=6 | dir=in | app=c:\users\jarda\appdata\local\temp\rar$exa0.183\tc connection test\tcct.exe |
"{49CA50D9-CB5C-4E20-AED8-D322B59B4519}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{4BEB15FF-9BF0-4EF7-B1BA-7915D0C5A806}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4C4E4361-E384-47BB-BC56-15C8E3B16EA7}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{4C9D1C5E-D398-483D-AFE8-C668BC8CBAB6}" = protocol=17 | dir=in | app=c:\program files (x86)\war thunder\launcher.exe |
"{4CFF983D-5B23-42E7-8C61-0E6F7FD84D01}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\trials evolution gold edition\trials_launcher.exe |
"{57403B49-5EF5-4D56-93A7-4580714F2DF7}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{5A46A54B-08CF-4266-8BBD-255A618E12BA}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\trackmania nations forever\tmforeverlauncher.exe |
"{5A67B626-9837-4693-99D9-4EE922BD3EE0}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{5BBEF8B6-ED02-4D3C-BDC0-B5B05FC580B7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\orcs must die 2\build\release\orcsmustdie2.exe |
"{5BC2658D-3637-4F39-B59C-C9B18226F45F}" = protocol=6 | dir=in | app=c:\program files (x86)\war thunder\launcher.exe |
"{5F5A0551-0606-47DE-9356-AA961EED0205}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\gotham city impostors f2p\impostors.exe |
"{6155764C-2655-4AEC-9EFE-6BABBC6B2197}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\aceofspades\aos.exe |
"{61FB8AD2-C831-45AB-9DFB-D685C3A8300D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{6526583A-1F85-4CE3-9CE6-BF61126D1BD9}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{69EFD49B-0FD8-4FB8-A328-C10E4D7BD49A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\apb reloaded\binaries\vivoxvoiceservice.exe |
"{70DD68BF-19A0-4E74-A812-22DF60732EA4}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{71DBC4BD-79E1-48D2-86ED-EA023D693EFE}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe |
"{727D6D1C-0CDD-4AA4-8D11-FA1E094DFFA4}" = protocol=6 | dir=in | app=c:\program files (x86)\droidcam\droidcamapp.exe |
"{7AD994F8-E038-4561-81C6-D7ECC8E36C83}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{805ACFD6-D142-4FC7-A722-C7F158A3504D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\warframe\warframe.exe |
"{876E8F91-FA41-47A8-8FED-3491B06DED23}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\trials evolution gold edition\datapack\trialsfmx.exe |
"{8AAFE045-1BEB-4C6E-A8FF-6572DA24CF6A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\apb reloaded\launcher\apblauncher.exe |
"{8B3C6555-8990-4870-9B96-05BCA402B789}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{8E72F306-9B73-47DF-8F56-2D6F2C7CFC50}" = protocol=17 | dir=out | app=c:\program files (x86)\steam\steamapps\common\warframe\warframe.x64.exe |
"{941DCFD9-C171-4BF8-B3FD-29CFFD91A110}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe |
"{9D5CDA25-B700-4B8E-80DF-24D9601F5AF0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe |
"{A5589677-56C4-46C1-A86B-1F0B5425786F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A8735016-CEFA-4D9A-924F-89833606A77E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe |
"{AA05BD4D-E7BF-4D02-80BD-1A7E8817D4E7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\orcs must die 2\build\release\orcsmustdie2.exe |
"{AB3FBA72-52C3-4476-9A38-230DBE05659B}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{ACF3A166-1A48-4A06-B803-F1CA672C8430}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\trackmania nations forever\tmforever.exe |
"{B4BEF2A5-0BC3-4F45-BCDC-3673788B9470}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\apb reloaded\binaries\vivoxvoiceservice.exe |
"{B69868D9-422E-4B5C-97DC-D72B072F6470}" = protocol=17 | dir=in | app=c:\program files (x86)\tunngle\tnglctrl.exe |
"{B9197A8B-06E9-4F74-8CD8-54FEE7DC386C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\apb reloaded\launcher\apblauncher.exe |
"{BA96E895-5F9A-4B5B-A0D9-D61B0E279771}" = protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{BD5AEB0C-D063-452E-9693-65D9A5FD7596}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{BFF42F29-BFFB-4EE1-A7D4-0D05BFDCDDDA}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{C7961FFC-0BC8-4BC8-B9EB-28605AF7B231}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\gotham city impostors f2p\impostors.exe |
"{C8ED5CA5-BBC1-47F0-9EE0-464D5C5F06AE}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{C96DF79D-5DCA-4D7B-AB48-ACA9B1F23B79}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{CA0C1A69-EA1D-46AF-A90F-04FD114D955F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{CA9AB5E1-F723-4819-A816-B4889CF99B0A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\gotham city impostors f2p\engine.exe |
"{CCB0C34B-C570-4938-8A81-7B21A4DDE727}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{CE504808-152F-4073-8BB9-0F8E7C4D30C6}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{CEEABDF4-7770-44AD-81CF-538782FC9633}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\apb reloaded\binaries\apb.exe |
"{CF707F15-D8E0-4928-99E7-E9E8F60798D0}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{D3648D1D-2BA3-4973-9B7E-EDC907B6E342}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D38B7B42-7A50-48C9-803C-22666074AD4F}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{D6A6A3C5-FBFE-4F4E-A2E8-6C1E173F3DA7}" = protocol=17 | dir=in | app=c:\users\jarda\appdata\local\temp\rar$exa0.183\tc connection test\tcct.exe |
"{D80A7973-5877-4529-BB3A-5F2291FBF207}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{D81FAA63-BB3C-4627-9F73-0E00D51A494F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\warframe\tools\launcher.exe |
"{DD12F587-AEB9-4BF9-BB33-FDEA0D2D7879}" = protocol=17 | dir=in | app=c:\program files (x86)\droidcam\droidcamapp.exe |
"{DED1FD6D-1894-41E0-910B-8E0992810389}" = protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{E4E38AAB-F3BB-4B58-AD18-D1AF4C1B7CC7}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{E7B811DC-057D-47BC-B9D4-00C9BBDD6399}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{E926E57D-011D-4F63-BCC5-FFCFDC28D091}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{ED5F5F24-C401-49D0-8564-123804EE6798}" = protocol=6 | dir=in | app=c:\program files (x86)\tunngle\tunngle.exe |
"{EDB0EBB4-A53F-4001-A834-0C1E0086E13F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{F0369B2B-7F57-4EC7-9EE0-02A37D24B4AB}" = protocol=17 | dir=out | app=c:\program files (x86)\steam\steamapps\common\warframe\warframe.exe |
"{F4849C22-E79F-437D-89C1-61E6B22546D6}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\gotham city impostors f2p\engine.exe |
"{F5411598-AF00-4916-B0D1-5B3EA7EC3A65}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe |
"{FBD70BC2-2FBA-457C-AC50-7682222C733B}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"TCP Query User{28672245-33BF-48F4-9BC5-7BF3E5C53F3B}C:\program files (x86)\world of tanks\wotlauncher.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of tanks\wotlauncher.exe |
"TCP Query User{292CB2CB-CF89-4559-ACD1-57543C641749}C:\program files (x86)\electronic arts\shift 2 unleashed\shift2u.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\shift 2 unleashed\shift2u.exe |
"TCP Query User{50B51190-EA69-4BB5-9165-BB4B7BE5C558}C:\program files (x86)\counter-strike 1.6 non-steam\hl.exe" = protocol=6 | dir=in | app=c:\program files (x86)\counter-strike 1.6 non-steam\hl.exe |
"TCP Query User{5D733D77-2A7F-4212-9C31-BD6E8BC1E42F}C:\program files (x86)\dead space\dead space.exe" = protocol=6 | dir=in | app=c:\program files (x86)\dead space\dead space.exe |
"TCP Query User{61AC63A1-C317-4DD0-AE95-36298E387DF2}C:\users\jarda\appdata\local\temp\rar$exa0.183\tc connection test\tcct.exe" = protocol=6 | dir=in | app=c:\users\jarda\appdata\local\temp\rar$exa0.183\tc connection test\tcct.exe |
"TCP Query User{7F6BA4F1-72B9-4BF7-8007-A9F4EBAD11BF}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{8564D7BA-554E-49C5-A968-2888F2014DC3}C:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe |
"TCP Query User{8C8E89B3-82F0-4EC7-9CEA-A727D34D9FB2}C:\program files (x86)\company of heroes 2\reliccoh2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\company of heroes 2\reliccoh2.exe |
"TCP Query User{91E51B07-AE91-4E69-B9BC-C442DBC7C253}C:\program files (x86)\steam\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe |
"TCP Query User{958D9D3D-EB8A-404E-AC4B-02A65637DA8A}C:\program files (x86)\dmc devi may cry\binaries\win32\dmc-devilmaycry.exe" = protocol=6 | dir=in | app=c:\program files (x86)\dmc devi may cry\binaries\win32\dmc-devilmaycry.exe |
"TCP Query User{A3A663ED-77BE-4645-AA1E-8552BA6BE7C9}C:\program files (x86)\world of tanks\worldoftanks.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of tanks\worldoftanks.exe |
"TCP Query User{A5BF28B2-6DBA-4C6C-ABBA-80490292D3CD}C:\program files (x86)\duke nukem 3d megaton edition\bin\duke3d.exe" = protocol=6 | dir=in | app=c:\program files (x86)\duke nukem 3d megaton edition\bin\duke3d.exe |
"TCP Query User{B15FC3B5-5711-486E-86C2-DF54D0EAA3CB}C:\program files\java\jre7\launch4j-tmp\frd.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\launch4j-tmp\frd.exe |
"TCP Query User{C931C602-4A3F-438D-8C21-A9EB252D50C1}C:\program files (x86)\metro last light\metrollbenchmark.exe" = protocol=6 | dir=in | app=c:\program files (x86)\metro last light\metrollbenchmark.exe |
"TCP Query User{FC45EB5B-2923-4B6F-BC8C-27ABC52ECA1F}C:\program files (x86)\war thunder\aces.exe" = protocol=6 | dir=in | app=c:\program files (x86)\war thunder\aces.exe |
"UDP Query User{3064EE96-25F9-4265-805A-893F6E409BEC}C:\program files (x86)\war thunder\aces.exe" = protocol=17 | dir=in | app=c:\program files (x86)\war thunder\aces.exe |
"UDP Query User{339814E5-C516-4F11-BFE3-183078AF9561}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{360EB594-7D2B-4BD0-8A98-EC6ED21627CE}C:\program files (x86)\steam\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe |
"UDP Query User{37D3020C-E790-41A9-866D-2978485D3759}C:\program files (x86)\world of tanks\wotlauncher.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of tanks\wotlauncher.exe |
"UDP Query User{447903A5-23D4-4E68-AE19-FD28B1CD773C}C:\program files (x86)\dmc devi may cry\binaries\win32\dmc-devilmaycry.exe" = protocol=17 | dir=in | app=c:\program files (x86)\dmc devi may cry\binaries\win32\dmc-devilmaycry.exe |
"UDP Query User{5514942F-2E4B-4E46-BE49-8608E691570F}C:\program files (x86)\duke nukem 3d megaton edition\bin\duke3d.exe" = protocol=17 | dir=in | app=c:\program files (x86)\duke nukem 3d megaton edition\bin\duke3d.exe |
"UDP Query User{58D94A8F-7969-4953-9B87-8E807826BC1D}C:\program files (x86)\dead space\dead space.exe" = protocol=17 | dir=in | app=c:\program files (x86)\dead space\dead space.exe |
"UDP Query User{5B73EA0C-BE84-4582-BECC-AC02146A412F}C:\program files\java\jre7\launch4j-tmp\frd.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\launch4j-tmp\frd.exe |
"UDP Query User{72B4C500-8B68-4E63-9273-0430B93246AE}C:\program files (x86)\counter-strike 1.6 non-steam\hl.exe" = protocol=17 | dir=in | app=c:\program files (x86)\counter-strike 1.6 non-steam\hl.exe |
"UDP Query User{8C8C3F75-5D2F-41AA-A462-3DB61B7A2449}C:\program files (x86)\world of tanks\worldoftanks.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of tanks\worldoftanks.exe |
"UDP Query User{8E34C482-1570-408C-A904-D9DF4C50AC41}C:\program files (x86)\company of heroes 2\reliccoh2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\company of heroes 2\reliccoh2.exe |
"UDP Query User{A3B30124-AEE4-4380-87FE-65BFBE23C5D5}C:\program files (x86)\electronic arts\shift 2 unleashed\shift2u.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\shift 2 unleashed\shift2u.exe |
"UDP Query User{A43B6057-E9E9-4EE2-BAD7-57A718376272}C:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe |
"UDP Query User{D6E5994C-43D3-4873-9628-80129970D086}C:\users\jarda\appdata\local\temp\rar$exa0.183\tc connection test\tcct.exe" = protocol=17 | dir=in | app=c:\users\jarda\appdata\local\temp\rar$exa0.183\tc connection test\tcct.exe |
"UDP Query User{E7A478C1-C520-406D-AD0E-00AF1CD99A5E}C:\program files (x86)\metro last light\metrollbenchmark.exe" = protocol=17 | dir=in | app=c:\program files (x86)\metro last light\metrollbenchmark.exe |

Re: Preventivka

Napsal: 26 črc 2013 13:06
od Jarda62
========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{034106B5-54B7-467F-B477-5B7DBB492624}" = Microsoft Sync Framework Services v1.0 SP1 (x64)
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1" = Core Temp 1.0 RC5
"{17CA32D1-73BD-4990-B8F6-369D8D34B05D}" = Microsoft Antimalware Service CS-CZ Language Pack
"{1AB7EDC5-D891-34C5-9FF1-BE6A85ACC44B}" = Microsoft Team Foundation Server 2010 Object Model - ENU
"{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}" = Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219
"{1D1CEEF8-3741-45BD-8E77-963E1DEBDDD3}" = Microsoft Sync Services for ADO.NET v2.0 SP1 (x64)
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1E6ED082-E32D-4B2B-8B6A-70B094815135}" = Microsoft SQL Server System CLR Types (x64)
"{26A24AE4-039D-4CA4-87B4-2F86417025FF}" = Java 7 Update 25 (64-bit)
"{27726449-83B8-428D-92DE-101346C1E15C}" = Microsoft Security Client
"{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1" = MPC-HC 1.6.8 (64-bit)
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{64A3A4F4-B792-11D6-A78A-00B0D0170250}" = Java SE Development Kit 7 Update 25 (64-bit)
"{662014D2-0450-37ED-ABAE-157C88127BEB}" = Visual Studio 2010 Prerequisites - English
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8438EC02-B8A9-462D-AC72-1B521349C001}" = Microsoft Sync Framework Runtime v1.0 SP1 (x64)
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{DDE42F8A-12EA-4344-BC5C-E0CC3CBB2B51}" =
"{90140000-0015-0405-1000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0016-0405-1000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0018-0405-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0019-0405-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-001A-0405-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001B-0405-1000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001F-0405-1000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-041B-1000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-002C-0405-1000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0405-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (Czech) 2010
"{90140000-0044-0405-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-006E-0405-1000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-00A1-0405-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00BA-0405-1000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A324DC11-FF02-3CE8-9D6F-67EBC006D970}" = Microsoft .NET Framework 4 Extended CSY Language Pack
"{A8A0B1C1-FBC7-4790-8E26-9DA1A6A95452}" = Oracle VM VirtualBox 4.2.6
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B143BE44-8723-315E-9413-011C55873C0E}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 314.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 314.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 314.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Ovladač řídící jednotky 3D Vision 314.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.12.1031
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.12.12
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovladač HD audia 1.3.23.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}" = Microsoft SQL Server Compact 3.5 SP2 x64 ENU
"{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client CS-CZ Language Pack
"{E5748D30-7E6D-3A8E-BFE6-C1D02C6DDABB}" = Microsoft Help Viewer 1.1
"{EAEBF166-B06A-4D7F-BAF7-6615303D5C7C}" = Microsoft SQL Server 2008 R2 Management Objects (x64)
"{F5079164-1DB9-3BDA-853B-F78AF67CE071}" = Microsoft Visual C++ 2010 x64 Designtime - 10.0.30319
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"GIMP-2_is1" = GIMP 2.8.6
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended CSY Language Pack" = Microsoft .NET Framework 4 Extended CSY Language Pack
"Microsoft Help Viewer 1.1" = Microsoft Help Viewer 1.1
"Microsoft Security Client" = Microsoft Security Essentials
"Microsoft Team Foundation Server 2010 Object Model - ENU" = Microsoft Team Foundation Server 2010 Object Model - ENU
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinRAR archiver" = WinRAR 4.20 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{07D857B8-C956-401D-BC8F-EDA8459AF037}" = Trials Evolution Gold Edition
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{09C52940-A4D1-4409-A7CC-1AAE630CF578}" = Microsoft SQL Server 2008 R2 Transact-SQL Language Service
"{0E3DFC64-CC49-4BE2-8C9C-58EF129675DB}" = Microsoft Sync Framework SDK v1.0 SP1
"{112C23F2-C036-4D40-BED4-0CB47BF5555C}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
"{14DD7530-CCD2-3798-B37D-3839ED6A441C}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{185F9795-9663-4F13-9EF9-307A282ADB5A}" = ph
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1" = World of Tanks
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1" = Geeks3D.com FurMark 1.10.3
"{2A075BB4-E976-4278-BF3F-E5C6945D84C0}" = bl
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{34D9106C-A947-47ED-B4AB-764736350769}" = Minecraft
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}_is1" = Battlefield: Bad Company 2 795745
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{434D0820-3AA6-493A-80B9-301000028501}" = DiRT2
"{434D0FA0-AB8C-497F-B30A-7A1000018201}" = DiRT 3
"{434D0FA0-AB8C-497F-B30A-7A1000018202}" = DiRT 3
"{45410935-B52C-468A-A836-0D1000018201}" = BulletStorm
"{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}" = Google Earth
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.6
"{54510837-A0FE-4638-8AB9-F21000028401}" = Red Faction: Guerrilla
"{54510837-A0FE-4638-8AB9-F21000038401}" = Red Faction: Guerrilla
"{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000D8302}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000D8303}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000D8304}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000D8305}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000D8306}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000D8307}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000D8308}" = Grand Theft Auto IV
"{5454085C-129F-416C-9C0B-8B1000058301}" = BioShock 2
"{5AB7D739-1735-3A9E-BE73-C43507CB4E6F}" = Microsoft Visual Studio 2010 Service Pack 1
"{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}" = Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{64BFBE7A-886C-4CA2-A9B4-0C2B5A5942BC}" = Battlefield 3™
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6C772996-BFF3-3C8C-860B-B3D48FF05D65}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106
"{6CDEAD7E-F8D8-37F7-AB6F-1E22716E30F3}" = Microsoft Visual Studio Macro Tools
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{77F1F8AD-51B8-4490-AEEC-BF480073E0FC}" = Microsoft SQL Server 2008 R2 Management Objects
"{7A56D81D-6406-40E7-9184-8AC1769C4D69}" = Microsoft SQL Server 2008 R2 Data-Tier Application Project
"{7EF15AAF-42AC-4CF6-B4B4-C4F0D1D92122}" = Far Cry (Patch 1.4)
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{877B76B2-F83F-4F5A-B28D-3F398641ADB6}" = Microsoft SQL Server System CLR Types
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{8e70e4e1-06d7-470b-9f74-a51bef21088e}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A0087DDE-69D0-11E2-AD57-43CA6188709B}" = Adobe AIR
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC41D924-8C68-4BD5-A7A1-0AE4176C31A6}" = Crystal Reports for Visual Studio
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.03)
"{ACE28263-76A4-4BF5-B6F4-8BD719595969}" = Microsoft SQL Server Database Publishing Wizard 1.4
"{BC537AE0-88AF-47ED-B762-33B0D62B5188}" = Microsoft SQL Server 2008 R2 Data-Tier Application Framework
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.3.22 Game
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{D6B15AE6-B052-363E-B6BB-C4714CBA6509}" = Microsoft Visual Studio 2010 Professional - ENU
"{D76A1EA2-AB18-40B4-95CF-1567DDB24D1C}_is1" = Grand Theft Auto: Vice City Stories version 3.0 BETA 'Blue Hesper'
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E824E81C-80A4-3DFF-B5F9-4842A9FF5F7F}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106
"{E8C37E27-5205-4C8A-BECB-B00533045AAE}" = SHIFT 2 UNLEASHED™
"{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1" = War Thunder Launcher 1.0.1.252
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FA8E7AF5-C70E-3274-9740-9E697FBD5BB7}" = Microsoft Primary Interoperability Assemblies 2010
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Afterburner" = MSI Afterburner 2.3.1
"AIDA64 Extreme Edition_is1" = AIDA64 Extreme Edition v2.80
"aTube Catcher" = aTube Catcher
"Battlelog Web Plugins" = Battlelog Web Plugins
"Bioshock Infinite_is1" = Bioshock Infinite
"Company of Heroes 2_is1" = Company of Heroes 2
"CrystalDiskInfo_is1" = CrystalDiskInfo 5.4.1 Shizuku Edition
"DAEMON Tools Lite" = DAEMON Tools Lite
"Dead Space_is1" = Dead Space version 1.0.0.222
"DMC Devi May Cry (c) Capcom_is1" = DMC Devi May Cry (c) Capcom version 1
"Duke Nukem 3D Megaton Edition_is1" = Duke Nukem 3D Megaton Edition version 1.00
"ESN Sonar-0.70.4" = ESN Sonar
"FileHippo.com" = FileHippo.com Update Checker
"Fraps" = Fraps (remove only)
"HD Tune_is1" = HD Tune 2.55
"InstallShield_{050C1C8E-4A4D-4C2F-B9AE-67E60EE91B7F}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.3 Patch
"InstallShield_{07D857B8-C956-401D-BC8F-EDA8459AF037}" = Trials Evolution Gold Edition
"InstallShield_{3BD633E0-4BF8-4499-9149-88F0767D449C}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
"InstallShield_{8503C901-85D7-4262-88D2-8D8B2A7B08B8}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{91C514E8-C92E-48E4-BDEE-DE3407837194}" = Wolfenstein(TM) 1.2 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{E5141379-B2D9-4BBC-BB2A-5805541571DD}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.2 Patch
"KLiteCodecPack_is1" = K-Lite Codec Pack 9.9.0 (Basic)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.75.0.1300
"Metro Last Light_is1" = Metro Last Light
"Microsoft Visual Studio 2010 Professional - ENU" = Microsoft Visual Studio 2010 Professional - ENU
"Microsoft Visual Studio 2010 Service Pack 1" = Microsoft Visual Studio 2010 Service Pack 1
"Microsoft Visual Studio Macro Tools" = Microsoft Visual Studio Macro Tools
"Mozilla Firefox 22.0 (x86 cs)" = Mozilla Firefox 22.0 (x86 cs)
"Mozilla Thunderbird 17.0.7 (x86 cs)" = Mozilla Thunderbird 17.0.7 (x86 cs)
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Open Broadcaster Software" = Open Broadcaster Software
"OpenAL" = OpenAL
"Origin" = Origin
"PunkBusterSvc" = PunkBuster Services
"R1JJRDI=_is1" = GRID 2 (c) Codemasters version 1
"Rockstar Games Social Club" = Rockstar Games Social Club
"RollerCoaster Tycoon Deluxe_is1" = RollerCoaster Tycoon Deluxe
"SpeedFan" = SpeedFan (remove only)
"Steam App 11020" = TrackMania Nations Forever
"Steam App 113400" = APB Reloaded
"Steam App 201790" = Orcs Must Die! 2
"Steam App 206210" = Gotham City Impostors: Free To Play
"Steam App 224540" = Ace of Spades
"Steam App 230410" = Warframe
"Steam App 440" = Team Fortress 2
"Steam App 620" = Portal 2
"Steam App 730" = Counter-Strike: Global Offensive
"TeamViewer 8" = TeamViewer 8
"Torchlight II_is1" = Torchlight II v1.25.5.2
"Tunngle beta_is1" = Tunngle beta
"uTorrent" = µTorrent
"VLC media player" = VLC media player 2.0.7

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3344855712-2548836808-2162885872-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"QIP 2012" = QIP 2012 4.0.8866

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 18.7.2013 12:46:58 | Computer Name = Jarda-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: portal2.exe, verze: 0.0.0.0, časové razítko:
0x4d4c804d Název chybujícího modulu: steam.dll_unloaded, verze: 0.0.0.0, časové
razítko: 0x51d34188 Kód výjimky: 0xc0000005 Posun chyby: 0x301243d0 ID chybujícího
procesu: 0x119c Čas spuštění chybující aplikace: 0x01ce83cf2f88a808 Cesta k chybující
aplikaci: C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe Cesta
k chybujícímu modulu: steam.dll ID zprávy: a9031a94-efc9-11e2-a8aa-8c89a56ceef5

Error - 18.7.2013 19:20:37 | Computer Name = Jarda-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: portal2.exe, verze: 0.0.0.0, časové razítko:
0x4d4c804d Název chybujícího modulu: steam.dll_unloaded, verze: 0.0.0.0, časové
razítko: 0x51d34188 Kód výjimky: 0xc0000005 Posun chyby: 0x301243d0 ID chybujícího
procesu: 0x4b0 Čas spuštění chybující aplikace: 0x01ce83ead48951d9 Cesta k chybující
aplikaci: C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe Cesta
k chybujícímu modulu: steam.dll ID zprávy: a6f20ccf-f000-11e2-a8aa-8c89a56ceef5

Error - 19.7.2013 18:13:30 | Computer Name = Jarda-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: portal2.exe, verze: 0.0.0.0, časové razítko:
0x4d4c804d Název chybujícího modulu: nvd3dum.dll, verze: 9.18.13.1422, časové razítko:
0x51427c76 Kód výjimky: 0xc0000005 Posun chyby: 0x0067e8f1 ID chybujícího procesu:
0x5d0 Čas spuštění chybující aplikace: 0x01ce84b501847546 Cesta k chybující aplikaci:
C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe Cesta k chybujícímu
modulu: C:\Windows\system32\nvd3dum.dll ID zprávy: 70d3a3df-f0c0-11e2-b06d-8c89a56ceef5

Error - 20.7.2013 11:32:22 | Computer Name = Jarda-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: portal2.exe, verze: 0.0.0.0, časové razítko:
0x4d4c804d Název chybujícího modulu: steam.dll_unloaded, verze: 0.0.0.0, časové
razítko: 0x51d34188 Kód výjimky: 0xc0000005 Posun chyby: 0x301243d0 ID chybujícího
procesu: 0x76c Čas spuštění chybující aplikace: 0x01ce8551e60069c6 Cesta k chybující
aplikaci: C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe Cesta
k chybujícímu modulu: steam.dll ID zprávy: 91bb8bd2-f151-11e2-a92b-8c89a56ceef5

Error - 22.7.2013 10:43:15 | Computer Name = Jarda-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: portal2.exe, verze: 0.0.0.0, časové razítko:
0x4d4c804d Název chybujícího modulu: steam.dll_unloaded, verze: 0.0.0.0, časové
razítko: 0x51d34188 Kód výjimky: 0xc0000005 Posun chyby: 0x301243d0 ID chybujícího
procesu: 0x12f8 Čas spuštění chybující aplikace: 0x01ce86de52115123 Cesta k chybující
aplikaci: C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe Cesta
k chybujícímu modulu: steam.dll ID zprávy: 0a478afe-f2dd-11e2-b8b8-8c89a56ceef5

Error - 22.7.2013 12:35:03 | Computer Name = Jarda-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: portal2.exe, verze: 0.0.0.0, časové razítko:
0x4d4c804d Název chybujícího modulu: steam.dll_unloaded, verze: 0.0.0.0, časové
razítko: 0x51d34188 Kód výjimky: 0xc0000005 Posun chyby: 0x301243d0 ID chybujícího
procesu: 0x1730 Čas spuštění chybující aplikace: 0x01ce86f8c3d45797 Cesta k chybující
aplikaci: C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe Cesta
k chybujícímu modulu: steam.dll ID zprávy: a819b78a-f2ec-11e2-b8b8-8c89a56ceef5

Error - 22.7.2013 15:04:46 | Computer Name = Jarda-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: portal2.exe, verze: 0.0.0.0, časové razítko:
0x4d4c804d Název chybujícího modulu: nvd3dum.dll, verze: 9.18.13.1422, časové razítko:
0x51427c76 Kód výjimky: 0xc0000005 Posun chyby: 0x0067e8f1 ID chybujícího procesu:
0x99c Čas spuštění chybující aplikace: 0x01ce870cee8c9832 Cesta k chybující aplikaci:
C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe Cesta k chybujícímu
modulu: C:\Windows\system32\nvd3dum.dll ID zprávy: 92e66606-f301-11e2-b8b8-8c89a56ceef5

Error - 22.7.2013 15:23:36 | Computer Name = Jarda-PC | Source = TnglCtrl.exe | ID = 0
Description =

Error - 22.7.2013 20:12:01 | Computer Name = Jarda-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: portal2.exe, verze: 0.0.0.0, časové razítko:
0x4d4c804d Název chybujícího modulu: steam.dll_unloaded, verze: 0.0.0.0, časové
razítko: 0x51d34188 Kód výjimky: 0xc0000005 Posun chyby: 0x301243d0 ID chybujícího
procesu: 0xe00 Čas spuštění chybující aplikace: 0x01ce873894aa53fa Cesta k chybující
aplikaci: C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe Cesta
k chybujícímu modulu: steam.dll ID zprávy: 7e894e2a-f32c-11e2-b884-8c89a56ceef5

Error - 23.7.2013 10:42:21 | Computer Name = Jarda-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: portal2.exe, verze: 0.0.0.0, časové razítko:
0x4d4c804d Název chybujícího modulu: steam.dll_unloaded, verze: 0.0.0.0, časové
razítko: 0x51d34188 Kód výjimky: 0xc0000005 Posun chyby: 0x301243d0 ID chybujícího
procesu: 0x1308 Čas spuštění chybující aplikace: 0x01ce87ac1dfdf6e4 Cesta k chybující
aplikaci: C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe Cesta
k chybujícímu modulu: steam.dll ID zprávy: 1407a2fd-f3a6-11e2-bcda-8c89a56ceef5

Error - 23.7.2013 16:47:15 | Computer Name = Jarda-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: portal2.exe, verze: 0.0.0.0, časové razítko:
0x4d4c804d Název chybujícího modulu: steam.dll_unloaded, verze: 0.0.0.0, časové
razítko: 0x51d34188 Kód výjimky: 0xc0000005 Posun chyby: 0x301243d0 ID chybujícího
procesu: 0x934 Čas spuštění chybující aplikace: 0x01ce87dedc03b80f Cesta k chybující
aplikaci: C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe Cesta
k chybujícímu modulu: steam.dll ID zprávy: 0e0c8bcd-f3d9-11e2-a4c5-8c89a56ceef5

[ System Events ]
Error - 22.7.2013 15:09:28 | Computer Name = Jarda-PC | Source = DCOM | ID = 10010
Description =

Error - 22.7.2013 16:23:44 | Computer Name = Jarda-PC | Source = NetBT | ID = 4321
Description = Název WORKGROUP :1d nelze zaregistrovat v rozhraní s IP adresou
10.0.0.1. Počítač s IP adresou 10.0.0.2 nepovolil získání názvu tímto počítačem.

Error - 22.7.2013 16:28:54 | Computer Name = Jarda-PC | Source = NetBT | ID = 4321
Description = Název WORKGROUP :1d nelze zaregistrovat v rozhraní s IP adresou
10.0.0.1. Počítač s IP adresou 10.0.0.2 nepovolil získání názvu tímto počítačem.

Error - 22.7.2013 16:34:04 | Computer Name = Jarda-PC | Source = NetBT | ID = 4321
Description = Název WORKGROUP :1d nelze zaregistrovat v rozhraní s IP adresou
10.0.0.1. Počítač s IP adresou 10.0.0.2 nepovolil získání názvu tímto počítačem.

Error - 22.7.2013 16:44:18 | Computer Name = Jarda-PC | Source = Service Control Manager | ID = 7030
Description = Služba LogMeIn Hamachi Tunneling Engine je označena jako interaktivní
služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní
služby. Tato služba nebude fungovat správně.

Error - 22.7.2013 16:44:19 | Computer Name = Jarda-PC | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby LogMeIn Hamachi Tunneling Engine bylo
dosaženo časového limitu (30000 ms).

Error - 22.7.2013 16:44:19 | Computer Name = Jarda-PC | Source = Service Control Manager | ID = 7000
Description = Služba LogMeIn Hamachi Tunneling Engine neuspěla při spuštění v důsledku
následující chyby: %%1053

Error - 22.7.2013 16:58:54 | Computer Name = Jarda-PC | Source = Service Control Manager | ID = 7034
Description = Služba LogMeIn Hamachi Tunneling Engine byla neočekávaně ukončena.
Tento stav nastal již 1krát.

Error - 22.7.2013 17:44:21 | Computer Name = Jarda-PC | Source = volsnap | ID = 393252
Description = Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného
uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Error - 24.7.2013 3:05:28 | Computer Name = Jarda-PC | Source = volsnap | ID = 393252
Description = Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného
uživatelem se nepodařilo zvětšit úložiště stínové kopie.
< End of report >

Re: Preventivka

Napsal: 27 črc 2013 09:23
od Márty84
:arrow: Znovu spustte OTL jako spravce
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[RESETHOSTS]
[Purity]
[CreateRestorePoint]

:services
SkypeUpdate

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3344855712-2548836808-2162885872-1000Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3344855712-2548836808-2162885872-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3344855712-2548836808-2162885872-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3344855712-2548836808-2162885872-1000UA.job

:otl
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-3344855712-2548836808-2162885872-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
O15 - HKU\.DEFAULT\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-19\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-21-3344855712-2548836808-2162885872-1000\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-3344855712-2548836808-2162885872-1000\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-3344855712-2548836808-2162885872-1000\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-3344855712-2548836808-2162885872-1000\..Trusted Domains: sony.com ([]* in Trusted sites)
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[5 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[6 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[6 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[6 C:\Windows\SysWOW64\*.tmp files -> C:\Windows\SysWOW64\*.tmp -> ]
@Alternate Data Stream - 971 bytes -> C:\ProgramData:$SS_DESCRIPTOR_SBXNV9VVGV1BFPVHRP275D836HNTHKP9KTLWJMHFSVF7JBCVPJGV
@Alternate Data Stream - 961 bytes -> C:\ProgramData\Microsoft:ykC2K75XRDRhWZdCqsF9oS2urE
@Alternate Data Stream - 209 bytes -> C:\ProgramData\TEMP:8927A071
@Alternate Data Stream - 1162 bytes -> C:\ProgramData\Microsoft:ley31hqI9sGSlLzQK8X
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:2BE9FEFC
@Alternate Data Stream - 1010 bytes -> C:\Users\Jarda\AppData\Local\KVhzhHTU:h9UuJNRkfxm06StgYRlAk5

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=-
"DAEMON Tools Lite"=-
"Steam"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware] /64
Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

Re: Preventivka

Napsal: 27 črc 2013 14:04
od Jarda62
Tady je log.

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 57472 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Jarda
->Temp folder emptied: 42176741 bytes
->Temporary Internet Files folder emptied: 47331905 bytes
->Java cache emptied: 8240101 bytes
->FireFox cache emptied: 46795186 bytes
->Google Chrome cache emptied: 281570257 bytes
->Flash cache emptied: 58761 bytes

User: Public
->Temp folder emptied: 0 bytes

User: UpdatusUser

User: UpdatusUser.Jarda-PC
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 57472 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 155648 bytes
%systemroot%\System32 .tmp files removed: 4857104 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 131304 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50635 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 411,00 mb


[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Jarda
->Flash cache emptied: 0 bytes

User: Public

User: UpdatusUser

User: UpdatusUser.Jarda-PC
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTL Restore Point
========== SERVICES/DRIVERS ==========
Service SkypeUpdate stopped successfully!
Service SkypeUpdate deleted successfully!
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3344855712-2548836808-2162885872-1000Core.job moved successfully.
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3344855712-2548836808-2162885872-1000UA.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3344855712-2548836808-2162885872-1000Core.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3344855712-2548836808-2162885872-1000UA.job moved successfully.
========== OTL ==========
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-3344855712-2548836808-2162885872-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\clonewarsadventures.com\ deleted successfully.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\freerealms.com\ deleted successfully.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\soe.com\ deleted successfully.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sony.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\clonewarsadventures.com\ not found.
Registry key HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\freerealms.com\ not found.
Registry key HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\soe.com\ not found.
Registry key HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sony.com\ not found.
Registry key HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\clonewarsadventures.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\freerealms.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\soe.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sony.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\clonewarsadventures.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\freerealms.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\soe.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sony.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-3344855712-2548836808-2162885872-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\clonewarsadventures.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-3344855712-2548836808-2162885872-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\freerealms.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-3344855712-2548836808-2162885872-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\soe.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-3344855712-2548836808-2162885872-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sony.com\ deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8517.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8595.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPAF9F.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPAFDE.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPF382.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP2A98.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP73F8.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP8797.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPB7FA.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPC61C.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE6A6.tmp folder deleted successfully.
ADS C:\ProgramData:$SS_DESCRIPTOR_SBXNV9VVGV1BFPVHRP275D836HNTHKP9KTLWJMHFSVF7JBCVPJGV deleted successfully.
ADS C:\ProgramData\Microsoft:ykC2K75XRDRhWZdCqsF9oS2urE deleted successfully.
ADS C:\ProgramData\TEMP:8927A071 deleted successfully.
ADS C:\ProgramData\Microsoft:ley31hqI9sGSlLzQK8X deleted successfully.
ADS C:\ProgramData\TEMP:2BE9FEFC deleted successfully.
ADS C:\Users\Jarda\AppData\Local\KVhzhHTU:h9UuJNRkfxm06StgYRlAk5 deleted successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\BCSSync not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Skype deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Steam deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware\ deleted successfully.

OTL by OldTimer - Version 3.2.69.0 log created on 07272013_150023

Files\Folders moved on Reboot...
C:\Users\Jarda\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Jarda\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Re: Preventivka

Napsal: 27 črc 2013 18:06
od Márty84
:arrow: Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe , ulozte ho na plochu, kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Zprava a objevi se log. Ten mi sem vlozte
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz