VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Prosím o kontrolu

https://forum.viry.cz:443/viewtopic.php?t=132546

Stránka 1 z 1

Prosím o kontrolu

Napsal: 03 zář 2013 19:08
od R1dd14k
Zde je LOG:

Logfile of random's system information tool 1.09 (written by random/random)
Run by xxx at 2013-09-03 20:03:37
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 159 GB (33%) free of 477 GB
Total RAM: 8191 MB (68% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:03:40, on 3.9.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16496)
Boot mode: Normal

Running processes:
C:\programs\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe
C:\Programs\Sticky Password\stpass.exe
C:\Program Files\DAEMON Tools Pro\DTAgent.exe
C:\Program Files (x86)\Samsung\Kies\Kies.exe
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
C:\Program Files (x86)\QIP 2012\qip.exe
C:\Users\Bělis\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Programs\Process Explorer\procexp.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Programs\Winamp\winamp.exe
C:\Users\Bělis\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bělis\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bělis\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bělis\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bělis\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bělis\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Bělis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\programs\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\programs\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\programs\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKCU\..\Run: [StickyPassword] C:\Programs\Sticky Password\stpass.exe
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Bělis\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
O4 - HKCU\..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [Infium] "C:\Program Files (x86)\QIP 2012\qip.exe" /autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = ?
O4 - Startup: procexp – zástupce.lnk = C:\Programs\Process Explorer\procexp.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\programs\MICROS~1\Office14\EXCEL.EXE/3000
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: AODService - Unknown owner - C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\Windows\SysWOW64\bgsvcgen.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\programs\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\programs\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: PCLEPCI - Pinnacle Systems GmbH - C:\Windows\SysWOW64\drivers\pclepci.sys
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10728 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
winlogon.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Windows\SysWOW64\bgsvcgen.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\programs\Malwarebytes' Anti-Malware\mbamscheduler.exe"
"C:\programs\Malwarebytes' Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2392
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-c70ce2a1-3514-492f-a04d-df5488099ec6 -SystemEventPortName:HostProcess-20302a43-e4f9-440d-ae2d-5fd8377284c5 -IoCancelEventPortName:HostProcess-da7047dc-8f92-45cf-8804-91c01bba30c3 -NonStateChangingEventPortName:HostProcess-95887dc0-633e-449f-8efd-245f9a163482 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:c2d20f92-1c33-47cc-a68d-8b66f667af96 -DeviceGroupId:WpdFsGroup
"C:\programs\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
"C:\Windows\system32\Dwm.exe"
"taskhost.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe"
"C:\Programs\Sticky Password\stpass.exe"
"C:\Windows\System32\StikyNot.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files\DAEMON Tools Pro\DTAgent.exe" -autorun
"C:\Program Files (x86)\Samsung\Kies\Kies.exe" /preload
"C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe"
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\Version8\TeamViewer8_Logfile.log
"C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\Version8\TeamViewer8_Logfile.log
"C:\Program Files (x86)\QIP 2012\qip.exe" /autorun
"C:\Users\Bělis\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Programs\Process Explorer\procexp.exe"
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Programs\Process Explorer\procexp.exe"
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
C:\Windows\system32\svchost.exe -k WindowsMobile
"C:\Programs\Winamp\winamp.exe" "J:\Hudba\!PUNK & ROCK & ALTERNATIVE ROCK & METAL\KABÁT\1992 Má ji motorovou"
C:\Windows\system32\sppsvc.exe
"C:\Users\Bělis\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\Bělis\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="5288.0.2103414738\352226741" --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,9,19 --gpu-vendor-id=0x1002 --gpu-device-id=0x68b8 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=8.930.0.0 --ignored=" --type=renderer " /prefetch:822062411
"C:\Users\Bělis\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="D3D11Experiment/Enabled/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Control14 pct:10d m29stable:pp2/NewMenuStyle/Compact2/OmniboxStopTimer/UseStopTimer/Prerender/PrerenderEnabled/PrerenderLocalPredictor/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_32/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/default/" --extension-process --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="5288.2.1246306759\937770246" /prefetch:673131151
"C:\Users\Bělis\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="D3D11Experiment/Enabled/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Control14 pct:10d m29stable:pp2/NewMenuStyle/Compact2/OmniboxStopTimer/UseStopTimer/Prerender/PrerenderEnabled/PrerenderLocalPredictor/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_32/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/default/" --extension-process --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="5288.3.1929719414\1862342063" /prefetch:673131151
"C:\Users\Bělis\AppData\Local\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Programs\Sticky Password\npspAutofill.dll" --lang=cs --channel="5288.4.431527190\1343339656" /prefetch:-390060480
"C:\Users\Bělis\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="D3D11Experiment/Enabled/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Control14 pct:10d m29stable:pp2/NewMenuStyle/Compact2/OmniboxStopTimer/UseStopTimer/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictor/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_32/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="5288.7.331520510\2063944858" /prefetch:673131151
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe11_ Global\UsGthrCtrlFltPipeMssGthrPipe11 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"J:\!DOWNLOADS\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\AutoKMS.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1008635744-1587250215-2986164351-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1008635744-1587250215-2986164351-1001UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Bělis\AppData\Roaming\Mozilla\Firefox\Profiles\7xmqw4co.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.8.800.94 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\programs\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\programs\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.8]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.8.800.94 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\programs\MICROS~1\Office14\GROOVEEX.DLL [2013-03-09 4171464]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-06-23 463272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\programs\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-06-23 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-11-19 11613288]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2013-06-20 1356240]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"StickyPassword"=C:\Programs\Sticky Password\stpass.exe [2012-07-11 2905464]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 427520]
"Google Update"=C:\Users\Bělis\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-01 136176]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"DAEMON Tools Pro Agent"=C:\Program Files\DAEMON Tools Pro\DTAgent.exe [2011-08-17 4527424]
"KiesPDLR"=C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2013-07-26 844656]
"KiesPreload"=C:\Program Files (x86)\Samsung\Kies\Kies.exe [2013-07-26 1564016]
""=C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2013-07-26 844656]
"Infium"=C:\Program Files (x86)\QIP 2012\qip.exe [2013-08-06 8502256]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Programs\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Pro Agent]
C:\Program Files\DAEMON Tools Pro\DTAgent.exe [2011-08-17 4527424]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Bělis\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-01 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesHelper]
C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe /s []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR]
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2013-07-26 844656]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2013-07-26 311152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NSU_agent]
C:\Program Files (x86)\Nokia\Nokia Software Updater\nsu3ui_agent.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2012-07-13 17418928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Programs\Winamp\winampa.exe [2010-06-29 74752]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile Device Center]
C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 660360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HD Writer.lnk]
C:\PROGRA~2\COMMON~1\PANASO~1\HDWRIT~1\HDWRIT~1.EXE [2011-11-12 292736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^VideoCam Suite.lnk]
C:\PROGRA~2\COMMON~1\PANASO~1\VIDEOC~1\VIDEOC~1.EXE [2009-12-26 349600]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Watchps3.exe.lnk]
C:\Windows\VID_05~1\Watchps3.exe [2009-11-10 61440]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-11-17 113288]
"amd_dc_opt"=C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2010-06-09 49208]
""= []
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]
"BCSSync"=C:\programs\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]

C:\Users\Bělis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Bělis\AppData\Roaming\Dropbox\bin\Dropbox.exe
procexp – zástupce.lnk - C:\Programs\Process Explorer\procexp.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\programs\MICROS~1\Office14\GROOVEEX.DLL [2013-03-09 4171464]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe]
"Debugger=""C:\PROGRAMS\PROCESS EXPLORER\PROCEXP.EXE"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FFDS"=ff_vfw.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-08-31 15:05:02 ----D---- C:\Program Files (x86)\MyFree Codec
2013-08-31 15:01:35 ----A---- C:\Windows\SYSWOW64\FsUsbExService.Exe
2013-08-31 15:01:35 ----A---- C:\Windows\SYSWOW64\FsUsbExDisk.Sys
2013-08-31 15:01:35 ----A---- C:\Windows\SYSWOW64\FsUsbExDevice.Dll
2013-08-27 20:25:19 ----D---- C:\Users\Bělis\AppData\Roaming\Dropbox
2013-08-20 07:02:12 ----A---- C:\Windows\system32\drivers\ssudmdm.sys
2013-08-20 07:02:12 ----A---- C:\Windows\system32\drivers\ssudbus.sys
2013-08-18 15:00:40 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2013-08-18 15:00:40 ----A---- C:\Windows\system32\WMVDECOD.DLL
2013-08-18 15:00:35 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2013-08-18 15:00:35 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2013-08-18 15:00:35 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2013-08-18 15:00:35 ----A---- C:\Windows\system32\wintrust.dll
2013-08-18 15:00:35 ----A---- C:\Windows\system32\crypt32.dll
2013-08-18 15:00:34 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2013-08-18 15:00:34 ----A---- C:\Windows\system32\cryptsvc.dll
2013-08-18 15:00:34 ----A---- C:\Windows\system32\cryptnet.dll
2013-08-18 15:00:30 ----A---- C:\Windows\SYSWOW64\tzres.dll
2013-08-18 15:00:30 ----A---- C:\Windows\system32\tzres.dll
2013-08-18 15:00:24 ----A---- C:\Windows\system32\rpcrt4.dll
2013-08-18 15:00:23 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2013-08-18 15:00:23 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2013-08-18 15:00:22 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2013-08-18 15:00:22 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-08-18 15:00:21 ----A---- C:\Windows\system32\ntdll.dll
2013-08-18 15:00:20 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2013-08-18 15:00:20 ----A---- C:\Windows\system32\wow64.dll
2013-08-18 15:00:19 ----A---- C:\Windows\SYSWOW64\wow32.dll
2013-08-18 15:00:19 ----A---- C:\Windows\SYSWOW64\setup16.exe
2013-08-18 15:00:19 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2013-08-18 15:00:18 ----A---- C:\Windows\SYSWOW64\user.exe
2013-08-18 15:00:18 ----A---- C:\Windows\SYSWOW64\instnm.exe
2013-08-18 15:00:06 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2013-08-18 14:57:16 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-08-07 17:19:58 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-08-05 13:45:18 ----D---- C:\ProgramData\Pinnacle Studio Ultimate Collection
2013-08-05 12:48:37 ----D---- C:\ProgramData\Pinnacle Studio Ultimate
2013-08-05 12:44:37 ----D---- C:\ProgramData\Studio 15
2013-08-05 12:44:37 ----D---- C:\ProgramData\Pinnacle Studio Plus
2013-08-05 09:18:24 ----N---- C:\Windows\SYSWOW64\RALMain.dll
2013-08-05 09:18:24 ----N---- C:\Windows\SYSWOW64\MMAviAx.dll
2013-08-05 09:18:24 ----N---- C:\Windows\SYSWOW64\MLPagAx.dll
2013-08-05 09:18:24 ----N---- C:\Windows\SYSWOW64\DiskIO.dll
2013-08-05 09:18:24 ----N---- C:\Windows\SYSWOW64\AVIPrAx.dll
2013-08-05 09:18:24 ----A---- C:\Windows\SYSWOW64\cacheX.dll
2013-08-05 09:18:17 ----N---- C:\Windows\SYSWOW64\Ltrio13n.dll
2013-08-05 09:18:16 ----N---- C:\Windows\SYSWOW64\Ltwvc13n.dll
2013-08-05 09:18:16 ----N---- C:\Windows\SYSWOW64\Ltr13n.dll
2013-08-05 09:18:16 ----N---- C:\Windows\SYSWOW64\ltkrn13n.dll
2013-08-05 09:18:16 ----N---- C:\Windows\SYSWOW64\ltfil13n.DLL
2013-08-05 09:18:16 ----N---- C:\Windows\SYSWOW64\LTCLR13s.dll
2013-08-05 09:18:16 ----N---- C:\Windows\SYSWOW64\LTCLR13n.dll
2013-08-05 09:18:16 ----N---- C:\Windows\SYSWOW64\LMUIRes.dll
2013-08-05 09:18:16 ----N---- C:\Windows\SYSWOW64\LMLRes.dll
2013-08-05 09:18:16 ----N---- C:\Windows\SYSWOW64\lftga13s.dll
2013-08-05 09:18:16 ----N---- C:\Windows\SYSWOW64\lftga13n.dll
2013-08-05 09:18:16 ----N---- C:\Windows\SYSWOW64\lfpsd13s.dll
2013-08-05 09:18:16 ----N---- C:\Windows\SYSWOW64\LFCMP13s.DLL
2013-08-05 09:18:15 ----N---- C:\Windows\SYSWOW64\LFCMP13n.DLL
2013-08-05 09:18:15 ----N---- C:\Windows\SYSWOW64\lfbmp13s.dll
2013-08-05 09:18:15 ----N---- C:\Windows\SYSWOW64\lfbmp13n.dll
2013-08-05 09:15:38 ----A---- C:\Windows\SYSWOW64\atl71.dll
2013-08-05 09:15:38 ----A---- C:\Windows\SYSWOW64\ATL70.DLL
2013-08-05 09:15:36 ----A---- C:\AUTOEXEC.BAT
2013-08-05 09:14:43 ----A---- C:\Windows\SYSWOW64\drivers\Pclepci.sys
2013-08-05 09:13:56 ----A---- C:\Windows\SYSWOW64\MSVCR71.DLL
2013-08-05 09:13:56 ----A---- C:\Windows\SYSWOW64\MSVCP71.DLL
2013-08-05 09:13:56 ----A---- C:\Windows\SYSWOW64\MSVCP70.DLL
2013-08-05 09:13:55 ----A---- C:\Windows\SYSWOW64\MSVCI70.DLL
2013-08-05 09:13:55 ----A---- C:\Windows\SYSWOW64\MFC71u.DLL
2013-08-05 09:13:55 ----A---- C:\Windows\SYSWOW64\MFC71KOR.DLL
2013-08-05 09:13:55 ----A---- C:\Windows\SYSWOW64\MFC71JPN.DLL
2013-08-05 09:13:55 ----A---- C:\Windows\SYSWOW64\MFC71ITA.DLL
2013-08-05 09:13:55 ----A---- C:\Windows\SYSWOW64\MFC71CHT.DLL
2013-08-05 09:13:55 ----A---- C:\Windows\SYSWOW64\MFC71FRA.DLL
2013-08-05 09:13:55 ----A---- C:\Windows\SYSWOW64\MFC71ESP.DLL
2013-08-05 09:13:55 ----A---- C:\Windows\SYSWOW64\MFC71ENU.DLL
2013-08-05 09:13:55 ----A---- C:\Windows\SYSWOW64\MFC71DEU.DLL
2013-08-05 09:13:54 ----A---- C:\Windows\SYSWOW64\MFC71CHS.DLL
2013-08-05 09:13:54 ----A---- C:\Windows\SYSWOW64\MFC71.DLL
2013-08-05 09:13:54 ----A---- C:\Windows\SYSWOW64\MFC70U.DLL
2013-08-05 09:13:54 ----A---- C:\Windows\SYSWOW64\MFC70.DLL
2013-08-05 09:12:34 ----D---- C:\ProgramData\Pinnacle Studio
2013-08-05 09:10:13 ----D---- C:\ProgramData\Pinnacle
2013-08-05 09:10:11 ----D---- C:\Program Files (x86)\Pinnacle
2013-08-04 17:39:38 ----D---- C:\Users\Bělis\AppData\Roaming\IrfanView

======List of files/folders modified in the last 1 month======

2013-09-03 20:03:39 ----D---- C:\Program Files\trend micro
2013-09-03 20:02:40 ----D---- C:\Windows\Temp
2013-09-03 19:59:05 ----D---- C:\Windows\inf
2013-09-03 19:59:05 ----D---- C:\Windows
2013-09-03 19:58:18 ----D---- C:\Users\Bělis\AppData\Roaming\Winamp
2013-09-03 19:58:18 ----D---- C:\Users\Bělis\AppData\Roaming\DAEMON Tools Pro
2013-09-03 19:58:11 ----D---- C:\Users\Bělis\AppData\Roaming\uTorrent
2013-09-03 19:57:43 ----D---- C:\Windows\debug
2013-09-03 19:57:13 ----D---- C:\Program Files\CCleaner
2013-09-03 19:10:47 ----D---- C:\Windows\system32\config
2013-09-03 18:58:20 ----SHD---- C:\System Volume Information
2013-09-03 18:49:30 ----D---- C:\Windows\System32
2013-09-03 18:49:30 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-09-03 10:46:42 ----D---- C:\Windows\system32\catroot2
2013-09-01 19:41:00 ----D---- C:\Users\Bělis\AppData\Roaming\vlc
2013-09-01 17:35:10 ----RD---- C:\Program Files (x86)
2013-09-01 17:35:06 ----D---- C:\Windows\system32\Tasks
2013-09-01 17:29:38 ----D---- C:\Windows\SysWOW64
2013-09-01 11:32:39 ----D---- C:\Users\Bělis\AppData\Roaming\TeamViewer
2013-08-31 22:08:01 ----D---- C:\Windows\system32\catroot
2013-08-31 16:02:07 ----RSD---- C:\Windows\Fonts
2013-08-31 16:01:48 ----D---- C:\Program Files (x86)\TeamViewer
2013-08-31 15:37:23 ----D---- C:\Windows\Prefetch
2013-08-31 15:24:21 ----D---- C:\Windows\system32\drivers
2013-08-31 15:24:20 ----D---- C:\Windows\system32\DriverStore
2013-08-31 15:22:26 ----D---- C:\Windows\Microsoft.NET
2013-08-31 15:06:20 ----SHD---- C:\Windows\Installer
2013-08-31 15:06:20 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-08-31 15:06:17 ----HD---- C:\Config.Msi
2013-08-31 15:05:49 ----D---- C:\Program Files (x86)\Samsung
2013-08-31 14:58:25 ----D---- C:\ProgramData\Microsoft Help
2013-08-29 20:14:14 ----D---- C:\Windows\rescache
2013-08-19 19:26:46 ----D---- C:\FOTO HTC
2013-08-19 16:43:25 ----RSD---- C:\Windows\assembly
2013-08-19 15:26:32 ----D---- C:\Windows\winsxs
2013-08-18 21:00:53 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-08-18 21:00:53 ----D---- C:\Windows\system32\cs-CZ
2013-08-18 21:00:52 ----D---- C:\Windows\AppPatch
2013-08-18 15:04:41 ----D---- C:\Windows\system32\MRT
2013-08-18 15:01:49 ----A---- C:\Windows\system32\MRT.exe
2013-08-15 16:58:44 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-09 09:34:48 ----D---- C:\Program Files (x86)\QIP 2012
2013-08-05 15:29:05 ----D---- C:\Games
2013-08-05 13:45:18 ----HD---- C:\ProgramData
2013-08-05 12:49:27 ----D---- C:\Program Files (x86)\Common Files
2013-08-05 11:25:22 ----D---- C:\TEMP
2013-08-05 09:58:00 ----D---- C:\Windows\AutoKMS
2013-08-05 09:47:13 ----D---- C:\Windows\Tasks
2013-08-05 09:14:43 ----D---- C:\Windows\SYSWOW64\drivers
2013-08-04 17:12:31 ----D---- C:\Program Files (x86)\Google

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 16440]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-06-18 247216]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2011-10-04 55952]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-12-20 526392]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 cdrbsdrv;cdrbsdrv; C:\Windows\system32\drivers\cdrbsdrv.sys [2006-08-25 39208]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-12-20 271424]
R1 truecrypt;truecrypt; C:\Windows\System32\drivers\truecrypt.sys [2011-02-01 230352]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 AODDriver4.01;AODDriver4.01; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2011-06-24 55424]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2011-02-15 314016]
R2 cpuz135;cpuz135; \??\C:\Windows\system32\drivers\cpuz135_x64.sys [2010-11-09 21992]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2011-02-15 43680]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-06-18 139616]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-12-06 10720256]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-12-06 327168]
R3 AODDriver2;AODDriver2; \??\C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [2010-07-01 52352]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-11-23 2565736]
R3 MarvinBus;Pinnacle Marvin Bus 64; C:\Windows\system32\DRIVERS\MarvinBus64.sys [2005-09-23 261120]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 25928]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2010-11-19 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2010-11-19 181248]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2013-05-10 82816]
R3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys [2010-05-24 253728]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 12288]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2009-12-22 38456]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2013-08-20 103576]
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\SysWOW64\FsUsbExDisk.SYS [2013-07-18 37344]
S3 GF0268;PS3 USB GAMEPAD; C:\Windows\system32\DRIVERS\GF0268.sys [2008-01-16 16432]
S3 gwiopm;gwiopm; \??\C:\Users\BLIS~1\AppData\Local\Temp\HBCD\gwiopm.sys []
S3 HTCAND64;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2009-11-01 33736]
S3 htcnprot;HTC NDIS Protocol Driver; C:\Windows\system32\DRIVERS\htcnprot.sys [2010-06-25 36928]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8192su.sys [2010-11-25 694888]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2013-08-20 204568]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2011-08-17 9216]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2010-11-20 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-08-17 9216]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2011-02-17 14464]
S3 WinUsb;Ovladač WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S3 WSDPrintDevice;Podpora tisku WSD prostřednictvím funkce UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-10 65640]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-12-06 235520]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-12-05 361984]
R2 bgsvcgen;B's Recorder GOLD Library General Service; C:\Windows\SysWOW64\bgsvcgen.exe [2007-06-15 145504]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 MBAMService;MBAMService; C:\programs\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
R2 MBAMScheduler;MBAMScheduler; C:\programs\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-06-20 23808]
R2 PassThru Service;Internet Pass-Through Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2011-03-31 80896]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-08-07 4308320]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-06-20 366600]
R3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 AODService;AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [2010-07-01 136616]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-06-07 136176]
S2 PCLEPCI;PCLEPCI; C:\Windows\SysWOW64\drivers\pclepci.sys [2005-02-09 14165]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-22 257416]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-06-07 136176]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\programs\Microsoft Office\Office14\GROOVE.EXE [2013-03-09 30798512]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-08-07 115608]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2011-03-21 632832]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-02-02 1255736]

-----------------EOF-----------------

Re: Prosím o kontrolu

Napsal: 04 zář 2013 03:59
od Márty84
Zdravim :)

:arrow: Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s
Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

Re: Prosím o kontrolu

Napsal: 04 zář 2013 21:00
od R1dd14k
Tak jsem spustil OTL podle návodu (jako správce) a po dokončení mi vyskočil nějaký error.
"Cannot create fileC:\User\Bělis\desktop\cmd.dat"

Zkusil jsem to znovu a nic. Bez toho zaškrtávání a vložení vlastního textu to fungovalo.

log OTL:

OTL logfile created on: 4.9.2013 21:26:27 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Bělis\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

8,00 Gb Total Physical Memory | 5,12 Gb Available Physical Memory | 63,98% Memory free
16,00 Gb Paging File | 12,79 Gb Available in Paging File | 79,93% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,66 Gb Total Space | 153,98 Gb Free Space | 33,07% Space Free | Partition Type: NTFS
Drive J: | 465,75 Gb Total Space | 269,32 Gb Free Space | 57,82% Space Free | Partition Type: NTFS

Computer Name: BĚLIS-PC | User Name: Bělis | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013.09.04 20:36:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Bělis\Desktop\OTL.exe
PRC - [2013.08.07 11:42:30 | 004,308,320 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2013.08.07 11:42:29 | 011,737,952 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
PRC - [2013.08.07 11:28:08 | 000,195,936 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
PRC - [2013.08.06 14:38:50 | 008,502,256 | ---- | M] (QIP) -- C:\Program Files (x86)\QIP 2012\qip.exe
PRC - [2013.07.26 14:43:52 | 000,844,656 | ---- | M] (Samsung) -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2013.07.26 14:43:44 | 001,564,016 | ---- | M] (Samsung) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe
PRC - [2013.06.05 19:28:40 | 027,370,808 | ---- | M] (Dropbox, Inc.) -- C:\Users\Bělis\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2013.05.10 09:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Programs\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013.04.04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Programs\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Programs\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012.07.11 10:38:24 | 002,905,464 | ---- | M] (Lamantine Software a.s.) -- C:\Programs\Sticky Password\stpass.exe
PRC - [2011.08.17 09:29:20 | 004,527,424 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Pro\DTAgent.exe
PRC - [2011.08.17 09:28:14 | 003,120,448 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe
PRC - [2011.03.31 17:08:14 | 000,080,896 | ---- | M] () -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
PRC - [2010.11.17 10:53:16 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2010.06.29 06:01:20 | 001,592,672 | ---- | M] (Nullsoft, Inc.) -- C:\Programs\Winamp\winamp.exe
PRC - [2009.02.03 11:32:28 | 003,550,592 | ---- | M] (Sysinternals - http://www.sysinternals.com) -- C:\Programs\Process Explorer\procexp.exe
PRC - [2007.06.15 12:57:42 | 000,145,504 | ---- | M] (B.H.A Corporation) -- C:\Windows\SysWOW64\bgsvcgen.exe


========== Modules (No Company Name) ==========

MOD - [2013.09.04 21:20:02 | 000,003,584 | ---- | M] () -- C:\Users\Bělis\AppData\Local\Temp\WLZ9B84.tmp\winampa.lng
MOD - [2013.09.04 21:20:02 | 000,003,584 | ---- | M] () -- C:\Users\Bělis\AppData\Local\Temp\WLZ9B84.tmp\ml_orb.lng
MOD - [2013.09.04 21:20:01 | 000,145,408 | ---- | M] () -- C:\Users\Bělis\AppData\Local\Temp\WLZ9B84.tmp\winamp.lng
MOD - [2013.09.04 21:20:01 | 000,142,336 | ---- | M] () -- C:\Users\Bělis\AppData\Local\Temp\WLZ9B84.tmp\vis_milk2.lng
MOD - [2013.09.04 21:20:01 | 000,084,480 | ---- | M] () -- C:\Users\Bělis\AppData\Local\Temp\WLZ9B84.tmp\vis_avs.lng
MOD - [2013.09.04 21:20:01 | 000,015,360 | ---- | M] () -- C:\Users\Bělis\AppData\Local\Temp\WLZ9B84.tmp\out_ds.lng
MOD - [2013.09.04 21:20:01 | 000,013,312 | ---- | M] () -- C:\Users\Bělis\AppData\Local\Temp\WLZ9B84.tmp\ml_wire.lng
MOD - [2013.09.04 21:20:01 | 000,009,728 | ---- | M] () -- C:\Users\Bělis\AppData\Local\Temp\WLZ9B84.tmp\pmp_usb.lng
MOD - [2013.09.04 21:20:01 | 000,009,728 | ---- | M] () -- C:\Users\Bělis\AppData\Local\Temp\WLZ9B84.tmp\pmp_android.lng
MOD - [2013.09.04 21:20:01 | 000,009,728 | ---- | M] () -- C:\Users\Bělis\AppData\Local\Temp\WLZ9B84.tmp\ombrowser.lng
MOD - [2013.09.04 21:20:01 | 000,007,168 | ---- | M] () -- C:\Users\Bělis\AppData\Local\Temp\WLZ9B84.tmp\vis_nsfs.lng
MOD - [2013.09.04 21:20:01 | 000,007,168 | ---- | M] () -- C:\Users\Bělis\AppData\Local\Temp\WLZ9B84.tmp\out_wave.lng
MOD - [2013.09.04 21:20:01 | 000,006,144 | ---- | M] () -- C:\Users\Bělis\AppData\Local\Temp\WLZ9B84.tmp\pmp_ipod.lng
MOD - [2013.09.04 21:20:01 | 000,006,144 | ---- | M] () -- C:\Users\Bělis\AppData\Local\Temp\WLZ9B84.tmp\out_disk.lng
MOD - [2013.09.04 21:20:01 | 000,005,632 | ---- | M] () -- C:\Users\Bělis\AppData\Local\Temp\WLZ9B84.tmp\tagz.lng
MOD - [2013.09.04 21:20:01 | 000,004,096 | ---- | M] () -- C:\Users\Bělis\AppData\Local\Temp\WLZ9B84.tmp\pmp_p4s.lng
MOD - [2013.09.04 21:20:01 | 000,004,096 | ---- | M] () -- C:\Users\Bělis\AppData\Local\Temp\WLZ9B84.tmp\pmp_activesync.lng
MOD - [2013.09.04 21:20:01 | 000,003,584 | ---- | M] () -- C:\Users\Bělis\AppData\Local\Temp\WLZ9B84.tmp\pmp_njb.lng
MOD - [2013.09.04 21:20:01 | 000,003,584 | ---- | M] () -- C:\Users\Bělis\AppData\Local\Temp\WLZ9B84.tmp\playlist.lng
MOD - [2013.09.04 21:20:00 | 000,050,176 | ---- | M] () -- C:\Users\Bělis\AppData\Local\Temp\WLZ9B84.tmp\ml_local.lng
MOD - [2013.09.04 21:20:00 | 000,042,496 | ---- | M] () -- C:\Users\Bělis\AppData\Local\Temp\WLZ9B84.tmp\ml_disc.lng
MOD - [2013.09.04 21:20:00 | 000,037,376 | ---- | M] () -- C:\Users\Bělis\AppData\Local\Temp\WLZ9B84.tmp\ml_pmp.lng
MOD - [2013.09.04 21:20:00 | 000,021,504 | ---- | M] () -- C:\Users\Bělis\AppData\Local\Temp\WLZ9B84.tmp\in_mp3.lng
MOD - [2013.09.04 21:20:00 | 000,013,824 | ---- | M] () -- C:\Users\Bělis\AppData\Local\Temp\WLZ9B84.tmp\in_wm.lng
MOD - [2013.09.04 21:20:00 | 000,013,312 | ---- | M] () -- C:\Users\Bělis\AppData\Local\Temp\WLZ9B84.tmp\ml_online.lng
MOD - [2013.09.04 21:20:00 | 000,012,288 | ---- | M] () -- C:\Users\Bělis\AppData\Local\Temp\WLZ9B84.tmp\ml_playlists.lng
MOD - [2013.09.04 21:20:00 | 000,010,752 | ---- | M] () -- C:\Users\Bělis\AppData\Local\Temp\WLZ9B84.tmp\in_vorbis.lng
MOD - [2013.09.04 21:20:00 | 000,010,752 | ---- | M] () -- C:\Users\Bělis\AppData\Local\Temp\WLZ9B84.tmp\in_nsv.lng
MOD - [2013.09.04 21:20:00 | 000,008,704 | ---- | M] () -- C:\Users\Bělis\AppData\Local\Temp\WLZ9B84.tmp\ml_downloads.lng
MOD - [2013.09.04 21:20:00 | 000,008,192 | ---- | M] () -- C:\Users\Bělis\AppData\Local\Temp\WLZ9B84.tmp\ml_history.lng
MOD - [2013.09.04 21:20:00 | 000,007,680 | ---- | M] () -- C:\Users\Bělis\AppData\Local\Temp\WLZ9B84.tmp\ml_plg.lng
MOD - [2013.09.04 21:20:00 | 000,007,168 | ---- | M] () -- C:\Users\Bělis\AppData\Local\Temp\WLZ9B84.tmp\ml_transcode.lng
MOD - [2013.09.04 21:20:00 | 000,006,656 | ---- | M] () -- C:\Users\Bělis\AppData\Local\Temp\WLZ9B84.tmp\ml_autotag.lng
MOD - [2013.09.04 21:20:00 | 000,006,144 | ---- | M] () -- C:\Users\Bělis\AppData\Local\Temp\WLZ9B84.tmp\in_wav.lng
MOD - [2013.09.04 21:20:00 | 000,005,632 | ---- | M] () -- C:\Users\Bělis\AppData\Local\Temp\WLZ9B84.tmp\in_wv.lng
MOD - [2013.09.04 21:20:00 | 000,005,632 | ---- | M] () -- C:\Users\Bělis\AppData\Local\Temp\WLZ9B84.tmp\in_wave.lng
MOD - [2013.09.04 21:20:00 | 000,005,120 | ---- | M] () -- C:\Users\Bělis\AppData\Local\Temp\WLZ9B84.tmp\ml_rg.lng
MOD - [2013.09.04 21:20:00 | 000,005,120 | ---- | M] () -- C:\Users\Bělis\AppData\Local\Temp\WLZ9B84.tmp\ml_impex.lng
MOD - [2013.09.04 21:20:00 | 000,005,120 | ---- | M] () -- C:\Users\Bělis\AppData\Local\Temp\WLZ9B84.tmp\ml_bookmarks.lng
MOD - [2013.09.04 21:20:00 | 000,004,608 | ---- | M] () -- C:\Users\Bělis\AppData\Local\Temp\WLZ9B84.tmp\in_mp4.lng
MOD - [2013.09.04 21:20:00 | 000,003,584 | ---- | M] () -- C:\Users\Bělis\AppData\Local\Temp\WLZ9B84.tmp\ml_nowplaying.lng
MOD - [2013.09.04 21:20:00 | 000,003,584 | ---- | M] () -- C:\Users\Bělis\AppData\Local\Temp\WLZ9B84.tmp\ml_addons.lng
MOD - [2013.09.04 21:20:00 | 000,003,584 | ---- | M] () -- C:\Users\Bělis\AppData\Local\Temp\WLZ9B84.tmp\in_swf.lng
MOD - [2013.09.04 21:19:59 | 000,058,880 | ---- | M] () -- C:\Users\Bělis\AppData\Local\Temp\WLZ9B84.tmp\burnlib.lng
MOD - [2013.09.04 21:19:59 | 000,036,864 | ---- | M] () -- C:\Users\Bělis\AppData\Local\Temp\WLZ9B84.tmp\gen_jumpex.lng
MOD - [2013.09.04 21:19:59 | 000,020,480 | ---- | M] () -- C:\Users\Bělis\AppData\Local\Temp\WLZ9B84.tmp\gen_ff.lng
MOD - [2013.09.04 21:19:59 | 000,019,968 | ---- | M] () -- C:\Users\Bělis\AppData\Local\Temp\WLZ9B84.tmp\in_midi.lng
MOD - [2013.09.04 21:19:59 | 000,019,968 | ---- | M] () -- C:\Users\Bělis\AppData\Local\Temp\WLZ9B84.tmp\gen_ml.lng
MOD - [2013.09.04 21:19:59 | 000,017,920 | ---- | M] () -- C:\Users\Bělis\AppData\Local\Temp\WLZ9B84.tmp\in_mod.lng
MOD - [2013.09.04 21:19:59 | 000,012,800 | ---- | M] () -- C:\Users\Bělis\AppData\Local\Temp\WLZ9B84.tmp\dsp_sps.lng
MOD - [2013.09.04 21:19:59 | 000,012,288 | ---- | M] () -- C:\Users\Bělis\AppData\Local\Temp\WLZ9B84.tmp\in_cdda.lng
MOD - [2013.09.04 21:19:59 | 000,010,240 | ---- | M] () -- C:\Users\Bělis\AppData\Local\Temp\WLZ9B84.tmp\gen_hotkeys.lng
MOD - [2013.09.04 21:19:59 | 000,010,240 | ---- | M] () -- C:\Users\Bělis\AppData\Local\Temp\WLZ9B84.tmp\auth.lng
MOD - [2013.09.04 21:19:59 | 000,009,728 | ---- | M] () -- C:\Users\Bělis\AppData\Local\Temp\WLZ9B84.tmp\enc_aacplus.lng
MOD - [2013.09.04 21:19:59 | 000,008,704 | ---- | M] () -- C:\Users\Bělis\AppData\Local\Temp\WLZ9B84.tmp\gen_timerestore.lng
MOD - [2013.09.04 21:19:59 | 000,007,168 | ---- | M] () -- C:\Users\Bělis\AppData\Local\Temp\WLZ9B84.tmp\gen_tray.lng
MOD - [2013.09.04 21:19:59 | 000,007,168 | ---- | M] () -- C:\Users\Bělis\AppData\Local\Temp\WLZ9B84.tmp\gen_orgler.lng
MOD - [2013.09.04 21:19:59 | 000,007,168 | ---- | M] () -- C:\Users\Bělis\AppData\Local\Temp\WLZ9B84.tmp\gen_crasher.lng
MOD - [2013.09.04 21:19:59 | 000,006,656 | ---- | M] () -- C:\Users\Bělis\AppData\Local\Temp\WLZ9B84.tmp\in_dshow.lng
MOD - [2013.09.04 21:19:59 | 000,006,144 | ---- | M] () -- C:\Users\Bělis\AppData\Local\Temp\WLZ9B84.tmp\enc_wma.lng
MOD - [2013.09.04 21:19:59 | 000,005,632 | ---- | M] () -- C:\Users\Bělis\AppData\Local\Temp\WLZ9B84.tmp\in_flac.lng
MOD - [2013.09.04 21:19:59 | 000,005,120 | ---- | M] () -- C:\Users\Bělis\AppData\Local\Temp\WLZ9B84.tmp\in_avi.lng
MOD - [2013.09.04 21:19:59 | 000,005,120 | ---- | M] () -- C:\Users\Bělis\AppData\Local\Temp\WLZ9B84.tmp\enc_lame.lng
MOD - [2013.09.04 21:19:59 | 000,004,608 | ---- | M] () -- C:\Users\Bělis\AppData\Local\Temp\WLZ9B84.tmp\in_mkv.lng
MOD - [2013.09.04 21:19:59 | 000,004,096 | ---- | M] () -- C:\Users\Bělis\AppData\Local\Temp\WLZ9B84.tmp\enc_vorbis.lng
MOD - [2013.09.04 21:19:59 | 000,004,096 | ---- | M] () -- C:\Users\Bělis\AppData\Local\Temp\WLZ9B84.tmp\enc_flac.lng
MOD - [2013.09.04 21:19:59 | 000,003,584 | ---- | M] () -- C:\Users\Bělis\AppData\Local\Temp\WLZ9B84.tmp\in_linein.lng
MOD - [2013.09.04 21:19:59 | 000,003,584 | ---- | M] () -- C:\Users\Bělis\AppData\Local\Temp\WLZ9B84.tmp\in_flv.lng
MOD - [2013.09.04 21:19:59 | 000,003,584 | ---- | M] () -- C:\Users\Bělis\AppData\Local\Temp\WLZ9B84.tmp\enc_wav.lng
MOD - [2013.08.24 19:49:53 | 000,410,576 | ---- | M] () -- C:\Users\Bělis\AppData\Local\Google\Chrome\Application\29.0.1547.62\ppgooglenaclpluginchrome.dll
MOD - [2013.08.24 19:49:52 | 013,594,064 | ---- | M] () -- C:\Users\Bělis\AppData\Local\Google\Chrome\Application\29.0.1547.62\PepperFlash\pepflashplayer.dll
MOD - [2013.08.24 19:49:51 | 004,053,456 | ---- | M] () -- C:\Users\Bělis\AppData\Local\Google\Chrome\Application\29.0.1547.62\pdf.dll
MOD - [2013.08.24 19:49:01 | 000,709,584 | ---- | M] () -- C:\Users\Bělis\AppData\Local\Google\Chrome\Application\29.0.1547.62\libglesv2.dll
MOD - [2013.08.24 19:49:00 | 000,099,792 | ---- | M] () -- C:\Users\Bělis\AppData\Local\Google\Chrome\Application\29.0.1547.62\libegl.dll
MOD - [2013.08.24 19:48:58 | 001,604,560 | ---- | M] () -- C:\Users\Bělis\AppData\Local\Google\Chrome\Application\29.0.1547.62\ffmpegsumo.dll
MOD - [2013.08.18 16:37:55 | 000,221,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\7bf3e4deef4483205017aa7b13194845\System.ServiceProcess.ni.dll
MOD - [2013.08.18 15:51:42 | 001,801,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\4d277a8481c203a35c58bd277a2e71df\System.Xaml.ni.dll
MOD - [2013.08.18 15:08:43 | 018,003,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\56a1feb800860a3bc5d8a45ee92a77ec\PresentationFramework.ni.dll
MOD - [2013.08.18 15:08:31 | 011,451,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\001aeb860d7f2ba416e0fedc606fee98\PresentationCore.ni.dll
MOD - [2013.08.18 15:08:25 | 007,070,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\c25ede0d0127774c504c4fc41d4de273\System.Core.ni.dll
MOD - [2013.08.18 15:08:22 | 005,628,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\884bcbd22130ebeb1211bc7bcc3910c9\System.Xml.ni.dll
MOD - [2013.08.18 15:08:21 | 003,858,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\b3ed31a444f444325ddb64b290ed2f1e\WindowsBase.ni.dll
MOD - [2013.08.18 15:08:20 | 001,014,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\df40dab689e9d8febfb943599ba79f8d\System.Configuration.ni.dll
MOD - [2013.08.18 15:08:19 | 009,099,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\de853615c8224ba5d9aa9b76276c6d98\System.ni.dll
MOD - [2013.08.06 14:40:28 | 000,881,136 | ---- | M] () -- C:\Program Files (x86)\QIP 2012\Protos\Social\Social.dll
MOD - [2013.08.06 14:40:20 | 000,519,152 | ---- | M] () -- C:\Program Files (x86)\QIP 2012\Protos\MRA\MRA.dll
MOD - [2013.08.06 14:39:46 | 001,072,624 | ---- | M] () -- C:\Program Files (x86)\QIP 2012\Protos\InfICQ\InfICQ.dll
MOD - [2013.08.06 14:39:32 | 000,700,400 | ---- | M] () -- C:\Program Files (x86)\QIP 2012\Plugins\qipweather\qipweather.dll
MOD - [2013.08.06 14:38:56 | 004,663,792 | ---- | M] () -- C:\Program Files (x86)\QIP 2012\Core\voip.dll
MOD - [2013.07.11 14:42:56 | 014,416,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\cf58670896c5313b9b52f026f4455a5d\mscorlib.ni.dll
MOD - [2013.04.04 01:09:40 | 004,300,456 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2013.03.13 22:48:52 | 024,978,944 | ---- | M] () -- C:\Users\Bělis\AppData\Roaming\Dropbox\bin\libcef.dll
MOD - [2012.11.14 01:32:50 | 003,558,400 | ---- | M] () -- C:\Users\Bělis\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2012.01.08 15:41:12 | 000,093,696 | ---- | M] () -- C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
MOD - [2011.02.02 00:41:28 | 000,047,616 | ---- | M] () -- C:\Programs\Winamp\zlib.dll
MOD - [2011.02.02 00:41:27 | 000,083,968 | ---- | M] () -- C:\Programs\Winamp\tataki.dll
MOD - [2011.02.02 00:41:26 | 000,090,112 | ---- | M] () -- C:\Programs\Winamp\System\xml.w5s
MOD - [2011.02.02 00:41:21 | 000,035,840 | ---- | M] () -- C:\Programs\Winamp\System\timer.w5s
MOD - [2011.02.02 00:41:20 | 000,021,504 | ---- | M] () -- C:\Programs\Winamp\System\tagz.w5s
MOD - [2011.02.02 00:41:20 | 000,013,824 | ---- | M] () -- C:\Programs\Winamp\System\primo.w5s
MOD - [2011.02.02 00:41:19 | 000,086,528 | ---- | M] () -- C:\Programs\Winamp\System\png.w5s
MOD - [2011.02.02 00:41:18 | 000,084,480 | ---- | M] () -- C:\Programs\Winamp\System\playlist.w5s
MOD - [2011.02.02 00:41:13 | 000,154,624 | ---- | M] () -- C:\Programs\Winamp\System\jpeg.w5s
MOD - [2011.02.02 00:41:12 | 000,623,104 | ---- | M] () -- C:\Programs\Winamp\System\jnetlib.w5s
MOD - [2011.02.02 00:41:08 | 000,016,384 | ---- | M] () -- C:\Programs\Winamp\System\gracenote.w5s
MOD - [2011.02.02 00:41:07 | 000,019,456 | ---- | M] () -- C:\Programs\Winamp\System\gif.w5s
MOD - [2011.02.02 00:41:06 | 000,014,336 | ---- | M] () -- C:\Programs\Winamp\System\filereader.w5s
MOD - [2011.02.02 00:41:04 | 000,019,456 | ---- | M] () -- C:\Programs\Winamp\System\bmp.w5s
MOD - [2011.02.02 00:41:04 | 000,016,896 | ---- | M] () -- C:\Programs\Winamp\System\dlmgr.w5s
MOD - [2011.02.02 00:41:03 | 000,174,080 | ---- | M] () -- C:\Programs\Winamp\System\auth.w5s
MOD - [2011.02.02 00:41:00 | 000,237,056 | ---- | M] () -- C:\Programs\Winamp\System\aacPlusDecoder.w5s
MOD - [2011.02.02 00:40:52 | 000,047,104 | ---- | M] () -- C:\Programs\Winamp\Plugins\pmp_usb.dll
MOD - [2011.02.02 00:40:50 | 000,115,200 | ---- | M] () -- C:\Programs\Winamp\Plugins\pmp_p4s.dll
MOD - [2011.02.02 00:40:49 | 000,135,680 | ---- | M] () -- C:\Programs\Winamp\Plugins\pmp_ipod.dll
MOD - [2011.02.02 00:40:49 | 000,020,992 | ---- | M] () -- C:\Programs\Winamp\Plugins\pmp_njb.dll
MOD - [2011.02.02 00:40:47 | 000,051,712 | ---- | M] () -- C:\Programs\Winamp\Plugins\pmp_android.dll
MOD - [2011.02.02 00:40:46 | 000,030,208 | ---- | M] () -- C:\Programs\Winamp\Plugins\pmp_activesync.dll
MOD - [2011.02.02 00:40:45 | 000,018,432 | ---- | M] () -- C:\Programs\Winamp\Plugins\out_wave.dll
MOD - [2011.02.02 00:40:44 | 000,051,200 | ---- | M] () -- C:\Programs\Winamp\Plugins\out_ds.dll
MOD - [2011.02.02 00:40:43 | 000,022,528 | ---- | M] () -- C:\Programs\Winamp\Plugins\out_disk.dll
MOD - [2011.02.02 00:40:40 | 000,031,232 | ---- | M] () -- C:\Programs\Winamp\Plugins\ml_transcode.dll
MOD - [2011.02.02 00:40:39 | 000,033,792 | ---- | M] () -- C:\Programs\Winamp\Plugins\ml_rg.dll
MOD - [2011.02.02 00:40:38 | 000,214,528 | ---- | M] () -- C:\Programs\Winamp\Plugins\ml_pmp.dll
MOD - [2011.02.02 00:40:37 | 000,061,952 | ---- | M] () -- C:\Programs\Winamp\Plugins\ml_plg.dll
MOD - [2011.02.02 00:40:36 | 000,082,944 | ---- | M] () -- C:\Programs\Winamp\Plugins\ml_playlists.dll
MOD - [2011.02.02 00:40:35 | 000,125,952 | ---- | M] () -- C:\Programs\Winamp\Plugins\ml_online.dll
MOD - [2011.02.02 00:40:34 | 000,291,328 | ---- | M] () -- C:\Programs\Winamp\Plugins\ml_local.dll
MOD - [2011.02.02 00:40:33 | 000,056,320 | ---- | M] () -- C:\Programs\Winamp\Plugins\ml_impex.dll
MOD - [2011.02.02 00:40:32 | 000,052,224 | ---- | M] () -- C:\Programs\Winamp\Plugins\ml_history.dll
MOD - [2011.02.02 00:40:30 | 000,199,680 | ---- | M] () -- C:\Programs\Winamp\Plugins\ml_disc.dll
MOD - [2011.02.02 00:40:29 | 000,027,648 | ---- | M] () -- C:\Programs\Winamp\Plugins\ml_bookmarks.dll
MOD - [2011.02.02 00:40:28 | 000,028,672 | ---- | M] () -- C:\Programs\Winamp\Plugins\ml_autotag.dll
MOD - [2011.02.02 00:40:24 | 000,312,320 | ---- | M] () -- C:\Programs\Winamp\Plugins\in_wm.dll
MOD - [2011.02.02 00:40:24 | 000,016,896 | ---- | M] () -- C:\Programs\Winamp\Plugins\in_wave.dll
MOD - [2011.02.02 00:40:23 | 000,216,576 | ---- | M] () -- C:\Programs\Winamp\Plugins\in_vorbis.dll
MOD - [2011.02.02 00:40:22 | 000,023,552 | ---- | M] () -- C:\Programs\Winamp\Plugins\in_swf.dll
MOD - [2011.02.02 00:40:21 | 000,074,752 | ---- | M] () -- C:\Programs\Winamp\Plugins\in_nsv.dll
MOD - [2011.02.02 00:40:20 | 000,050,176 | ---- | M] () -- C:\Programs\Winamp\Plugins\in_mp4.dll
MOD - [2011.02.02 00:40:19 | 000,285,184 | ---- | M] () -- C:\Programs\Winamp\Plugins\in_mp3.dll
MOD - [2011.02.02 00:40:19 | 000,164,352 | ---- | M] () -- C:\Programs\Winamp\Plugins\in_mod.dll
MOD - [2011.02.02 00:40:18 | 000,049,152 | ---- | M] () -- C:\Programs\Winamp\Plugins\in_mkv.dll
MOD - [2011.02.02 00:40:17 | 000,109,568 | ---- | M] () -- C:\Programs\Winamp\Plugins\in_midi.dll
MOD - [2011.02.02 00:40:15 | 000,007,168 | ---- | M] () -- C:\Programs\Winamp\Plugins\in_linein.dll
MOD - [2011.02.02 00:40:14 | 000,043,008 | ---- | M] () -- C:\Programs\Winamp\Plugins\in_flv.dll
MOD - [2011.02.02 00:40:13 | 000,059,904 | ---- | M] () -- C:\Programs\Winamp\Plugins\in_flac.dll
MOD - [2011.02.02 00:40:11 | 000,072,192 | ---- | M] () -- C:\Programs\Winamp\Plugins\in_dshow.dll
MOD - [2011.02.02 00:40:10 | 000,102,400 | ---- | M] () -- C:\Programs\Winamp\Plugins\in_cdda.dll
MOD - [2011.02.02 00:40:09 | 000,068,096 | ---- | M] () -- C:\Programs\Winamp\Plugins\in_avi.dll
MOD - [2011.02.02 00:40:08 | 000,057,344 | ---- | M] () -- C:\Programs\Winamp\Plugins\gen_orgler.dll
MOD - [2011.02.02 00:40:08 | 000,025,600 | ---- | M] () -- C:\Programs\Winamp\Plugins\gen_tray.dll
MOD - [2011.02.02 00:40:06 | 000,304,640 | ---- | M] () -- C:\Programs\Winamp\Plugins\gen_ml.dll
MOD - [2011.02.02 00:40:05 | 000,183,808 | ---- | M] () -- C:\Programs\Winamp\Plugins\gen_jumpex.dll
MOD - [2011.02.02 00:40:05 | 000,027,648 | ---- | M] () -- C:\Programs\Winamp\Plugins\gen_hotkeys.dll
MOD - [2011.02.02 00:40:04 | 001,735,680 | ---- | M] () -- C:\Programs\Winamp\Plugins\gen_ff.dll
MOD - [2011.02.02 00:40:02 | 000,340,992 | ---- | M] () -- C:\Programs\Winamp\Plugins\freeform\wacs\freetype\freetype.wac
MOD - [2011.02.02 00:39:56 | 000,053,248 | ---- | M] () -- C:\Programs\Winamp\nsutil.dll
MOD - [2011.02.02 00:39:55 | 000,075,776 | ---- | M] () -- C:\Programs\Winamp\nde.dll
MOD - [2011.02.02 00:39:54 | 000,252,928 | ---- | M] () -- C:\Programs\Winamp\libsndfile.dll
MOD - [2006.03.12 15:06:14 | 000,025,088 | ---- | M] () -- C:\Programs\Winamp\Plugins\gen_tips.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013.06.20 20:33:08 | 000,366,600 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2013.06.20 20:33:08 | 000,023,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2013.05.27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2011.12.06 05:11:56 | 000,235,520 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011.12.05 23:15:08 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013.08.07 17:20:25 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.08.07 11:42:30 | 004,308,320 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2013.07.22 17:35:02 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.05.10 09:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programs\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programs\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013.03.09 00:10:32 | 030,798,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\programs\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011.03.31 17:08:14 | 000,080,896 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2011.03.21 14:21:24 | 000,632,832 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010.07.01 05:45:02 | 000,136,616 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe -- (AODService)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007.06.15 12:57:42 | 000,145,504 | ---- | M] (B.H.A Corporation) [Auto | Running] -- C:\Windows\SysWOW64\bgsvcgen.exe -- (bgsvcgen)
SRV - [2007.05.31 18:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 18:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2005.02.09 12:59:00 | 000,014,165 | ---- | M] (Pinnacle Systems GmbH) [Auto | Stopped] -- C:\Windows\SysWOW64\drivers\Pclepci.sys -- (PCLEPCI)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013.08.20 07:02:12 | 000,204,568 | ---- | M] (DEVGURU Co., LTD.(http://www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2013.08.20 07:02:12 | 000,103,576 | ---- | M] (DEVGURU Co., LTD.(http://www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2013.06.18 21:50:08 | 000,139,616 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2013.05.10 10:07:32 | 000,082,816 | ---- | M] (VSO Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\pcouffin.sys -- (pcouffin)
DRV:64bit: - [2013.04.04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012.08.23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 16:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.12.20 14:39:29 | 000,271,424 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011.12.20 14:37:03 | 000,526,392 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2011.12.06 05:45:40 | 010,720,256 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011.12.06 04:12:14 | 000,327,168 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011.10.04 16:29:54 | 000,055,952 | ---- | M] (Rovi Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2011.08.17 10:58:26 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2011.08.17 10:58:22 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2011.08.17 10:58:20 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2011.08.17 10:58:16 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2011.06.24 07:31:02 | 000,055,424 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.01)
DRV:64bit: - [2011.06.10 06:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.02.17 02:53:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2011.02.15 17:41:07 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2011.02.15 17:41:06 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2011.02.01 23:30:05 | 000,230,352 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\truecrypt.sys -- (truecrypt)
DRV:64bit: - [2010.11.25 07:59:16 | 000,694,888 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTL8192su.sys -- (RTL8192su)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 12:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010.11.19 11:34:26 | 000,181,248 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010.11.19 11:34:26 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010.11.09 15:35:24 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz135_x64.sys -- (cpuz135)
DRV:64bit: - [2010.06.25 17:08:10 | 000,036,928 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\htcnprot.sys -- (htcnprot)
DRV:64bit: - [2010.05.24 14:07:58 | 000,253,728 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2010.02.18 10:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009.12.22 03:26:36 | 000,038,456 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2009.11.01 20:16:50 | 000,033,736 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009.07.14 02:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.05 03:00:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie)
DRV:64bit: - [2008.08.28 13:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2008.01.16 11:09:34 | 000,016,432 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GF0268.sys -- (GF0268)
DRV:64bit: - [2006.08.25 14:36:52 | 000,039,208 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\cdrbsdrv.sys -- (cdrbsdrv)
DRV:64bit: - [2005.09.23 22:18:34 | 000,261,120 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MarvinBus64.sys -- (MarvinBus)
DRV - [2013.07.18 07:34:28 | 000,037,344 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010.07.01 05:44:34 | 000,052,352 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys -- (AODDriver2)
DRV - [2009.11.12 16:16:10 | 000,012,672 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\GF0268.sys -- (GF0268)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1008635744-1587250215-2986164351-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\S-1-5-21-1008635744-1587250215-2986164351-1001\..\SearchScopes,DefaultScope = {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}
IE - HKU\S-1-5-21-1008635744-1587250215-2986164351-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-1008635744-1587250215-2986164351-1001\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = http://www.daemon-search.com/search/web?q={searchTerms}
IE - HKU\S-1-5-21-1008635744-1587250215-2986164351-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\programs\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\programs\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@stickypassword.com/Sticky Password: C:\Programs\Sticky Password\npspAutofill.dll (Lamantine Software a.s.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Bělis\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Bělis\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Bělis\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.08.07 17:20:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{54affe52-8223-453b-be1e-2fe2e250045c}: C:\Users\Bělis\AppData\Roaming\Lamantine\Sticky Password\spAutofill [2012.07.19 18:34:56 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.08.07 17:20:25 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2012.06.20 20:15:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bělis\AppData\Roaming\Mozilla\Extensions
[2013.06.17 16:17:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bělis\AppData\Roaming\Mozilla\Firefox\Profiles\7xmqw4co.default\extensions
[2013.08.07 17:19:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013.08.07 17:20:25 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013.08.07 17:20:03 | 000,002,421 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
[2013.08.07 17:20:03 | 000,000,851 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2013.08.07 17:20:03 | 000,001,580 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2013.08.07 17:20:03 | 000,000,867 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2013.08.07 17:20:03 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\B\u011Blis\AppData\Local\Google\Chrome\Application\29.0.1547.62\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\B\u011Blis\AppData\Local\Google\Chrome\Application\29.0.1547.62\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\B\u011Blis\AppData\Local\Google\Chrome\Application\29.0.1547.62\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Sticky Password (Enabled) = C:\Users\B\u011Blis\AppData\Local\Google\Chrome\User Data\Default\Extensions\offlaklpbgccmeobfnimdjapgolbfhad\5.0.4.232\npSPAutofill.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\programs\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\programs\MICROS~1\Office14\NPSPWRAP.DLL
CHR - Extension: YouTube = C:\Users\Bělis\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: History 2 = C:\Users\Bělis\AppData\Local\Google\Chrome\User Data\Default\Extensions\cahejgbbfgmlmjgdjlibphdjeldhagkp\0.6.0_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\Bělis\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: History Button = C:\Users\Bělis\AppData\Local\Google\Chrome\User Data\Default\Extensions\fofpnhmbgmmeaialapfddhbhfongoinh\1.0.1_0\
CHR - Extension: AdBlock = C:\Users\Bělis\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.6_0\
CHR - Extension: Porsche = C:\Users\Bělis\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkclphmapdcppbmekmbkcjfanpmoidpg\3_0\
CHR - Extension: Chrome In-App Payments service = C:\Users\Bělis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\
CHR - Extension: Sticky Password Autofill Engine = C:\Users\Bělis\AppData\Local\Google\Chrome\User Data\Default\Extensions\offlaklpbgccmeobfnimdjapgolbfhad\5.0.8.254\
CHR - Extension: Gmail = C:\Users\Bělis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2012.04.15 17:32:12 | 000,001,016 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 mp02.maniaplanet.com # Maniatrack
O1 - Hosts: 127.0.0.1 mp01.maniaplanet.com # Maniatrack
O1 - Hosts: 127.0.0.1 mp03.maniaplanet.com # Maniatrack
O1 - Hosts: 127.0.0.1 game.maniaplanet.com # Maniatrack
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programs\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programs\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKU\S-1-5-21-1008635744-1587250215-2986164351-1001\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKU\S-1-5-21-1008635744-1587250215-2986164351-1001\..\Toolbar\WebBrowser: (no name) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No CLSID value found.
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [BCSSync] C:\programs\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1008635744-1587250215-2986164351-1001..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKU\S-1-5-21-1008635744-1587250215-2986164351-1001..\Run: [DAEMON Tools Pro Agent] C:\Program Files\DAEMON Tools Pro\DTAgent.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1008635744-1587250215-2986164351-1001..\Run: [Infium] C:\Program Files (x86)\QIP 2012\qip.exe (QIP)
O4 - HKU\S-1-5-21-1008635744-1587250215-2986164351-1001..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKU\S-1-5-21-1008635744-1587250215-2986164351-1001..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung)
O4 - HKU\S-1-5-21-1008635744-1587250215-2986164351-1001..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O4 - HKU\S-1-5-21-1008635744-1587250215-2986164351-1001..\Run: [StickyPassword] C:\Programs\Sticky Password\stpass.exe (Lamantine Software a.s.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Bělis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Bělis\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Bělis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\procexp – zástupce.lnk = C:\Programs\Process Explorer\procexp.exe (Sysinternals - http://www.sysinternals.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-1008635744-1587250215-2986164351-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1008635744-1587250215-2986164351-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-1008635744-1587250215-2986164351-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Programs\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Programs\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.25.2)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.25.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{28E8DBC0-D7E8-4E3C-A017-B6E44C4F13C7}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6D56B3F8-F221-4B6B-8258-C9CF8FF55E15}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27:64bit: - HKLM IFEO\taskmgr.exe: Debugger - C:\PROGRAMS\PROCESS EXPLORER\PROCEXP.EXE (Sysinternals - http://www.sysinternals.com)
O27 - HKLM IFEO\taskmgr.exe: Debugger - C:\PROGRAMS\PROCESS EXPLORER\PROCEXP.EXE (Sysinternals - http://www.sysinternals.com)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programs\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013.08.05 09:15:36 | 000,000,107 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{2e738d71-c1ef-11e0-8908-000a3a83b02a}\Shell - "" = AutoRun
O33 - MountPoints2\{2e738d71-c1ef-11e0-8908-000a3a83b02a}\Shell\AutoRun\command - "" = E:\setup\rsrc\Autorun.exe
O33 - MountPoints2\{2e738d71-c1ef-11e0-8908-000a3a83b02a}\Shell\dinstall\command - "" = E:\Directx\dxsetup.exe
O33 - MountPoints2\{76c1c10d-2b07-11e1-8669-000a3a83b02a}\Shell - "" = AutoRun
O33 - MountPoints2\{76c1c10d-2b07-11e1-8669-000a3a83b02a}\Shell\AutoRun\command - "" = E:\setup.exe
O33 - MountPoints2\{a833deb2-b220-11e0-ae21-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{a833deb2-b220-11e0-ae21-806e6f6e6963}\Shell\AutoRun\command - "" = O:\unlock.exe autoplay=true
O33 - MountPoints2\{e133d5e2-4733-11e1-b4bd-000a3a83b02a}\Shell - "" = AutoRun
O33 - MountPoints2\{e133d5e2-4733-11e1-b4bd-000a3a83b02a}\Shell\AutoRun\command - "" = "M:\WD SmartWare.exe" autoplay=true
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013.09.04 20:36:07 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Bělis\Desktop\OTL.exe
[2013.08.31 15:39:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VLC Setup Helper
[2013.08.31 15:39:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2013.08.31 15:07:23 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\NativeFus_Log
[2013.08.31 15:07:23 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CrashDump
[2013.08.31 15:05:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec
[2013.08.31 15:05:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MyFree Codec
[2013.08.31 15:01:35 | 000,233,472 | ---- | C] (Teruten) -- C:\Windows\SysWow64\FsUsbExService.Exe
[2013.08.31 14:20:55 | 000,000,000 | ---D | C] -- C:\Users\Bělis\Desktop\SD card
[2013.08.27 20:29:32 | 000,000,000 | R--D | C] -- C:\Users\Bělis\Dropbox
[2013.08.27 20:26:25 | 000,000,000 | ---D | C] -- C:\Users\Bělis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
[2013.08.27 20:25:19 | 000,000,000 | ---D | C] -- C:\Users\Bělis\AppData\Roaming\Dropbox
[2013.08.26 19:13:23 | 000,000,000 | ---D | C] -- C:\Users\Bělis\Desktop\Camera - Tomáš S3
[2013.08.20 07:02:12 | 000,204,568 | ---- | C] (DEVGURU Co., LTD.(http://www.devguru.co.kr)) -- C:\Windows\SysNative\drivers\ssudmdm.sys
[2013.08.20 07:02:12 | 000,103,576 | ---- | C] (DEVGURU Co., LTD.(http://www.devguru.co.kr)) -- C:\Windows\SysNative\drivers\ssudbus.sys
[2013.08.18 15:00:40 | 001,888,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2013.08.18 15:00:40 | 001,620,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2013.08.18 15:00:35 | 001,472,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2013.08.18 15:00:35 | 000,224,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2013.08.18 15:00:34 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2013.08.18 15:00:24 | 001,217,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2013.08.18 15:00:23 | 003,913,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013.08.18 15:00:22 | 005,550,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013.08.18 15:00:22 | 003,968,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013.08.18 15:00:21 | 001,732,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2013.08.18 15:00:20 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2013.08.18 15:00:19 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013.08.18 15:00:19 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013.08.18 15:00:19 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013.08.18 15:00:18 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013.08.18 15:00:18 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013.08.07 17:19:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2011.04.10 23:05:04 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\Bělis\AppData\Roaming\pcouffin.sys
[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013.09.04 21:19:49 | 000,022,844 | ---- | M] () -- C:\Users\Bělis\Desktop\report.jpg
[2013.09.04 21:11:00 | 000,000,950 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.09.04 20:58:00 | 000,000,962 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1008635744-1587250215-2986164351-1001UA.job
[2013.09.04 20:48:05 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.09.04 20:40:11 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.09.04 20:36:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Bělis\Desktop\OTL.exe
[2013.09.04 20:04:03 | 000,021,200 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.09.04 20:04:03 | 000,021,200 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.09.04 20:02:41 | 001,470,298 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.09.04 20:02:41 | 000,631,276 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2013.09.04 20:02:41 | 000,616,032 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.09.04 20:02:41 | 000,121,930 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2013.09.04 20:02:41 | 000,106,412 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.09.04 19:58:30 | 000,000,946 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.09.04 19:58:00 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1008635744-1587250215-2986164351-1001Core.job
[2013.09.04 19:56:42 | 000,000,266 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job
[2013.09.04 19:56:35 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.09.04 19:56:31 | 2146,836,479 | -HS- | M] () -- C:\hiberfil.sys
[2013.09.03 19:58:54 | 000,070,112 | ---- | M] () -- C:\Users\Bělis\Documents\cc_20130903_195850.reg
[2013.09.01 09:19:33 | 000,416,656 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.08.28 20:43:24 | 000,114,960 | ---- | M] () -- C:\Users\Bělis\Desktop\Dejvice.JPG
[2013.08.28 20:39:39 | 000,159,024 | ---- | M] () -- C:\Users\Bělis\Desktop\Hanspaulka2.JPG
[2013.08.28 20:37:37 | 000,079,634 | ---- | M] () -- C:\Users\Bělis\Desktop\Hanspaulka1.JPG
[2013.08.27 20:26:57 | 000,001,049 | ---- | M] () -- C:\Users\Bělis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013.08.20 07:02:12 | 000,204,568 | ---- | M] (DEVGURU Co., LTD.(http://www.devguru.co.kr)) -- C:\Windows\SysNative\drivers\ssudmdm.sys
[2013.08.20 07:02:12 | 000,103,576 | ---- | M] (DEVGURU Co., LTD.(http://www.devguru.co.kr)) -- C:\Windows\SysNative\drivers\ssudbus.sys
[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013.09.04 21:18:49 | 000,022,844 | ---- | C] () -- C:\Users\Bělis\Desktop\report.jpg
[2013.09.04 20:40:11 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.09.03 19:58:52 | 000,070,112 | ---- | C] () -- C:\Users\Bělis\Documents\cc_20130903_195850.reg
[2013.08.31 16:02:02 | 000,001,102 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 8.lnk
[2013.08.31 15:01:35 | 000,110,592 | ---- | C] () -- C:\Windows\SysWow64\FsUsbExDevice.Dll
[2013.08.31 15:01:35 | 000,037,344 | ---- | C] () -- C:\Windows\SysWow64\FsUsbExDisk.Sys
[2013.08.28 20:43:24 | 000,114,960 | ---- | C] () -- C:\Users\Bělis\Desktop\Dejvice.JPG
[2013.08.28 20:39:39 | 000,159,024 | ---- | C] () -- C:\Users\Bělis\Desktop\Hanspaulka2.JPG
[2013.08.28 20:37:37 | 000,079,634 | ---- | C] () -- C:\Users\Bělis\Desktop\Hanspaulka1.JPG
[2013.08.27 20:26:57 | 000,001,049 | ---- | C] () -- C:\Users\Bělis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2012.04.16 12:15:07 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2012.02.25 20:58:14 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe
[2012.01.14 19:27:48 | 000,046,971 | ---- | C] () -- C:\Windows\War3Unin.dat
[2011.12.05 23:04:00 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll
[2011.12.05 23:03:52 | 000,054,784 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011.11.22 18:23:01 | 000,004,561 | ---- | C] () -- C:\Users\Bělis\.recently-used.xbel
[2011.11.10 04:36:06 | 000,204,960 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2011.11.10 04:36:06 | 000,157,152 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2011.10.25 22:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll
[2011.09.13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011.04.10 23:05:27 | 000,001,057 | ---- | C] () -- C:\Users\Bělis\AppData\Roaming\vso_ts_preview.xml
[2011.04.10 23:05:04 | 000,099,384 | ---- | C] () -- C:\Users\Bělis\AppData\Roaming\inst.exe
[2011.04.10 23:05:04 | 000,007,859 | ---- | C] () -- C:\Users\Bělis\AppData\Roaming\pcouffin.cat
[2011.04.10 23:05:04 | 000,001,167 | ---- | C] () -- C:\Users\Bělis\AppData\Roaming\pcouffin.inf
[2011.02.16 23:28:59 | 000,000,644 | RHS- | C] () -- C:\Users\Bělis\ntuser.pol
[2011.02.11 00:11:25 | 000,009,216 | ---- | C] () -- C:\Users\Bělis\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.02.03 00:42:00 | 000,038,417 | ---- | C] () -- C:\Users\Bělis\AppData\Roaming\Hodnoty oddělené čárkami (Windows).ADR
[2011.02.03 00:40:26 | 000,009,295 | ---- | C] () -- C:\Users\Bělis\AppData\Roaming\Hodnoty oddělené čárkami (Windows).EML
[2011.02.03 00:23:22 | 000,004,096 | -H-- | C] () -- C:\Users\Bělis\AppData\Local\keyfile3.drm

========== ZeroAccess Check ==========

[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2011.04.07 14:30:19 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\Atari
[2012.03.12 20:49:21 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\Audacity
[2011.11.29 09:21:58 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\DAEMON Tools Lite
[2013.09.03 19:58:18 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\DAEMON Tools Pro
[2013.02.21 19:05:39 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\Darq Software
[2013.09.04 19:58:55 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\Dropbox
[2012.10.30 22:04:26 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\FileZilla
[2012.06.10 19:05:18 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\GHISLER
[2011.09.27 16:04:18 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\gtk-2.0
[2013.08.04 17:39:38 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\IrfanView
[2011.08.28 16:07:01 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\Lamantine
[2011.08.29 10:46:39 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\Mp3tag
[2011.02.15 21:06:58 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\Nokia
[2011.02.15 21:04:57 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\Nokia Ovi Suite
[2011.02.01 16:18:30 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\Opera
[2012.08.06 17:38:26 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\Orbit
[2011.02.11 00:07:24 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\PC Suite
[2012.08.06 17:13:09 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\ProgSense
[2013.02.24 13:07:34 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\QIP
[2012.04.24 09:36:34 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\Rovio
[2011.05.23 21:58:33 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\Samsung
[2013.09.01 11:32:39 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\TeamViewer
[2011.09.27 16:51:48 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\The Creative Assembly
[2011.11.27 19:12:16 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\TrueCrypt
[2011.02.02 10:10:59 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\TuneUp Software
[2013.06.29 17:48:47 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\Unity
[2013.09.03 19:58:11 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\uTorrent
[2011.02.02 09:57:33 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\VitySoft
[2013.06.09 17:26:56 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\Vso
[2012.02.01 18:58:56 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\WB Games
[2013.07.08 18:13:54 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\YoudaGames
[2011.12.21 12:59:59 | 000,000,000 | ---D | M] -- C:\Users\Games\AppData\Roaming\DAEMON Tools Pro
[2011.05.24 18:19:35 | 000,000,000 | ---D | M] -- C:\Users\Games\AppData\Roaming\PC Suite
[2012.10.12 14:49:31 | 000,000,000 | ---D | M] -- C:\Users\Games\AppData\Roaming\TeamViewer

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 143 bytes -> C:\Users\Bělis\AppData\Roaming\Hodnoty oddělené čárkami (Windows).EML:OECustomProperty

< End of report >

Re: Prosím o kontrolu

Napsal: 04 zář 2013 21:00
od R1dd14k
log Extras:

OTL Extras logfile created on: 4.9.2013 21:26:27 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Bělis\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

8,00 Gb Total Physical Memory | 5,12 Gb Available Physical Memory | 63,98% Memory free
16,00 Gb Paging File | 12,79 Gb Available in Paging File | 79,93% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,66 Gb Total Space | 153,98 Gb Free Space | 33,07% Space Free | Partition Type: NTFS
Drive J: | 465,75 Gb Total Space | 269,32 Gb Free Space | 57,82% Space Free | Partition Type: NTFS

Computer Name: BĚLIS-PC | User Name: Bělis | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)

[HKEY_USERS\S-1-5-21-1008635744-1587250215-2986164351-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML.PJKOXWZPOM2YDYQMYGOO7ZPXII] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [DirList] -- C:\Program Files (x86)\DirLister\DirLister.exe "%1" (DukeLupus)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Mp3tag] -- "C:\Program Files (x86)\Mp3tag\Mp3tag.exe" "/fp:%1" (Florian Heidenreich)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "C:\Programs\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Programs\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Programs\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [DirList] -- C:\Program Files (x86)\DirLister\DirLister.exe "%1" (DukeLupus)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Mp3tag] -- "C:\Program Files (x86)\Mp3tag\Mp3tag.exe" "/fp:%1" (Florian Heidenreich)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "C:\Programs\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Programs\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Programs\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0C513F34-EAE0-43F0-B93E-0218EB4D98F5}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{17FD6F3C-C577-4D14-9E82-F358A1F2FBA5}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{21655DE5-76D7-41C2-B964-6D27298F0F5A}" = rport=137 | protocol=17 | dir=out | app=system |
"{22A82A0E-9AD7-4043-8DB3-3284B9123790}" = lport=137 | protocol=17 | dir=in | app=system |
"{3C21E509-E4D8-41B7-A5F9-B29763A24D05}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{41F0947F-C5D9-435C-8BC8-D6313672E60B}" = rport=445 | protocol=6 | dir=out | app=system |
"{43BB4DF9-809E-485E-978F-3BEF2D439372}" = lport=10243 | protocol=6 | dir=in | app=system |
"{5ACE1903-BAD4-4771-B3CC-7D4BDA0F144A}" = lport=6004 | protocol=17 | dir=in | app=c:\programs\microsoft office\office14\outlook.exe |
"{6398A050-555B-4B96-9943-F4E82016E2BB}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{646B631B-3639-468B-88E7-122FDC105BEE}" = lport=445 | protocol=6 | dir=in | app=system |
"{743C0299-1717-48A1-AF5D-0F019E457266}" = lport=138 | protocol=17 | dir=in | app=system |
"{8058260F-F4DD-402F-984E-01805D3D6AA2}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{962982A2-92F1-4940-8654-8DF546F62AE2}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{ACB4C568-C003-480E-9574-81B4A8F3D981}" = rport=139 | protocol=6 | dir=out | app=system |
"{B31866D8-649F-4A51-96EF-301F949A5ECD}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{B42BA943-7528-4812-9CD6-49434DAB2AB3}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B49A4A66-F2F1-46D1-9162-6CFD93F8120B}" = lport=139 | protocol=6 | dir=in | app=system |
"{BAFC6C43-CC00-4DBB-B224-123290CCC7A2}" = rport=10243 | protocol=6 | dir=out | app=system |
"{BEAF37FB-55EB-45D0-A544-9C75FEA56A72}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C52B6023-214A-4B83-B7DC-AE9BF55AADEA}" = rport=138 | protocol=17 | dir=out | app=system |
"{DCC07268-66B5-4735-A9EB-FFA0E38D8DC8}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E4C900CF-CCF7-4253-8F21-B31CF02E36A1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{EE97CD7D-7F4B-485E-BFB7-27F18AFA3CCE}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FF1D2DCA-13AA-45AE-9106-A7B7FF1A0763}" = lport=2869 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01D79D3F-F422-4D09-AC19-2EBB6F3F8474}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{0283B6BA-4BCD-473E-935C-F165FD102AD9}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{05022CE5-EA18-4C09-B598-F66EDCF6C4A1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0B5938B7-69E6-4DC8-9D9E-06BDFA56FEEA}" = protocol=6 | dir=out | app=system |
"{0B774129-099E-47EE-AD4F-2E451DCA3591}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{1007C0F2-A4F9-4A58-9828-84D8BF350E90}" = protocol=6 | dir=in | app=c:\program files\hp\hp deskjet 3050 j610 series\bin\hpnetworkcommunicator.exe |
"{1888AD9D-7E20-4620-AF75-52BF15F3225F}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{1A42A28D-D476-447F-AB89-818ED6B1D304}" = protocol=17 | dir=in | app=c:\games\need for speed(tm) hot pursuit\launcher.exe |
"{237C5030-6CE3-45D5-858C-9DA38C2CFDC6}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{24ADAE58-95D9-4DB5-86C1-1B7F6CE6162F}" = protocol=6 | dir=in | app=c:\games\batman arkham asylum\binaries\shippingpc-bmgame.exe |
"{2771AEA3-B2AC-4F54-827F-6408E087209D}" = protocol=17 | dir=in | app=c:\games\flatout ultimate carnage\fouc.exe |
"{295D7DEE-DDCF-4CB2-89CB-F475E8DE0D84}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2A78FB44-FC0F-4E9B-BC61-F35D368B1BE4}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{2C656CFF-4C87-4294-B66C-A07103607868}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{2FE75BEE-C245-4D1B-8CA1-706F30C9487A}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 15\programs\studio.exe |
"{32B0BCEE-B481-4F36-8E00-ECBFB7B064E1}" = dir=in | app=c:\program files (x86)\hobbyist software\vlc setup helper\vlc setup helper.exe |
"{38C929FD-787E-45C8-AE34-73AF09B52CA3}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{396FA7CD-BB04-47DA-968D-71A182A35944}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 15\programs\rm.exe |
"{3E65D63B-83D5-46B2-AD3E-EA6627592384}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{42A30258-4E24-452F-9E97-AE8A2E5CFD95}" = dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe |
"{4A3720E3-426F-4E2D-860A-9AFBB10B439F}" = protocol=6 | dir=in | app=c:\games\need for speed(tm) hot pursuit\launcher.exe |
"{4B58C6FF-CEC6-48D8-B67D-32B09E9C616B}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{4C060FC5-C4B2-4ECD-BD8A-DB06E4BA6D43}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4C9242A9-C90B-4BB1-A807-338CFCB1750A}" = protocol=6 | dir=in | app=c:\games\rockstar games\rockstar games social club\rgsclauncher.exe |
"{5281F251-506B-48E4-A13A-CC22A0B01398}" = protocol=17 | dir=in | app=c:\games\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{5F7FD6E7-143D-4900-8D21-C80BB576EF17}" = protocol=17 | dir=in | app=c:\games\rockstar games\rockstar games social club\rgsclauncher.exe |
"{66FCB3AC-3E1C-496E-A81E-E2045DFE1496}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{6C6C1F6F-5F3A-4A02-AFE6-D2C7BF0066F1}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 15\programs\studio.exe |
"{77CB975C-4674-4FFC-825F-31308D85CB15}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{7858BD79-FD85-4D62-82F9-56FF0FD4BB71}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7C4D422D-08AF-477F-8B9F-671F1192ABAF}" = protocol=6 | dir=in | app=c:\games\flatout ultimate carnage\fouc.exe |
"{80DFA041-BED0-4731-82C9-900E35D03613}" = protocol=17 | dir=in | app=c:\games\prototype\prototypef.exe |
"{820CB213-EE3D-4F66-AA5D-B329F3279D1A}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{8401C9AC-1273-42A5-9D8E-CB67D0359BFE}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 15\programs\rm.exe |
"{8E4F5FEB-2599-4EF4-8ACF-EE998469E969}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{910F8DE3-60DF-4E3F-B492-6F075716C7DE}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 15\programs\umi.exe |
"{927BF082-DA86-49F7-BB9D-50E7424412D1}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{944A8AC2-3A4F-43B9-A016-217698915252}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{95B9C9F6-9064-43E9-AA5F-D5A240EBEC8F}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 15\programs\umi.exe |
"{9C027D58-3ADA-476F-A999-9ADA25407966}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{9EFEF4AE-E423-4E1F-91B9-925673BE495B}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{9FB9D7F0-C82A-4AA0-964A-350B27B076D9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{A8EEF1C6-4B77-4ABC-9267-53EF2C23C990}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{AAF88D99-1499-43EA-90B0-FB4839794343}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{B07B1A39-DB99-4446-AAA0-D36ECB88E132}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B0B11BC1-C1D1-4A1A-8F7D-D633BB2992F9}" = protocol=6 | dir=in | app=c:\program files\hp\hp deskjet 3050 j610 series\bin\devicesetup.exe |
"{B2942E60-06AF-42EF-B8C2-D3144E6C7F46}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B42F7050-F80A-401C-9399-54FD9B17853E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C3338D91-139C-415D-989E-8F1D60CD3E18}" = protocol=6 | dir=in | app=c:\users\bělis\appdata\roaming\dropbox\bin\dropbox.exe |
"{C94FF3F0-C754-4D84-8899-C2D8BE212D03}" = protocol=6 | dir=in | app=c:\games\frontlines-fuel of war\binaries\ffow.exe |
"{CBB92AD6-1AC9-48D8-8A06-7C824DFA89BA}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{CBE1885C-2122-4C92-8E1A-326029AEC138}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{CEB32AE2-2200-46BE-BB6D-DCA899760057}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{D244290C-AC20-4FEE-99EF-B8A5101B91BB}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{D74798F3-FAFA-42AB-9D37-B54E7D1BEAB1}" = protocol=17 | dir=in | app=c:\users\bělis\appdata\roaming\dropbox\bin\dropbox.exe |
"{DB9FA861-6212-4052-9269-927C9BE36658}" = protocol=6 | dir=in | app=c:\games\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{E5BB3679-D720-48E8-8312-22462C60EAFC}" = protocol=6 | dir=in | app=c:\games\prototype\prototypef.exe |
"{EE9AB4DA-08F8-41E9-A2DA-B0A4B088CA10}" = protocol=17 | dir=in | app=c:\program files\hp\hp deskjet 3050 j610 series\bin\hpnetworkcommunicator.exe |
"{F362BC4C-0275-4895-B200-A18F36638609}" = protocol=17 | dir=in | app=c:\program files\hp\hp deskjet 3050 j610 series\bin\devicesetup.exe |
"{F45D5F34-5DD1-45FC-9C96-0F8DCDBE64E5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F634F31F-FDBD-473D-816A-4C6648F1A107}" = protocol=6 | dir=in | app=c:\programs\microsoft office\office14\groove.exe |
"{F6D07012-7F15-42D1-9043-63FB69FDEA25}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F89EF2E1-DF38-451A-AEF9-0BE902201D35}" = protocol=17 | dir=in | app=c:\games\batman arkham asylum\binaries\shippingpc-bmgame.exe |
"{F91B0ECC-2533-44C9-80D7-5A2AFD2AA734}" = protocol=17 | dir=in | app=c:\games\frontlines-fuel of war\binaries\ffow.exe |
"{FA988086-D888-4289-B248-B27B9E9E5D1D}" = protocol=17 | dir=in | app=c:\programs\microsoft office\office14\groove.exe |
"TCP Query User{4CA72A8D-800A-4AAD-97F4-D09E17D4A58D}C:\program files (x86)\filezilla ftp client\filezilla.exe" = protocol=6 | dir=in | app=c:\program files (x86)\filezilla ftp client\filezilla.exe |
"TCP Query User{4FFC7F2C-6D22-4829-B508-087D9F1B41E5}C:\games\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=c:\games\rockstar games\grand theft auto iv\gtaiv.exe |
"TCP Query User{5965FFE3-0D86-4AB5-8C75-5B439073DCC5}C:\games\portal 2\portal2.exe" = protocol=6 | dir=in | app=c:\games\portal 2\portal2.exe |
"TCP Query User{7921B878-0D45-4597-A6C5-541760D30AAB}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=6 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe |
"TCP Query User{8303B83E-FF48-4824-9A7D-ABEB152786DD}C:\games\nail'd\naild_x86.exe" = protocol=6 | dir=in | app=c:\games\nail'd\naild_x86.exe |
"TCP Query User{834AF9C2-C641-4B53-AC0A-E7E6673511ED}C:\program files\hp\hp deskjet 3050 j610 series\bin\hpnetworkcommunicator.exe" = protocol=6 | dir=in | app=c:\program files\hp\hp deskjet 3050 j610 series\bin\hpnetworkcommunicator.exe |
"TCP Query User{8EBB31A7-4F1E-403D-91F3-DF82E8DDD275}C:\games\need for speed(tm) hot pursuit\nfs11.exe" = protocol=6 | dir=in | app=c:\games\need for speed(tm) hot pursuit\nfs11.exe |
"TCP Query User{9E3260AD-509E-4987-8A30-EC3EB1591A0B}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{A0151E79-7A4A-4CD9-B540-3FF2A0F3BD36}C:\games\batman arkham city\binaries\win32\batmanac.exe" = protocol=6 | dir=in | app=c:\games\batman arkham city\binaries\win32\batmanac.exe |
"TCP Query User{A996D9E5-8D7D-40C8-B7A5-8DE6411C3E29}C:\games\baboviolent 2\bv2.exe" = protocol=6 | dir=in | app=c:\games\baboviolent 2\bv2.exe |
"TCP Query User{ABEB83F0-0114-4366-8E0D-4C93636E5B14}C:\program files (x86)\hobbyist software\vlc setup helper\mdnsresponder.exe" = protocol=6 | dir=in | app=c:\program files (x86)\hobbyist software\vlc setup helper\mdnsresponder.exe |
"TCP Query User{B79B7D1E-24FD-4AC1-BF2E-40B65FCABBFF}C:\games\shift 2 unleashed\shift2u.exe" = protocol=6 | dir=in | app=c:\games\shift 2 unleashed\shift2u.exe |
"TCP Query User{C5AF3D0E-62F5-4F24-A7D1-5921A57B6F03}C:\program files (x86)\qip 2012\qip.exe" = protocol=6 | dir=in | app=c:\program files (x86)\qip 2012\qip.exe |
"TCP Query User{CF36496D-53BF-48B6-A6B8-03E861367F89}C:\games\crytek\crysis 2\bin32\crysis2.exe" = protocol=6 | dir=in | app=c:\games\crytek\crysis 2\bin32\crysis2.exe |
"TCP Query User{D113CD3C-D085-4A89-A79F-FF76D4C83F70}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"TCP Query User{E8C0DEF5-C97F-4A75-97A6-2C2445E6483F}C:\games\maniaplanet\maniaplanet.exe" = protocol=6 | dir=in | app=c:\games\maniaplanet\maniaplanet.exe |
"TCP Query User{EF7E5304-3945-4C0D-A9AE-DF856BE67A29}C:\games\tmnationsforever\tmforever.exe" = protocol=6 | dir=in | app=c:\games\tmnationsforever\tmforever.exe |
"TCP Query User{FF19A5B3-1A50-4CFB-BD0C-F45A863B598D}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{00CABC9C-52B9-4AD1-80BF-D88D67D267EA}C:\games\maniaplanet\maniaplanet.exe" = protocol=17 | dir=in | app=c:\games\maniaplanet\maniaplanet.exe |
"UDP Query User{06BA0BBF-D08C-4F0B-A619-8FD7C23BFD0C}C:\program files\hp\hp deskjet 3050 j610 series\bin\hpnetworkcommunicator.exe" = protocol=17 | dir=in | app=c:\program files\hp\hp deskjet 3050 j610 series\bin\hpnetworkcommunicator.exe |
"UDP Query User{22071352-017D-4777-8443-2E8C044C742B}C:\games\nail'd\naild_x86.exe" = protocol=17 | dir=in | app=c:\games\nail'd\naild_x86.exe |
"UDP Query User{37A39D23-E93C-48D2-92D6-C0476F105C13}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{3A4FAC05-E1C2-493C-976A-45A29F690343}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"UDP Query User{416152AF-93FA-4AFD-90C0-ED8DCB4E130C}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{44F14996-792D-42F7-BDFD-4A1F372E3430}C:\program files (x86)\hobbyist software\vlc setup helper\mdnsresponder.exe" = protocol=17 | dir=in | app=c:\program files (x86)\hobbyist software\vlc setup helper\mdnsresponder.exe |
"UDP Query User{51E8CCE4-42EA-4104-A243-3FAAF5C3EF44}C:\games\tmnationsforever\tmforever.exe" = protocol=17 | dir=in | app=c:\games\tmnationsforever\tmforever.exe |
"UDP Query User{69E64A09-C7DB-4BBD-8E20-9FD908666AF5}C:\games\portal 2\portal2.exe" = protocol=17 | dir=in | app=c:\games\portal 2\portal2.exe |
"UDP Query User{9F8B7390-6838-4332-882A-D4BC81B2054E}C:\games\batman arkham city\binaries\win32\batmanac.exe" = protocol=17 | dir=in | app=c:\games\batman arkham city\binaries\win32\batmanac.exe |
"UDP Query User{B360FAD6-EF79-4AA0-8751-AA0DA8A9FE53}C:\program files (x86)\filezilla ftp client\filezilla.exe" = protocol=17 | dir=in | app=c:\program files (x86)\filezilla ftp client\filezilla.exe |
"UDP Query User{B65A6050-9145-46CC-BECF-743CF16778EE}C:\games\crytek\crysis 2\bin32\crysis2.exe" = protocol=17 | dir=in | app=c:\games\crytek\crysis 2\bin32\crysis2.exe |
"UDP Query User{B715600B-18F2-4089-AA8C-2448A8206A6B}C:\games\need for speed(tm) hot pursuit\nfs11.exe" = protocol=17 | dir=in | app=c:\games\need for speed(tm) hot pursuit\nfs11.exe |
"UDP Query User{B7E58947-D7FC-4718-8DE9-A7C472812178}C:\games\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=c:\games\rockstar games\grand theft auto iv\gtaiv.exe |
"UDP Query User{B8B42540-36C3-446B-872A-ACE009DEDDA8}C:\program files (x86)\qip 2012\qip.exe" = protocol=17 | dir=in | app=c:\program files (x86)\qip 2012\qip.exe |
"UDP Query User{D4F6ED60-50E7-440C-A7F5-8EA1E25041AB}C:\games\shift 2 unleashed\shift2u.exe" = protocol=17 | dir=in | app=c:\games\shift 2 unleashed\shift2u.exe |
"UDP Query User{D9F78924-C16B-4F08-9AC8-3EE987755A2D}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=17 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe |
"UDP Query User{FEAD7B23-BE51-4A7D-8FCA-2B79841A0AF2}C:\games\baboviolent 2\bv2.exe" = protocol=17 | dir=in | app=c:\games\baboviolent 2\bv2.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{17CA32D1-73BD-4990-B8F6-369D8D34B05D}" = Microsoft Antimalware Service CS-CZ Language Pack
"{27726449-83B8-428D-92DE-101346C1E15C}" = Microsoft Security Client
"{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1" = Media Player Classic - Home Cinema v1.5.2.3456 x64
"{2B78AE89-E8D1-4B88-A74A-F59D2331C5AA}" = Základní software zařízení HP Deskjet 3050 J610 series
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Centrum zařízení Windows Mobile
"{6DE721A5-5E89-4D74-994C-652BB3C0672E}" = Ovladače videa společnosti Pinnacle
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2010
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{9E3B2120-0BD8-9865-0387-E9BAC2A53AD3}" = ccc-utility64
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{ABE286AE-C65D-B7DE-C8D1-DF79584169B4}" = AMD Fuel
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BE882A12-5A45-3DFF-9FD0-306DE65EB8A5}" = AMD Catalyst Install Manager
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}" = Microsoft SQL Server Compact 3.5 SP2 x64 ENU
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client CS-CZ Language Pack
"{EE269999-1AB7-7B39-7944-513CF3426CB8}" = AMD Drag and Drop Transcoding
"{EF393943-0CCE-9CD9-6181-96DF4E4428EF}" = AMD Media Foundation Decoders
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"6DA48AFDE796708D5A4C9121A83E7617A63A9A15" = Balíček ovladače systému Windows - Nokia Modem (10/07/2010 4.6)
"CCleaner" = CCleaner
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.58
"DAEMON Tools Pro_is1" = DAEMON Tools Pro 4.41.0315.0262
"E5372C32E8562C76C24DBA6525002B1031495F34" = Balíček ovladače systému Windows - Nokia Modem (06/09/2010 7.01.0.8)
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"KLiteCodecPack64_is1" = K-Lite Codec Pack 5.6.0 (64-bit)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft Security Client" = Microsoft Security Essentials
"Recuva" = Recuva
"WinRAR archiver" = WinRAR

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{0D97F8D1-2102-53D2-5633-C992D6086801}" = CCC Help Chinese Traditional
"{0EA00EA7-42C0-ED9C-9110-2C04B8EDBA66}" = CCC Help Italian
"{0EB86B70-91FF-39BF-633C-785DF2218CC6}" = CCC Help French
"{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration
"{12C85315-0989-4C28-8956-33458F464DD6}" = The Chronicles of Riddick - Assault on Dark Athena
"{1362E602-9625-42D3-B57F-CDA9D26F9DA8}" = Pinnacle Studio 15
"{1686C07D-C2BB-A8B2-C5ED-32C4EE1A3E62}" = CCC Help Spanish
"{18B6A9F8-25BC-5978-6B42-A50FA2CABC18}" = CCC Help English
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1D5EB783-25F8-495B-8B01-DE6D1BFBB8B4}" = VideoCam Suite 3.0
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{259C0ABB-A3B2-4D70-008F-BF7EE491B70B}" = Need for Speed™ Carbon
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{298C6691-46B2-2065-0DD7-1E7B3B669A47}" = CCC Help Finnish
"{2B673C6F-BDEA-48AE-AB59-7479BF04EF6E}" = Nail'd
"{2C8F53E8-3452-4649-BFE0-839FD99AEFD6}_is1" = ManiaPlanet verze 2011
"{2D99A593-C841-43A7-B7C9-D6F3AE70B756}" = Nokia Connectivity Cable Driver
"{2ECA81CA-D932-4AD3-AD59-BF5CCF099C83}" = Catalyst Control Center - Branding
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{400C5445-1AE8-1A41-CAC6-AB114341F65D}" = CCC Help Swedish
"{43430FA0-4A2E-404A-B715-951000018101}" = SUPER STREET FIGHTER IV: ARCADE EDITION
"{448B1C6D-02C2-7681-66B2-624E58B25375}" = CCC Help Turkish
"{46EB9D45-FC1A-2635-1693-176E6FA1C672}" = CCC Help Portuguese
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B28C077-9958-45F1-8BB4-CBF90A69AD4E}" = PC Connectivity Solution
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4E79A60F-15D2-4BEC-91AD-E41EC42E61B0}" = Batman: Arkham Asylum
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{5C5A944F-096E-4ADD-B8E8-887F18BA6228}" = LEGO® Harry Potter™: Years 5-7
"{6033673D-2530-4587-8AD0-EB059FC263F9}" = Crysis® 2
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{651F43AA-3F06-9277-6F1B-8E8155017463}" = CCC Help Polish
"{652F3200-5E12-4CAD-BA2E-88EFE0113BCD}" = AMD OverDrive
"{68DE32E1-292B-6A02-6A53-935BFAE70C99}" = CCC Help Chinese Standard
"{6972FD5E-01D0-4742-8EB0-A0D351CF28FF}" = Governor of Poker
"{698BBAD8-B116-495D-B879-0F07A533E57F}" = Samsung Story Album Viewer
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7337268E-47CC-469B-BBB3-353CE7107580}" = HD Writer LE 1.1
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{76C24F39-B161-498F-BD8B-C64789812D13}_is1" = ConvertXtoDVD 3.1.0.18
"{818212BA-7F8C-DDF9-64BE-F6D0B6F46D29}" = CCC Help German
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83A606F5-BF6F-42ED-9F33-B9F74297CDED}" = Need for Speed(TM) Hot Pursuit
"{84F4542C-ED64-28AC-49B3-1A9BAB395AB4}" = CCC Help Hungarian
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial
"{8BF806C4-2D77-4F67-8435-D4BDCEB665A8}_is1" = Governor of Poker 2 Premium Edition v1.0 Multi
"{90140000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{9322A850-9091-4D0E-B252-3E82EDA3D94A}" = Prototype(TM)
"{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}" = Google Earth
"{9799BD05-5F89-484C-008E-F50592F53440}" = Harry Potter a ohnivý pohár™
"{987B04C4-B5AC-4AD6-A7E9-8D681085B850}" = AMD USB Filter Driver
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C41195F-11B3-8EEC-6634-7183BE6CB1B1}" = CCC Help Japanese
"{9D3D8C60-A55F-4fed-B2B9-173F09590E16}" = REALTEK Wireless LAN Driver
"{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer
"{A33A89D0-2F48-FD1C-A243-9073EE0592E0}" = Catalyst Control Center InstallProxy
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A66FB6C7-B689-AFD5-21BA-7CAF8E44E6E6}" = Catalyst Control Center Graphics Previews Common
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.7) - Czech
"{AE136F7F-7DC6-600F-9DF9-BFA0DF516135}" = Catalyst Control Center Localization All
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update
"{B4CF00AE-2622-7BC6-24EC-4E5A0A8C9135}" = CCC Help Czech
"{BAE1C0A8-634D-CFF1-0E0C-893092427D34}" = CCC Help Danish
"{C2DEC505-79A9-E952-32B0-31B67B83E231}" = CCC Help Korean
"{C2FB14FB-DF6B-287D-BDC3-C7BEC86F539E}" = AMD VISION Engine Control Center
"{C711E88C-9DC2-4254-A989-D6E017844DDF}" = Frontlines: Fuel of War
"{CCEFAE22-4D01-0084-D1CA-AC14AA743A97}" = CCC Help Greek
"{D883EE9E-CC54-48F7-ABC0-50ADB60CDE0B}" = PS3_USB_GAMEPAD
"{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1" = ConvertXtoDVD 4.0.10.324
"{DE460826-5E72-2357-154F-E376F9926008}" = CCC Help Norwegian
"{E21FFD29-D231-3BD3-6941-15710E44BED4}" = CCC Help Dutch
"{E3E313C7-0AE2-7F44-52E8-528D4EDC74B2}" = CCC Help Thai
"{E8C37E27-5205-4C8A-BECB-B00533045AAE}" = SHIFT 2 UNLEASHED™
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F38FD0E4-B991-462B-873D-F2115EADD093}" = Nokia PC Suite
"{F7632A9B-661E-4FD9-B1A4-3B86BC99847F}" = HP Deskjet 3050 J610 series Nápověda
"{F9929777-7B6E-F53D-3105-1C06E5120CA1}" = CCC Help Russian
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Able2Doc Professional v4.0" = Able2Doc Professional v4.0
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Age of Mythology 1.0" = Age of Mythology
"Age of Mythology Expansion Pack 1.0" = Age of Mythology - The Titans Expansion
"Angry Birds HD PC Collection of 2012 Full" = Angry Birds HD PC Collection of 2012 Full
"Arcade Lines_is1" = Arcade Lines 1.81
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.7 (Unicode)
"BaboViolent 2_is1" = BaboViolent 2.11
"bwin Poker JPC_is1" = bwin Poker JPC 1.0.0
"Call of Duty Modern Warfare 2_is1" = Call of Duty Modern Warfare 2
"conduitEngine" = Conduit Engine
"DAEMON Tools Lite" = DAEMON Tools Lite
"DAEMON Tools Pro" = DAEMON Tools Pro
"DirLister" = DirLister 1.0
"DVD Shrink_is1" = DVD Shrink 3.2
"FileZilla Client" = FileZilla Client 3.5.3
"FlatOut Ultimate Carnage" = FlatOut Ultimate Carnage
"Chicken Invaders 3_is1" = Chicken Invaders 3
"Chicken Invaders 4 - Ultimate Omelette - Easter Editionv4.13" = Chicken Invaders 4 - Ultimate Omelette - Easter Edition
"Chicken Invaders: Revenge of the Yolk (Christmas Edition)_is1" = Chicken Invaders: Revenge of the Yolk (Christmas Edition) v3.20
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}" = Samsung Story Album Viewer
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{9322A850-9091-4D0E-B252-3E82EDA3D94A}" = Prototype(TM)
"IrfanView" = IrfanView (remove only)
"KeyWallet" = KeyWallet
"LAME for Audacity_is1" = LAME v3.98.2 for Audacity
"Landi2000" = Landi 2000
"Machinarium" = Machinarium
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.75.0.1300
"Mozilla Firefox 19.0.2 (x86 cs)" = Mozilla Firefox 19.0.2 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Mp3tag" = Mp3tag v2.45a
"Nero8Lite_is1" = Nero 8 Lite
"Nokia PC Suite" = Nokia PC Suite
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"Opera 12.16.1860" = Opera 12.16
"PokerStars" = PokerStars
"Postal 2_is1" = Portal 2
"SpeedFan" = SpeedFan (remove only)
"Sticky Password_is1" = Sticky Password 5.0.8.254
"TeamViewer 8" = TeamViewer 8
"TmNationsForever_is1" = TmNationsForever
"Totalcmd" = Total Commander (Remove or Repair)
"TrueCrypt" = TrueCrypt
"uTorrent" = µTorrent
"uTorrentBar Toolbar" = uTorrentBar Toolbar
"VLC media player" = VLC media player 2.0.8
"VLC Setup Helper_is1" = VLC Setup Helper
"Warcraft III" = Warcraft III
"Winamp" = Winamp
"WinGimp-2.0_is1" = GIMP 2.4.7
"Worms Reloaded_is1" = Worms Reloaded

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1008635744-1587250215-2986164351-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
"MyFreeCodec" = MyFreeCodec
"QIP 2012" = QIP 2012 4.0.9318
"UnityWebPlayer" = Unity Web Player
"Warcraft III" = Warcraft III: All Products
"Winamp Detect" = Winamp Detector Plug-in

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 4.9.2013 2:24:07 | Computer Name = Bělis-PC | Source = ESENT | ID = 455
Description = Windows (2408) Windows: Při otevírání souboru protokolu C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS006AE.log
došlo k chybě -1811.

Error - 4.9.2013 2:24:07 | Computer Name = Bělis-PC | Source = Windows Search Service | ID = 9000
Description =

Error - 4.9.2013 2:24:07 | Computer Name = Bělis-PC | Source = Windows Search Service | ID = 7040
Description =

Error - 4.9.2013 2:24:07 | Computer Name = Bělis-PC | Source = Windows Search Service | ID = 7042
Description =

Error - 4.9.2013 2:24:07 | Computer Name = Bělis-PC | Source = Windows Search Service | ID = 9002
Description =

Error - 4.9.2013 2:24:07 | Computer Name = Bělis-PC | Source = Windows Search Service | ID = 3029
Description =

Error - 4.9.2013 2:24:08 | Computer Name = Bělis-PC | Source = Windows Search Service | ID = 3029
Description =

Error - 4.9.2013 2:24:08 | Computer Name = Bělis-PC | Source = Windows Search Service | ID = 3028
Description =

Error - 4.9.2013 2:24:08 | Computer Name = Bělis-PC | Source = Windows Search Service | ID = 3058
Description =

Error - 4.9.2013 2:24:08 | Computer Name = Bělis-PC | Source = Windows Search Service | ID = 7010
Description =

[ System Events ]
Error - 31.8.2013 9:01:50 | Computer Name = Bělis-PC | Source = Service Control Manager | ID = 7000
Description = Služba FsUsbExDisk neuspěla při spuštění v důsledku následující chyby:
%%1275

Error - 31.8.2013 9:01:54 | Computer Name = Bělis-PC | Source = Application Popup | ID = 1060
Description = Načtení \??\C:\Windows\SysWOW64\FsUsbExDisk.SYS bylo zablokováno kvůli
nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru o kompatibilní verzi
ovladače.

Error - 31.8.2013 9:01:54 | Computer Name = Bělis-PC | Source = Service Control Manager | ID = 7000
Description = Služba FsUsbExDisk neuspěla při spuštění v důsledku následující chyby:
%%1275

Error - 31.8.2013 12:03:42 | Computer Name = Bělis-PC | Source = bowser | ID = 8003
Description =

Error - 2.9.2013 2:34:20 | Computer Name = Bělis-PC | Source = DCOM | ID = 10010
Description =

Error - 2.9.2013 13:21:06 | Computer Name = Bělis-PC | Source = bowser | ID = 8003
Description =

Error - 4.9.2013 2:24:08 | Computer Name = Bělis-PC | Source = Service Control Manager | ID = 7024
Description = Služba Windows Search ukončena s chybou %%-1073473535, specifickou
pro službu.

Error - 4.9.2013 2:24:10 | Computer Name = Bělis-PC | Source = Service Control Manager | ID = 7031
Description = Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát.
Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error - 4.9.2013 2:24:40 | Computer Name = Bělis-PC | Source = Service Control Manager | ID = 7032
Description = Správce služeb se pokusil o opravnou akci (Restartovat službu) po
nečekaném ukončení služby Windows Search, ale tato akce selhala kvůli následující
chybě: %%1056

Error - 4.9.2013 15:06:38 | Computer Name = Bělis-PC | Source = bowser | ID = 8003
Description =


< End of report >

Re: Prosím o kontrolu

Napsal: 05 zář 2013 05:20
od Márty84
Ten prvni log neni cely. Zkopiroval jste tam ten text? Zkuste to znovu.

Re: Prosím o kontrolu

Napsal: 05 zář 2013 09:10
od R1dd14k
Text sem nevložil, protože mi to vyhodilo chybu, jak sem psal výše.Dnes jsem to zkusil znovu i s textem a vyhodilo mi to akorát OTL log.

OTL logfile created on: 5.9.2013 9:40:38 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Bělis\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

8,00 Gb Total Physical Memory | 5,74 Gb Available Physical Memory | 71,73% Memory free
16,00 Gb Paging File | 13,42 Gb Available in Paging File | 83,88% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,66 Gb Total Space | 153,82 Gb Free Space | 33,03% Space Free | Partition Type: NTFS
Drive J: | 465,75 Gb Total Space | 269,32 Gb Free Space | 57,82% Space Free | Partition Type: NTFS

Computer Name: BĚLIS-PC | User Name: Bělis | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013.09.04 20:36:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Bělis\Desktop\OTL.exe
PRC - [2013.08.07 11:42:30 | 004,308,320 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2013.08.07 11:42:29 | 011,737,952 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
PRC - [2013.08.07 11:28:08 | 000,195,936 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
PRC - [2013.07.26 14:43:52 | 000,844,656 | ---- | M] (Samsung) -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2013.07.26 14:43:44 | 001,564,016 | ---- | M] (Samsung) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe
PRC - [2013.06.05 19:28:40 | 027,370,808 | ---- | M] (Dropbox, Inc.) -- C:\Users\Bělis\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2013.05.10 09:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Programs\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013.04.04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Programs\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Programs\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012.07.11 10:38:24 | 002,905,464 | ---- | M] (Lamantine Software a.s.) -- C:\Programs\Sticky Password\stpass.exe
PRC - [2011.08.17 09:29:20 | 004,527,424 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Pro\DTAgent.exe
PRC - [2011.08.17 09:28:14 | 003,120,448 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe
PRC - [2011.03.31 17:08:14 | 000,080,896 | ---- | M] () -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
PRC - [2010.11.17 10:53:16 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2009.02.03 11:32:28 | 003,550,592 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Programs\Process Explorer\procexp.exe
PRC - [2007.06.15 12:57:42 | 000,145,504 | ---- | M] (B.H.A Corporation) -- C:\Windows\SysWOW64\bgsvcgen.exe


========== Modules (No Company Name) ==========

MOD - [2013.08.24 19:49:53 | 000,410,576 | ---- | M] () -- C:\Users\Bělis\AppData\Local\Google\Chrome\Application\29.0.1547.62\ppgooglenaclpluginchrome.dll
MOD - [2013.08.24 19:49:51 | 004,053,456 | ---- | M] () -- C:\Users\Bělis\AppData\Local\Google\Chrome\Application\29.0.1547.62\pdf.dll
MOD - [2013.08.24 19:49:01 | 000,709,584 | ---- | M] () -- C:\Users\Bělis\AppData\Local\Google\Chrome\Application\29.0.1547.62\libglesv2.dll
MOD - [2013.08.24 19:49:00 | 000,099,792 | ---- | M] () -- C:\Users\Bělis\AppData\Local\Google\Chrome\Application\29.0.1547.62\libegl.dll
MOD - [2013.08.24 19:48:58 | 001,604,560 | ---- | M] () -- C:\Users\Bělis\AppData\Local\Google\Chrome\Application\29.0.1547.62\ffmpegsumo.dll
MOD - [2013.08.18 16:37:55 | 000,221,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\7bf3e4deef4483205017aa7b13194845\System.ServiceProcess.ni.dll
MOD - [2013.08.18 15:51:42 | 001,801,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\4d277a8481c203a35c58bd277a2e71df\System.Xaml.ni.dll
MOD - [2013.08.18 15:08:43 | 018,003,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\56a1feb800860a3bc5d8a45ee92a77ec\PresentationFramework.ni.dll
MOD - [2013.08.18 15:08:31 | 011,451,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\001aeb860d7f2ba416e0fedc606fee98\PresentationCore.ni.dll
MOD - [2013.08.18 15:08:25 | 007,070,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\c25ede0d0127774c504c4fc41d4de273\System.Core.ni.dll
MOD - [2013.08.18 15:08:22 | 005,628,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\884bcbd22130ebeb1211bc7bcc3910c9\System.Xml.ni.dll
MOD - [2013.08.18 15:08:21 | 003,858,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\b3ed31a444f444325ddb64b290ed2f1e\WindowsBase.ni.dll
MOD - [2013.08.18 15:08:20 | 001,014,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\df40dab689e9d8febfb943599ba79f8d\System.Configuration.ni.dll
MOD - [2013.08.18 15:08:19 | 009,099,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\de853615c8224ba5d9aa9b76276c6d98\System.ni.dll
MOD - [2013.07.11 14:42:56 | 014,416,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\cf58670896c5313b9b52f026f4455a5d\mscorlib.ni.dll
MOD - [2013.04.04 01:09:40 | 004,300,456 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2013.03.13 22:48:52 | 024,978,944 | ---- | M] () -- C:\Users\Bělis\AppData\Roaming\Dropbox\bin\libcef.dll
MOD - [2012.11.14 01:32:50 | 003,558,400 | ---- | M] () -- C:\Users\Bělis\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2012.01.08 15:41:12 | 000,093,696 | ---- | M] () -- C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013.06.20 20:33:08 | 000,366,600 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2013.06.20 20:33:08 | 000,023,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2013.05.27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2011.12.06 05:11:56 | 000,235,520 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011.12.05 23:15:08 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013.08.07 17:20:25 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.08.07 11:42:30 | 004,308,320 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2013.07.22 17:35:02 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.05.10 09:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programs\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programs\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013.03.09 00:10:32 | 030,798,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\programs\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011.03.31 17:08:14 | 000,080,896 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2011.03.21 14:21:24 | 000,632,832 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010.07.01 05:45:02 | 000,136,616 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe -- (AODService)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007.06.15 12:57:42 | 000,145,504 | ---- | M] (B.H.A Corporation) [Auto | Running] -- C:\Windows\SysWOW64\bgsvcgen.exe -- (bgsvcgen)
SRV - [2007.05.31 18:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 18:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2005.02.09 12:59:00 | 000,014,165 | ---- | M] (Pinnacle Systems GmbH) [Auto | Stopped] -- C:\Windows\SysWOW64\drivers\Pclepci.sys -- (PCLEPCI)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013.08.20 07:02:12 | 000,204,568 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2013.08.20 07:02:12 | 000,103,576 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2013.06.18 21:50:08 | 000,139,616 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2013.05.10 10:07:32 | 000,082,816 | ---- | M] (VSO Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\pcouffin.sys -- (pcouffin)
DRV:64bit: - [2013.04.04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012.08.23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 16:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.12.20 14:39:29 | 000,271,424 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011.12.20 14:37:03 | 000,526,392 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2011.12.06 05:45:40 | 010,720,256 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011.12.06 04:12:14 | 000,327,168 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011.10.04 16:29:54 | 000,055,952 | ---- | M] (Rovi Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2011.08.17 10:58:26 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2011.08.17 10:58:22 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2011.08.17 10:58:20 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2011.08.17 10:58:16 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2011.06.24 07:31:02 | 000,055,424 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.01)
DRV:64bit: - [2011.06.10 06:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.02.17 02:53:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2011.02.15 17:41:07 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2011.02.15 17:41:06 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2011.02.01 23:30:05 | 000,230,352 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\truecrypt.sys -- (truecrypt)
DRV:64bit: - [2010.11.25 07:59:16 | 000,694,888 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTL8192su.sys -- (RTL8192su)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 12:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010.11.19 11:34:26 | 000,181,248 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010.11.19 11:34:26 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010.11.09 15:35:24 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz135_x64.sys -- (cpuz135)
DRV:64bit: - [2010.06.25 17:08:10 | 000,036,928 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\htcnprot.sys -- (htcnprot)
DRV:64bit: - [2010.05.24 14:07:58 | 000,253,728 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2010.02.18 10:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009.12.22 03:26:36 | 000,038,456 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2009.11.01 20:16:50 | 000,033,736 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009.07.14 02:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.05 03:00:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie)
DRV:64bit: - [2008.08.28 13:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2008.01.16 11:09:34 | 000,016,432 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GF0268.sys -- (GF0268)
DRV:64bit: - [2006.08.25 14:36:52 | 000,039,208 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\cdrbsdrv.sys -- (cdrbsdrv)
DRV:64bit: - [2005.09.23 22:18:34 | 000,261,120 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MarvinBus64.sys -- (MarvinBus)
DRV - [2013.07.18 07:34:28 | 000,037,344 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010.07.01 05:44:34 | 000,052,352 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys -- (AODDriver2)
DRV - [2009.11.12 16:16:10 | 000,012,672 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\GF0268.sys -- (GF0268)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1008635744-1587250215-2986164351-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\S-1-5-21-1008635744-1587250215-2986164351-1001\..\SearchScopes,DefaultScope = {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}
IE - HKU\S-1-5-21-1008635744-1587250215-2986164351-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-1008635744-1587250215-2986164351-1001\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = http://www.daemon-search.com/search/web?q={searchTerms}
IE - HKU\S-1-5-21-1008635744-1587250215-2986164351-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\programs\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\programs\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@stickypassword.com/Sticky Password: C:\Programs\Sticky Password\npspAutofill.dll (Lamantine Software a.s.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Bělis\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Bělis\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Bělis\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.08.07 17:20:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{54affe52-8223-453b-be1e-2fe2e250045c}: C:\Users\Bělis\AppData\Roaming\Lamantine\Sticky Password\spAutofill [2012.07.19 18:34:56 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.08.07 17:20:25 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2012.06.20 20:15:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bělis\AppData\Roaming\Mozilla\Extensions
[2013.06.17 16:17:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bělis\AppData\Roaming\Mozilla\Firefox\Profiles\7xmqw4co.default\extensions
[2013.08.07 17:19:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013.08.07 17:20:25 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013.08.07 17:20:03 | 000,002,421 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
[2013.08.07 17:20:03 | 000,000,851 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2013.08.07 17:20:03 | 000,001,580 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2013.08.07 17:20:03 | 000,000,867 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2013.08.07 17:20:03 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\B\u011Blis\AppData\Local\Google\Chrome\Application\29.0.1547.62\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\B\u011Blis\AppData\Local\Google\Chrome\Application\29.0.1547.62\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\B\u011Blis\AppData\Local\Google\Chrome\Application\29.0.1547.62\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Sticky Password (Enabled) = C:\Users\B\u011Blis\AppData\Local\Google\Chrome\User Data\Default\Extensions\offlaklpbgccmeobfnimdjapgolbfhad\5.0.4.232\npSPAutofill.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\programs\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\programs\MICROS~1\Office14\NPSPWRAP.DLL
CHR - Extension: YouTube = C:\Users\Bělis\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: History 2 = C:\Users\Bělis\AppData\Local\Google\Chrome\User Data\Default\Extensions\cahejgbbfgmlmjgdjlibphdjeldhagkp\0.6.0_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\Bělis\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: History Button = C:\Users\Bělis\AppData\Local\Google\Chrome\User Data\Default\Extensions\fofpnhmbgmmeaialapfddhbhfongoinh\1.0.1_0\
CHR - Extension: AdBlock = C:\Users\Bělis\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.6_0\
CHR - Extension: Porsche = C:\Users\Bělis\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkclphmapdcppbmekmbkcjfanpmoidpg\3_0\
CHR - Extension: Chrome In-App Payments service = C:\Users\Bělis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\
CHR - Extension: Sticky Password Autofill Engine = C:\Users\Bělis\AppData\Local\Google\Chrome\User Data\Default\Extensions\offlaklpbgccmeobfnimdjapgolbfhad\5.0.8.254\
CHR - Extension: Gmail = C:\Users\Bělis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2012.04.15 17:32:12 | 000,001,016 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 mp02.maniaplanet.com # Maniatrack
O1 - Hosts: 127.0.0.1 mp01.maniaplanet.com # Maniatrack
O1 - Hosts: 127.0.0.1 mp03.maniaplanet.com # Maniatrack
O1 - Hosts: 127.0.0.1 game.maniaplanet.com # Maniatrack
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programs\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programs\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKU\S-1-5-21-1008635744-1587250215-2986164351-1001\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKU\S-1-5-21-1008635744-1587250215-2986164351-1001\..\Toolbar\WebBrowser: (no name) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No CLSID value found.
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [BCSSync] C:\programs\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1008635744-1587250215-2986164351-1001..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKU\S-1-5-21-1008635744-1587250215-2986164351-1001..\Run: [DAEMON Tools Pro Agent] C:\Program Files\DAEMON Tools Pro\DTAgent.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1008635744-1587250215-2986164351-1001..\Run: [Infium] C:\Program Files (x86)\QIP 2012\qip.exe (QIP)
O4 - HKU\S-1-5-21-1008635744-1587250215-2986164351-1001..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKU\S-1-5-21-1008635744-1587250215-2986164351-1001..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung)
O4 - HKU\S-1-5-21-1008635744-1587250215-2986164351-1001..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O4 - HKU\S-1-5-21-1008635744-1587250215-2986164351-1001..\Run: [StickyPassword] C:\Programs\Sticky Password\stpass.exe (Lamantine Software a.s.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Bělis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Bělis\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Bělis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\procexp – zástupce.lnk = C:\Programs\Process Explorer\procexp.exe (Sysinternals - www.sysinternals.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-1008635744-1587250215-2986164351-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1008635744-1587250215-2986164351-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-1008635744-1587250215-2986164351-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Programs\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Programs\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.25.2)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.25.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{28E8DBC0-D7E8-4E3C-A017-B6E44C4F13C7}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6D56B3F8-F221-4B6B-8258-C9CF8FF55E15}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27:64bit: - HKLM IFEO\taskmgr.exe: Debugger - C:\PROGRAMS\PROCESS EXPLORER\PROCEXP.EXE (Sysinternals - www.sysinternals.com)
O27 - HKLM IFEO\taskmgr.exe: Debugger - C:\PROGRAMS\PROCESS EXPLORER\PROCEXP.EXE (Sysinternals - www.sysinternals.com)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programs\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013.08.05 09:15:36 | 000,000,107 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{2e738d71-c1ef-11e0-8908-000a3a83b02a}\Shell - "" = AutoRun
O33 - MountPoints2\{2e738d71-c1ef-11e0-8908-000a3a83b02a}\Shell\AutoRun\command - "" = E:\setup\rsrc\Autorun.exe
O33 - MountPoints2\{2e738d71-c1ef-11e0-8908-000a3a83b02a}\Shell\dinstall\command - "" = E:\Directx\dxsetup.exe
O33 - MountPoints2\{76c1c10d-2b07-11e1-8669-000a3a83b02a}\Shell - "" = AutoRun
O33 - MountPoints2\{76c1c10d-2b07-11e1-8669-000a3a83b02a}\Shell\AutoRun\command - "" = E:\setup.exe
O33 - MountPoints2\{a833deb2-b220-11e0-ae21-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{a833deb2-b220-11e0-ae21-806e6f6e6963}\Shell\AutoRun\command - "" = O:\unlock.exe autoplay=true
O33 - MountPoints2\{e133d5e2-4733-11e1-b4bd-000a3a83b02a}\Shell - "" = AutoRun
O33 - MountPoints2\{e133d5e2-4733-11e1-b4bd-000a3a83b02a}\Shell\AutoRun\command - "" = "M:\WD SmartWare.exe" autoplay=true
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FFDS - ff_vfw.dll ()
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.mjpg - pvmjpg30.dll File not found
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2013.09.04 20:36:07 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Bělis\Desktop\OTL.exe
[2013.08.31 15:39:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VLC Setup Helper
[2013.08.31 15:39:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2013.08.31 15:07:23 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\NativeFus_Log
[2013.08.31 15:07:23 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CrashDump
[2013.08.31 15:05:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec
[2013.08.31 15:05:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MyFree Codec
[2013.08.31 15:01:35 | 000,233,472 | ---- | C] (Teruten) -- C:\Windows\SysWow64\FsUsbExService.Exe
[2013.08.31 14:20:55 | 000,000,000 | ---D | C] -- C:\Users\Bělis\Desktop\SD card
[2013.08.27 20:29:32 | 000,000,000 | R--D | C] -- C:\Users\Bělis\Dropbox
[2013.08.27 20:26:25 | 000,000,000 | ---D | C] -- C:\Users\Bělis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
[2013.08.27 20:25:19 | 000,000,000 | ---D | C] -- C:\Users\Bělis\AppData\Roaming\Dropbox
[2013.08.26 19:13:23 | 000,000,000 | ---D | C] -- C:\Users\Bělis\Desktop\Camera - Tomáš S3
[2013.08.20 07:02:12 | 000,204,568 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\SysNative\drivers\ssudmdm.sys
[2013.08.20 07:02:12 | 000,103,576 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\SysNative\drivers\ssudbus.sys
[2013.08.18 15:00:40 | 001,888,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2013.08.18 15:00:40 | 001,620,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2013.08.18 15:00:35 | 001,472,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2013.08.18 15:00:35 | 000,224,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2013.08.18 15:00:34 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2013.08.18 15:00:24 | 001,217,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2013.08.18 15:00:23 | 003,913,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013.08.18 15:00:22 | 005,550,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013.08.18 15:00:22 | 003,968,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013.08.18 15:00:21 | 001,732,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2013.08.18 15:00:20 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2013.08.18 15:00:19 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013.08.18 15:00:19 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013.08.18 15:00:19 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013.08.18 15:00:18 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013.08.18 15:00:18 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013.08.07 17:19:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2011.04.10 23:05:04 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\Bělis\AppData\Roaming\pcouffin.sys
[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013.09.05 09:42:30 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.09.05 09:34:25 | 000,000,946 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.09.05 09:28:58 | 000,021,200 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.09.05 09:28:58 | 000,021,200 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.09.05 09:25:54 | 001,470,298 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.09.05 09:25:54 | 000,631,276 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2013.09.05 09:25:54 | 000,616,032 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.09.05 09:25:54 | 000,121,930 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2013.09.05 09:25:54 | 000,106,412 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.09.05 09:21:42 | 000,000,266 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job
[2013.09.05 09:21:34 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.09.05 09:21:29 | 2146,836,479 | -HS- | M] () -- C:\hiberfil.sys
[2013.09.04 21:58:00 | 000,000,962 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1008635744-1587250215-2986164351-1001UA.job
[2013.09.04 21:48:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.09.04 21:11:00 | 000,000,950 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.09.04 20:36:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Bělis\Desktop\OTL.exe
[2013.09.04 19:58:00 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1008635744-1587250215-2986164351-1001Core.job
[2013.09.03 19:58:54 | 000,070,112 | ---- | M] () -- C:\Users\Bělis\Documents\cc_20130903_195850.reg
[2013.09.01 09:19:33 | 000,416,656 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.08.28 20:43:24 | 000,114,960 | ---- | M] () -- C:\Users\Bělis\Desktop\Dejvice.JPG
[2013.08.28 20:39:39 | 000,159,024 | ---- | M] () -- C:\Users\Bělis\Desktop\Hanspaulka2.JPG
[2013.08.28 20:37:37 | 000,079,634 | ---- | M] () -- C:\Users\Bělis\Desktop\Hanspaulka1.JPG
[2013.08.27 20:26:57 | 000,001,049 | ---- | M] () -- C:\Users\Bělis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013.08.20 07:02:12 | 000,204,568 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\SysNative\drivers\ssudmdm.sys
[2013.08.20 07:02:12 | 000,103,576 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\SysNative\drivers\ssudbus.sys
[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013.09.04 20:40:11 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.09.03 19:58:52 | 000,070,112 | ---- | C] () -- C:\Users\Bělis\Documents\cc_20130903_195850.reg
[2013.08.31 16:02:02 | 000,001,102 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 8.lnk
[2013.08.31 15:01:35 | 000,110,592 | ---- | C] () -- C:\Windows\SysWow64\FsUsbExDevice.Dll
[2013.08.31 15:01:35 | 000,037,344 | ---- | C] () -- C:\Windows\SysWow64\FsUsbExDisk.Sys
[2013.08.28 20:43:24 | 000,114,960 | ---- | C] () -- C:\Users\Bělis\Desktop\Dejvice.JPG
[2013.08.28 20:39:39 | 000,159,024 | ---- | C] () -- C:\Users\Bělis\Desktop\Hanspaulka2.JPG
[2013.08.28 20:37:37 | 000,079,634 | ---- | C] () -- C:\Users\Bělis\Desktop\Hanspaulka1.JPG
[2013.08.27 20:26:57 | 000,001,049 | ---- | C] () -- C:\Users\Bělis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2012.04.16 12:15:07 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2012.02.25 20:58:14 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe
[2012.01.14 19:27:48 | 000,046,971 | ---- | C] () -- C:\Windows\War3Unin.dat
[2011.12.05 23:04:00 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll
[2011.12.05 23:03:52 | 000,054,784 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011.11.22 18:23:01 | 000,004,561 | ---- | C] () -- C:\Users\Bělis\.recently-used.xbel
[2011.11.10 04:36:06 | 000,204,960 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2011.11.10 04:36:06 | 000,157,152 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2011.10.25 22:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll
[2011.09.13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011.04.10 23:05:27 | 000,001,057 | ---- | C] () -- C:\Users\Bělis\AppData\Roaming\vso_ts_preview.xml
[2011.04.10 23:05:04 | 000,099,384 | ---- | C] () -- C:\Users\Bělis\AppData\Roaming\inst.exe
[2011.04.10 23:05:04 | 000,007,859 | ---- | C] () -- C:\Users\Bělis\AppData\Roaming\pcouffin.cat
[2011.04.10 23:05:04 | 000,001,167 | ---- | C] () -- C:\Users\Bělis\AppData\Roaming\pcouffin.inf
[2011.02.16 23:28:59 | 000,000,644 | RHS- | C] () -- C:\Users\Bělis\ntuser.pol
[2011.02.11 00:11:25 | 000,009,216 | ---- | C] () -- C:\Users\Bělis\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.02.03 00:42:00 | 000,038,417 | ---- | C] () -- C:\Users\Bělis\AppData\Roaming\Hodnoty oddělené čárkami (Windows).ADR
[2011.02.03 00:40:26 | 000,009,295 | ---- | C] () -- C:\Users\Bělis\AppData\Roaming\Hodnoty oddělené čárkami (Windows).EML
[2011.02.03 00:23:22 | 000,004,096 | -H-- | C] () -- C:\Users\Bělis\AppData\Local\keyfile3.drm

========== ZeroAccess Check ==========

[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2011.04.07 14:30:19 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\Atari
[2012.03.12 20:49:21 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\Audacity
[2011.11.29 09:21:58 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\DAEMON Tools Lite
[2013.09.03 19:58:18 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\DAEMON Tools Pro
[2013.02.21 19:05:39 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\Darq Software
[2013.09.05 09:34:30 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\Dropbox
[2012.10.30 22:04:26 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\FileZilla
[2012.06.10 19:05:18 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\GHISLER
[2011.09.27 16:04:18 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\gtk-2.0
[2013.08.04 17:39:38 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\IrfanView
[2011.08.28 16:07:01 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\Lamantine
[2011.08.29 10:46:39 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\Mp3tag
[2011.02.15 21:06:58 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\Nokia
[2011.02.15 21:04:57 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\Nokia Ovi Suite
[2011.02.01 16:18:30 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\Opera
[2012.08.06 17:38:26 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\Orbit
[2011.02.11 00:07:24 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\PC Suite
[2012.08.06 17:13:09 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\ProgSense
[2013.02.24 13:07:34 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\QIP
[2012.04.24 09:36:34 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\Rovio
[2011.05.23 21:58:33 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\Samsung
[2013.09.01 11:32:39 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\TeamViewer
[2011.09.27 16:51:48 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\The Creative Assembly
[2011.11.27 19:12:16 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\TrueCrypt
[2011.02.02 10:10:59 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\TuneUp Software
[2013.06.29 17:48:47 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\Unity
[2013.09.03 19:58:11 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\uTorrent
[2011.02.02 09:57:33 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\VitySoft
[2013.06.09 17:26:56 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\Vso
[2012.02.01 18:58:56 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\WB Games
[2013.07.08 18:13:54 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\YoudaGames
[2011.12.21 12:59:59 | 000,000,000 | ---D | M] -- C:\Users\Games\AppData\Roaming\DAEMON Tools Pro
[2011.05.24 18:19:35 | 000,000,000 | ---D | M] -- C:\Users\Games\AppData\Roaming\PC Suite
[2012.10.12 14:49:31 | 000,000,000 | ---D | M] -- C:\Users\Games\AppData\Roaming\TeamViewer

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,032,532 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011.04.01 14:13:46 | 000,000,910 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1008635744-1587250215-2986164351-1001Core.job
[2011.04.01 14:13:47 | 000,000,962 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1008635744-1587250215-2986164351-1001UA.job
[2011.06.07 12:19:58 | 000,000,946 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2011.06.07 12:19:59 | 000,000,950 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012.02.12 23:06:44 | 000,000,266 | ---- | C] () -- C:\Windows\Tasks\AutoKMS.job
[2013.02.08 19:13:12 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job

< >

< MD5 for: AGP440.SYS >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2012.06.02 06:52:32 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=063DD65889D21035311463337BD268E7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_788c7cc71232cc19\cryptsvc.dll
[2012.04.24 06:36:42 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=06E771AA596B8761107AB57E99F128D7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_77ff39f3f916c65f\cryptsvc.dll
[2010.11.20 15:25:59 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2012.04.24 06:28:22 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=21993009E0CCB9B4FA195F14D3408626 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_7854c7b7125b248c\cryptsvc.dll
[2013.05.10 06:49:59 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=33ADF6E0853AB39EA1723BE82842C1D3 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_77d7a417f9359661\cryptsvc.dll
[2013.05.13 06:45:55 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=3897DFF247D9ED0006190349DE264E14 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_77d8a461f934afb8\cryptsvc.dll
[2013.07.09 16:47:30 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=434CCE8E7150CD1324C5FAA088D1D061 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_d45f6e88cac8f85b\cryptsvc.dll
[2012.06.02 07:32:25 | 000,183,808 | ---- | M] (Microsoft Corporation) MD5=456107D69D4EE850A559434F19EFEE65 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21225_none_d2beeccacd6d6c07\cryptsvc.dll
[2012.04.24 07:37:37 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=4F5414602E2544A4554D95517948B705 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_d41dd577b1743795\cryptsvc.dll
[2012.04.24 06:47:04 | 000,139,264 | ---- | M] (Microsoft Corporation) MD5=520A108A2657F4BCA7FCED9CA7D885DE -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17008_none_762f534bfbdf7203\cryptsvc.dll
[2013.07.09 07:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=6B400F211BEE880A37A1ED0368776BF4 -- C:\Windows\SysNative\cryptsvc.dll
[2013.07.09 07:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=6B400F211BEE880A37A1ED0368776BF4 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_d431528fb165f7bc\cryptsvc.dll
[2013.07.09 15:57:37 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=6DB499DEFCC827317C5371164A7CDB27 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_7840d305126b8725\cryptsvc.dll
[2013.07.09 06:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\SysWOW64\cryptsvc.dll
[2013.07.09 06:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_7812b70bf9088686\cryptsvc.dll
[2012.06.04 09:52:35 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=7E7D2DACF65D750D466F36BD3D09AE20 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_d4ab184aca903d4f\cryptsvc.dll
[2013.05.10 07:49:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=7FDC4626B01106A8EF328C88C7C0DEE3 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_d3f63f9bb1930797\cryptsvc.dll
[2013.05.11 07:18:23 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=8122252F0A4ACFA92FA0C1D50D18493B -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_d4a24ea4ca968363\cryptsvc.dll
[2009.07.14 03:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_d1f48b0bb4805490\cryptsvc.dll
[2012.06.02 06:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=96C0E38905CFD788313BE8E11DAE3F2F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_77ddc9e5f93000db\cryptsvc.dll
[2012.06.02 07:41:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=9C01375BE382E834CC26D1B7EAF2C4FE -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_d3fc6569b18d7211\cryptsvc.dll
[2009.07.14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
[2010.11.20 14:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
[2013.05.11 06:59:05 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=AC04D05309BB2C418D0D80B9FB014642 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_7883b3211239122d\cryptsvc.dll
[2012.04.24 07:22:32 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=B7337E9C9E5936355BB700AA33E0936E -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_d473633acab895c2\cryptsvc.dll
[2012.06.02 07:25:12 | 000,182,272 | ---- | M] (Microsoft Corporation) MD5=BAF19B633933A9FB4883D27D66C39E9A -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17035_none_d22a7e2db457eb07\cryptsvc.dll
[2013.05.10 07:18:53 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=CA13C4F92BEE66DB48E58AB3223DDF6E -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_d4a14e5aca976a0c\cryptsvc.dll
[2012.04.24 07:36:46 | 000,183,808 | ---- | M] (Microsoft Corporation) MD5=CE8BF1423AEE47DA5275FBC8AD3BD642 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21199_none_d2773c98cda297d3\cryptsvc.dll
[2013.05.13 07:51:01 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=D8129C49798CBBFB2E4351D4B7B8EF9C -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_d3f73fe5b19220ee\cryptsvc.dll
[2013.05.10 07:06:21 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=E122AA1C9A3CC46FF9DDDE46E5EB0C58 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_7882b2d71239f8d6\cryptsvc.dll
[2012.06.02 06:41:59 | 000,141,312 | ---- | M] (Microsoft Corporation) MD5=EA8C26ECF1656D9647EF044F115EC6DA -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21225_none_76a05147150ffad1\cryptsvc.dll
[2012.04.24 07:59:45 | 000,182,272 | ---- | M] (Microsoft Corporation) MD5=F02786B66375292E58C8777082D4396D -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17008_none_d24deecfb43ce339\cryptsvc.dll
[2012.06.02 06:45:21 | 000,139,264 | ---- | M] (Microsoft Corporation) MD5=F2FDE6C8DBAAD44CC58D1E07E4AF4EED -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17035_none_760be2a9fbfa79d1\cryptsvc.dll
[2012.04.24 06:33:53 | 000,141,312 | ---- | M] (Microsoft Corporation) MD5=F522279B4717E2BFF269C771FAC2B78E -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21199_none_7658a1151545269d\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2009.12.26 20:41:36 | 000,043,520 | ---- | M] (Panasonic Corporation) MD5=7D9B6B1537EA2ADB5E4835A2BD6676EE -- C:\Program Files (x86)\Panasonic\VideoCam Suite 3.0\Core\EventLog\EventLog.dll
[2009.12.26 20:41:36 | 000,043,520 | ---- | M] (Panasonic Corporation) MD5=7D9B6B1537EA2ADB5E4835A2BD6676EE -- C:\Program Files (x86)\Panasonic\VideoCam Suite 3.0\Core\Spec\AVCHD\BDCore\EventLog.dll
[2011.11.12 18:25:44 | 000,036,352 | ---- | M] (Panasonic Corporation) MD5=9DA8C0E6C04BBE9DB3A057148CDB5B07 -- C:\Program Files (x86)\Panasonic\HD Writer LE 1.1\Core\EventLog\EventLog.dll
[2011.11.12 18:25:44 | 000,036,352 | ---- | M] (Panasonic Corporation) MD5=9DA8C0E6C04BBE9DB3A057148CDB5B07 -- C:\Program Files (x86)\Panasonic\HD Writer LE 1.1\Core\Spec\AVCHD\BDCore\EventLog.dll

< MD5 for: EXPLORER.EXE >
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009.08.03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009.08.03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

Re: Prosím o kontrolu

Napsal: 05 zář 2013 09:11
od R1dd14k
< MD5 for: HAL.DLL >
[2009.07.14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: IASTORV.SYS >
[2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011.03.11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011.03.11 08:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\drivers\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\isapnp.sys

< MD5 for: LSASS.EXE >
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_023f7c69767c3edd\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_023e7e05767d22ad\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_02bd4ae48fa2de68\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe
[2011.11.17 08:20:34 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0A10B74FBB437FF9A23F1D5DE4446A83 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_04c1204e8cb39c3f\lsass.exe
[2011.11.17 09:05:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=156F6159457D0AA7E59B62681B56EB90 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16915_none_028b374176436a30\lsass.exe
[2011.11.17 09:05:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=156F6159457D0AA7E59B62681B56EB90 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.17035_none_02756f8b7653d554\lsass.exe
[2012.08.24 19:43:36 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=77119F1F9B492B260030C34F9BE327FA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22099_none_04a88ce28cc4eb33\lsass.exe
[2012.06.04 09:51:10 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=79C908CAA6F43021EB05F4C733A927D1 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_04f609a88c8c279c\lsass.exe
[2012.06.02 07:30:31 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=BF63CE11A25F3509129888710D5111FC -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21225_none_0309de288f695654\lsass.exe
[2011.11.17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\SysNative\lsass.exe
[2011.11.17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_0466c45b7371f20d\lsass.exe
[2011.11.17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_044756c773895c5e\lsass.exe
[2011.11.17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17940_none_044c26dd7386a58a\lsass.exe
[2011.11.17 08:42:52 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=D21BD47E528CD62E79311FB5DF0150E6 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21092_none_02bb2a0a8fa4d398\lsass.exe

< MD5 for: NDIS.SYS >
[2012.08.22 20:06:07 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=5E74508FCB5820B29EEAFE24E6035BCF -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_06232d534c0a8d67\ndis.sys
[2012.08.22 20:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\SysNative\drivers\ndis.sys
[2012.08.22 20:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_05dc9a6832ba428a\ndis.sys
[2010.11.20 15:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys
[2009.07.14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

< MD5 for: NVRAID.SYS >
[2011.03.11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\drivers\nvraid.sys
[2011.03.11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvraid.sys
[2011.03.11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvraid.sys
[2009.07.14 03:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvraid.sys
[2010.11.20 15:33:48 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvraid.sys
[2010.11.20 15:33:48 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvraid.sys
[2011.03.11 08:19:21 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=666CA16F17914C1CD3616CF16DE0A6EA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvraid.sys
[2011.03.11 08:23:06 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A4D9C9A608A97F59307C2F2600EDC6A4 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvraid.sys
[2011.03.11 08:25:53 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A5C82EB2F72AA004887F90B84A771F73 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvraid.sys


< MD5 for: NVSTOR.SYS >
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011.03.11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011.03.11 08:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SMSS.EXE >
[2009.07.14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe
[2013.03.19 04:57:17 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=498E2A20E145199709CD100CDBA8603D -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22280_none_0a9a7b3b492b4d05\smss.exe
[2013.03.19 05:20:12 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=7180204786A9DED8723B2D8CF3CDD388 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.21490_none_08a94e494c0cfd0a\smss.exe
[2013.07.08 04:50:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=E65601CF4BC0CF3718AFBE56A9AD846F -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22379_none_0aae4fa7491b124a\smss.exe
[2013.03.19 05:06:33 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0371DE302FFFF8F086661611BE60848 -- C:\Windows\SysNative\smss.exe
[2013.03.19 05:06:33 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0371DE302FFFF8F086661611BE60848 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18113_none_0a5f8ec22fd235a9\smss.exe
[2013.03.19 05:19:03 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=FA64733BD65F52712F0545F56FDB4BE6 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.17273_none_0838504e32dc743c\smss.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Programs\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.04.25 07:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys
[2012.10.03 19:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2011.09.29 19:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2013.05.08 08:14:42 | 001,900,392 | ---- | M] (Microsoft Corporation) MD5=3E94650745D4DAB67E161F5F32CEA597 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22319_none_11d29984961f0be0\tcpip.sys
[2010.11.20 15:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2011.06.21 08:16:55 | 001,888,128 | ---- | M] (Microsoft Corporation) MD5=5279D4DD69C7C71524B8E7A5746D15CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_0f8ed978993fa916\tcpip.sys
[2010.06.14 08:39:16 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2013.01.04 07:41:01 | 001,893,224 | ---- | M] (Microsoft Corporation) MD5=5CFB7AB8F9524D1A1E14369DE63B83CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_0f6a6af57fd59de6\tcpip.sys
[2012.03.30 12:19:17 | 001,877,872 | ---- | M] (Microsoft Corporation) MD5=5EFD096DEF47F8B88EF591DA92143440 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_0faa5514992a39a7\tcpip.sys
[2011.04.25 07:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys
[2012.03.30 13:09:53 | 001,895,280 | ---- | M] (Microsoft Corporation) MD5=624C5B3AA4C99B3184BB922D9ECE3FF0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_0f140fa780164fde\tcpip.sys
[2013.01.03 07:57:12 | 001,876,824 | ---- | M] (Microsoft Corporation) MD5=692969AB90BDA19F56E27BF89A9260E2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_0fe8397098fc3d71\tcpip.sys
[2012.08.22 20:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2010.04.09 13:06:28 | 001,898,376 | ---- | M] (Microsoft Corporation) MD5=7FC877A25796D8ADF539E64703FCA7E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16569_none_0f2ca8c580036f65\tcpip.sys
[2012.03.30 12:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2010.06.14 08:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009.07.14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2011.04.25 07:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2013.05.08 08:39:01 | 001,910,632 | ---- | M] (Microsoft Corporation) MD5=9849EA3843A2ADBDD1497E97A85D8CAE -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18148_none_11278ac57d1aa96b\tcpip.sys
[2011.06.21 08:20:30 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2010.04.09 09:56:29 | 001,892,232 | ---- | M] (Microsoft Corporation) MD5=A9C0F786AC1F736891D05CE0A1D29DEB -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20687_none_0f9ea52499331463\tcpip.sys
[2011.09.29 18:17:51 | 001,886,064 | ---- | M] (Microsoft Corporation) MD5=AC3E29880DB5659532A1AA3439304A43 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_0fad20ca992955d7\tcpip.sys
[2012.03.30 13:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2013.07.06 07:20:38 | 001,900,992 | ---- | M] (Microsoft Corporation) MD5=B27F13153343BC37A27EAE01634D94E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_1190b9b296509a2f\tcpip.sys
[2013.01.03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2011.04.25 08:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2013.01.04 07:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys
[2011.06.21 08:27:14 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=B9D87C7707F058AC652A398CD28DE14B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_0f4d1e3b7feb1307\tcpip.sys
[2012.10.03 19:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2013.07.06 08:03:53 | 001,910,208 | ---- | M] (Microsoft Corporation) MD5=DB74544B75566C974815E79A62433F29 -- C:\Windows\SysNative\drivers\tcpip.sys
[2013.07.06 08:03:53 | 001,910,208 | ---- | M] (Microsoft Corporation) MD5=DB74544B75566C974815E79A62433F29 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_114dcae97cfeb81b\tcpip.sys
[2011.06.21 08:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys
[2011.09.29 18:24:44 | 001,897,328 | ---- | M] (Microsoft Corporation) MD5=F18F56EFC0BFB9C87BA01C37B27F4DA5 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_0f170e9f80139ebc\tcpip.sys
[2012.08.22 20:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys
[2011.09.29 18:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Programs\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< MD5 for: WS2_32.DLL >
[2010.11.20 15:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\SysNative\ws2_32.dll
[2010.11.20 15:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[2009.07.14 03:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_4eaca269e8070c6b\ws2_32.dll
[2010.11.20 14:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SysWOW64\ws2_32.dll
[2010.11.20 14:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
[2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[5 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[17 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[8 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2011.02.03 00:57:06 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\Adobe
[2011.04.07 14:30:19 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\Atari
[2011.02.01 15:59:58 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\ATI
[2012.03.12 20:49:21 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\Audacity
[2011.11.29 09:21:58 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\DAEMON Tools Lite
[2013.09.03 19:58:18 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\DAEMON Tools Pro
[2013.02.21 19:05:39 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\Darq Software
[2013.09.05 09:34:30 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\Dropbox
[2013.01.09 20:29:00 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\dvdcss
[2012.10.30 22:04:26 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\FileZilla
[2012.06.10 19:05:18 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\GHISLER
[2011.09.27 16:04:18 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\gtk-2.0
[2011.11.21 11:11:44 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\HpUpdate
[2011.02.01 15:51:54 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\Identities
[2011.02.09 15:59:33 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\InstallShield
[2013.08.04 17:39:38 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\IrfanView
[2011.08.28 16:07:01 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\Lamantine
[2011.02.01 15:55:33 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\Macromedia
[2011.12.06 19:41:57 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\Malwarebytes
[2009.07.14 17:36:38 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\Media Center Programs
[2013.06.09 17:26:56 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\Media Player Classic
[2012.04.02 20:14:52 | 000,000,000 | --SD | M] -- C:\Users\Bělis\AppData\Roaming\Microsoft
[2012.06.20 20:15:53 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\Mozilla
[2011.08.29 10:46:39 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\Mp3tag
[2011.02.02 09:44:57 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\Nero
[2011.02.15 21:06:58 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\Nokia
[2011.02.15 21:04:57 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\Nokia Ovi Suite
[2011.02.01 16:18:30 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\Opera
[2012.08.06 17:38:26 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\Orbit
[2011.02.11 00:07:24 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\PC Suite
[2012.08.06 17:13:09 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\ProgSense
[2013.02.24 13:07:34 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\QIP
[2012.04.24 09:36:34 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\Rovio
[2011.05.23 21:58:33 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\Samsung
[2012.09.30 23:35:50 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\Skype
[2013.09.01 11:32:39 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\TeamViewer
[2011.09.27 16:51:48 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\The Creative Assembly
[2011.11.27 19:12:16 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\TrueCrypt
[2011.02.02 10:10:59 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\TuneUp Software
[2013.06.29 17:48:47 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\Unity
[2013.09.03 19:58:11 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\uTorrent
[2011.02.02 09:57:33 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\VitySoft
[2013.09.04 20:21:35 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\vlc
[2013.06.09 17:26:56 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\Vso
[2012.02.01 18:58:56 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\WB Games
[2013.09.03 22:12:57 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\Winamp
[2011.02.02 10:03:23 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\WinRAR
[2013.07.08 18:13:54 | 000,000,000 | ---D | M] -- C:\Users\Bělis\AppData\Roaming\YoudaGames

< %APPDATA%\*.exe /s >
[2013.05.10 10:07:32 | 000,099,384 | ---- | M] () -- C:\Users\Bělis\AppData\Roaming\inst.exe
[2013.06.05 19:28:40 | 027,370,808 | ---- | M] (Dropbox, Inc.) -- C:\Users\Bělis\AppData\Roaming\Dropbox\bin\Dropbox.exe
[2013.06.05 19:28:50 | 000,229,288 | ---- | M] (Dropbox, Inc.) -- C:\Users\Bělis\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe
[2013.06.05 19:28:42 | 000,919,048 | ---- | M] (Dropbox, Inc.) -- C:\Users\Bělis\AppData\Roaming\Dropbox\bin\DropboxUpdateHelper.exe
[2013.08.05 12:49:27 | 000,029,926 | R--- | M] () -- C:\Users\Bělis\AppData\Roaming\Microsoft\Installer\{6DE721A5-5E89-4D74-994C-652BB3C0672E}\ARPPRODUCTICON.exe
[2011.11.08 16:07:44 | 000,010,134 | R--- | M] () -- C:\Users\Bělis\AppData\Roaming\Microsoft\Installer\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}\ARPPRODUCTICON.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"StickyPassword" = C:\Programs\Sticky Password\stpass.exe -- [2012.07.11 10:38:24 | 002,905,464 | ---- | M] (Lamantine Software a.s.)
"RESTART_STICKY_NOTES" = C:\Windows\System32\StikyNot.exe
"Google Update" = "C:\Users\Bělis\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2011.04.01 14:13:44 | 000,136,176 | ---- | M] (Google Inc.)
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2010.11.20 15:25:17 | 001,475,584 | ---- | M] (Microsoft Corporation)
"DAEMON Tools Pro Agent" = "C:\Program Files\DAEMON Tools Pro\DTAgent.exe" -autorun -- [2011.08.17 09:29:20 | 004,527,424 | ---- | M] (DT Soft Ltd)
"KiesPDLR" = C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe -- [2013.07.26 14:43:52 | 000,844,656 | ---- | M] (Samsung)
"KiesPreload" = C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload -- [2013.07.26 14:43:44 | 001,564,016 | ---- | M] (Samsung)
"" = C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe -- [2013.07.26 14:43:52 | 000,844,656 | ---- | M] (Samsung)
"Infium" = "C:\Program Files (x86)\QIP 2012\qip.exe" /autorun -- [2013.08.06 14:38:50 | 008,502,256 | ---- | M] (QIP)

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
No captured output from command...

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
No captured output from command...

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
No captured output from command...

< >

< type c:\boot.ini >> test.txt /c >
No captured output from command...

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.09.05 09:42:30 | 000,000,512 | ---- | M] () MD5=C9D7EBE1BBFAC833FC391DC5C0BF8F9C -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2010.02.15 12:51:58 | 000,000,149 | R--- | M] () -- \Games\SHIFT 2 UNLEASHED\GUI\glass_cracks.bspr
[2008.08.23 00:06:04 | 000,062,238 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\share\gimp\2.0\patterns\cracked.pat
[2012.07.19 18:29:28 | 000,005,369 | ---- | M] () -- \Programs\FreeRapid-0.92u2\plugins\crackle.frp
[2012.04.23 15:45:58 | 000,011,465 | ---- | M] () -- \Users\Bělis\AppData\Roaming\uTorrent\Angry.Birds.Space.v1.0.0.cracked.THETA.torrent
[2013.08.19 20:53:23 | 000,005,592 | ---- | M] () -- \Users\Bělis\AppData\Roaming\VitySoft\FRD\plugins\crackle.frp

< *keygen* /s >

< *AntiWPA* /s >

< *loader* /s >
[2003.07.03 22:37:58 | 000,006,995 | ---- | M] () -- \Games\Age of Mythology\ai2\aomxailoader.xs
[2003.07.03 22:37:35 | 000,002,522 | ---- | M] () -- \Games\Age of Mythology\ai2\aomxailoaderaggboom.xs
[2003.07.03 22:37:27 | 000,002,734 | ---- | M] () -- \Games\Age of Mythology\ai2\aomxailoaderbalanced.xs
[2003.07.03 22:37:17 | 000,002,486 | ---- | M] () -- \Games\Age of Mythology\ai2\aomxailoaderboom.xs
[2003.07.03 22:37:07 | 000,002,522 | ---- | M] () -- \Games\Age of Mythology\ai2\aomxailoaderdefboom.xs
[2003.07.03 22:37:02 | 000,002,491 | ---- | M] () -- \Games\Age of Mythology\ai2\aomxailoaderdefrush.xs
[2003.07.03 22:36:55 | 000,002,494 | ---- | M] () -- \Games\Age of Mythology\ai2\aomxailoaderecorush.xs
[2003.07.03 22:36:48 | 000,002,488 | ---- | M] () -- \Games\Age of Mythology\ai2\aomxailoaderrush.xs
[2012.01.13 14:22:03 | 000,001,168 | ---- | M] () -- \Games\Angry Birds HD PC Collection of 2012 Full\Angry Birds Classic HD v2.0.2.1 Full\data\scripts\subsystems\loader.lua
[2011.10.03 09:15:22 | 000,064,872 | ---- | M] () -- \Games\Batman Arkham City\Binaries\Win32\PhysXLoader.dll
[2010.08.27 20:43:08 | 000,071,008 | ---- | M] () -- \Games\Mafia II\pc\PhysXLoader.dll
[2009.02.16 15:31:12 | 000,674,165 | R--- | M] () -- \gamesi\The Chronicles of Riddick - Assault on Dark Athena\Content\Models\Misc\Loader.xmd
[2009.02.16 15:31:12 | 013,985,904 | R--- | M] () -- \gamesi\The Chronicles of Riddick - Assault on Dark Athena\Content\Models\Misc\Loader.xtc
[2013.03.09 08:17:04 | 000,268,440 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2013.03.09 08:17:04 | 000,019,080 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2008.07.06 21:54:00 | 000,003,285 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\etc\gtk-2.0\gdk-pixbuf.loaders
[2008.08.23 00:54:42 | 000,018,440 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ani.dll
[2008.08.23 00:54:42 | 000,019,976 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-bmp.dll
[2008.08.23 00:54:20 | 000,028,168 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-gif.dll
[2008.08.23 00:54:20 | 000,017,928 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ico.dll
[2008.08.23 00:54:42 | 000,021,000 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-jpeg.dll
[2008.08.23 00:54:20 | 000,015,880 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pcx.dll
[2008.08.23 00:54:42 | 000,021,512 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-png.dll
[2008.08.23 00:54:42 | 000,017,416 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pnm.dll
[2008.08.23 00:54:20 | 000,013,320 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ras.dll
[2008.08.23 00:54:46 | 000,018,440 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tga.dll
[2008.08.23 00:54:46 | 000,035,336 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tiff.dll
[2008.08.23 00:54:46 | 000,012,808 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-wbmp.dll
[2008.08.23 00:54:46 | 000,014,856 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xbm.dll
[2008.08.23 00:54:46 | 000,030,728 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xpm.dll
[2009.10.06 05:08:30 | 000,145,082 | ---- | M] () -- \Program Files (x86)\HP\HP Deskjet 3050 J610 series\bin\HelpViewer\Resources\Loader.gif
[2010.12.09 14:10:30 | 000,003,072 | ---- | M] () -- \Program Files (x86)\Nokia\Nokia PC Suite 7\Lang\MapLoader_cze.NLR
[2009.05.31 04:21:00 | 000,071,008 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2009.05.31 04:21:00 | 000,073,568 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2011.11.12 18:38:06 | 000,095,744 | ---- | M] () -- \Program Files (x86)\Panasonic\HD Writer LE 1.1\Core\Spec\AVCHD\BDCore\MediaLoader.dll
[2010.10.29 16:55:24 | 000,000,184 | ---- | M] () -- \Program Files (x86)\Panasonic\HD Writer LE 1.1\Core\Spec\Uploader\Uploader.ini
[2009.07.07 15:53:00 | 000,131,072 | ---- | M] () -- \Program Files (x86)\Panasonic\HD Writer LE 1.1\MICS\MicsLoader.dll
[2009.12.26 21:02:26 | 000,054,688 | ---- | M] () -- \Program Files (x86)\Panasonic\VideoCam Suite 3.0\YouTubeUploaderMain.exe
[2009.12.26 20:58:00 | 003,361,792 | ---- | M] () -- \Program Files (x86)\Panasonic\VideoCam Suite 3.0\YTUploader.dll
[2009.11.26 10:56:24 | 000,000,112 | ---- | M] () -- \Program Files (x86)\Panasonic\VideoCam Suite 3.0\YTUploader.ini
[2009.12.26 20:45:24 | 000,150,016 | ---- | M] () -- \Program Files (x86)\Panasonic\VideoCam Suite 3.0\Core\Spec\AVCHD\BDCore\MediaLoader.dll
[2013.07.26 13:25:14 | 000,069,120 | ---- | M] () -- \Program Files (x86)\Samsung\Kies\Common\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.dll
[2011.04.29 01:24:16 | 000,131,984 | ---- | M] () -- \Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\BinaryLoaderMgr.exe
[2009.09.25 15:00:00 | 000,001,849 | ---- | M] () -- \Program Files (x86)\Windows Sidebar\Shared Gadgets\TuneUpUtilities.gadget\images\loader.gif
[2013.03.09 08:52:18 | 000,364,168 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2013.03.09 08:52:18 | 000,019,080 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2013.08.05 09:45:08 | 000,000,013 | ---- | M] () -- \ProgramData\__FileUploader.log
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2011.07.19 18:23:15 | 000,032,256 | ---- | M] () -- \ProgramData\TrueCrypt\Original System Loader
[2010.03.15 12:27:20 | 000,054,784 | ---- | M] () -- \Programs\WinRAR\Formats\ace32loader.exe
[2013.08.05 09:45:08 | 000,000,013 | ---- | M] () -- \Users\All Users\__FileUploader.log
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2011.07.19 18:23:15 | 000,032,256 | ---- | M] () -- \Users\All Users\TrueCrypt\Original System Loader
[2012.08.06 17:14:18 | 000,022,486 | ---- | M] () -- \Users\Bělis\AppData\Roaming\Orbit\icon\Orbit Downloader.ico
[2013.08.20 19:27:34 | 000,416,984 | ---- | M] () -- \Users\Bělis\Desktop\SD card\TitaniumBackup\com.google.android.apps.uploader-0926976b806d9da199bfe918adbbfdc2.apk.gz
[2013.08.20 19:27:34 | 000,010,633 | ---- | M] () -- \Users\Bělis\Desktop\SD card\TitaniumBackup\com.google.android.apps.uploader-20130820-172733.properties
[2013.08.20 19:27:32 | 000,000,129 | ---- | M] () -- \Users\Bělis\Desktop\SD card\TitaniumBackup\com.google.android.apps.uploader-20130820-172733.tar.gz
[2013.08.20 19:24:16 | 000,010,657 | ---- | M] () -- \Users\Bělis\Desktop\SD card\TitaniumBackup\com.htc.htcMessageUploader-20130820-172415.properties
[2013.08.20 19:24:14 | 000,000,123 | ---- | M] () -- \Users\Bělis\Desktop\SD card\TitaniumBackup\com.htc.htcMessageUploader-20130820-172415.tar.gz
[2013.08.20 19:24:14 | 000,021,736 | ---- | M] () -- \Users\Bělis\Desktop\SD card\TitaniumBackup\com.htc.htcMessageUploader-34047fade3a4a9616fac51f268e28e93.apk.gz
[2013.05.22 17:18:37 | 000,000,145 | ---- | M] () -- \Users\Bělis\Documents\Freemake\FreemakeVideoDownloader\Persistent\DownloaderPersistentList.xml
[2013.04.02 14:03:06 | 000,002,895 | ---- | M] () -- \Users\Games\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\CQ10EBKH\rmsloaderdelayed[1].js
[2013.08.19 15:48:35 | 000,149,504 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\YouTubeUploaderMain\f97f147b65db55245b0892a799d1e9f2\YouTubeUploaderMain.ni.exe
[2013.08.19 15:48:36 | 003,770,368 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\YTUploader\b6384cc215e3a76dcf5c0d042aece104\YTUploader.ni.dll
[2010.03.24 21:35:48 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_amd64_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.03.24 21:12:34 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.10.07 04:36:40 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.923C1899_09AE_418B_B39D_A7A9EB6A7951
[2010.03.24 21:35:48 | 000,370,512 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\VSTOLoader_dll_amd64.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.03.24 21:12:34 | 000,249,680 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.10.07 04:36:40 | 000,265,552 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.923C1899_09AE_418B_B39D_A7A9EB6A7951
[2009.07.14 14:25:34 | 002,202,645 | R--- | M] () -- \Windows\Setup\SCRIPTS\Windows7Loader.exe
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 09:18:33 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_66f39ad995474166\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 08:23:09 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_66e5ca0f95521152\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:04:54 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_66c2596d956d1920\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.18 17:22:27 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_66ff46fd953e6c5c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:28:57 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_66dcd6a595588d81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:41:11 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_66b5981d957562a1\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 07:26:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_66fe4899953f502c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 08:39:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_673e58b0ae93bb84\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:06:43 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_67770e0aae6a7c68\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 20:46:36 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_6787e564ae5ceff6\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:26:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_67667556ae762a72\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:36:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_67316604ae9dcf7e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 16:12:39 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_677d175eae65090e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 09:04:21 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_68daf829926cc6a9\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 08:44:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_68ce27a99276afec\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 20:38:32 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_68c05c919281774d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:38:48 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 09:00:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_695ac552ab919bbb\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 08:40:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_694ff566ab99b7ac\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 20:09:47 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_6907efc6abd0db81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 07:32:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.08 07:11:20 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22379_none_692597a0abb965cc\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 17:17:49 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 17:17:49 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2009.07.14 17:17:49 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2009.07.14 17:17:49 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2009.07.14 17:17:49 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2011.06.12 14:54:16 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.06.12 14:54:17 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2011.06.12 14:54:17 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2011.06.12 14:54:17 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2011.06.12 14:54:18 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009.07.14 17:15:51 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 04:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011.02.05 15:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.02.05 15:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010.11.20 06:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:22:35 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_0ad4ff55dce9d030\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 07:45:50 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_0ac72e8bdcf4a01c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:19:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.18 13:09:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_0ae0ab79dce0fb26\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:45:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:56:23 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_0a96fc99dd17f16b\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:53 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_0adfad15dce1def6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:50:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_0b1fbd2cf6364a4e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:42:56 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_0b6949e0f5ff7ec0\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:48:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:44:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_0b12ca80f6405e48\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:39:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_0b5e7bdaf60797d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:13:36 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:47:28 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_0caf8c25da193eb6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:32:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 09:15:40 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 08:56:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_0d3159e2f33c4676\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.08 06:59:24 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22379_none_0d06fc1cf35bf496\api-ms-win-core-libraryloader-l1-1-0.dll

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >
[2011.08.16 19:15:29 | 000,000,184 | ---- | M] () -- \Windows\AutoKMS.ini
[4 \Windows\*.tmp files -> \Windows\*.tmp -> ]
[2012.02.12 23:06:44 | 000,000,715 | ---- | M] () -- \Windows\AutoKMS\AutoKMS.ini
[2013.08.05 09:47:13 | 000,256,437 | ---- | M] () -- \Windows\AutoKMS\AutoKMS.log
[2013.09.05 09:47:00 | 000,000,266 | ---- | M] () -- \Windows\Tasks\AutoKMS.job

< *activator* /s >
[2010.11.29 20:49:58 | 000,372,736 | ---- | M] () -- \Games\Nail'd\naild_activator.exe

< *serial* /s >
[2007.10.11 13:40:36 | 000,712,704 | ---- | M] () -- \Games\Portal\bin\dmserializers.dll
[2013.05.13 15:14:36 | 000,434,368 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.20513.0\System.Runtime.Serialization.dll
[2013.07.11 14:37:54 | 001,164,288 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.20513.0\System.Runtime.Serialization.ni.dll
[2011.07.22 08:59:04 | 000,005,687 | ---- | M] () -- \Program Files (x86)\PokerStars\gx\tokenserial.jpg
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.05 03:53:39 | 000,090,112 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2013.05.13 17:04:04 | 000,434,368 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.20513.0\System.Runtime.Serialization.dll
[2013.07.11 14:38:29 | 001,546,240 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.20513.0\System.Runtime.Serialization.ni.dll
[2012.10.05 12:52:37 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.05 03:54:42 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2009.04.08 09:16:13 | 000,000,029 | ---- | M] () -- \ProgramData\Tages\100663362\Serial.txt
[2009.04.08 09:16:13 | 000,000,029 | ---- | M] () -- \Users\All Users\Tages\100663362\Serial.txt
[2013.01.06 12:04:49 | 000,000,581 | ---- | M] () -- \Users\Bělis\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.serialzone.cz%2Ffavicon.png
[2012.07.19 18:38:42 | 000,014,314 | ---- | M] () -- \Users\Bělis\AppData\Roaming\uTorrent\Sticky Password Pro 5.0.7.252 + Serial.torrent
[2011.02.02 00:34:14 | 000,005,416 | ---- | M] () -- \Users\Bělis\AppData\Roaming\uTorrent\Winamp Pro 5.58 Build 2975 Final + Serial-[HB].torrent
[2008.09.04 09:06:40 | 000,079,120 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\HfxSerial.exe
[2008.09.04 09:07:02 | 000,010,512 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-CHS.dll
[2008.09.04 09:07:04 | 000,011,024 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-DEU.dll
[2008.09.04 09:07:04 | 000,011,024 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-ESP.dll
[2008.09.04 09:07:06 | 000,011,024 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-FRA.dll
[2008.09.04 09:07:10 | 000,011,024 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-ITA.dll
[2008.09.04 09:07:14 | 000,010,512 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-JPN.dll
[2008.09.04 09:07:14 | 000,010,512 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-KOR.dll
[2008.09.04 09:07:16 | 000,011,024 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-NLD.dll
[2009.07.14 17:17:20 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.13 04:02:06 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.08.19 15:31:40 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\d462f459c4353e2c628e6def1430aed7\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.08.19 15:48:53 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\e043ad64456256a8ee5b934e227d9782\System.Runtime.Serialization.ni.dll
[2013.08.19 15:28:24 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\845e04461d3d879b24c5b0d30947050a\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.08.19 16:21:04 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\dbfc784cc4bde7b16fb471e14563569d\System.Runtime.Serialization.ni.dll
[2013.08.18 15:51:39 | 002,647,552 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\420022aad3481c670eb86a4ca72d5b43\System.Runtime.Serialization.ni.dll
[2013.08.18 15:51:15 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\ad3522eafb95969623aeef7c389246bd\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.07.11 16:30:12 | 000,009,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\cda839ea462e123d42cb6d0883cf0f4d\System.Xml.Serialization.ni.dll
[2013.07.11 16:31:48 | 003,414,016 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\33a3fd30ab81dfbe01deba0c009442ed\System.Runtime.Serialization.ni.dll
[2013.07.11 16:31:59 | 000,376,832 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\635c921be59ef9831e084cf199f0fb92\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.08.18 17:13:06 | 003,414,016 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\b00c987c6d13ba24a30b471ae12a23d5\System.Runtime.Serialization.ni.dll
[2013.08.18 17:13:17 | 000,376,832 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\cd2da26160fba6400b0353e558e35da6\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.07.11 16:35:22 | 000,010,240 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.Serializ#\252726355005e3388101a3f1dfa1c727\System.Xml.Serialization.ni.dll
[2011.06.16 01:51:39 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.08.18 15:07:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2011.06.16 01:51:39 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll

Re: Prosím o kontrolu

Napsal: 05 zář 2013 09:11
od R1dd14k
[2013.08.18 15:07:27 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.08.18 15:07:33 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.05 03:53:33 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.10.05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 14:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 14:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.06 16:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2010.06.15 03:33:16 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 03:33:16 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.06.10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.05 03:54:38 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2012.10.05 12:52:38 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 14:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 14:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.06 16:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2010.06.15 03:48:20 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 03:48:20 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2009.07.14 17:17:13 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009.06.10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2009.07.14 17:17:13 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\cs-CZ\serialui.dll.mui
[2009.07.14 17:17:19 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_1c215c9ac50719c5\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2010.11.05 03:54:38 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_1e527062c1f59d5f\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2009.07.14 17:17:22 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23\serialui.dll.mui
[2009.07.14 03:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2009.07.14 17:17:32 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_b96904386c2fe002\System.RunTime.Serialization.Resources.dll
[2010.11.05 03:54:42 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_bb9a1800691e639c\System.RunTime.Serialization.Resources.dll
[2009.07.14 17:17:25 | 000,009,728 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_20ab142d65ed6acc\serial.sys.mui
[2009.07.14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009.06.10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2009.06.10 22:30:46 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.16385_none_5943b25a748cb06c\System.Runtime.Serialization.dll
[2010.11.05 03:52:16 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722\System.Runtime.Serialization.dll
[2012.10.05 12:52:38 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b\System.Runtime.Serialization.dll
[2012.10.05 12:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53\System.Runtime.Serialization.dll
[2009.06.10 22:30:43 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_941abf24c884ab05\System.Runtime.Serialization.dll
[2010.11.05 03:52:08 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb\System.Runtime.Serialization.dll
[2012.10.05 12:52:37 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4\System.Runtime.Serialization.dll
[2012.10.05 12:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec\System.Runtime.Serialization.dll
[2011.06.12 14:52:46 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011.06.12 14:52:46 | 000,017,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8_kdcom.dll_db5e7744
[2009.07.14 17:17:49 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23_serialui.dll.mui_7d29d2a3
[2009.07.14 04:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2009.07.14 17:17:47 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009.07.14 04:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009.07.14 04:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2011.02.05 15:10:43 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16757_none_6dccf6b5c641c933.manifest
[2011.02.05 15:05:47 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.20897_none_6e2b53d0df7fd8c1.manifest
[2011.02.05 19:35:45 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011.02.05 15:11:05 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009.07.14 04:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2009.07.14 04:26:23 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.16385_none_5943b25a748cb06c.manifest
[2010.11.20 06:21:24 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722.manifest
[2012.10.05 20:18:30 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b.manifest
[2012.10.05 20:10:31 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53.manifest
[2009.07.14 04:27:09 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_941abf24c884ab05.manifest
[2010.11.20 06:22:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb.manifest
[2012.10.05 20:19:07 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4.manifest
[2012.10.05 20:11:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec.manifest
[2009.07.14 03:52:33 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896.manifest
[2010.11.20 05:06:16 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2012.10.05 19:15:39 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285.manifest
[2012.10.05 19:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d.manifest
[2009.07.14 17:16:38 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2012.10.05 22:12:17 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f.manifest
[2012.10.05 21:59:28 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797.manifest
[2009.07.14 03:51:52 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9.manifest
[2010.11.20 05:05:38 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2012.10.05 19:15:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8.manifest
[2012.10.05 19:17:15 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0.manifest
[2009.07.14 03:57:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b.manifest
[2010.11.20 05:10:46 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2012.10.05 19:19:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa.manifest
[2012.10.05 19:22:10 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2.manifest
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2009.07.14 17:17:20 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 23:14:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896\System.Runtime.Serialization.dll
[2010.11.05 03:52:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2012.10.05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285\System.Runtime.Serialization.dll
[2012.10.05 12:56:07 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d\System.Runtime.Serialization.dll
[2009.07.14 17:17:32 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2010.11.13 04:02:06 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f\System.RunTime.Serialization.Resources.dll
[2010.11.13 04:37:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797\System.RunTime.Serialization.Resources.dll
[2009.06.10 23:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9\System.Runtime.Serialization.dll
[2010.11.05 03:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8\System.Runtime.Serialization.dll
[2012.10.05 12:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0\System.Runtime.Serialization.dll
[2009.07.14 17:17:21 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_267606ecf967dbc0\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.05 03:53:33 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_28a71ab4f6565f5a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.07.14 17:17:13 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2009.07.14 17:17:32 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_5d4a68b4b3d26ecc\System.RunTime.Serialization.Resources.dll
[2010.11.05 03:53:39 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2009.06.10 23:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b\System.Runtime.Serialization.dll
[2010.11.05 03:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa\System.Runtime.Serialization.dll
[2012.10.05 12:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2\System.Runtime.Serialization.dll

< *w7lxe* /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 143 bytes -> C:\Users\Bělis\AppData\Roaming\Hodnoty oddělené čárkami (Windows).EML:OECustomProperty

< End of report >

Re: Prosím o kontrolu

Napsal: 05 zář 2013 18:50
od Márty84
:???: Jak je to s legalitou Office a samotneho systemu? Ultimate neni zrovna bezna domaci verze :?:


:arrow: Udelejte !!!kompletni!!! kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

Re: Prosím o kontrolu

Napsal: 06 zář 2013 09:24
od R1dd14k
Celý počítač mi dělal kamarád, nenapadlo mě zkontrolovat legalitu.

log MBAM:

Malwarebytes Anti-Malware (PRO) 1.75.0.1300
www.malwarebytes.org

Verze: v2013.09.05.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Bělis :: BĚLIS-PC [administrátor]

Ochrana: Povolena

6.9.2013 8:46:17
MBAM-log-2013-09-06 (10-23-07).txt

Typ: Kompletní kontrola (C:\|J:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 513927
Uplynulý čas: 1 hodin, 19 minut, 6 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\GAMES\FRONTLINES-FUEL OF WAR\BINARIES\FFOW.EXE (Trojan.Agent.BEWGen) -> Data: 1 -> Nebyla provedena žádná instrukce.

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 1
C:\Games\Frontlines-Fuel of War\Binaries\FFOW.exe (Trojan.Agent.BEWGen) -> Nebyla provedena žádná instrukce.

(konec)

Re: Prosím o kontrolu

Napsal: 06 zář 2013 10:12
od Márty84
Tak ja vam to prozradim. V logu je videt jak crack na office, tak na samotny windows. Kamarad si s tim asi hlavu nelame :boxed:


A pravidla fora hovori jasne http://forum.viry.cz/viewtopic.php?f=12&t=115512
Pomáhat NELZE:
2) Pokud stroj uživatele prokazatelně obsahuje nelegální hostitelský čí ochranný software
(operační systém, antivir, firewall, atd.), je nutné navést uživatele k nápravě, např. skrze neplacený software,
a začít řešit, až v době kdy je PC "v pořádku". V případě že uživatel nechce na pravidla přistoupit,
je nutné jej vyzvat ať fórum opustí, a vrátí se až je splní.
:42:


Nalezy MBAM nechte odstranit, pak MBAM odinstalujte. No a to je tak asi vse :?:

Re: Prosím o kontrolu

Napsal: 08 zář 2013 15:12
od R1dd14k
Ok, díky za upozornění a za pomoc.:)

Re: Prosím o kontrolu

Napsal: 08 zář 2013 16:43
od Márty84
Nemate zac :)

Mejte se :bye:

:closed:
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz