VIRY.CZ

Ahojte potreboval bych poradit kdyz jsem si kontroloval pc narazil jsem na vir Win32:BitCoinMiner-AX C:\win32 Nejde odstranit
Prý zpomaluje PC tak bych to potreboval odstranit ale jak sem psal nejde to.

Log z RSIT:

Logfile of random's system information tool 1.09 (written by random/random)
Run by Jan at 2013-10-13 14:59:03
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 148 GB (31%) free of 477 GB
Total RAM: 3327 MB (42% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:59:05, on 13.10.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16635)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Wise\Wise Auto Shutdown\WiseAutoShutdown.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
C:\Program Files\trend micro\Jan.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: avast! Ad Blocker - {FFCB3198-32F3-4E8B-9539-4324694ED663} - C:\Program Files (x86)\AVAST Software\avast! Ad Blocker IE\Adblocker32.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-21-3144067096-1801283319-2492721756-1098\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3144067096-1801283319-2492721756-1098\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~2\Office12\GRA32A~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EPSON V5 Service4(04) (EPSON_EB_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
O23 - Service: EPSON V3 Service4(04) (EPSON_PM_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\SysWOW64\nlssrv32.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PDF Architect Helper Service - pdfforge GmbH - C:\Program Files (x86)\PDF Architect\HelperService.exe
O23 - Service: PDF Architect Service - pdfforge GmbH - C:\Program Files (x86)\PDF Architect\ConversionService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\PROGRA~2\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files (x86)\Tunngle\TnglCtrl.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10318 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\PROGRA~2\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\AVAST Software\Avast\afwServ.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\SysWOW64\nlssrv32.exe
"taskhost.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Windows\system32\Dwm.exe"
taskeng.exe {01A1B70D-C12D-45BF-A211-42943718695F}
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Wise\Wise Auto Shutdown\WiseAutoShutdown.exe" -a
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
"C:\Program Files (x86)\PDF Architect\HelperService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "-9283041871264727707-966995336-1317644591-415173412979907513-10803518342012454596
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\PDF Architect\ConversionService.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
"C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc" /escort 3092
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
"C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc" /escort 3760
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=2804.46ee600.1020115070 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 2804 "\\.\pipe\gecko-crash-server-pipe.2804" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe" --proxy-stub-channel=Flash2116.6B99F308.3364 --host-broker-channel=Flash2116.6B99F308.252 --host-pid=2116 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe" --channel=4688.0038F324.1378243796 --proxy-stub-channel=Flash2116.6B99F308.3364 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll" --host-npapi-version=27 --type=renderer
C:\Windows\system32\wbem\wmiprvse.exe
taskmgr.exe /3
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Jan\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\DLL-files.com Fixer_UPDATES.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\Wise Auto Shutdown Task.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\6xwb1wnh.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.117 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.40.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.40.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeExManDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.117 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.40.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.40.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeExManDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll

C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\6xwb1wnh.default\extensions\
{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-08-30 245592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-10-01 553384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-10-01 210856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED663}]
avast! Ad Blocker - C:\Program Files (x86)\AVAST Software\avast! Ad Blocker IE\Adblocker64.dll [2013-02-18 1842544]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3A2D5EBA-F86D-4BD3-A177-019765996711}]
PDF Architect Helper - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll [2013-04-08 92208]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~2\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-01 462248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-08-30 201784]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-01 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED663}]
avast! Ad Blocker - C:\Program Files (x86)\AVAST Software\avast! Ad Blocker IE\Adblocker32.dll [2013-02-18 1366720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-08-30 245592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-08-30 201784]
{25A3A431-30BB-47C8-AD6A-E1063801134F} - PDF Architect Toolbar - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll [2013-04-08 654384]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-06-21 19875432]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-08-30 4858968]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2013-10-01 2345296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~2\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"MSVideo8"=VfWWDM32.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2013-10-13 14:54:28 ----D---- C:\rsit
2013-10-13 14:54:28 ----D---- C:\Program Files\trend micro
2013-10-13 13:56:55 ----D---- C:\Users\Jan\AppData\Roaming\Toribash
2013-10-13 10:56:21 ----SHD---- C:\$RECYCLE.BIN
2013-10-13 10:56:15 ----A---- C:\ComboFix.txt
2013-10-13 10:37:29 ----A---- C:\Windows\zip.exe
2013-10-13 10:37:29 ----A---- C:\Windows\SWSC.exe
2013-10-13 10:37:29 ----A---- C:\Windows\SWREG.exe
2013-10-13 10:37:29 ----A---- C:\Windows\sed.exe
2013-10-13 10:37:29 ----A---- C:\Windows\PEV.exe
2013-10-13 10:37:29 ----A---- C:\Windows\NIRCMD.exe
2013-10-13 10:37:29 ----A---- C:\Windows\MBR.exe
2013-10-13 10:37:29 ----A---- C:\Windows\grep.exe
2013-10-13 10:36:19 ----D---- C:\Qoobox
2013-10-13 10:35:56 ----D---- C:\Windows\erdnt
2013-10-12 19:33:02 ----D---- C:\sh4ldr
2013-10-12 19:33:02 ----D---- C:\Program Files (x86)\Enigma Software Group
2013-10-12 19:31:57 ----D---- C:\Windows\DB847E94446B49E0AC5DC5627EC8B0C0.TMP
2013-10-12 19:15:29 ----A---- C:\avenger.txt
2013-10-12 19:09:49 ----D---- C:\Program Files\Enigma Software Group
2013-10-12 19:08:37 ----D---- C:\Windows\037F8C0EE8E1408FABB4FC4ABF947E1B.TMP
2013-10-12 11:19:01 ----D---- C:\Program Files (x86)\AVAST Software
2013-10-11 23:43:40 ----A---- C:\Windows\unins000.exe
2013-10-11 23:43:40 ----A---- C:\Windows\unins000.dat
2013-10-11 23:19:48 ----A---- C:\Windows\system32\drivers\aswNdis2.sys
2013-10-11 23:19:47 ----A---- C:\Windows\system32\drivers\aswFW.sys
2013-10-11 23:19:46 ----A---- C:\Windows\system32\drivers\aswKbd.sys
2013-10-11 23:19:31 ----A---- C:\Windows\system32\drivers\aswNdis.sys
2013-10-10 22:45:57 ----N---- C:\Windows\system32\drivers\cdralw2k.sys
2013-10-10 22:45:57 ----N---- C:\Windows\system32\drivers\cdr4_xp.sys
2013-10-10 22:45:56 ----N---- C:\Windows\system32\drivers\PxHlpa64.sys
2013-10-10 22:45:37 ----D---- C:\Program Files (x86)\My Company Name
2013-10-10 22:29:58 ----D---- C:\ProgramData\ALM
2013-10-10 20:02:06 ----D---- C:\ProgramData\TEMP
2013-10-10 07:15:46 ----D---- C:\ProgramData\Bohemia Interactive
2013-10-10 06:48:52 ----D---- C:\Program Files (x86)\ARMA 3
2013-10-08 19:57:55 ----D---- C:\Program Files (x86)\Battlefield 3™
2013-10-08 19:56:38 ----D---- C:\Program Files (x86)\Battlefield 3
2013-10-08 15:19:36 ----D---- C:\Program Files (x86)\Build and Shoot
2013-10-07 18:10:31 ----D---- C:\Users\Jan\AppData\Roaming\Build and Shoot
2013-10-07 18:08:59 ----D---- C:\Ace of Spades
2013-10-04 22:34:33 ----D---- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-10-04 22:34:33 ----D---- C:\Program Files\iTunes
2013-10-04 22:34:33 ----D---- C:\Program Files\iPod
2013-10-04 22:34:33 ----D---- C:\Program Files (x86)\iTunes
2013-10-04 22:13:30 ----D---- C:\Windows\Minidump
2013-10-04 18:14:17 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2013-10-04 18:14:13 ----A---- C:\Windows\SYSWOW64\PnkBstrA.exe
2013-10-04 14:22:33 ----D---- C:\ProgramData\LogMeIn
2013-10-03 09:41:42 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2013-10-02 22:07:40 ----D---- C:\ProgramData\Electronic Arts
2013-10-02 22:07:37 ----D---- C:\Program Files (x86)\Origin
2013-10-02 18:54:16 ----D---- C:\Users\Jan\AppData\Roaming\Origin
2013-10-02 18:53:14 ----D---- C:\ProgramData\Origin
2013-10-02 18:07:58 ----D---- C:\Program Files (x86)\Survivors Viy
2013-10-02 15:27:58 ----D---- C:\Program Files (x86)\AMD
2013-10-02 15:27:50 ----D---- C:\Windows\D56B0E274A3E46C9B5C1D93D580C099C.TMP
2013-10-02 15:27:26 ----A---- C:\Windows\system32\d3dx10_39.dll
2013-10-02 15:27:26 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2013-10-02 15:27:23 ----A---- C:\Windows\system32\D3DX9_39.dll
2013-10-02 09:17:30 ----D---- C:\Program Files (x86)\AGEIA Technologies
2013-10-02 09:13:11 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2013-10-02 09:13:11 ----A---- C:\Windows\system32\nvaudcap64v.dll
2013-10-02 09:13:11 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2013-10-02 09:13:10 ----A---- C:\Windows\system32\nvhdap64.dll
2013-10-02 09:13:10 ----A---- C:\Windows\system32\drivers\nvhda64v.sys
2013-10-02 09:13:09 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2013-10-02 09:13:09 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2013-10-02 09:13:09 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2013-10-02 09:13:09 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2013-10-02 09:13:09 ----A---- C:\Windows\system32\nvopencl.dll
2013-10-02 09:13:09 ----A---- C:\Windows\system32\nvoglv64.dll
2013-10-02 09:13:09 ----A---- C:\Windows\system32\nvoglshim64.dll
2013-10-02 09:13:08 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2013-10-02 09:13:08 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2013-10-02 09:13:08 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2013-10-02 09:13:08 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2013-10-02 09:13:08 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2013-10-02 09:13:08 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2013-10-02 09:13:08 ----A---- C:\Windows\system32\nvinitx.dll
2013-10-02 09:13:08 ----A---- C:\Windows\system32\NvIFR64.dll
2013-10-02 09:13:08 ----A---- C:\Windows\system32\NvFBC64.dll
2013-10-02 09:13:08 ----A---- C:\Windows\system32\nvdispgenco6432723.dll
2013-10-02 09:13:08 ----A---- C:\Windows\system32\nvdispco6432723.dll
2013-10-02 09:13:08 ----A---- C:\Windows\system32\nvd3dumx.dll
2013-10-02 09:13:08 ----A---- C:\Windows\system32\nvcuvid.dll
2013-10-02 09:13:08 ----A---- C:\Windows\system32\nvcuvenc.dll
2013-10-02 09:13:08 ----A---- C:\Windows\system32\nvcuda.dll
2013-10-02 09:13:08 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2013-10-02 09:13:07 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2013-10-02 09:13:07 ----A---- C:\Windows\system32\nvcompiler.dll
2013-10-02 09:11:42 ----D---- C:\NVIDIA
2013-10-01 20:11:55 ----A---- C:\Windows\system32\SilverEfexPro2FC64.dll
2013-10-01 19:38:54 ----D---- C:\ProgramData\Nik Software
2013-10-01 19:34:24 ----D---- C:\Windows\MSSecurityNS
2013-10-01 19:34:24 ----D---- C:\Windows\MSSecurityNi
2013-10-01 18:33:15 ----D---- C:\Users\Jan\AppData\Roaming\Software Update
2013-10-01 18:33:03 ----D---- C:\Program Files (x86)\Glarysoft
2013-10-01 18:28:35 ----D---- C:\Program Files (x86)\MSECache
2013-10-01 15:57:28 ----D---- C:\Users\Jan\AppData\Roaming\Trine2
2013-10-01 15:51:10 ----D---- C:\Program Files (x86)\Frozenbyte
2013-10-01 12:39:12 ----A---- C:\Windows\system32\javaws.exe
2013-10-01 12:39:02 ----A---- C:\Windows\system32\WindowsAccessBridge-64.dll
2013-10-01 12:39:02 ----A---- C:\Windows\system32\javaw.exe
2013-10-01 12:39:02 ----A---- C:\Windows\system32\java.exe
2013-10-01 12:30:54 ----D---- C:\ProgramData\Oracle
2013-10-01 12:30:04 ----A---- C:\Windows\SYSWOW64\javaws.exe
2013-10-01 12:29:57 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2013-10-01 12:29:57 ----A---- C:\Windows\SYSWOW64\javaw.exe
2013-10-01 12:29:57 ----A---- C:\Windows\SYSWOW64\java.exe
2013-09-29 21:08:30 ----D---- C:\Users\Jan\AppData\Roaming\WorldPainter
2013-09-29 21:08:18 ----D---- C:\Program Files\WorldPainter
2013-09-27 15:06:37 ----D---- C:\ProgramData\Package Cache
2013-09-23 16:21:42 ----D---- C:\Program Files (x86)\Age of Empires 2

======List of files/folders modified in the last 1 month======

2013-10-13 14:59:04 ----D---- C:\Windows\Temp
2013-10-13 14:54:28 ----RD---- C:\Program Files
2013-10-13 14:54:16 ----D---- C:\Users\Jan\AppData\Roaming\Skype
2013-10-13 14:44:01 ----D---- C:\Windows\Prefetch
2013-10-13 14:40:03 ----D---- C:\ProgramData\NVIDIA
2013-10-13 13:56:01 ----D---- C:\Games
2013-10-13 13:51:11 ----D---- C:\Users\Jan\AppData\Roaming\.minecraft
2013-10-13 13:51:03 ----D---- C:\ProgramData\Tunngle
2013-10-13 13:18:44 ----D---- C:\Program Files (x86)\Steam
2013-10-13 12:48:45 ----D---- C:\Users\Jan\AppData\Roaming\vlc
2013-10-13 10:52:00 ----AD---- C:\Windows
2013-10-13 10:52:00 ----A---- C:\Windows\system.ini
2013-10-13 10:51:52 ----D---- C:\Windows\system32\drivers\etc
2013-10-13 10:51:04 ----D---- C:\Windows\SysWOW64
2013-10-13 10:46:47 ----D---- C:\Windows\SYSWOW64\drivers
2013-10-13 10:46:47 ----D---- C:\Windows\AppPatch
2013-10-13 10:46:46 ----D---- C:\Program Files (x86)\Common Files
2013-10-13 10:36:20 ----D---- C:\Windows\system32\drivers
2013-10-13 10:20:02 ----D---- C:\Windows\system32\Tasks
2013-10-12 21:24:31 ----D---- C:\Windows\system32\config
2013-10-12 20:02:03 ----D---- C:\Users\Jan\AppData\Roaming\uTorrent
2013-10-12 19:33:21 ----SHD---- C:\Windows\Installer
2013-10-12 19:33:06 ----D---- C:\Config.Msi
2013-10-12 19:33:02 ----RD---- C:\Program Files (x86)
2013-10-12 19:32:23 ----SHD---- C:\System Volume Information
2013-10-12 18:46:54 ----D---- C:\Windows\system32\wdi
2013-10-12 15:19:22 ----D---- C:\Windows\System32
2013-10-12 15:19:22 ----D---- C:\Windows\inf
2013-10-12 15:19:22 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-10-12 14:09:22 ----SD---- C:\Users\Jan\AppData\Roaming\Microsoft
2013-10-12 09:31:48 ----D---- C:\Boot
2013-10-11 23:50:57 ----D---- C:\Program Files (x86)\Internet Explorer
2013-10-11 23:20:01 ----D---- C:\Windows\system32\DriverStore
2013-10-11 23:20:01 ----D---- C:\Windows\system32\catroot
2013-10-11 02:03:18 ----D---- C:\Windows\Tasks
2013-10-11 02:03:18 ----D---- C:\Windows\system32\wfp
2013-10-11 02:03:18 ----D---- C:\Windows\system32\CodeIntegrity
2013-10-11 02:03:18 ----D---- C:\Windows\system32\catroot2
2013-10-11 02:03:15 ----D---- C:\Users\Jan\AppData\Roaming\Wise Auto Shutdown
2013-10-11 02:03:15 ----D---- C:\Users\Jan\AppData\Roaming\PSpad
2013-10-11 02:03:09 ----D---- C:\Windows\system32\wbem
2013-10-11 02:03:09 ----D---- C:\Windows\registration
2013-10-11 02:03:02 ----RSD---- C:\Windows\assembly
2013-10-10 22:55:49 ----D---- C:\Users\Jan\AppData\Roaming\Adobe
2013-10-10 22:49:25 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2013-10-10 22:48:41 ----D---- C:\Program Files\Adobe
2013-10-10 22:30:19 ----D---- C:\Program Files\Common Files\Adobe
2013-10-10 22:29:58 ----D---- C:\ProgramData
2013-10-10 22:27:38 ----RSD---- C:\Windows\Fonts
2013-10-10 22:25:07 ----D---- C:\Program Files (x86)\Adobe
2013-10-10 21:35:14 ----D---- C:\Program Files (x86)\25PP
2013-10-10 21:31:30 ----D---- C:\Windows\winsxs
2013-10-10 21:30:46 ----D---- C:\ProgramData\Adobe
2013-10-09 16:29:26 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-10-09 00:36:49 ----D---- C:\Windows\AppCompat
2013-10-09 00:36:49 ----D---- C:\ProgramData\PMB Files
2013-10-04 22:11:01 ----D---- C:\Windows\LiveKernelReports
2013-10-02 22:04:03 ----D---- C:\Windows\system32\LogFiles
2013-10-02 12:07:21 ----D---- C:\Windows\Logs
2013-10-02 09:18:47 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2013-10-02 09:18:46 ----D---- C:\ProgramData\NVIDIA Corporation
2013-10-02 09:17:37 ----D---- C:\Program Files\NVIDIA Corporation
2013-10-02 09:15:43 ----RD---- C:\Users
2013-10-02 09:05:38 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-02 09:05:38 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-10-01 22:20:31 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-10-01 22:15:49 ----RD---- C:\Kernels
2013-10-01 20:57:33 ----D---- C:\Program Files\Nik Software
2013-10-01 18:37:11 ----D---- C:\Windows\SYSWOW64\Macromed
2013-10-01 18:29:28 ----D---- C:\Program Files (x86)\Microsoft Office
2013-10-01 18:22:30 ----D---- C:\Windows\SYSWOW64\Adobe
2013-10-01 15:50:51 ----D---- C:\Users\Jan\AppData\Roaming\DAEMON Tools Lite
2013-10-01 13:09:10 ----D---- C:\Program Files\Defraggler
2013-10-01 13:06:20 ----D---- C:\Users\Jan\AppData\Roaming\TS3Client
2013-10-01 13:05:42 ----D---- C:\Windows\Panther
2013-10-01 13:05:38 ----D---- C:\Windows\debug
2013-10-01 13:04:20 ----D---- C:\Program Files\CCleaner
2013-10-01 12:54:20 ----D---- C:\Program Files (x86)\WinRAR
2013-10-01 12:38:47 ----A---- C:\Windows\system32\npDeployJava1.dll
2013-10-01 12:38:47 ----A---- C:\Windows\system32\deployJava1.dll
2013-10-01 12:38:45 ----D---- C:\Program Files\Java
2013-10-01 12:29:42 ----A---- C:\Windows\SYSWOW64\npDeployJava1.dll
2013-10-01 12:29:42 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2013-10-01 12:26:54 ----D---- C:\Program Files (x86)\Java
2013-09-29 13:43:39 ----D---- C:\Program Files (x86)\PAYDAY 2
2013-09-29 07:53:51 ----D---- C:\Windows\system32\en-US
2013-09-29 07:53:47 ----D---- C:\ProgramData\DAEMON Tools Lite
2013-09-28 22:18:35 ----D---- C:\Users\Jan\AppData\Roaming\Seznam.cz
2013-09-28 22:18:25 ----D---- C:\Program Files (x86)\Seznam.cz
2013-09-28 22:16:54 ----D---- C:\Program Files (x86)\1-click run
2013-09-28 22:16:43 ----D---- C:\Program Files (x86)\Autodesk
2013-09-28 22:11:28 ----D---- C:\Windows\system32\appmgmt
2013-09-22 11:15:54 ----D---- C:\Users\Jan\AppData\Roaming\Apple Computer
2013-09-19 23:04:25 ----D---- C:\Users\Jan\AppData\Roaming\Audacity

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswNdis;avast! Firewall NDIS Filter Service; C:\Windows\system32\DRIVERS\aswNdis.sys [2013-07-17 12368]
R0 aswNdis2;avast! Firewall Core Firewall Service; C:\Windows\system32\drivers\aswNdis2.sys [2013-08-30 270824]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-08-30 65336]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-08-30 204880]
R0 fltsrv;Acronis Storage Filter Management; C:\Windows\system32\DRIVERS\fltsrv.sys [2013-07-12 132704]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2012-06-22 56336]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 aswFW;avast! TDI Firewall Driver; \??\C:\Windows\system32\drivers\aswFW.sys [2013-08-30 131232]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2013-08-30 22600]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-08-30 72016]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-08-30 1030952]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-08-30 378944]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-08-30 64288]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-09-12 283064]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2013-07-22 126872]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-08-30 33400]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-08-30 80816]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller; C:\Windows\system32\DRIVERS\l160x64.sys [2009-10-13 61440]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2005-03-29 8192]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-06-16 196384]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2013-08-20 39200]
R3 PAC7302;FaceCam 300; C:\Windows\system32\DRIVERS\PAC7302.SYS [2009-04-28 532480]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\Windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 EsgScanner;EsgScanner; C:\Windows\system32\DRIVERS\EsgScanner.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S4 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-09-05 65640]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2013-09-07 55624]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-08-30 46808]
R2 avast! Firewall;avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2013-08-30 137960]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04); C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE [2009-09-14 166400]
R2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04); C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [2009-09-14 128512]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2013-10-01 2746704]
R2 nlsX86cc;Nalpeiron Licensing Service; C:\Windows\SysWOW64\nlssrv32.exe [2011-03-30 66560]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-08-27 14997280]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-09-12 920864]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-08-27 2155296]
R2 PDF Architect Helper Service;PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [2013-04-08 1320496]
R2 PDF Architect Service;PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [2013-04-08 799280]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-10-04 76888]
R2 SpyHunter 4 Service;SpyHunter 4 Service; C:\PROGRA~2\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [2013-07-17 770432]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-09-12 414496]
R2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-08-07 4308320]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-08 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-06-21 162408]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09 257416]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-08 116648]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2013-10-01 641352]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-09-27 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-10-09 565672]
S3 SwitchBoard;Adobe SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 TunngleService;TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2013-09-03 759192]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-12-15 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

Zdravim.

Proc jste spoustel ComboFix?

Kdybyste si precetl pravidla fora http://forum.viry.cz/viewtopic.php?f=12&t=5601 , docetl byste se mimo jine toto

2. Před položením dotazu použijte tlačítko Hledat. Možná již někdo problém podobným Vašemu řešil. Pokud ale ve vyřešeném tématu budou aplikovány různé utility\aplikace, nespouštějte je. Utility se používají až na pokyn rádce, jelikož mohou mazat stopy po havěti a v rukou ne-oborníka může mít jejich použití nedozírné následky.

3. Zvláště utilitu ComboFix nespouštějte i když Vám ji poradil kamarád\nějaký rádoby odborný web. Naše fórum je jediné z CZ-SK antivirových fór, která mají právo luštit logy z ComboFixu a mámě též plnou podporu autora této utility a přístup k nejaktuálnějším informacím a návodům.

CF smaze veskere stopy pripadne nakazy. A ja ted muzu tak akorat varit z vody, jak se rika

Zkusime se na to podivat, ale pokud se to bude opakovat, bude pomoc odmitnuta.
A taky upozornuji, ze se to mozna protahne a vysledek vubec neni jisty.

A ten Avenger vam poradil kdo?

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

Udelejte !!!kompletni!!! kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

Zdravím
Děkuju za odezvu

Combofix mi poradil kamarád a bohužel jsem mu ve vsem veril :/

Avenger mi taky poradil stejný kamarád :/

Našel jsem v Avastu AutoSandbox Tak ten jsem vypl

*FacePalm* : ještě něco kdyz se mi odaktivoval windows (legal) tak jsem nevedel co mám delat tak jsem si stahl Aktivator (w7lxe)Mozná vám to pomuze v logu (jsem pitomec) :// (stále ho mám ulozenej)

OTL Log:

OTL.txt:
OTL logfile created on: 13.10.2013 19:41:20 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jan\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000405 | Country: Czech Republic | Language: CSY | Date Format: d.M.yyyy

3,25 Gb Total Physical Memory | 1,59 Gb Available Physical Memory | 49,02% Memory free
6,50 Gb Paging File | 4,64 Gb Available in Paging File | 71,37% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,76 Gb Total Space | 144,98 Gb Free Space | 31,13% Space Free | Partition Type: NTFS
Drive E: | 1397,26 Gb Total Space | 1374,89 Gb Free Space | 98,40% Space Free | Partition Type: NTFS

Computer Name: JAN-PC | User Name: Jan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 1 Day

========== Processes (SafeList) ==========

PRC - [2013.10.13 19:39:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jan\Desktop\OTL.exe
PRC - [2013.10.04 18:14:13 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2013.09.23 01:18:28 | 000,126,464 | ---- | M] (VideoLAN) -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
PRC - [2013.09.12 01:17:46 | 000,414,496 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013.09.11 04:26:32 | 000,274,840 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013.09.05 16:04:00 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.08.30 09:47:34 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013.08.30 09:47:33 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013.08.30 09:47:31 | 000,137,960 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwServ.exe
PRC - [2013.08.27 23:15:38 | 002,155,296 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013.08.27 23:15:37 | 001,213,216 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
PRC - [2013.08.07 11:42:30 | 004,308,320 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2013.07.17 16:03:52 | 000,770,432 | ---- | M] (Enigma Software Group USA, LLC.) -- C:\Program Files (x86)\Enigma Software Group\SpyHunter\SH4Service.exe
PRC - [2013.05.15 16:11:40 | 001,453,192 | ---- | M] (WiseCleaner.COM) -- C:\Program Files (x86)\Wise\Wise Auto Shutdown\WiseAutoShutdown.exe
PRC - [2013.04.08 18:44:12 | 001,320,496 | ---- | M] (pdfforge GmbH) -- C:\Program Files (x86)\PDF Architect\HelperService.exe
PRC - [2013.04.08 18:43:36 | 000,799,280 | ---- | M] (pdfforge GmbH) -- C:\Program Files (x86)\PDF Architect\ConversionService.exe
PRC - [2011.03.30 00:17:08 | 000,066,560 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\SysWOW64\nlssrv32.exe

========== Modules (No Company Name) ==========

MOD - [2013.09.23 01:19:10 | 002,341,888 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\libvlccore.dll
MOD - [2013.09.23 01:19:08 | 011,749,376 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\gui\libqt4_plugin.dll
MOD - [2013.09.23 01:19:04 | 000,050,688 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_output\libwaveout_plugin.dll
MOD - [2013.09.23 01:19:02 | 000,350,720 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libtheora_plugin.dll
MOD - [2013.09.23 01:19:02 | 000,292,864 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libpng_plugin.dll
MOD - [2013.09.23 01:19:02 | 000,047,616 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_output\libdirectsound_plugin.dll
MOD - [2013.09.23 01:19:02 | 000,041,472 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libdts_plugin.dll
MOD - [2013.09.23 01:19:02 | 000,040,448 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libcdg_plugin.dll
MOD - [2013.09.23 01:19:00 | 001,381,376 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liblibass_plugin.dll
MOD - [2013.09.23 01:19:00 | 000,311,296 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libopus_plugin.dll
MOD - [2013.09.23 01:19:00 | 000,049,152 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libg711_plugin.dll
MOD - [2013.09.23 01:19:00 | 000,041,472 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libmpeg_audio_plugin.dll
MOD - [2013.09.23 01:19:00 | 000,040,448 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liba52_plugin.dll
MOD - [2013.09.23 01:19:00 | 000,037,888 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libaes3_plugin.dll
MOD - [2013.09.23 01:18:58 | 009,987,584 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libavcodec_plugin.dll
MOD - [2013.09.23 01:18:58 | 001,723,904 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libvorbis_plugin.dll
MOD - [2013.09.23 01:18:58 | 001,297,920 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libschroedinger_plugin.dll
MOD - [2013.09.23 01:18:58 | 000,359,424 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libfaad_plugin.dll
MOD - [2013.09.23 01:18:58 | 000,209,408 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libflac_plugin.dll
MOD - [2013.09.23 01:18:58 | 000,044,032 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liblpcm_plugin.dll
MOD - [2013.09.23 01:18:58 | 000,042,496 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libspudec_plugin.dll
MOD - [2013.09.23 01:18:52 | 000,144,896 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libspeex_plugin.dll
MOD - [2013.09.23 01:18:52 | 000,056,320 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\control\libhotkeys_plugin.dll
MOD - [2013.09.23 01:18:52 | 000,048,640 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libaraw_plugin.dll
MOD - [2013.09.23 01:18:52 | 000,038,912 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\control\libglobalhotkeys_plugin.dll
MOD - [2013.09.23 01:18:52 | 000,034,816 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_mixer\libfloat_mixer_plugin.dll
MOD - [2013.09.23 01:18:50 | 000,541,184 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\video_filter\libswscale_plugin.dll
MOD - [2013.09.23 01:18:50 | 000,035,840 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\video_filter\libyuvp_plugin.dll
MOD - [2013.09.23 01:18:46 | 001,518,592 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libsamplerate_plugin.dll
MOD - [2013.09.23 01:18:46 | 000,300,032 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\lua\liblua_plugin.dll
MOD - [2013.09.23 01:18:46 | 000,183,808 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libdtstofloat32_plugin.dll
MOD - [2013.09.23 01:18:46 | 000,130,560 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libmpgatofixed32_plugin.dll
MOD - [2013.09.23 01:18:46 | 000,073,728 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\liba52tofloat32_plugin.dll
MOD - [2013.09.23 01:18:46 | 000,046,080 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libaudio_format_plugin.dll
MOD - [2013.09.23 01:18:46 | 000,037,376 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libdtstospdif_plugin.dll
MOD - [2013.09.23 01:18:46 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libtrivial_channel_mixer_plugin.dll
MOD - [2013.09.23 01:18:46 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\video_filter\libscale_plugin.dll
MOD - [2013.09.23 01:18:46 | 000,036,352 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libugly_resampler_plugin.dll
MOD - [2013.09.23 01:18:46 | 000,036,352 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libdolby_surround_decoder_plugin.dll
MOD - [2013.09.23 01:18:44 | 001,409,536 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\meta_engine\libtaglib_plugin.dll
MOD - [2013.09.23 01:18:44 | 000,040,960 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libsimple_channel_mixer_plugin.dll
MOD - [2013.09.23 01:18:44 | 000,040,960 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libscaletempo_plugin.dll
MOD - [2013.09.23 01:18:44 | 000,037,888 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\meta_engine\libfolder_plugin.dll
MOD - [2013.09.23 01:18:44 | 000,035,328 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\liba52tospdif_plugin.dll
MOD - [2013.09.23 01:18:42 | 001,283,584 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\misc\libxml_plugin.dll
MOD - [2013.09.23 01:18:40 | 000,731,648 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\text_renderer\libfreetype_plugin.dll
MOD - [2013.09.23 01:18:40 | 000,076,800 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\mmx\libi420_rgb_mmx_plugin.dll
MOD - [2013.09.23 01:18:40 | 000,055,808 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_plugin.dll
MOD - [2013.09.23 01:18:40 | 000,044,032 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\mmx\libi420_yuy2_mmx_plugin.dll
MOD - [2013.09.23 01:18:40 | 000,043,008 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libyuy2_i420_plugin.dll
MOD - [2013.09.23 01:18:40 | 000,043,008 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\mmx\libi422_yuy2_mmx_plugin.dll
MOD - [2013.09.23 01:18:40 | 000,041,984 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_plugin.dll
MOD - [2013.09.23 01:18:40 | 000,040,448 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_plugin.dll
MOD - [2013.09.23 01:18:40 | 000,038,912 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libyuy2_i422_plugin.dll
MOD - [2013.09.23 01:18:40 | 000,037,376 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi422_i420_plugin.dll
MOD - [2013.09.23 01:18:40 | 000,037,376 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libgrey_yuv_plugin.dll
MOD - [2013.09.23 01:18:38 | 000,246,784 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libdshow_plugin.dll
MOD - [2013.09.23 01:18:38 | 000,137,728 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\sse2\libi420_rgb_sse2_plugin.dll
MOD - [2013.09.23 01:18:38 | 000,079,872 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\video_output\libdirect3d_plugin.dll
MOD - [2013.09.23 01:18:38 | 000,079,360 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\video_output\libdirectdraw_plugin.dll
MOD - [2013.09.23 01:18:38 | 000,076,288 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libaccess_vdr_plugin.dll
MOD - [2013.09.23 01:18:38 | 000,052,224 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\sse2\libi420_yuy2_sse2_plugin.dll
MOD - [2013.09.23 01:18:38 | 000,051,712 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\sse2\libi422_yuy2_sse2_plugin.dll
MOD - [2013.09.23 01:18:34 | 002,029,568 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\access\liblibbluray_plugin.dll
MOD - [2013.09.23 01:18:34 | 000,258,560 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libdvdnav_plugin.dll
MOD - [2013.09.23 01:18:34 | 000,114,688 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libzip_plugin.dll
MOD - [2013.09.23 01:18:34 | 000,100,352 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libaccess_bd_plugin.dll
MOD - [2013.09.23 01:18:34 | 000,046,592 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libfilesystem_plugin.dll
MOD - [2013.09.23 01:18:34 | 000,039,936 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libstream_filter_rar_plugin.dll
MOD - [2013.09.23 01:18:32 | 000,192,000 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libmp4_plugin.dll
MOD - [2013.09.23 01:18:32 | 000,136,704 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libplaylist_plugin.dll
MOD - [2013.09.23 01:18:32 | 000,091,136 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libavi_plugin.dll
MOD - [2013.09.23 01:18:30 | 000,719,872 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libdash_plugin.dll
MOD - [2013.09.23 01:18:28 | 000,465,920 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libhttplive_plugin.dll
MOD - [2013.09.23 01:18:28 | 000,113,664 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\libvlc.dll
MOD - [2013.09.23 01:18:28 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libsmooth_plugin.dll
MOD - [2013.09.11 04:26:52 | 003,279,768 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012.06.29 13:10:52 | 000,836,608 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\version.dll

========== Services (SafeList) ==========

SRV:64bit: - [2013.08.30 09:47:33 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2013.08.30 09:47:31 | 000,137,960 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV:64bit: - [2013.08.27 23:17:13 | 014,997,280 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2013.05.27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.09.14 05:00:00 | 000,166,400 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE -- (EPSON_EB_RPCV4_04)
SRV:64bit: - [2009.09.14 05:00:00 | 000,128,512 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE -- (EPSON_PM_RPCV4_04)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013.10.09 16:29:27 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.10.09 04:19:14 | 000,565,672 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013.10.04 18:14:13 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2013.10.01 15:51:14 | 002,746,704 | ---- | M] (LogMeIn Inc.) [Auto | Stopped] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2013.09.27 05:41:58 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.09.12 01:17:46 | 000,414,496 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013.09.05 16:04:00 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.09.03 02:38:28 | 000,759,192 | ---- | M] (Tunngle.net GmbH) [On_Demand | Stopped] -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe -- (TunngleService)
SRV - [2013.08.27 23:15:38 | 002,155,296 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013.08.07 11:42:30 | 004,308,320 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2013.07.17 16:03:52 | 000,770,432 | ---- | M] (Enigma Software Group USA, LLC.) [Auto | Running] -- C:\Program Files (x86)\Enigma Software Group\SpyHunter\SH4Service.exe -- (SpyHunter 4 Service)
SRV - [2013.06.21 09:53:36 | 000,162,408 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.04.18 11:06:42 | 000,737,616 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2013.04.08 18:44:12 | 001,320,496 | ---- | M] (pdfforge GmbH) [Auto | Running] -- C:\Program Files (x86)\PDF Architect\HelperService.exe -- (PDF Architect Helper Service)
SRV - [2013.04.08 18:43:36 | 000,799,280 | ---- | M] (pdfforge GmbH) [Auto | Running] -- C:\Program Files (x86)\PDF Architect\ConversionService.exe -- (PDF Architect Service)
SRV - [2011.03.30 00:17:08 | 000,066,560 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\SysWOW64\nlssrv32.exe -- (nlsX86cc)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2013.09.12 18:10:11 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2013.08.30 09:48:10 | 001,030,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2013.08.30 09:48:10 | 000,378,944 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2013.08.30 09:48:10 | 000,204,880 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013.08.30 09:48:10 | 000,072,016 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013.08.30 09:48:10 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013.08.30 09:48:10 | 000,064,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2013.08.30 09:48:09 | 000,270,824 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswNdis2.sys -- (aswNdis2)
DRV:64bit: - [2013.08.30 09:48:09 | 000,131,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswFW.sys -- (aswFW)
DRV:64bit: - [2013.08.30 09:48:09 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2013.08.30 09:48:09 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2013.08.30 09:48:09 | 000,022,600 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:64bit: - [2013.08.20 15:33:40 | 000,039,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2013.07.22 04:19:42 | 000,126,872 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:64bit: - [2013.07.17 11:17:56 | 000,012,368 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswNdis.sys -- (aswNdis)
DRV:64bit: - [2013.07.12 11:47:30 | 000,132,704 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fltsrv.sys -- (fltsrv)
DRV:64bit: - [2013.06.16 14:38:15 | 000,196,384 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012.12.13 13:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012.10.17 14:53:46 | 000,026,112 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2012.08.23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 16:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.08.21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012.06.22 03:01:00 | 000,056,336 | ---- | M] (Corel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.10.13 02:15:52 | 000,061,440 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\l160x64.sys -- (AtcL001)
DRV:64bit: - [2009.09.16 08:02:42 | 000,031,232 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901t.sys -- (tap0901t)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.04.28 10:07:52 | 000,532,480 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PAC7302.SYS -- (PAC7302)
DRV:64bit: - [2009.03.18 18:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2005.03.29 01:30:38 | 000,008,192 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV - [2012.06.22 12:01:32 | 000,019,984 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\EsgScanner.sys -- (EsgScanner)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE10SR
IE - HKCU\..\SearchScopes\{7E797737-42C7-40BC-BC9D-1D877A7B52ED}: "URL" = http://tv.seznam.cz/hledej?w={searchTer ... arch_13415
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.40.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.40.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeExManDetect: C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.40.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.40.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeExManDetect: C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.09.06 14:33:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\FFPDFArchitectConverter@pdfarchitect.com: C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013.06.29 21:14:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2013.06.29 12:52:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jan\AppData\Roaming\Mozilla\Extensions
[2013.10.13 10:31:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\6xwb1wnh.default\extensions
[2013.09.12 14:13:09 | 000,000,000 | ---D | M] (iMacros for Firefox) -- C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\6xwb1wnh.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}
[2013.10.11 14:30:48 | 000,004,366 | ---- | M] () (No name found) -- C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\6xwb1wnh.default\extensions\firefox@mega.co.nz.xpi
[2013.10.10 15:11:24 | 000,915,554 | ---- | M] () (No name found) -- C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\6xwb1wnh.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.10.12 11:18:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013.10.01 22:20:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013.10.01 22:20:31 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013.10.01 11:24:37 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\updated\browser\extensions
[2013.10.01 11:24:54 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\updated\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013.09.06 14:33:53 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.69\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.69\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.69\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U25 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.0.50917.0\npctrl.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Nokia Suite Enabler Plugin (Enabled) = C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll
CHR - plugin: Java Deployment Toolkit 7.0.250.17 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - Extension: Disk Google = C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_1\
CHR - Extension: avast! Online Security = C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2005.45_0\
CHR - Extension: Chrome In-App Payments service = C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\
CHR - Extension: Gmail = C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2013.10.13 10:51:52 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (avast! Ad Blocker) - {FFCB3198-32F3-4E8B-9539-4324694ED663} - C:\Program Files (x86)\AVAST Software\avast! Ad Blocker IE\Adblocker64.dll (AVAST Software)
O2 - BHO: (PDF Architect Helper) - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Ad Blocker) - {FFCB3198-32F3-4E8B-9539-4324694ED663} - C:\Program Files (x86)\AVAST Software\avast! Ad Blocker IE\Adblocker32.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (PDF Architect Toolbar) - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll (pdfforge GmbH)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]http in Internet)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 10.40.2)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_25)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 10.40.2)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 10.40.2)
O16 - DPF: {CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 10.40.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{52A3E236-9F0E-4E88-B250-E9C473E40C48}: DhcpNameServer = 7.254.254.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6E6BAE2B-E33C-4A6F-9FE7-F799ECF6C4E4}: DhcpNameServer = 85.193.0.8 85.193.0.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012.07.26 08:52:25 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - frapsvid.dll File not found
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 1 Day ==========

[2013.10.13 19:39:00 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Jan\Desktop\OTL.exe
[2013.10.13 14:54:28 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.10.13 14:54:28 | 000,000,000 | ---D | C] -- C:\rsit
[2013.10.13 13:56:55 | 000,000,000 | ---D | C] -- C:\Users\Jan\AppData\Roaming\Toribash
[2013.10.13 13:21:10 | 000,000,000 | ---D | C] -- C:\Users\Jan\Desktop\Nová složka
[2013.10.13 10:56:21 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013.10.13 10:37:29 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013.10.13 10:37:29 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013.10.13 10:37:29 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013.10.13 10:36:19 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.10.13 10:35:56 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 1 Day ==========

[2013.10.13 19:46:55 | 000,000,946 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.10.13 19:46:49 | 000,000,942 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.10.13 19:44:08 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.10.13 19:39:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jan\Desktop\OTL.exe
[2013.10.13 19:29:54 | 000,014,544 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.10.13 19:29:54 | 000,014,544 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.10.13 19:29:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.10.13 19:17:17 | 000,000,448 | ---- | M] () -- C:\Windows\tasks\Wise Auto Shutdown Task.job
[2013.10.13 19:16:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.10.13 19:16:41 | 2616,549,376 | -HS- | M] () -- C:\hiberfil.sys
[2013.10.13 10:51:52 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013.10.13 19:44:08 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.10.13 10:37:29 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013.10.13 10:37:29 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013.10.13 10:37:29 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013.10.13 10:37:29 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013.10.13 10:37:29 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013.10.11 23:43:40 | 001,174,439 | ---- | C] () -- C:\Windows\unins000.exe
[2013.10.11 23:43:40 | 000,001,237 | ---- | C] () -- C:\Windows\unins000.dat
[2013.10.04 18:14:17 | 000,214,392 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013.10.04 18:14:13 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013.09.11 18:08:04 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Access.dat
[2013.09.08 12:57:35 | 000,000,885 | ---- | C] () -- C:\Windows\SysWow64\SP7302.ini
[2013.08.29 09:54:39 | 000,001,281 | ---- | C] () -- C:\Users\Jan\AppData\Local\recently-used.xbel
[2013.07.01 19:24:34 | 000,000,132 | ---- | C] () -- C:\Users\Jan\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
[2013.06.29 22:51:22 | 000,000,162 | ---- | C] () -- C:\Windows\ODBC.INI
[2013.06.29 03:28:25 | 001,563,126 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.06.29 03:20:23 | 000,921,665 | ---- | C] () -- C:\Windows\SysWow64\msvcrt-ruby18.dll
[2013.06.29 03:20:23 | 000,271,264 | ---- | C] () -- C:\Windows\SysWow64\vbrun100.dll
[2013.06.29 03:20:23 | 000,210,944 | ---- | C] () -- C:\Windows\SysWow64\msvcrt10.dll
[2013.06.29 03:20:23 | 000,027,136 | ---- | C] () -- C:\Windows\SysWow64\pythonw.exe
[2013.06.29 03:20:23 | 000,026,624 | ---- | C] () -- C:\Windows\SysWow64\python.exe
[2013.06.29 03:20:23 | 000,020,537 | ---- | C] () -- C:\Windows\SysWow64\rubyw.exe
[2013.06.29 03:20:23 | 000,020,536 | ---- | C] () -- C:\Windows\SysWow64\ruby.exe
[2012.06.22 12:01:32 | 000,019,984 | ---- | C] () -- C:\Windows\SysWow64\ESGScanner.sys
[2012.06.22 12:01:32 | 000,019,984 | ---- | C] () -- C:\Windows\SysWow64\drivers\EsgScanner.sys
[2012.02.23 05:26:34 | 000,326,144 | ---- | C] () -- C:\Windows\SysWow64\Viveza2FC32.dll

========== ZeroAccess Check ==========

[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013.10.13 13:51:11 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\.minecraft
[2013.08.22 19:04:09 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\.technic
[2013.09.19 23:04:25 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Audacity
[2013.10.08 15:19:40 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Build and Shoot
[2013.10.01 15:50:51 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\DAEMON Tools Lite
[2013.08.05 11:57:43 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\dll-files.com
[2013.07.09 18:24:20 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\EPSON
[2013.08.27 22:07:36 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\fltk.org
[2013.06.30 20:02:27 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\iFunbox_UserCache
[2013.09.11 06:33:55 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\iMobie
[2013.06.29 13:50:14 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\IsolatedStorage
[2013.06.30 14:11:14 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\LolClient
[2013.09.04 13:45:54 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\OBS
[2013.10.02 19:10:22 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Origin
[2013.06.29 22:44:28 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\PC Suite
[2013.06.29 18:29:51 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\PDAppFlex
[2013.07.28 10:38:52 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\PDF Architect
[2013.06.29 21:14:14 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\pdfforge
[2013.09.12 17:46:57 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\PowerISO
[2013.09.05 20:34:10 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\redsn0w
[2013.06.29 22:05:37 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Riot Games
[2013.09.28 22:18:35 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Seznam.cz
[2013.10.01 18:34:35 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Software Update
[2013.08.28 15:21:42 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\TeamViewer
[2013.10.02 11:09:12 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Trine2
[2013.10.01 13:06:20 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\TS3Client
[2013.09.12 20:07:30 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Tunngle
[2013.06.29 20:38:14 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Ulozto File Manager
[2013.10.12 20:02:03 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\uTorrent
[2013.10.11 02:03:15 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Wise Auto Shutdown
[2013.09.29 21:23:37 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\WorldPainter
[2013.06.29 22:44:26 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Zoner

========== Purity Check ==========

========== Custom Scans ==========

< >
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,027,414 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2013.06.29 12:58:50 | 000,000,830 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.06.29 21:26:59 | 000,000,448 | ---- | C] () -- C:\Windows\Tasks\Wise Auto Shutdown Task.job
[2013.08.05 11:57:49 | 000,000,288 | ---- | C] () -- C:\Windows\Tasks\DLL-files.com Fixer_UPDATES.job
[2013.08.08 19:41:29 | 000,000,942 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.08.08 19:41:31 | 000,000,946 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

< >

< MD5 for: AGP440.SYS >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\erdnt\cache64\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\erdnt\cache86\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\erdnt\cache64\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2012.06.02 06:52:32 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=063DD65889D21035311463337BD268E7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_788c7cc71232cc19\cryptsvc.dll
[2010.11.20 15:25:59 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2013.05.10 06:49:59 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=33ADF6E0853AB39EA1723BE82842C1D3 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_77d7a417f9359661\cryptsvc.dll
[2013.05.13 06:45:55 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=3897DFF247D9ED0006190349DE264E14 -- C:\Windows\erdnt\cache86\cryptsvc.dll
[2013.05.13 06:45:55 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=3897DFF247D9ED0006190349DE264E14 -- C:\Windows\SysWOW64\cryptsvc.dll

[2013.05.13 06:45:55 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=3897DFF247D9ED0006190349DE264E14 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_77d8a461f934afb8\cryptsvc.dll
[2012.06.02 07:32:25 | 000,183,808 | ---- | M] (Microsoft Corporation) MD5=456107D69D4EE850A559434F19EFEE65 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21225_none_d2beeccacd6d6c07\cryptsvc.dll
[2012.06.04 09:52:35 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=7E7D2DACF65D750D466F36BD3D09AE20 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_d4ab184aca903d4f\cryptsvc.dll
[2013.05.10 07:49:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=7FDC4626B01106A8EF328C88C7C0DEE3 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_d3f63f9bb1930797\cryptsvc.dll
[2013.05.11 07:18:23 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=8122252F0A4ACFA92FA0C1D50D18493B -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_d4a24ea4ca968363\cryptsvc.dll
[2009.07.14 03:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_d1f48b0bb4805490\cryptsvc.dll
[2012.06.02 06:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=96C0E38905CFD788313BE8E11DAE3F2F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_77ddc9e5f93000db\cryptsvc.dll
[2012.06.02 07:41:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=9C01375BE382E834CC26D1B7EAF2C4FE -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_d3fc6569b18d7211\cryptsvc.dll
[2009.07.14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
[2010.11.20 14:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
[2013.05.11 06:59:05 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=AC04D05309BB2C418D0D80B9FB014642 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_7883b3211239122d\cryptsvc.dll
[2012.06.02 07:25:12 | 000,182,272 | ---- | M] (Microsoft Corporation) MD5=BAF19B633933A9FB4883D27D66C39E9A -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17035_none_d22a7e2db457eb07\cryptsvc.dll
[2013.05.10 07:18:53 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=CA13C4F92BEE66DB48E58AB3223DDF6E -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_d4a14e5aca976a0c\cryptsvc.dll
[2013.05.13 07:51:01 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=D8129C49798CBBFB2E4351D4B7B8EF9C -- C:\Windows\erdnt\cache64\cryptsvc.dll
[2013.05.13 07:51:01 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=D8129C49798CBBFB2E4351D4B7B8EF9C -- C:\Windows\SysNative\cryptsvc.dll
[2013.05.13 07:51:01 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=D8129C49798CBBFB2E4351D4B7B8EF9C -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_d3f73fe5b19220ee\cryptsvc.dll
[2013.05.10 07:06:21 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=E122AA1C9A3CC46FF9DDDE46E5EB0C58 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_7882b2d71239f8d6\cryptsvc.dll
[2012.06.02 06:41:59 | 000,141,312 | ---- | M] (Microsoft Corporation) MD5=EA8C26ECF1656D9647EF044F115EC6DA -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21225_none_76a05147150ffad1\cryptsvc.dll
[2012.06.02 06:45:21 | 000,139,264 | ---- | M] (Microsoft Corporation) MD5=F2FDE6C8DBAAD44CC58D1E07E4AF4EED -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17035_none_760be2a9fbfa79d1\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2010.12.15 05:39:25 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\erdnt\cache86\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2010.12.15 05:37:08 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.12.15 05:39:25 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2010.12.15 05:37:08 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2010.12.15 05:39:25 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2010.12.15 05:37:08 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2010.12.15 05:39:25 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2010.12.15 05:37:08 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: HAL.DLL >
[2009.07.14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: IASTORV.SYS >
[2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011.03.11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011.03.11 08:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\drivers\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\isapnp.sys

< MD5 for: LSASS.EXE >
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_023f7c69767c3edd\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_023e7e05767d22ad\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_02bd4ae48fa2de68\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe
[2011.11.17 08:20:34 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0A10B74FBB437FF9A23F1D5DE4446A83 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_04c1204e8cb39c3f\lsass.exe
[2011.11.17 09:05:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=156F6159457D0AA7E59B62681B56EB90 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16915_none_028b374176436a30\lsass.exe
[2011.11.17 09:05:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=156F6159457D0AA7E59B62681B56EB90 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.17035_none_02756f8b7653d554\lsass.exe
[2012.08.24 19:43:36 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=77119F1F9B492B260030C34F9BE327FA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22099_none_04a88ce28cc4eb33\lsass.exe
[2012.06.04 09:51:10 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=79C908CAA6F43021EB05F4C733A927D1 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_04f609a88c8c279c\lsass.exe
[2012.06.02 07:30:31 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=BF63CE11A25F3509129888710D5111FC -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21225_none_0309de288f695654\lsass.exe
[2011.11.17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\erdnt\cache64\lsass.exe
[2011.11.17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\SysNative\lsass.exe
[2011.11.17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_0466c45b7371f20d\lsass.exe
[2011.11.17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_044756c773895c5e\lsass.exe
[2011.11.17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17940_none_044c26dd7386a58a\lsass.exe
[2011.11.17 08:42:52 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=D21BD47E528CD62E79311FB5DF0150E6 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21092_none_02bb2a0a8fa4d398\lsass.exe

< MD5 for: NDIS.SYS >
[2012.08.22 20:06:07 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=5E74508FCB5820B29EEAFE24E6035BCF -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_06232d534c0a8d67\ndis.sys
[2012.08.22 20:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\erdnt\cache64\ndis.sys
[2012.08.22 20:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\SysNative\drivers\ndis.sys
[2012.08.22 20:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_05dc9a6832ba428a\ndis.sys
[2010.11.20 15:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys
[2009.07.14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\erdnt\cache64\netlogon.dll
[2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\erdnt\cache86\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

< MD5 for: NVRAID.SYS >
[2011.03.11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\drivers\nvraid.sys
[2011.03.11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvraid.sys
[2011.03.11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvraid.sys
[2009.07.14 03:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvraid.sys
[2010.11.20 15:33:48 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvraid.sys
[2010.11.20 15:33:48 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvraid.sys
[2011.03.11 08:19:21 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=666CA16F17914C1CD3616CF16DE0A6EA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvraid.sys
[2011.03.11 08:23:06 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A4D9C9A608A97F59307C2F2600EDC6A4 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvraid.sys
[2011.03.11 08:25:53 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A5C82EB2F72AA004887F90B84A771F73 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011.03.11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011.03.11 08:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\erdnt\cache86\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\erdnt\cache64\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SMSS.EXE >
[2009.07.14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe
[2013.03.19 04:57:17 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=498E2A20E145199709CD100CDBA8603D -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22280_none_0a9a7b3b492b4d05\smss.exe
[2013.03.19 05:20:12 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=7180204786A9DED8723B2D8CF3CDD388 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.21490_none_08a94e494c0cfd0a\smss.exe
[2013.03.19 05:06:33 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0371DE302FFFF8F086661611BE60848 -- C:\Windows\SysNative\smss.exe
[2013.03.19 05:06:33 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0371DE302FFFF8F086661611BE60848 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18113_none_0a5f8ec22fd235a9\smss.exe
[2013.03.19 05:19:03 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=FA64733BD65F52712F0545F56FDB4BE6 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.17273_none_0838504e32dc743c\smss.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\erdnt\cache86\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\erdnt\cache64\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2012.10.03 19:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2013.05.08 08:14:42 | 001,900,392 | ---- | M] (Microsoft Corporation) MD5=3E94650745D4DAB67E161F5F32CEA597 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22319_none_11d29984961f0be0\tcpip.sys
[2010.11.20 15:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2010.12.15 05:40:30 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2013.01.04 07:41:01 | 001,893,224 | ---- | M] (Microsoft Corporation) MD5=5CFB7AB8F9524D1A1E14369DE63B83CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_0f6a6af57fd59de6\tcpip.sys
[2013.01.03 07:57:12 | 001,876,824 | ---- | M] (Microsoft Corporation) MD5=692969AB90BDA19F56E27BF89A9260E2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_0fe8397098fc3d71\tcpip.sys
[2010.12.15 05:40:30 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009.07.14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2013.05.08 08:39:01 | 001,910,632 | ---- | M] (Microsoft Corporation) MD5=9849EA3843A2ADBDD1497E97A85D8CAE -- C:\Windows\erdnt\cache64\tcpip.sys
[2013.05.08 08:39:01 | 001,910,632 | ---- | M] (Microsoft Corporation) MD5=9849EA3843A2ADBDD1497E97A85D8CAE -- C:\Windows\SysNative\drivers\tcpip.sys
[2013.05.08 08:39:01 | 001,910,632 | ---- | M] (Microsoft Corporation) MD5=9849EA3843A2ADBDD1497E97A85D8CAE -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18148_none_11278ac57d1aa96b\tcpip.sys
[2013.01.03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2013.01.04 07:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys
[2012.10.03 19:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\erdnt\cache86\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\erdnt\cache64\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\erdnt\cache64\winlogon.exe
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2010.12.15 05:39:25 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2010.12.15 05:39:25 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< MD5 for: WS2_32.DLL >
[2010.11.20 15:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\erdnt\cache64\ws2_32.dll
[2010.11.20 15:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\SysNative\ws2_32.dll
[2010.11.20 15:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[2009.07.14 03:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_4eaca269e8070c6b\ws2_32.dll
[2010.11.20 14:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\erdnt\cache86\ws2_32.dll
[2010.11.20 14:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SysWOW64\ws2_32.dll
[2010.11.20 14:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
[2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[5 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[15 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[1 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[3 C:\Windows\Temp\_avast_\*.tmp files -> C:\Windows\Temp\_avast_\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >
[2012.12.22 21:31:39 | 006,830,087 | RHS- | M] () -- C:\win32.exe

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2013.10.13 13:51:11 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\.minecraft
[2013.08.22 19:04:09 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\.technic
[2013.10.10 22:55:49 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Adobe
[2013.09.22 11:15:54 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Apple Computer
[2013.09.19 23:04:25 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Audacity
[2013.06.29 20:50:43 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\AVS4YOU
[2013.10.08 15:19:40 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Build and Shoot
[2013.10.01 15:50:51 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\DAEMON Tools Lite
[2013.08.05 11:57:43 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\dll-files.com
[2013.07.09 18:24:20 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\EPSON
[2013.08.27 22:07:36 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\fltk.org
[2013.06.29 03:33:03 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Identities
[2013.06.30 20:02:27 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\iFunbox_UserCache
[2013.09.11 06:33:55 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\iMobie
[2013.06.29 13:50:14 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\IsolatedStorage
[2013.06.30 14:11:14 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\LolClient
[2013.06.29 12:47:28 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Macromedia
[2013.10.13 20:16:39 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Malwarebytes
[2009.07.14 09:45:14 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Media Center Programs
[2013.10.12 14:09:22 | 000,000,000 | --SD | M] -- C:\Users\Jan\AppData\Roaming\Microsoft
[2013.06.29 12:52:51 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Mozilla
[2013.06.29 18:30:25 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\NVIDIA
[2013.09.04 13:45:54 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\OBS
[2013.10.02 19:10:22 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Origin
[2013.06.29 22:44:28 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\PC Suite
[2013.06.29 18:29:51 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\PDAppFlex
[2013.07.28 10:38:52 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\PDF Architect
[2013.06.29 21:14:14 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\pdfforge
[2013.09.12 17:46:57 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\PowerISO
[2013.10.11 02:03:15 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\PSpad
[2013.09.05 20:34:10 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\redsn0w
[2013.06.29 22:05:37 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Riot Games
[2013.09.28 22:18:35 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Seznam.cz
[2013.10.13 20:22:23 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Skype
[2013.10.01 18:34:35 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Software Update
[2013.08.28 15:21:42 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\TeamViewer
[2013.10.13 13:56:55 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Toribash
[2013.10.02 11:09:12 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Trine2
[2013.10.01 13:06:20 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\TS3Client
[2013.09.12 20:07:30 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Tunngle
[2013.06.29 20:38:14 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Ulozto File Manager
[2013.10.12 20:02:03 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\uTorrent
[2013.10.13 19:59:24 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\vlc
[2013.06.29 13:13:29 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\WinRAR
[2013.10.11 02:03:15 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Wise Auto Shutdown
[2013.09.29 21:23:37 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\WorldPainter
[2013.06.29 22:44:26 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Zoner

< %APPDATA%\*.exe /s >
[2012.03.20 11:12:06 | 000,465,920 | ---- | M] () -- C:\Users\Jan\AppData\Roaming\Build and Shoot\Game Installations\0.75\client.exe
[2012.03.20 11:12:16 | 000,342,528 | ---- | M] () -- C:\Users\Jan\AppData\Roaming\Build and Shoot\Game Installations\0.75\server.exe
[2011.09.28 16:02:56 | 000,485,888 | ---- | M] () -- C:\Users\Jan\AppData\Roaming\Build and Shoot\Game Installations\0.75\voxed.exe
[2013.10.02 15:28:05 | 000,010,134 | R--- | M] () -- C:\Users\Jan\AppData\Roaming\Microsoft\Installer\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}\ARPPRODUCTICON.exe
[2013.10.12 19:33:05 | 000,110,080 | R--- | M] () -- C:\Users\Jan\AppData\Roaming\Microsoft\Installer\{DB847E94-446B-49E0-AC5D-C5627EC8B0C0}\IconCF33A0CE.exe
[2013.10.12 19:33:05 | 000,110,080 | R--- | M] () -- C:\Users\Jan\AppData\Roaming\Microsoft\Installer\{DB847E94-446B-49E0-AC5D-C5627EC8B0C0}\IconD7F16134.exe
[2013.10.12 19:33:05 | 000,110,080 | R--- | M] () -- C:\Users\Jan\AppData\Roaming\Microsoft\Installer\{DB847E94-446B-49E0-AC5D-C5627EC8B0C0}\IconF7A21AF7.exe
[2013.06.19 21:28:46 | 000,884,056 | ---- | M] (BitTorrent Inc.) -- C:\Users\Jan\AppData\Roaming\uTorrent\utorrent.exe
[2013.06.19 21:28:46 | 000,884,056 | ---- | M] (BitTorrent Inc.) -- C:\Users\Jan\AppData\Roaming\uTorrent\updates\3.3.1_29812.exe
[2013.10.01 15:51:36 | 000,888,152 | ---- | M] (BitTorrent Inc.) -- C:\Users\Jan\AppData\Roaming\uTorrent\updates\3.3.1_30017.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013.10.11 23:19:45 | 000,000,000 | ---- | M] () -- C:\Windows\system32\config.nt

< %SYSTEMDRIVE%\*.exe >
[2012.12.22 21:31:39 | 006,830,087 | RHS- | M] () -- C:\win32.exe

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Skype" = "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun -- [2013.06.21 09:58:32 | 019,875,432 | R--- | M] (Skype Technologies S.A.)

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.10.13 19:44:08 | 000,000,512 | ---- | M] () MD5=3A396E3DE00B70DE6F4AB721D76B4124 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2013.10.01 20:54:54 | 017,461,661 | ---- | M] () -- \DATA\HONZA\nik\Nik-Software-Viveza-2.007-Rev-17631-incl-Crack-X-Force.rar
[2011.07.15 21:01:44 | 043,795,464 | ---- | M] () -- \DATA\Nkaskaj\Ostatni\Minecraft 1.2.0_02 Installer (Cracked).exe
[2013.07.31 21:23:18 | 000,074,866 | ---- | M] () -- \Games\Toribash-4.5\replay\head and nut cracker.rpl
[2000.09.01 01:47:12 | 001,173,558 | ---- | M] () -- \Program Files (x86)\Age of Empires 2\crack.zip
[2010.08.06 23:23:50 | 000,000,403 | ---- | M] () -- \Program Files (x86)\TopCD\Amnesia\sounds\11\11_glass_crack.snt
[2010.08.06 23:23:50 | 000,020,362 | ---- | M] () -- \Program Files (x86)\TopCD\Amnesia\sounds\11\11_glass_crack01.ogg
[2010.08.06 23:23:50 | 000,020,539 | ---- | M] () -- \Program Files (x86)\TopCD\Amnesia\sounds\11\11_glass_crack02.ogg
[2010.08.06 23:23:50 | 000,019,081 | ---- | M] () -- \Program Files (x86)\TopCD\Amnesia\sounds\11\11_glass_crack03.ogg
[2010.08.07 00:00:58 | 000,013,009 | ---- | M] () -- \Program Files (x86)\TopCD\Amnesia\static_objects\castlebase\ceiling\corridor_crack.dae
[2010.08.22 23:28:16 | 000,014,477 | ---- | M] () -- \Program Files (x86)\TopCD\Amnesia\static_objects\castlebase\ceiling\corridor_crack.msh
[2010.08.06 23:50:22 | 000,094,462 | ---- | M] () -- \Program Files (x86)\TopCD\Amnesia\static_objects\cellarbase\special\cracked_ceiling.dae
[2010.08.22 23:28:18 | 000,065,436 | ---- | M] () -- \Program Files (x86)\TopCD\Amnesia\static_objects\cellarbase\special\cracked_ceiling.msh
[2010.08.06 23:50:04 | 000,349,680 | ---- | M] () -- \Program Files (x86)\TopCD\Amnesia\static_objects\decals\cracks_blue.dds
[2010.08.06 23:50:04 | 000,000,932 | ---- | M] () -- \Program Files (x86)\TopCD\Amnesia\static_objects\decals\cracks_blue.mat
[2010.08.06 23:50:04 | 000,016,101 | ---- | M] () -- \Program Files (x86)\TopCD\Amnesia\static_objects\decals\cracks_blue01.dae
[2010.08.22 23:28:20 | 000,001,220 | ---- | M] () -- \Program Files (x86)\TopCD\Amnesia\static_objects\decals\cracks_blue01.msh
[2010.08.06 23:50:06 | 000,016,053 | ---- | M] () -- \Program Files (x86)\TopCD\Amnesia\static_objects\decals\cracks_blue02.dae
[2010.08.22 23:28:20 | 000,001,220 | ---- | M] () -- \Program Files (x86)\TopCD\Amnesia\static_objects\decals\cracks_blue02.msh
[2010.08.06 23:50:04 | 000,016,053 | ---- | M] () -- \Program Files (x86)\TopCD\Amnesia\static_objects\decals\cracks_blue03.dae
[2010.08.22 23:28:20 | 000,001,220 | ---- | M] () -- \Program Files (x86)\TopCD\Amnesia\static_objects\decals\cracks_blue03.msh
[2010.08.06 23:50:06 | 000,016,053 | ---- | M] () -- \Program Files (x86)\TopCD\Amnesia\static_objects\decals\cracks_blue04.dae
[2010.08.22 23:28:20 | 000,001,220 | ---- | M] () -- \Program Files (x86)\TopCD\Amnesia\static_objects\decals\cracks_blue04.msh
[2010.08.06 23:50:06 | 000,349,680 | ---- | M] () -- \Program Files (x86)\TopCD\Amnesia\static_objects\decals\cracks_blue_back.dds
[2010.08.06 23:50:06 | 000,000,410 | ---- | M] () -- \Program Files (x86)\TopCD\Amnesia\static_objects\decals\cracks_blue_back.mat
[2010.08.06 23:50:04 | 000,349,680 | ---- | M] () -- \Program Files (x86)\TopCD\Amnesia\static_objects\decals\cracks_brown.dds
[2010.08.06 23:50:04 | 000,000,933 | ---- | M] () -- \Program Files (x86)\TopCD\Amnesia\static_objects\decals\cracks_brown.mat
[2010.08.06 23:50:04 | 000,016,057 | ---- | M] () -- \Program Files (x86)\TopCD\Amnesia\static_objects\decals\cracks_brown01.dae
[2010.08.22 23:28:20 | 000,001,222 | ---- | M] () -- \Program Files (x86)\TopCD\Amnesia\static_objects\decals\cracks_brown01.msh
[2010.08.06 23:50:06 | 000,016,057 | ---- | M] () -- \Program Files (x86)\TopCD\Amnesia\static_objects\decals\cracks_brown02.dae
[2010.08.22 23:28:20 | 000,001,222 | ---- | M] () -- \Program Files (x86)\TopCD\Amnesia\static_objects\decals\cracks_brown02.msh
[2010.08.06 23:50:04 | 000,016,057 | ---- | M] () -- \Program Files (x86)\TopCD\Amnesia\static_objects\decals\cracks_brown03.dae
[2010.08.22 23:28:20 | 000,001,222 | ---- | M] () -- \Program Files (x86)\TopCD\Amnesia\static_objects\decals\cracks_brown03.msh
[2010.08.06 23:50:06 | 000,016,057 | ---- | M] () -- \Program Files (x86)\TopCD\Amnesia\static_objects\decals\cracks_brown04.dae
[2010.08.22 23:28:20 | 000,001,222 | ---- | M] () -- \Program Files (x86)\TopCD\Amnesia\static_objects\decals\cracks_brown04.msh
[2010.08.06 23:50:04 | 000,349,680 | ---- | M] () -- \Program Files (x86)\TopCD\Amnesia\static_objects\decals\cracks_brown_back.dds
[2010.08.06 23:50:06 | 000,000,409 | ---- | M] () -- \Program Files (x86)\TopCD\Amnesia\static_objects\decals\cracks_brown_back.mat
[2010.08.06 23:50:04 | 000,349,680 | ---- | M] () -- \Program Files (x86)\TopCD\Amnesia\static_objects\decals\cracks_nrm.dds
[2010.08.06 23:50:04 | 000,174,904 | ---- | M] () -- \Program Files (x86)\TopCD\Amnesia\static_objects\decals\cracks_spec.dds
[2010.08.06 23:49:18 | 000,062,915 | ---- | M] () -- \Program Files (x86)\TopCD\Amnesia\static_objects\dungeonbase\ceiling\default_cracked.dae
[2010.08.22 23:28:22 | 000,037,741 | ---- | M] () -- \Program Files (x86)\TopCD\Amnesia\static_objects\dungeonbase\ceiling\default_cracked.msh
[2010.08.06 23:48:42 | 000,019,532 | ---- | M] () -- \Program Files (x86)\TopCD\Amnesia\static_objects\dungeonbase\wall\corridor_graves_cracked.dae
[2010.08.22 23:28:24 | 000,017,545 | ---- | M] () -- \Program Files (x86)\TopCD\Amnesia\static_objects\dungeonbase\wall\corridor_graves_cracked.msh
[2012.03.02 05:24:04 | 001,159,409 | ---- | M] () -- \Program Files\Adobe\Adobe After Effects CS6\Support Files\Presets\Image - Special Effects\Cracked Tiles.ffx
[2013.04.22 21:21:22 | 000,816,640 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CC\Plug-ins\en_US\VSTPlugins\DeCrackler1.dll
[2013.04.22 21:21:22 | 000,816,640 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CC\Plug-ins\en_US\VSTPlugins\DeCrackler2.dll
[2013.04.22 21:21:22 | 000,816,640 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CC\Plug-ins\en_US\VSTPlugins\DeCrackler6.dll
[2012.08.23 23:11:14 | 000,062,238 | ---- | M] () -- \Program Files\GIMP 2\share\gimp\2.0\patterns\cracked.pat
[2013.10.12 19:55:01 | 000,000,828 | ---- | M] () -- \Users\Jan\AppData\Roaming\Microsoft\Windows\Recent\Crack And Instructions.lnk
[2013.10.10 22:53:44 | 000,001,210 | ---- | M] () -- \Users\Jan\AppData\Roaming\Microsoft\Windows\Recent\crack.lnk
[2013.10.10 20:05:52 | 000,000,566 | ---- | M] () -- \Users\Jan\AppData\Roaming\Microsoft\Windows\Recent\RAR Password Cracker.zip.lnk
[2013.10.12 19:31:55 | 000,001,019 | ---- | M] () -- \Users\Jan\AppData\Roaming\Microsoft\Windows\Recent\SpyHunter v4.15.1.4270 Incl Crack - [MUMBAI].lnk
[2013.10.04 20:39:13 | 000,000,653 | ---- | M] () -- \Users\Jan\AppData\Roaming\Microsoft\Windows\Recent\Trine-2-v1.19-Online-Crack(1).rar.lnk
[2013.10.04 20:36:57 | 000,000,638 | ---- | M] () -- \Users\Jan\AppData\Roaming\Microsoft\Windows\Recent\Trine-2-v1.19-Online-Crack.rar.lnk
[2013.10.02 11:28:48 | 000,011,049 | ---- | M] () -- \Users\Jan\AppData\Roaming\uTorrent\Guns of Icarus Online 2012-PC full game and crack-SKIDROW.torrent
[2013.10.12 19:30:02 | 000,016,201 | ---- | M] () -- \Users\Jan\AppData\Roaming\uTorrent\SpyHunter v4.15.1.4270 Incl Crack - [MUMBAI].1.torrent
[2013.10.12 19:25:49 | 000,016,201 | ---- | M] () -- \Users\Jan\AppData\Roaming\uTorrent\SpyHunter v4.15.1.4270 Incl Crack - [MUMBAI].torrent

< *keygen* /s >
[2013.10.01 20:35:15 | 000,081,920 | R--- | M] () -- \DATA\HONZA\nik\Silver Efex Pro 2 KeyGen (Windows Only).exe
[2013.08.27 16:34:50 | 000,031,561 | ---- | M] () -- \Users\Jan\AppData\Roaming\uTorrent\3D Studio Max 9.0 + Tutorials + Keygen.torrent
[2013.09.03 15:42:04 | 000,009,140 | ---- | M] () -- \Users\Jan\AppData\Roaming\uTorrent\Bandicam v1.9.0.397 ML Incl Keygen -MAZE - [MUMBAI].torrent
[2013.10.01 20:34:21 | 000,000,791 | ---- | M] () -- \Users\Jan\AppData\Roaming\uTorrent\Silver Efex Pro 2 KeyGen (Windows Only).exe.torrent

< *AntiWPA* /s >

< *loader* /s >
[2013.08.08 17:28:26 | 000,062,667 | ---- | M] () -- \DATA\Nkaskaj\Blbosti\blbosti (1).2\ForgeModLoader-0.log
[2013.08.08 14:31:54 | 000,058,240 | ---- | M] () -- \DATA\Nkaskaj\Blbosti\blbosti (1).2\ForgeModLoader-1.log
[2013.08.08 14:23:48 | 000,055,969 | ---- | M] () -- \DATA\Nkaskaj\Blbosti\blbosti (1).2\ForgeModLoader-2.log
[2012.07.31 03:47:51 | 000,001,980 | ---- | M] () -- \DATA\Nkaskaj\Blbosti\blbosti (1).2\mods\ComputerCraft\org\luaj\vm2\luajc\JavaLoader.class
[2013.08.05 16:48:57 | 000,400,379 | ---- | M] () -- \DATA\Nkaskaj\Blbosti\blbosti (2)\ForgeModLoader-server-0.log
[2013.07.25 18:45:14 | 000,366,281 | ---- | M] () -- \DATA\Nkaskaj\Blbosti\blbosti (2)\ForgeModLoader-server-0.log.1
[2013.07.25 18:34:03 | 000,000,000 | ---- | M] () -- \DATA\Nkaskaj\Blbosti\blbosti (2)\ForgeModLoader-server-0.log.1.lck
[2013.07.28 12:27:36 | 000,000,000 | ---- | M] () -- \DATA\Nkaskaj\Blbosti\blbosti (2)\ForgeModLoader-server-0.log.lck
[2013.08.05 16:03:57 | 000,382,377 | ---- | M] () -- \DATA\Nkaskaj\Blbosti\blbosti (2)\ForgeModLoader-server-1.log
[2013.07.25 18:33:32 | 000,182,082 | ---- | M] () -- \DATA\Nkaskaj\Blbosti\blbosti (2)\ForgeModLoader-server-1.log.1
[2013.08.05 15:28:01 | 000,372,975 | ---- | M] () -- \DATA\Nkaskaj\Blbosti\blbosti (2)\ForgeModLoader-server-2.log
[2013.01.06 17:18:07 | 000,349,894 | ---- | M] () -- \DATA\Nkaskaj\FTB - client\minecraft\ForgeModLoader-client-0.log
[2013.01.06 16:24:54 | 000,004,739 | ---- | M] () -- \DATA\Nkaskaj\FTB - client\minecraft\ForgeModLoader-client-1.log
[2013.05.15 15:45:34 | 000,156,113 | ---- | M] () -- \DATA\Nkaskaj\FTB\ForgeModLoader-server-0.log
[2013.05.14 20:37:05 | 000,161,804 | ---- | M] () -- \DATA\Nkaskaj\FTB\ForgeModLoader-server-1.log
[2013.05.13 16:59:59 | 000,159,756 | ---- | M] () -- \DATA\Nkaskaj\FTB\ForgeModLoader-server-2.log
[2013.06.24 17:32:37 | 000,172,730 | ---- | M] () -- \DATA\Nkaskaj\Minecraft Servery\CMC\ForgeModLoader-server-0.log
[2013.06.24 15:17:01 | 000,174,648 | ---- | M] () -- \DATA\Nkaskaj\Minecraft Servery\CMC\ForgeModLoader-server-1.log
[2013.06.23 11:57:07 | 000,166,854 | ---- | M] () -- \DATA\Nkaskaj\Minecraft Servery\CMC\ForgeModLoader-server-2.log
[2013.03.09 22:22:28 | 000,477,086 | ---- | M] () -- \DATA\Nkaskaj\Minecraft Servery\FTB\ForgeModLoader-server-0.log
[2013.03.09 22:18:51 | 000,000,000 | ---- | M] () -- \DATA\Nkaskaj\Minecraft Servery\FTB\ForgeModLoader-server-0.log.lck
[2013.06.24 17:32:30 | 000,200,396 | ---- | M] () -- \DATA\Nkaskaj\Multimc\instances\Carovny MC\minecraft\ForgeModLoader-client-0.log
[2013.06.24 14:51:36 | 000,202,699 | ---- | M] () -- \DATA\Nkaskaj\Multimc\instances\Carovny MC\minecraft\ForgeModLoader-client-1.log
[2013.06.23 11:49:17 | 000,199,451 | ---- | M] () -- \DATA\Nkaskaj\Multimc\instances\Carovny MC\minecraft\ForgeModLoader-client-2.log
[2013.08.27 23:15:54 | 001,177,888 | ---- | M] () -- \NVIDIA\DisplayDriver\327.23\Win8_WinVista_Win7_64\International\GFExperience\ExtensionLoader.dll
[2013.01.08 16:05:34 | 003,298,024 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\Photodownloader.exe
[2012.03.13 10:41:34 | 000,000,860 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\Photodownloader.exe.manifest
[2012.03.13 10:41:58 | 000,011,161 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2012.03.13 10:42:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2012.03.13 10:42:02 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\de_de\Photodownloader.ini
[2012.03.13 10:42:02 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\en_us\Photodownloader.ini
[2012.03.13 10:42:02 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\es_es\Photodownloader.ini
[2012.03.13 10:42:02 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2012.03.13 10:42:02 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2012.03.13 10:42:02 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\it_it\Photodownloader.ini
[2012.03.13 10:42:04 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2012.03.13 10:42:04 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2012.03.13 10:42:04 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2012.03.13 10:42:04 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\no_no\Photodownloader.ini
[2012.03.13 10:42:04 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2012.03.13 10:42:04 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2012.03.13 10:42:06 | 000,000,324 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2012.03.13 10:42:06 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2012.02.22 23:11:56 | 000,078,336 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_BinaryLoader_4.4.3.dll
[2012.02.22 23:11:56 | 000,155,136 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_XSDLoader2_4.4.3.dll
[2012.02.22 23:11:56 | 000,117,248 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_XSDLoader_4.4.3.dll
[2013.04.21 21:44:16 | 000,008,827 | ---- | M] () -- \Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\HeapSnapshotLoader.js
[2013.09.15 14:34:08 | 000,059,720 | ---- | M] () -- \Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreamsDownloader.exe
[2013.09.15 14:34:08 | 001,108,296 | ---- | M] () -- \Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreamsDownloader_main.dll
[2013.09.14 01:50:46 | 000,008,827 | ---- | M] () -- \Program Files (x86)\Common Files\Apple\Internet Services\WebKit.resources\inspector\HeapSnapshotLoader.js
[2012.12.10 16:53:12 | 005,107,560 | ---- | M] () -- \Program Files (x86)\Common Files\AVSMedia\MobileUploader\AVSMobileUploader.exe
[2012.08.30 13:27:28 | 000,088,154 | ---- | M] () -- \Program Files (x86)\Common Files\AVSMedia\MobileUploader\AVSMobileUploader.sil
[2013.01.09 17:37:18 | 004,496,744 | ---- | M] () -- \Program Files (x86)\Common Files\AVSMedia\VideoUploader\AVSVideoUploader.exe
[2012.11.29 12:44:24 | 000,042,445 | ---- | M] () -- \Program Files (x86)\Common Files\AVSMedia\VideoUploader\AVSVideoUploader.sil
[2006.10.26 13:40:34 | 000,057,344 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 13:40:34 | 000,005,120 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2012.09.25 04:39:16 | 000,112,128 | ---- | M] () -- \Program Files (x86)\Common Files\Nokia\Tss\ProductApiLoader\ta_productapiloader.dll
[2011.12.07 14:50:30 | 000,064,352 | ---- | M] () -- \Program Files (x86)\Frozenbyte\Trine 2\PhysXLoader.dll
[2011.12.07 14:50:30 | 000,066,912 | ---- | M] () -- \Program Files (x86)\Frozenbyte\Trine 2\PhysXLoader64.dll
[2013.06.08 03:16:08 | 000,176,104 | ---- | M] () -- \Program Files (x86)\Cheat Engine 6.3\Kernelmoduleunloader.exe
[2013.06.30 15:38:52 | 000,000,132 | ---- | M] () -- \Program Files (x86)\Cheat Engine 6.3\Kernelmoduleunloader.exe.sig
[2013.08.27 23:15:54 | 001,177,888 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\ExtensionLoader.dll
[2013.07.25 03:43:28 | 000,065,344 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2013.07.25 03:43:30 | 000,067,904 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2013.07.25 03:43:12 | 000,073,024 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2013.07.25 03:43:12 | 000,080,704 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader64.dll
[2013.10.02 11:25:42 | 000,070,936 | ---- | M] () -- \Program Files (x86)\Steam\SteamApps\common\Moon Base Alpha\Binaries\Win32\PhysXLocal\PhysXLoader.dll
[2013.10.02 11:25:44 | 000,503,808 | ---- | M] () -- \Program Files (x86)\Steam\SteamApps\common\Moon Base Alpha\Binaries\Win32\PhysXLocal\PhysXLoaderDEBUG.dll
[2013.10.13 13:51:42 | 000,064,280 | ---- | M] () -- \Program Files (x86)\Steam\SteamApps\downloading\22230\Binaries\Win32\PhysXLoader.dll
[2012.03.24 02:01:06 | 000,115,712 | ---- | M] () -- \Program Files\Adobe\Adobe After Effects CS6\Support Files\MXF_SDK_MetaMetadata_BinaryLoader_4.4.3.dll
[2012.03.24 02:01:06 | 000,225,280 | ---- | M] () -- \Program Files\Adobe\Adobe After Effects CS6\Support Files\MXF_SDK_MetaMetadata_XSDLoader2_4.4.3.dll
[2012.03.24 02:01:06 | 000,163,840 | ---- | M] () -- \Program Files\Adobe\Adobe After Effects CS6\Support Files\MXF_SDK_MetaMetadata_XSDLoader_4.4.3.dll
[2013.01.08 16:26:28 | 003,298,024 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\Photodownloader.exe
[2012.03.13 10:42:26 | 000,011,161 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2012.03.13 10:42:28 | 000,011,161 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\combined_bitmaps\main_window\C_LoadError.png
[2012.03.13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2012.03.13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\de_de\Photodownloader.ini
[2012.03.13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\en_us\Photodownloader.ini
[2012.03.13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\es_es\Photodownloader.ini
[2012.03.13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2012.03.13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2012.03.13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\it_it\Photodownloader.ini
[2012.03.13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2012.03.13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2012.03.13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2012.03.13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\no_no\Photodownloader.ini
[2012.03.13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2012.03.13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2012.03.13 10:42:30 | 000,000,324 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2012.03.13 10:42:30 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2013.04.17 22:20:32 | 000,099,328 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CC\MXF_SDK_MetaMetadata_BinaryLoader_4.4.13.dll
[2013.04.17 22:20:32 | 000,196,608 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CC\MXF_SDK_MetaMetadata_XSDLoader2_4.4.13.dll
[2013.04.17 22:20:32 | 000,148,480 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CC\MXF_SDK_MetaMetadata_XSDLoader_4.4.13.dll
[2012.03.16 00:17:30 | 000,115,712 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CS6\MXF_SDK_MetaMetadata_BinaryLoader_4.4.3.dll
[2012.03.16 00:17:30 | 000,225,280 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CS6\MXF_SDK_MetaMetadata_XSDLoader2_4.4.3.dll
[2012.03.16 00:17:30 | 000,163,840 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CS6\MXF_SDK_MetaMetadata_XSDLoader_4.4.3.dll
[2013.05.29 14:23:58 | 000,099,328 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop Lightroom 5\Support\DynamicLinkMediaServer\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_BinaryLoader_4.4.20.dll
[2013.05.29 14:23:58 | 000,196,608 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop Lightroom 5\Support\DynamicLinkMediaServer\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_XSDLoader2_4.4.20.dll
[2013.05.29 14:23:58 | 000,148,480 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop Lightroom 5\Support\DynamicLinkMediaServer\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_XSDLoader_4.4.20.dll
[2013.04.22 21:22:24 | 000,099,328 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CC\MXF_SDK_MetaMetadata_BinaryLoader_4.4.13.dll
[2013.04.22 21:22:24 | 000,196,608 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CC\MXF_SDK_MetaMetadata_XSDLoader2_4.4.13.dll
[2013.04.22 21:22:24 | 000,148,480 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CC\MXF_SDK_MetaMetadata_XSDLoader_4.4.13.dll
[2013.03.29 23:28:18 | 000,099,328 | ---- | M] () -- \Program Files\Common Files\Adobe\dynamiclinkmediaserver\7.0\MXF_SDK_MetaMetadata_BinaryLoader_4.4.13.dll
[2013.03.29 23:28:18 | 000,196,608 | ---- | M] () -- \Program Files\Common Files\Adobe\dynamiclinkmediaserver\7.0\MXF_SDK_MetaMetadata_XSDLoader2_4.4.13.dll
[2013.03.29 23:28:18 | 000,148,480 | ---- | M] () -- \Program Files\Common Files\Adobe\dynamiclinkmediaserver\7.0\MXF_SDK_MetaMetadata_XSDLoader_4.4.13.dll
[2011.03.08 09:43:28 | 000,013,734 | ---- | M] () -- \Program Files\GIMP 2\Python\Lib\unittest\loader.py
[2013.08.27 23:15:54 | 001,177,888 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.GFExperience.{B4F790A8-DA3B-4581-A559-D5775377B611}\ExtensionLoader.dll
[2013.03.05 11:11:10 | 000,432,128 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Plugins\Facebook\ZPSFacebookUploader.exe
[2010.04.29 15:12:40 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Plugins\Facebook\ZPSPluginLoader.exe
[2013.03.05 14:03:44 | 000,443,904 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Plugins\Flickr\ZPSFlickrUploader.exe
[2010.04.29 15:12:42 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Plugins\Flickr\ZPSPluginLoader.exe
[2013.03.05 13:34:20 | 000,192,512 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Plugins\Picasa\ZPSPicasaUploader.exe
[2010.04.29 15:12:40 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Plugins\Picasa\ZPSPluginLoader.exe
[2013.06.07 16:50:44 | 000,103,960 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Program32\8bfLoader.exe
[2013.06.07 16:50:52 | 000,017,944 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Program32\WICLoader.exe
[2013.06.07 16:51:18 | 000,020,504 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Program64\WICLoader.exe
[2013.06.29 20:25:14 | 000,000,072 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader\YTD Video Downloader Help.url
[2013.06.29 20:25:14 | 000,002,249 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader\YTD Video Downloader.lnk
[2013.04.25 17:31:28 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2013.04.25 17:31:28 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2013.04.25 17:31:28 | 000,009,772 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\retina\loader@2x.png
[2013.08.07 11:16:35 | 000,000,404 | ---- | M] () -- \Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.50\deploy\assets\storeImages\layout\small_loader.gif
[2013.06.29 20:25:14 | 000,000,072 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader\YTD Video Downloader Help.url
[2013.06.29 20:25:14 | 000,002,249 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader\YTD Video Downloader.lnk
[2013.04.25 17:31:28 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2013.04.25 17:31:28 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2013.04.25 17:31:28 | 000,009,772 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\retina\loader@2x.png
[2013.09.12 18:12:10 | 000,057,728 | ---- | M] () -- \Users\Jan\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\img\dt_dadget_loader.png
[2013.09.12 18:12:10 | 000,057,728 | ---- | M] () -- \Users\Jan\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin1\dt_dadget_loader.png
[2013.09.12 18:12:10 | 000,057,728 | ---- | M] () -- \Users\Jan\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin2\dt_dadget_loader.png
[2013.09.12 18:12:11 | 000,057,728 | ---- | M] () -- \Users\Jan\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin3\dt_dadget_loader.png
[2013.09.12 18:12:11 | 000,057,728 | ---- | M] () -- \Users\Jan\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin4\dt_dadget_loader.png
[2013.09.12 18:12:11 | 000,061,770 | ---- | M] () -- \Users\Jan\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin5\dt_dadget_loader.png
[2013.09.12 18:12:11 | 000,061,770 | ---- | M] () -- \Users\Jan\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin6\dt_dadget_loader.png
[2013.10.01 14:18:36 | 000,109,505 | ---- | M] () -- \Users\Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B2MW1JPC\AdLoader-3ce32d357de39fd9427f374be93bd0ac.min[1].js
[2013.10.01 14:18:36 | 000,001,511 | ---- | M] () -- \Users\Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PDCHNQ3L\AdLoader[1].htm
[2013.10.02 10:04:59 | 000,000,374 | ---- | M] () -- \Users\Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PDCHNQ3L\queryLoader[1].css
[2013.10.02 10:05:04 | 000,005,708 | ---- | M] () -- \Users\Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PDCHNQ3L\queryLoader[1].js
[2013.09.09 16:52:15 | 000,165,858 | ---- | M] () -- \Users\Jan\AppData\Roaming\.minecraft\ForgeModLoader-client-0.log
[2013.09.09 16:51:31 | 000,000,000 | ---- | M] () -- \Users\Jan\AppData\Roaming\.minecraft\ForgeModLoader-client-0.log.lck
[2013.09.07 15:10:11 | 000,237,917 | ---- | M] () -- \Users\Jan\AppData\Roaming\.minecraft\ForgeModLoader-client-1.log
[2013.09.06 16:39:30 | 000,217,011 | ---- | M] () -- \Users\Jan\AppData\Roaming\.minecraft\ForgeModLoader-client-2.log
[2013.07.25 09:47:57 | 000,571,457 | ---- | M] () -- \Users\Jan\AppData\Roaming\.technic\bigdig\ForgeModLoader-client-0.log
[2013.07.25 09:45:28 | 000,000,000 | ---- | M] () -- \Users\Jan\AppData\Roaming\.technic\bigdig\ForgeModLoader-client-0.log.lck
[2013.07.25 09:45:00 | 000,587,806 | ---- | M] () -- \Users\Jan\AppData\Roaming\.technic\bigdig\ForgeModLoader-client-1.log
[2013.07.25 09:35:13 | 000,590,711 | ---- | M] () -- \Users\Jan\AppData\Roaming\.technic\bigdig\ForgeModLoader-client-2.log
[2013.08.08 15:29:21 | 000,063,331 | ---- | M] () -- \Users\Jan\AppData\Roaming\.technic\tekkit\ForgeModLoader-0.log
[2013.08.08 14:33:10 | 000,062,518 | ---- | M] () -- \Users\Jan\AppData\Roaming\.technic\tekkit\ForgeModLoader-1.log
[2012.04.23 20:31:42 | 000,001,980 | ---- | M] () -- \Users\Jan\AppData\Roaming\.technic\tekkit\mods\ComputerCraft\org\luaj\vm2\luajc\JavaLoader.class
[2013.08.05 16:48:42 | 000,215,568 | ---- | M] () -- \Users\Jan\AppData\Roaming\.technic\tekkitmain\ForgeModLoader-client-0.log
[2013.07.28 12:29:31 | 000,000,000 | ---- | M] () -- \Users\Jan\AppData\Roaming\.technic\tekkitmain\ForgeModLoader-client-0.log.lck
[2013.08.05 16:42:36 | 000,215,567 | ---- | M] () -- \Users\Jan\AppData\Roaming\.technic\tekkitmain\ForgeModLoader-client-1.log
[2013.08.05 16:37:29 | 000,295,559 | ---- | M] () -- \Users\Jan\AppData\Roaming\.technic\tekkitmain\ForgeModLoader-client-2.log
[2013.08.25 19:05:50 | 000,748,268 | ---- | M] () -- \Users\Jan\AppData\Roaming\.technic\yogpack-extreme\ForgeModLoader-client-0.log
[2013.08.25 14:03:12 | 000,000,000 | ---- | M] () -- \Users\Jan\AppData\Roaming\.technic\yogpack-extreme\ForgeModLoader-client-0.log.lck
[2013.08.22 19:25:38 | 000,747,401 | ---- | M] () -- \Users\Jan\AppData\Roaming\.technic\yogpack-extreme\ForgeModLoader-client-1.log
[2013.08.25 14:04:01 | 000,000,136 | ---- | M] () -- \Users\Jan\AppData\Roaming\.technic\yogpack-extreme\liteloader.properties
[2013.08.25 19:05:49 | 000,012,615 | ---- | M] () -- \Users\Jan\AppData\Roaming\.technic\yogpack-extreme\LiteLoader.txt
[2013.08.22 12:11:18 | 000,040,294 | ---- | M] () -- \Users\Jan\AppData\Roaming\Apple Computer\Logs\CrashReporter\MobileDevice\Nkaskaj's iPad\VideoDownloaderFree_2013-08-22-204018_Nkaskajs-iPad.crash
[2013.06.29 21:47:13 | 000,001,412 | ---- | M] () -- \Users\Jan\AppData\Roaming\Microsoft\Windows\SendTo\AVS Mobile Uploader.lnk
[2013.06.29 21:47:16 | 000,001,400 | ---- | M] () -- \Users\Jan\AppData\Roaming\Microsoft\Windows\SendTo\AVS Video Uploader.lnk
[2013.06.29 20:25:13 | 000,001,293 | ---- | M] () -- \Users\Jan\Desktop\Nová složka\Programs\YTD Video Downloader.lnk
[2013.06.29 22:29:23 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2013.09.05 11:43:36 | 000,012,532 | ---- | M] () -- \Windows\System32\Adobe\Shockwave 12\shockwave_Projector_Loader.dcr
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2013.09.05 11:43:36 | 000,012,532 | ---- | M] () -- \Windows\SysWOW64\Adobe\Shockwave 12\shockwave_Projector_Loader.dcr
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:28:57 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_66dcd6a595588d81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:41:11 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_66b5981d957562a1\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 07:26:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_66fe4899953f502c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:26:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_67667556ae762a72\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:36:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_67316604ae9dcf7e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 16:12:39 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_677d175eae65090e\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:38:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 07:32:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.06.29 13:02:06 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2013.06.29 13:02:06 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2013.06.29 13:02:06 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2013.06.29 13:02:06 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2013.06.29 13:02:06 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2009.07.14 07:37:37 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2009.07.14 07:37:37 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.efi.mui_35ee487d
[2009.07.14 07:37:37 | 000,033,344 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.exe.mui_3bc5b827
[2009.07.14 07:37:37 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.efi.mui_f412814e
[2009.07.14 07:37:37 | 000,029,760 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.exe.mui_ff8b5358
[2013.06.30 08:11:37 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2013.06.30 08:11:37 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2013.06.30 08:11:37 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2013.06.30 08:11:37 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2013.06.30 08:11:37 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009.07.13 19:18:36 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 04:44:20 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2009.07.14 04:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011.02.05 15:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.02.05 15:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010.11.20 06:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:45:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:56:23 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_0a96fc99dd17f16b\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_0adfad15dce1def6\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:48:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:44:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_0b12ca80f6405e48\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:39:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_0b5e7bdaf60797d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >
[2013.10.12 14:37:09 | 153,985,991 | R--- | M] () -- \DATA\STAHNOUT !!!\~AVS Video Editor 6.3.2.234 + Activator\~AVS Video Editor 6.3.2.234 + Activator.tgz
[2011.06.14 21:21:26 | 001,571,840 | ---- | M] () -- \Program Files (x86)\AVS4YOU\AVSVideoEditor\avs4you.all.products.activator.2011.(v1.1)-mpt.exe
[2013.06.21 10:36:30 | 002,201,435 | ---- | M] () -- \Program Files (x86)\Windows 7 Activator\Windows 7 Activator.rar

< *serial* /s >
[2013.06.22 22:22:26 | 000,000,029 | R--- | M] () -- \DATA\STAHNOUT !!!\Microsoft Office Visio Professional 2007\Serial\serial.txt
[2013.04.19 05:17:00 | 000,828,816 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Illustrator CC\Support Files\Contents\Windows\boost_serialization.dll
[2012.04.11 01:15:28 | 000,434,288 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.10411.0\System.Runtime.Serialization.dll
[2013.10.01 18:26:20 | 001,164,288 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.10411.0\System.Runtime.Serialization.ni.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.05 03:53:39 | 000,090,112 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2013.07.01 12:10:40 | 000,712,704 | ---- | M] () -- \Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\dmserializers.dll
[2013.04.19 04:58:14 | 000,813,456 | ---- | M] () -- \Program Files\Adobe\Adobe Illustrator CC (64 Bit)\Support Files\Contents\Windows\boost_serialization.dll
[2013.04.23 03:59:10 | 000,813,472 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CC\boost_serialization.dll
[2012.10.05 12:52:37 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.05 03:54:42 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2013.10.10 22:37:14 | 000,000,731 | ---- | M] () -- \Users\Jan\AppData\Roaming\Microsoft\Windows\Recent\Adobe Photoshop Lightroom 5.2 [64 bit] (Serials ONLY).zip.lnk
[2009.06.10 14:10:20 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.13 04:02:06 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.07.12 12:27:49 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\a300d50e46379ad6eca7f58e63f4ed70\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.07.12 12:29:09 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\c476801f82f0b0cff48afcafce7e919d\System.Runtime.Serialization.ni.dll
[2013.07.12 12:31:33 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\4258a9ffeaf0e191d644b7cb7ee72997\System.Runtime.Serialization.ni.dll
[2013.07.12 12:29:39 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\57b0253cccdd14c5745b9f1ff8eb3d67\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.07.12 13:09:08 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\5f0cbd7489fce0c1617c0d28f1258cc8\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.07.12 13:09:25 | 002,647,552 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\6b3adc90b6f811b557d290e1436e7ff8\System.Runtime.Serialization.ni.dll
[2013.07.12 13:19:02 | 000,009,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\cda839ea462e123d42cb6d0883cf0f4d\System.Xml.Serialization.ni.dll
[2013.07.12 13:00:24 | 003,414,016 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\33a3fd30ab81dfbe01deba0c009442ed\System.Runtime.Serialization.ni.dll
[2013.07.12 13:01:44 | 000,376,832 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\635c921be59ef9831e084cf199f0fb92\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.07.12 13:05:39 | 000,010,240 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.Serializ#\252726355005e3388101a3f1dfa1c727\System.Xml.Serialization.ni.dll
[2013.07.12 12:07:16 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.07.12 12:07:15 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.07.12 12:07:17 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.05 03:53:33 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.10.05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.06 16:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2009.06.10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.05 03:54:38 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2012.10.05 12:52:38 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.06 16:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2009.07.13 18:38:14 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009.06.10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2009.07.14 04:10:04 | 000,005,120 | ---- | M] () -- \Windows\System32\en-US\serialui.dll.mui
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2009.07.13 18:38:14 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\cs-CZ\serialui.dll.mui
[2009.07.14 04:10:04 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\en-US\serialui.dll.mui
[2009.06.10 14:10:20 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_1c215c9ac50719c5\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2010.11.05 03:54:38 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_1e527062c1f59d5f\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2009.07.13 18:58:44 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23\serialui.dll.mui
[2009.07.14 04:26:50 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_en-us_edb61e94e4562781\serialui.dll.mui
[2009.07.14 03:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2009.06.08 10:39:36 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_b96904386c2fe002\System.RunTime.Serialization.Resources.dll
[2010.11.05 03:54:42 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_bb9a1800691e639c\System.RunTime.Serialization.Resources.dll
[2009.07.13 19:07:20 | 000,009,728 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_20ab142d65ed6acc\serial.sys.mui
[2009.07.14 04:30:28 | 000,010,240 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_en-us_64015f894ce7c72a\serial.sys.mui
[2009.07.14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009.06.10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2009.06.10 22:30:46 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.16385_none_5943b25a748cb06c\System.Runtime.Serialization.dll
[2012.10.06 12:53:01 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.17136_none_593e9c4e749147df\System.Runtime.Serialization.dll
[2012.10.06 12:56:09 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.21337_none_4270dea28e38c1d7\System.Runtime.Serialization.dll
[2010.11.05 03:52:16 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722\System.Runtime.Serialization.dll
[2012.10.05 12:52:38 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b\System.Runtime.Serialization.dll
[2012.10.06 12:56:09 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53\System.Runtime.Serialization.dll
[2009.06.10 22:30:43 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_941abf24c884ab05\System.Runtime.Serialization.dll
[2012.10.06 12:53:00 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.17136_none_9415a918c8894278\System.Runtime.Serialization.dll
[2012.10.06 12:56:08 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.21337_none_7d47eb6ce230bc70\System.Runtime.Serialization.dll
[2010.11.05 03:52:08 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb\System.Runtime.Serialization.dll
[2012.10.05 12:52:37 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4\System.Runtime.Serialization.dll
[2012.10.06 12:56:08 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec\System.Runtime.Serialization.dll
[2013.06.30 08:11:04 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2013.06.30 08:11:04 | 000,017,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8_kdcom.dll_db5e7744
[2013.06.29 13:02:06 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23_serialui.dll.mui_7d29d2a3
[2009.07.14 07:37:34 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_en-us_edb61e94e4562781_serialui.dll.mui_7d29d2a3
[2009.07.14 04:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2013.06.29 13:02:08 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009.07.14 07:37:35 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_en-us_919783112bf8b64b_serialui.dll.mui_7d29d2a3
[2009.07.14 04:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009.07.14 04:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2011.02.05 15:10:43 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16757_none_6dccf6b5c641c933.manifest
[2011.02.05 15:05:47 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.20897_none_6e2b53d0df7fd8c1.manifest
[2011.02.05 19:35:45 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011.02.05 15:11:05 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009.07.14 04:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2009.07.14 04:26:23 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.16385_none_5943b25a748cb06c.manifest
[2012.10.06 20:44:48 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.17136_none_593e9c4e749147df.manifest
[2012.10.06 21:00:33 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.21337_none_4270dea28e38c1d7.manifest
[2010.11.20 06:21:24 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722.manifest
[2012.10.05 20:18:30 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b.manifest
[2012.10.05 20:10:31 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53.manifest
[2009.07.14 04:27:09 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_941abf24c884ab05.manifest
[2012.10.06 20:46:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.17136_none_9415a918c8894278.manifest
[2012.10.06 21:01:29 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.21337_none_7d47eb6ce230bc70.manifest
[2010.11.20 06:22:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb.manifest
[2012.10.05 20:19:07 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4.manifest
[2012.10.05 20:11:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec.manifest
[2009.07.14 03:52:33 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896.manifest
[2012.10.06 20:07:20 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.17136_none_a6a4fe887487d009.manifest
[2012.10.06 20:58:54 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.21337_none_8fd740dc8e2f4a01.manifest
[2010.11.20 05:06:16 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2012.10.05 19:15:39 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285.manifest
[2012.10.05 19:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d.manifest
[2009.07.13 19:17:48 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2009.07.14 04:42:40 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_en-us_8f71d563bf7aa3c2.manifest
[2012.10.06 22:42:01 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.17136_cs-cz_3450454183d3f023.manifest
[2012.10.06 20:17:26 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.17136_en-us_8f6cbf57bf7f3b35.manifest
[2012.10.07 00:05:03 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.21337_cs-cz_1d8287959d7b6a1b.manifest
[2012.10.06 20:18:44 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.21337_en-us_789f01abd926b52d.manifest
[2012.10.05 22:12:17 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f.manifest
[2012.10.05 20:09:41 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_en-us_8f4bb639bfcd9db1.manifest
[2012.10.05 21:59:28 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797.manifest
[2012.10.05 19:57:17 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_en-us_787a117bd97892a9.manifest
[2009.07.14 03:51:52 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9.manifest
[2012.10.06 20:11:48 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.17136_none_d6e834229c2ed13c.manifest
[2012.10.06 21:03:01 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.21337_none_c01a7676b5d64b34.manifest
[2010.11.20 05:05:38 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2012.10.05 19:15:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8.manifest
[2012.10.05 19:17:15 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0.manifest
[2009.07.14 03:57:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b.manifest
[2012.10.06 20:09:38 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.17136_none_dbc2dfefdd056b7e.manifest
[2012.10.06 21:00:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.21337_none_c4f52243f6ace576.manifest
[2010.11.20 05:10:46 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2012.10.05 19:19:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa.manifest
[2012.10.05 19:22:10 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2.manifest
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.10 14:10:20 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 23:14:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896\System.Runtime.Serialization.dll
[2012.10.06 12:54:26 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.17136_none_a6a4fe887487d009\System.Runtime.Serialization.dll
[2012.10.06 12:57:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.21337_none_8fd740dc8e2f4a01\System.Runtime.Serialization.dll
[2010.11.05 03:52:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2012.10.05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285\System.Runtime.Serialization.dll

[2012.10.06 12:57:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d\System.Runtime.Serialization.dll
[2009.06.08 10:39:36 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2009.06.08 10:39:36 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.17136_cs-cz_3450454183d3f023\System.RunTime.Serialization.Resources.dll
[2009.06.08 10:39:36 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.21337_cs-cz_1d8287959d7b6a1b\System.RunTime.Serialization.Resources.dll
[2010.11.13 04:02:06 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f\System.RunTime.Serialization.Resources.dll
[2010.11.13 04:37:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797\System.RunTime.Serialization.Resources.dll
[2009.06.10 23:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9\System.Runtime.Serialization.dll
[2012.10.06 12:54:25 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.17136_none_d6e834229c2ed13c\System.Runtime.Serialization.dll
[2012.10.06 12:57:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.21337_none_c01a7676b5d64b34\System.Runtime.Serialization.dll
[2010.11.05 03:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8\System.Runtime.Serialization.dll
[2012.10.06 12:57:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0\System.Runtime.Serialization.dll
[2009.06.10 14:14:16 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_267606ecf967dbc0\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.05 03:53:33 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_28a71ab4f6565f5a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.07.13 18:38:14 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 04:10:04 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_en-us_919783112bf8b64b\serialui.dll.mui
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2009.06.08 10:38:48 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_5d4a68b4b3d26ecc\System.RunTime.Serialization.Resources.dll
[2010.11.05 03:53:39 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2009.06.10 23:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b\System.Runtime.Serialization.dll
[2012.10.06 12:54:25 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.17136_none_dbc2dfefdd056b7e\System.Runtime.Serialization.dll
[2012.10.06 12:57:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.21337_none_c4f52243f6ace576\System.Runtime.Serialization.dll
[2010.11.05 03:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa\System.Runtime.Serialization.dll
[2012.10.06 12:57:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2\System.Runtime.Serialization.dll

< *w7lxe* /s >
[2013.07.12 08:14:04 | 015,675,587 | ---- | M] () -- \DATA\Nkaskaj\w7lxe.rar

< End of report >

Extras.txt:

OTL Extras logfile created on: 13.10.2013 19:41:20 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jan\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000405 | Country: Czech Republic | Language: CSY | Date Format: d.M.yyyy

3,25 Gb Total Physical Memory | 1,59 Gb Available Physical Memory | 49,02% Memory free
6,50 Gb Paging File | 4,64 Gb Available in Paging File | 71,37% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,76 Gb Total Space | 144,98 Gb Free Space | 31,13% Space Free | Partition Type: NTFS
Drive E: | 1397,26 Gb Total Space | 1374,89 Gb Free Space | 98,40% Space Free | Partition Type: NTFS

Computer Name: JAN-PC | User Name: Jan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 1 Day

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{15458464-F3CE-412F-83C8-EB61EDE8D19F}" = lport=138 | protocol=17 | dir=in | app=system |
"{20D517D7-DB16-47FE-9C3E-F999F628FAD9}" = lport=445 | protocol=6 | dir=in | app=system |
"{272A2D74-B243-4DCF-B17D-AF149062314C}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3460D047-A63A-49E6-9BC0-51B1547EA54B}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{355E00C5-4E5A-4E5A-9F01-061E8E474FF7}" = lport=10243 | protocol=6 | dir=in | app=system |
"{358ED227-B213-4D57-A25E-33503408B76F}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{3CA9B978-C26F-4256-9378-8C426331A4CC}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{4B64822A-1CE9-4B46-B0F1-FF9B94E23CE0}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5225A665-103B-4153-95D9-5B552C388506}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{5E529298-6F99-4DCF-8507-E3F780A06C49}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{64A96074-6C78-4C06-AC13-2CDB467309B3}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{67B8A8B9-B9CF-455C-9226-1F42056177C2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6A6055CA-2FD0-4D59-B102-C462B53DD0B3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6D6E459B-8FE1-4A3D-94DE-BF1FCFDE5C64}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{6DE1F408-55BE-469D-B193-BF1BFF8835FD}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{6F27DA44-1226-4A8B-8B27-8C6E326F34EE}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{747212F9-6EDB-4B19-B309-01BA306D572B}" = lport=2869 | protocol=6 | dir=in | app=system |
"{75D36CAC-37CF-46D6-8FFA-79CBD95B0E68}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7ED0E2EE-FEA0-4B21-85E6-A6DDAA095180}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{834D1139-60CA-4A06-894F-60CE23B6A664}" = rport=138 | protocol=17 | dir=out | app=system |
"{838E1410-F844-4C9C-A02C-7C17329EF1E7}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{9751BDCB-22BA-4111-8281-758B36720E54}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{A429413F-E447-4971-9259-96B6350013AF}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{AFAF5DA2-F68E-4267-BAA2-9933D9D88D62}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{B07FDE2E-9210-4346-AE59-E28E0A86C295}" = rport=139 | protocol=6 | dir=out | app=system |
"{BE568AA5-3F94-46A0-B3C9-4461466734F0}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{CF04185C-94B1-4C1D-B67F-7D5304985491}" = lport=137 | protocol=17 | dir=in | app=system |
"{D22CF070-26F8-4F52-90B6-435415BF1066}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{D98F285F-0509-44C2-B25D-29B5D2A64054}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DD43188B-D9B3-43EA-9FF1-5BEA3F217530}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{DEDDAC42-2327-4E80-A3F9-22B1657ED994}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{E1731FA0-67C2-4F2D-94E8-F8C5019BFADE}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F0560C9B-1F51-415F-A72B-AE5E2DC894F6}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{F14A667C-3E4E-4F6C-8CC0-01152548270A}" = rport=10243 | protocol=6 | dir=out | app=system |
"{F999C0C0-D4D6-45C6-9CF8-AE6A6671A505}" = rport=445 | protocol=6 | dir=out | app=system |
"{FE211B9B-4D21-433F-8784-0024FB5293D9}" = rport=137 | protocol=17 | dir=out | app=system |
"{FEFBF631-FD32-4698-91DC-4D7FF6516EEA}" = lport=139 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01982040-3911-4F85-AFAF-F405314CA3BB}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{0334E13A-7117-4104-BA29-5B1EF59C0897}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{04A2CB17-94F8-4AB1-A214-445CFA9ED089}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{0BFDFDD8-EA3C-45AE-8C28-9211ABEA22F0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{0D2C8F79-CDBE-4625-8FFA-D57B5E25B892}" = protocol=6 | dir=in | app=c:\program files (x86)\tunngle\tnglctrl.exe |
"{0D772C66-899B-420B-A97A-88056C457296}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{0E21FA02-BD09-438F-9369-414ABB44CE4D}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{10906A95-CFCE-4CB8-9265-F20E6202F22C}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{11DA59A9-7B37-4EDD-B13D-461555D3E023}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{176A45D4-5AB9-480A-987F-3BA2E79C1CF2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{17E9743E-FB93-48D5-AF9A-9E874E8EE276}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{17F087ED-7C2B-4126-853D-9C718F587358}" = protocol=17 | dir=in | app=c:\program files (x86)\tunngle\tunngle.exe |
"{186D96FC-696C-4800-8554-F8E5B8D006E5}" = protocol=17 | dir=in | app=c:\program files (x86)\tunngle\tnglctrl.exe |
"{18EE69F1-E35D-49BC-89C4-78844D43F082}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{192975AA-C3EB-42A7-A668-6C70F8B2C05E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe |
"{1BDEA26A-23DF-449B-9A16-DAA678E57700}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{25AC938A-8E4D-4EF7-B9EE-6CAFA3D14054}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{2A4C1D1E-46C9-462C-B37F-29BEB2DEF645}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{2F016987-52D3-4869-AF27-5913CEE451F2}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{3425E19C-9B78-4A55-9FE9-5073B1848429}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe |
"{3DE55259-8828-41CE-A1CA-D09989B4B94B}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{409C939F-D682-4F22-A32D-0C054DD85038}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{46989709-4E6D-417C-9B60-6D614EEB780D}" = protocol=17 | dir=in | app=c:\users\jan\appdata\roaming\utorrent\updates\3.3.1_30017.exe |
"{4AE51B7D-1E44-410C-9908-2D731E25E0F4}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{4C5D75B8-5207-4E1D-8EEC-088EFE916A7D}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{503BFE79-400A-4BBB-9965-88E079B70988}" = protocol=6 | dir=out | app=system |
"{56660C5B-61BC-4980-8BA0-0BF6D74E0AEA}" = protocol=6 | dir=in | app=c:\program files (x86)\tunngle\tunngle.exe |
"{57062349-761F-428E-AFFE-547CEF3A8788}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{5C4D5373-48F8-4C9D-B1A7-93EFF34E74D4}" = protocol=6 | dir=in | app=c:\users\jan\appdata\roaming\utorrent\updates\3.3.1_30017.exe |
"{5D0985A6-9F71-4E2C-B7CF-D7612BA5B95A}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{60FB8737-02C4-4B98-81E6-491ECB95F2A1}" = protocol=6 | dir=in | app=c:\program files (x86)\tunngle\tunngle.exe |
"{62C1D3D7-4403-4523-9E53-F039EC4C63D4}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{65DD0E20-0558-40D8-973D-6E852DBA616E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{660AE901-C61E-4F22-9BBF-1346D77BF9A8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\moon base alpha\binaries\win32\moonbasealphagame.exe |
"{66F012FF-E076-4496-8501-8513C221BCE0}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{684E7C2C-21D6-4513-9B02-83DECACEAA47}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{69C196F3-D569-4096-BA97-9F01CA14BDFE}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{6C8EEAD6-77DA-4F73-B076-EA90027E33BE}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{6FA77EC0-83A9-4DC4-A794-2FDC7F20B82B}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{70294E18-F44C-49C9-97B4-ED08A2648026}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{750CAE38-DF83-46BC-A9A2-1E66997BD3F4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7CBAF3A2-33DF-4552-96F1-BA26D07C3F13}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7DF8406F-6A42-4B61-8646-D7A55D992E95}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe |
"{7F66F0EE-1DA1-4487-B09B-4EEB67B37CCF}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{8AAB61B3-E295-4050-84EF-ED56B5C62702}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{8ACE5D82-D31A-4A3B-AC8D-5CE7EE37B254}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8BC2B4D6-5F05-4028-B96B-6944D419E66B}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{8BFDE523-5070-4A3D-9E86-2D8E86C1610A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{920DE7E3-1F8B-433F-9916-5C20AD8132A4}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{9B0AC7E7-4D26-4080-B549-CD1CFDF3E292}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{AAB42993-7973-4D35-A2DF-BD797B1F77B6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\moon base alpha\binaries\win32\moonbasealphagame.exe |
"{AEC69B7F-0831-46E9-B18D-B7932AD59A5A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe |
"{B12CC74B-7DE3-42DA-8477-5A4161783D5F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe |
"{B9584B3F-D72D-4BF1-9867-B887D0FCD27D}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BAE0E1EC-7C29-4001-BF70-B533029B925B}" = protocol=17 | dir=in | app=c:\program files (x86)\tunngle\tnglctrl.exe |
"{BCD288E4-2F86-4091-BD3B-C5B28F928890}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{BD05850C-373B-4FFB-AD14-E27F3C3B43BE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BFD33AF8-9BA6-49D8-B515-9AE0432CB4C5}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{C5388F2B-FAF5-4952-B915-9FDC403BD1B7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C7C19ACA-DA14-4FAA-9505-1B5B0099F1B4}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{C8028E79-E4F2-4D8A-A0FF-85FC247FC5D0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\warframe\tools\launcher.exe |
"{C9BF6A43-9426-4947-87EB-48B409D5C78E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{CCE6C831-4902-400E-8114-87DFDE277EF3}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{D12EA9F6-9BB5-4751-A4EB-DE45EC818F40}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{D281993B-66AC-4C70-AA50-84B38026F381}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe |
"{DF099E33-2B9A-4845-8A2E-9A1129A8A92B}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{E2118245-A0E6-40F9-9AEB-40196C86FC51}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{E23F0045-0F05-41D3-BB17-2444CE9ECDC4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E8EEB4AA-DD32-4923-AE54-B71E00169A2A}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{EB0981B6-4202-4CF3-931B-AF1CDB096BF5}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\warframe\tools\launcher.exe |
"{ED4BA228-3B7E-4FC7-A770-FC943B5C8E15}" = protocol=6 | dir=in | app=c:\program files (x86)\tunngle\tnglctrl.exe |
"{F15FC7C4-377E-44E5-8ACA-9916CF101BE3}" = protocol=17 | dir=in | app=c:\program files (x86)\tunngle\tunngle.exe |
"{F175D533-4EFB-4A77-941B-7FF004652BD2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe |
"{FC63869A-A3AE-4C82-9246-D31DF9FCAA94}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"TCP Query User{81D34D58-6032-4E98-ABE6-B1A0FECBF84C}C:\windows\system32\java.exe" = protocol=6 | dir=in | app=c:\windows\system32\java.exe |
"TCP Query User{9FC6A406-DCFC-4294-AA60-16CA5BD99812}C:\users\jan\appdata\roaming\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\users\jan\appdata\roaming\utorrent\utorrent.exe |
"UDP Query User{0883B4AB-F008-4A09-B48A-DF1659C07A3E}C:\windows\system32\java.exe" = protocol=17 | dir=in | app=c:\windows\system32\java.exe |
"UDP Query User{2C22AE89-82B2-428F-97D0-E11FC83CCDA1}C:\users\jan\appdata\roaming\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\users\jan\appdata\roaming\utorrent\utorrent.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{26A24AE4-039D-4CA4-87B4-2F86417040FF}" = Java 7 Update 40 (64-bit)
"{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
"{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}" = Apple Mobile Device Support
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{680EDA59-9266-44B4-949E-0C24F65DFF82}" = Microsoft_VC100_CRT_SP1_x64
"{6C1A010F-9108-4162-A26F-9FEC4AC0F0F0}" = Adobe Photoshop Lightroom 5 64-bit
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{764384C5-BCA9-307C-9AAC-FD443662686A}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{A535111D-95C8-487F-869E-CE4C239972D2}" = iTunes
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 327.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 327.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 327.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.6.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Ovladač řídící jednotky 3D Vision 326.01
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.13.0725
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 8.3.14
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamC" = GeForce Experience NvStream Client Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovladač HD audia 1.3.26.4
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.5
"{EAFB2AD8-D92B-464C-8D97-B9CB94703C4A}" = iCloud
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"4144-4862-0472-7103" = WorldPainter 1.6.4
"62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F" = Windows Driver Package - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0)
"CCleaner" = CCleaner
"Defraggler" = Defraggler
"EPSON SX218 Series" = Odinstalace tiskárny EPSON SX218 Series
"GIMP-2_is1" = GIMP 2.8.2
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Recuva" = Recuva
"Speccy" = Speccy
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"ZonerPhotoStudio15_CZ_is1" = Zoner Photo Studio 15

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{021C6667-63D3-4416-B537-865E77F4DF4F}" = avast! Ad Blocker
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{064A929A-4DE8-40CF-A901-BD40C14E4D25}" = PDF Architect
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0C808377-8C23-44ED-9016-05F42E6D4900}" = Nokia Suite
"{185F9795-9663-4F13-9EF9-307A282ADB5A}" = ph
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YTD Video Downloader 4.2
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBAE18D-4DE4-47AA-83EC-D1B046F262DC}" = PDF Settings CC
"{26A24AE4-039D-4CA4-87B4-2F83217040FF}" = Java 7 Update 40
"{29373274-977E-413C-A4DE-DC0F8E80C429}" = Nokia Connectivity Cable Driver
"{2A075BB4-E976-4278-BF3F-E5C6945D84C0}" = bl
"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
"{4817D846-700B-474E-A31B-80892B3E92E3}" = Adobe After Effects CS6
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.6
"{505FF1AC-E7F5-4462-BBA7-08900E7E9EEF}" = Adobe Premiere Pro CC
"{52E225FC-FCB4-41F7-837B-6E37FB05BD7B}" = Adobe AIR
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}" = PC Connectivity Solution
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}" = Adobe Photoshop CS6
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79BF4901-1EC4-4726-B3C2-A7859706C6E7}" = League of Legends
"{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}" = NVIDIA PhysX
"{7C8B5E63-821A-4DFB-BDFA-19854D88EC5C}" = 3dsmax ancillary install
"{7EF900F4-61A8-4D95-8A65-488D3BECA206}" = FaceCam 300
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0051-0000-0000-0000000FF1CE}" = Microsoft Office Visio Professional 2007
"{90120000-0054-0409-0000-0000000FF1CE}" = Microsoft Office Visio MUI (English) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{95140000-00AF-0409-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{99A016E1-0840-43AE-8434-A18CEDFA833B}" = LogMeIn Hamachi
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer
"{a1909659-0a08-4554-8af1-2175904903a1}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.05) - Czech
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AF37176A-78CA-545B-34EF-8B6A21514DD1}" = Adobe Help Manager
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{DB847E94-446B-49E0-AC5D-C5627EC8B0C0}" = SpyHunter
"{DE1E055B-679C-42F8-B114-7B6ED0B8ED95}" = Adobe Audition CC
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E980ED1F-AOF8-PF7E-B174-59POS2BOIUVB}}_is1" = PhoneClean 2.2.2
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F2321021-08A2-44D6-B1DF-BDB415F23EC3}" = Adobe Illustrator CC
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Creative Cloud" = Adobe Creative Cloud
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"Amnesia" = Amnesia
"Audacity_is1" = Audacity 2.0.3
"avast" = avast! Premier
"Avast_2050_ZeNiX [2012-06-29]_is1" = Avast License by ZeNiX [2012-06-29]
"AVS Video Editor_is1" = AVS Video Editor 6
"Build and Shoot Launcher" = Build and Shoot Launcher 1.1
"Color Efex Pro 3.0 Complete Stand-Alone" = Color Efex Pro 3.0 Complete
"DAEMON Tools Lite" = DAEMON Tools Lite
"Dfine 2.0 Stand-Alone" = Dfine 2.0
"Dll-Files.com Fixer_is1" = Dll-Files.com Fixer
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EPSON Scanner" = EPSON Scan
"Fraps" = Fraps (remove only)
"Google Chrome" = Google Chrome
"Half-Life Dedicated Server Update Tool" = Half-Life Dedicated Server Update Tool
"HDR Efex Pro" = HDR Efex Pro
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Help Manager
"Cheat Engine 6.3_is1" = Cheat Engine 6.3
"iFunbox_is1" = iFunbox (v2.6.2375.747), iFunbox DevTeam
"League of Legends 3.0.1" = League of Legends
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.75.0.1300
"Mozilla Firefox 24.0 (x86 cs)" = Mozilla Firefox 24.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"nik Color Efex Pro 2.0 Complete" = nik Color Efex Pro 2.0 Complete
"Nokia Suite" = Nokia Suite
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Origin" = Origin
"PAYDAY 2_is1" = PAYDAY 2
"PowerISO" = PowerISO
"PPÖúÊÖ PC°æ" = PPÖúÊÖ PC°æ 1.0.8.2
"PSPad editor_is1" = PSPad editor
"QVJNQTM=_is1" = ARMA 3
"rajèe.net_is1" = rajèe prùvodce verze 1.59.48.263
"Servant Salamander 2.0" = Servant Salamander 2.0
"Sharpener Pro 3.0 Stand-Alone" = Sharpener Pro 3.0
"Silver Efex Pro 2" = Silver Efex Pro 2
"sizer" = Sizer (remove only)
"Steam App 22230" = Rock of Ages
"Steam App 230410" = Warframe
"Steam App 39000" = Moonbase Alpha
"Steam App 440" = Team Fortress 2
"Steam App 550" = Left 4 Dead 2
"Steam App 570" = Dota 2
"Steam App 620" = Portal 2
"TeamViewer 8" = TeamViewer 8
"Trine 2_is1" = Trine 2
"Tunngle beta_is1" = Tunngle beta
"VISPRO" = Microsoft Office Visio Professional 2007
"Viveza 2" = Viveza 2
"VLC media player" = VLC media player 2.1.0
"WinRAR archiver" = WinRAR 5.00 (32-bit)
"WinSnap" = WinSnap
"Wise Auto Shutdown_is1" = Wise Auto Shutdown 1.25

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Survivors Viy" = Survivors Viy
"uTorrent" = µTorrent

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 12.10.2013 12:34:43 | Computer Name = Jan-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 12.10.2013 12:34:43 | Computer Name = Jan-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 10483

Error - 12.10.2013 12:34:43 | Computer Name = Jan-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 10483

Error - 12.10.2013 15:30:49 | Computer Name = Jan-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 12.10.2013 15:30:50 | Computer Name = Jan-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 15616

Error - 12.10.2013 15:30:50 | Computer Name = Jan-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 15616

Error - 13.10.2013 7:14:33 | Computer Name = Jan-PC | Source = Application Hang | ID = 1002
Description = Program explorer.exe verze 6.1.7601.17567 přestal spolupracovat se
systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID
procesu: 12b4 Čas spuštění: 01cec7f215ea51aa Čas ukončení: 281 Cesta k aplikaci: C:\Windows\explorer.exe

ID
hlášení: 8327e828-33f8-11e3-addc-001d60b95e2c

Error - 13.10.2013 7:15:19 | Computer Name = Jan-PC | Source = Application Hang | ID = 1002
Description = Program firefox.exe verze 24.0.0.5001 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
12dc Čas spuštění: 01cec801e9dbe78f Čas ukončení: 179 Cesta k aplikaci: C:\Program
Files (x86)\Mozilla Firefox\firefox.exe ID hlášení:

Error - 13.10.2013 7:15:37 | Computer Name = Jan-PC | Source = Application Hang | ID = 1002
Description = Program Steam.exe verze 1.93.76.35 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
13ac Čas spuštění: 01cec8021c9ff2ba Čas ukončení: 755 Cesta k aplikaci: C:\Program
Files (x86)\Steam\Steam.exe ID hlášení: bf8361f7-33f8-11e3-addc-001d60b95e2c

Error - 13.10.2013 7:55:37 | Computer Name = Jan-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: consent.exe, verze: 6.1.7601.18103, časové
razítko: 0x512d820f Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko:
0x00000000 Kód výjimky: 0xc0000005 Posun chyby: 0x000007ff7cf103a4 ID chybujícího
procesu: 0xdec Čas spuštění chybující aplikace: 0x01cec80b211f108f Cesta k chybující
aplikaci: C:\Windows\system32\consent.exe Cesta k chybujícímu modulu: unknown ID
zprávy: 5f35b916-33fe-11e3-addc-001d60b95e2c

Error - 13.10.2013 9:13:09 | Computer Name = Jan-PC | Source = Application Hang | ID = 1002
Description = Program Tunngle.exe verze 4.5.1.3 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
12e4 Čas spuštění: 01cec815d7c645cf Čas ukončení: 23 Cesta k aplikaci: C:\Program
Files (x86)\Tunngle\Tunngle.exe ID hlášení: 2e5b2732-3409-11e3-ae68-001d60b95e2c

[ System Events ]
Error - 13.10.2013 8:40:03 | Computer Name = Jan-PC | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (2:37:34 PM, ?10/?13/?2013) bylo neočekávané.

Error - 13.10.2013 13:16:50 | Computer Name = Jan-PC | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (4:11:52 PM, ?10/?13/?2013) bylo neočekávané.

Error - 13.10.2013 13:16:51 | Computer Name = JAN-PC | Source = BugCheck | ID = 1001
Description =

Error - 13.10.2013 13:18:15 | Computer Name = Jan-PC | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby LogMeIn Hamachi Tunneling Engine bylo
dosaženo časového limitu (30000 ms).

Error - 13.10.2013 13:18:15 | Computer Name = Jan-PC | Source = Service Control Manager | ID = 7000
Description = Služba LogMeIn Hamachi Tunneling Engine neuspěla při spuštění v důsledku
následující chyby: %%1053

Error - 13.10.2013 13:18:41 | Computer Name = Jan-PC | Source = Microsoft-Windows-WHEA-Logger | ID = 18
Description = Došlo k závažné chybě hardwaru. Ohlášeno součástí: Jádro procesoru Zdroj
chyby: 3 Typ chyby: 10 ID procesoru: 0 Další informace jsou obsaženy v podrobném zobrazení
tohoto záznamu.

Error - 13.10.2013 13:18:41 | Computer Name = Jan-PC | Source = Microsoft-Windows-WHEA-Logger | ID = 18
Description = Došlo k závažné chybě hardwaru. Ohlášeno součástí: Jádro procesoru Zdroj
chyby: 3 Typ chyby: 10 ID procesoru: 0 Další informace jsou obsaženy v podrobném zobrazení
tohoto záznamu.

Error - 13.10.2013 13:18:41 | Computer Name = Jan-PC | Source = Microsoft-Windows-WHEA-Logger | ID = 18
Description = Došlo k závažné chybě hardwaru. Ohlášeno součástí: Jádro procesoru Zdroj
chyby: 3 Typ chyby: 10 ID procesoru: 1 Další informace jsou obsaženy v podrobném zobrazení
tohoto záznamu.

Error - 13.10.2013 13:24:05 | Computer Name = Jan-PC | Source = Service Control Manager | ID = 7022
Description = Služba Windows Update přestala během spouštění reagovat.

Error - 13.10.2013 13:25:28 | Computer Name = Jan-PC | Source = nvlddmkm | ID = 11141134
Description =

< End of report >

MBAM:

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2013.10.13.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16635
Jan :: JAN-PC [administrátor]

Ochrana: Povolena

13.10.2013 20:18:37
MBAM-log-2013-10-13 (22-35-19).txt

Typ: Kompletní kontrola (C:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 569186
Uplynulý čas: 2 hodin, 15 minut, 58 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 6
C:\Users\Jan\Documents\Optimizer Pro (PUP.Optional.OptimizerPro.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Minibar (PUP.Optional.MiniBar.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Minibar\icons (PUP.Optional.MiniBar.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Minibar\kango-ui (PUP.Optional.MiniBar.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Minibar\kango-ui\theme (PUP.Optional.MiniBar.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Minibar\kango-ui\theme\bubble (PUP.Optional.MiniBar.A) -> Nebyla provedena žádná instrukce.

Nalezené soubory: 29
C:\win32.exe (PUP.BitCoinMiner) -> Nebyla provedena žádná instrukce.
C:\DATA\STAHNOUT !!!\YouTube Downloader Pro YTD 4.2 Final - SceneDL (PimpRG)\YTDSetup.exe (PUP.Optional.BundledToolBar.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\Adobe\Adobe After Effects CS6\Support Files\amtlib.dll (PUP.RiskwareTool.CK) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Adobe\Adobe Photoshop CS6\amtlib.dll (PUP.RiskwareTool.CK) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\AVS4YOU\AVSVideoEditor\avs4you.all.products.activator.2011.(v1.1)-mpt.exe (CrackTool.Agent) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Windows 7 Activator\Windows 7 Activator.rar (Riskware.Tool.CK) -> Nebyla provedena žádná instrukce.
C:\Users\Jan\Downloads\Adobe Photoshop Lightroom 5.0 Final (64 bit) [ChingLiu]\Keygen - CORE\CORE10k.EXE (PUP.Keygen.Intro) -> Nebyla provedena žádná instrukce.
C:\win32.exe (Trojan.Agent) -> Nebyla provedena žádná instrukce.
C:\Users\Jan\Documents\Optimizer Pro\CookiesException.txt (PUP.Optional.OptimizerPro.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Minibar\initial_config.json (PUP.Optional.MiniBar.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Minibar\config.xml (PUP.Optional.MiniBar.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Minibar\extension_info.json (PUP.Optional.MiniBar.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Minibar\icons\icon128.png (PUP.Optional.MiniBar.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Minibar\icons\icon19.png (PUP.Optional.MiniBar.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Minibar\icons\icon32.png (PUP.Optional.MiniBar.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Minibar\icons\icon48.png (PUP.Optional.MiniBar.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Minibar\kango-ui\toolbar_stub.html (PUP.Optional.MiniBar.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Minibar\kango-ui\theme\bubble\bottom-left.png (PUP.Optional.MiniBar.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Minibar\kango-ui\theme\bubble\bottom-middle.png (PUP.Optional.MiniBar.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Minibar\kango-ui\theme\bubble\bottom-right.png (PUP.Optional.MiniBar.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Minibar\kango-ui\theme\bubble\middle-left.png (PUP.Optional.MiniBar.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Minibar\kango-ui\theme\bubble\middle-right.png (PUP.Optional.MiniBar.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Minibar\kango-ui\theme\bubble\tail-bottom.png (PUP.Optional.MiniBar.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Minibar\kango-ui\theme\bubble\tail-left.png (PUP.Optional.MiniBar.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Minibar\kango-ui\theme\bubble\tail-right.png (PUP.Optional.MiniBar.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Minibar\kango-ui\theme\bubble\tail-top.png (PUP.Optional.MiniBar.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Minibar\kango-ui\theme\bubble\top-left.png (PUP.Optional.MiniBar.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Minibar\kango-ui\theme\bubble\top-middle.png (PUP.Optional.MiniBar.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Minibar\kango-ui\theme\bubble\top-right.png (PUP.Optional.MiniBar.A) -> Nebyla provedena žádná instrukce.

(konec)

Nalezy MBAM nechte odstranit. Po restartu test zopakujte a napiste, zda neco nasel.

No a jinak asi vite, ze s nelegalnim systemem toho moc delat nemuzu, ze?

Moc Děkuji

Již jsem nenašel žádné viry Jak v Avastu Tak v MBAM
Jen se chci zeptat

nezůstali nějaké důsledky nebo infikované data

Nemate zac.

nkaskaj píše:Jen se chci zeptat nezůstali nějaké důsledky nebo infikované data

To nevim, bez hlubsi kontroly to nezjistim. A tu delat nemuzu, jelikoz pravidla fora mluvi o cracknutem systemu docela jasne

VIRY.CZ

Win32:BitCoinMiner-AX VIR

Win32:BitCoinMiner-AX VIR

Re: Win32:BitCoinMiner-AX VIR

Re: Win32:BitCoinMiner-AX VIR

Re: Win32:BitCoinMiner-AX VIR

Re: Win32:BitCoinMiner-AX VIR

Re: Win32:BitCoinMiner-AX VIR

Re: Win32:BitCoinMiner-AX VIR

Re: Win32:BitCoinMiner-AX VIR

Re: Win32:BitCoinMiner-AX VIR

Re: Win32:BitCoinMiner-AX VIR