VIRY.CZ

Ahoj,
prosím o kontrolu logu, nějak mi PC dlouho startuje a občas startuje přes modrou obrazovku.

Díky.


Logfile of random's system information tool 1.09 (written by random/random)
Run by Venda at 2014-04-18 22:20:41
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 7 GB (12%) free of 60 GB
Total RAM: 4061 MB (47% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:20:48, on 18.4.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)
Boot mode: Normal

Running processes:
D:\programy\telefon\Samsung\Kies\Kies.exe
D:\programy\Antivir\avastui.exe
D:\programy\telefon\Samsung\Kies\KiesTrayAgent.exe
D:\programy\internet\Mozilla_Firefox\firefox.exe
D:\programy\internet\Mozilla_Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
C:\Program Files\trend micro\Venda.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - D:\programy\tiskarna\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - D:\programy\tiskarna\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [SafeQ Client] "C:\Program Files (x86)\Y Soft\SafeQ Client\Client\SafeQ Client.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "D:\programy\Antivir\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [KiesTrayAgent] D:\programy\telefon\Samsung\Kies\KiesTrayAgent.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [KiesPreload] D:\programy\telefon\Samsung\Kies\Kies.exe /preload
O4 - HKCU\..\Run: [Google Update] "C:\Users\Venda\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-18\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'Default user')
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\programy\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - D:\programy\tiskarna\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.connectify.me
O15 - ESC Trusted Zone: http://*.fastspring.com
O15 - ESC Trusted Zone: http://*.connectify.me (HKLM)
O15 - ESC Trusted Zone: http://*.fastspring.com (HKLM)
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://content.systemrequirementslab.co ... 5.13.0.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O23 - Service: Aktivace aplikace ABBYY PDF Transformer 3.0 – Licenční služba (ABBYY.Licensing.PDFTransformer.Classic.3.0) - ABBYY - D:\programy\PDF\ABBYY\NetworkLicenseServer.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: avast! Antivirus - AVAST Software - D:\programy\Antivir\AvastSvc.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - D:\programy\Firewall\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - D:\programy\Firewall\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: Connectify - Connectify - C:\Program Files (x86)\Connectify\ConnectifyService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Správce úloh aplikace Autodesk Moldflow Inventor Tool Suite Integration 2012 (mitsijm2012) - Autodesk, Inc. - D:\programy\AutodeskInventor\nainstalovanozde\Inventor 2012\Moldflow\bin\mitsijm.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8473 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"D:\programy\Firewall\COMODO\COMODO Internet Security\cmdagent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\STacSV64.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
atieclxx
"D:\programy\Antivir\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
D:\programy\PDF\ABBYY\NetworkLicenseServer.exe -service
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe
"C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe"
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
"D:\programy\AutodeskInventor\nainstalovanozde\Inventor 2012\Moldflow\bin\mitsijm.exe"
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Windows\system32\Dwm.exe"
"taskhost.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Windows\System32\StikyNot.exe"
"D:\programy\telefon\Samsung\Kies\Kies.exe" /preload
"C:\Program Files (x86)\Y Soft\SafeQ Client\Client\SafeQ Client.exe"
"D:\programy\Antivir\avastui.exe" /nogui
"D:\programy\telefon\Samsung\Kies\KiesTrayAgent.exe"
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\alg.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"D:\programy\Firewall\COMODO\COMODO Internet Security\cavwp.exe" /ModeAvMonitor -Embedding
"D:\programy\internet\Mozilla_Firefox\firefox.exe"
"D:\programy\internet\Mozilla_Firefox\plugin-container.exe" --channel=6012.146869c0.128903512 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll" -greomni "D:\programy\internet\Mozilla_Firefox\omni.ja" -appomni "D:\programy\internet\Mozilla_Firefox\browser\omni.ja" -appdir "D:\programy\internet\Mozilla_Firefox\browser" D89B6F50DCF030DE 6012 "\\.\pipe\gecko-crash-server-pipe.6012" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe" --proxy-stub-channel=Flash5868.61327F48.20730 --host-broker-channel=Flash5868.61327F48.13113 --host-pid=5868 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe" --channel=6524.0033F50C.1242608748 --proxy-stub-channel=Flash5868.61327F48.20730 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll" --host-npapi-version=27 --type=renderer
"D:\programy\Firewall\COMODO\COMODO Internet Security\cistray.exe" --shortcut
"D:\programy\Firewall\COMODO\COMODO Internet Security\cis.exe" --alertsUI
"D:\programy\systemove_programy\totalcmd\TOTALCMD64.EXE"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe17_ Global\UsGthrCtrlFltPipeMssGthrPipe17 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 816 820 828 65536 824
"C:\Users\Venda\Downloads\RSITx64(3).exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-470748899-3113019695-3459368386-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-470748899-3113019695-3459368386-1000UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Venda\AppData\Roaming\Mozilla\Firefox\Profiles\q4wwl40f.default

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.70 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.51.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.70 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.51.2]
"Description"=Java™ Deployment Toolkit
"Path"=D:\programy\internet\Java\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=D:\programy\internet\Java\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll


D:\programy\internet\Mozilla_Firefox\plugins\
np-mswmp.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Users\Venda\AppData\Roaming\Mozilla\Firefox\Profiles\q4wwl40f.default\extensions\
{3d7eb24f-2740-49df-8937-200b1cc08f8a}
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - D:\programy\internet\Java\bin\ssv.dll [2014-01-25 553384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - D:\programy\internet\Java\bin\jp2ssv.dll [2014-01-25 210856]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - D:\programy\tiskarna\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-12-18 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-12-18 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - D:\programy\tiskarna\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20 509496]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"COMODO Internet Security"=D:\programy\Firewall\COMODO\COMODO Internet Security\cistray.exe [2014-03-25 1275608]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-08-24 1822504]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 427520]
"WEBTRAN"= []
"ABBYY Screenshot Reader Bonus"= []
""= []
"KiesPreload"=D:\programy\telefon\Samsung\Kies\Kies.exe [2014-02-14 1564992]
"Google Update"=C:\Users\Venda\AppData\Local\Google\Update\GoogleUpdate.exe [2013-02-08 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ABBYY Screenshot Reader Bonus]
D:\programy\PDF\ABBYY\Bonus.ScreenshotReader.exe [2010-03-25 939272]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Autodesk Sync]
C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2013-02-05 1081224]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Connectify]
C:\Program Files (x86)\Connectify\Connectify.exe [2013-12-23 3755296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
D:\programy\systemove_programy\Daemon_Tools_Lite\DTLite.exe [2012-02-13 3481408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dxtory Update Checker 2.0]
D:\programy\systemove_programy\Dxtory2.0\UpdateChecker.exe [2010-10-17 93696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Venda\AppData\Local\Google\Update\GoogleUpdate.exe [2013-02-08 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SysTrayApp]
C:\Program Files\IDT\WDM\sttray64.exe [2010-01-21 487424]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^ElsoftTray.exe]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ElsoftTray.exe []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SafeQ Client"=C:\Program Files (x86)\Y Soft\SafeQ Client\Client\SafeQ Client.exe [2012-07-20 259072]
"AvastUI.exe"=D:\programy\Antivir\AvastUI.exe [2014-04-02 3774312]
"KiesTrayAgent"=D:\programy\telefon\Samsung\Kies\KiesTrayAgent.exe [2014-02-14 311616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\System32\guard64.dll "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"vidc.xtor"=DxtoryCodec.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2014-04-15 06:53:44 ----A---- C:\Windows\system32\ieui.dll
2014-04-15 06:53:43 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-04-15 06:53:40 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-04-15 06:53:40 ----A---- C:\Windows\system32\vbscript.dll
2014-04-15 06:53:32 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-15 06:53:32 ----A---- C:\Windows\system32\iernonce.dll
2014-04-15 06:53:32 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-04-15 06:53:32 ----A---- C:\Windows\system32\ie4uinit.exe
2014-04-15 06:53:31 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-04-15 06:53:31 ----A---- C:\Windows\system32\jscript9diag.dll
2014-04-15 06:53:31 ----A---- C:\Windows\system32\dxtrans.dll
2014-04-15 06:53:31 ----A---- C:\Windows\system32\dxtmsft.dll
2014-04-15 06:53:30 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-04-15 06:53:30 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-04-15 06:53:30 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-04-15 06:53:30 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-04-15 06:53:30 ----A---- C:\Windows\system32\msrating.dll
2014-04-15 06:53:30 ----A---- C:\Windows\system32\msfeeds.dll
2014-04-15 06:53:30 ----A---- C:\Windows\system32\jsproxy.dll
2014-04-15 06:53:29 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-04-15 06:53:29 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-04-15 06:53:29 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-04-15 06:53:29 ----A---- C:\Windows\system32\ieUnatt.exe
2014-04-15 06:53:29 ----A---- C:\Windows\system32\iesetup.dll
2014-04-15 06:53:28 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-04-15 06:53:28 ----A---- C:\Windows\system32\mshtml.dll
2014-04-15 06:53:26 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-04-15 06:53:26 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-04-15 06:53:26 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-04-15 06:53:26 ----A---- C:\Windows\system32\ieapfltr.dll
2014-04-15 06:53:25 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-15 06:53:25 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-04-15 06:53:25 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-04-15 06:53:24 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-04-15 06:53:24 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-04-15 06:53:24 ----A---- C:\Windows\system32\iertutil.dll
2014-04-15 06:53:23 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-04-15 06:53:23 ----A---- C:\Windows\system32\wininet.dll
2014-04-15 06:53:23 ----A---- C:\Windows\system32\urlmon.dll
2014-04-15 06:53:22 ----A---- C:\Windows\system32\ieframe.dll
2014-04-15 06:53:21 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-04-15 06:53:20 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-04-15 06:53:20 ----A---- C:\Windows\system32\jscript9.dll
2014-04-15 06:53:19 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-04-11 18:11:47 ----D---- C:\Users\Venda\AppData\Roaming\Comodo
2014-04-11 18:08:56 ----D---- C:\ProgramData\Comodo Downloader
2014-04-11 18:08:24 ----D---- C:\ProgramData\Shared Space
2014-04-11 18:08:07 ----A---- C:\Windows\SYSWOW64\cmdvrt32.dll
2014-04-11 18:08:07 ----A---- C:\Windows\SYSWOW64\cmdkbd32.dll
2014-04-11 18:08:07 ----A---- C:\Windows\system32\cmdvrt64.dll
2014-04-11 18:08:07 ----A---- C:\Windows\system32\cmdkbd64.dll
2014-04-11 00:23:40 ----ASH---- C:\pagefile.sys
2014-04-09 00:02:18 ----A---- C:\Windows\system32\kernel32.dll
2014-04-09 00:02:17 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2014-04-09 00:02:17 ----A---- C:\Windows\system32\wow64.dll
2014-04-09 00:02:16 ----A---- C:\Windows\SYSWOW64\setup16.exe
2014-04-09 00:02:16 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2014-04-09 00:02:16 ----A---- C:\Windows\system32\wow64win.dll
2014-04-09 00:02:16 ----A---- C:\Windows\system32\ntvdm64.dll
2014-04-09 00:02:15 ----A---- C:\Windows\system32\wow64cpu.dll
2014-04-09 00:02:10 ----A---- C:\Windows\SYSWOW64\wow32.dll
2014-04-09 00:02:08 ----A---- C:\Windows\SYSWOW64\instnm.exe
2014-04-09 00:02:07 ----A---- C:\Windows\SYSWOW64\user.exe

======List of files/folders modified in the last 1 month======

2014-04-18 22:20:49 ----D---- C:\Windows\Prefetch
2014-04-18 22:20:46 ----D---- C:\Windows\Temp
2014-04-18 22:20:46 ----D---- C:\Program Files\trend micro
2014-04-18 22:10:36 ----D---- C:\Users\Venda\AppData\Roaming\vlc
2014-04-18 22:08:45 ----D---- C:\Windows\inf
2014-04-18 22:08:43 ----D---- C:\Windows
2014-04-18 20:57:35 ----D---- C:\Users\Venda\AppData\Roaming\ICQ
2014-04-18 18:25:49 ----D---- C:\Windows\system32\config
2014-04-18 18:15:22 ----SHD---- C:\System Volume Information
2014-04-18 18:13:57 ----D---- C:\Windows\System32
2014-04-18 18:13:57 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-04-18 00:06:19 ----SHD---- C:\Windows\Installer
2014-04-15 23:02:17 ----D---- C:\Windows\rescache
2014-04-15 18:45:49 ----D---- C:\Windows\winsxs
2014-04-15 18:44:50 ----D---- C:\Program Files\Internet Explorer
2014-04-15 18:44:49 ----D---- C:\Windows\SYSWOW64\en-US
2014-04-15 18:44:49 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-04-15 18:44:49 ----D---- C:\Windows\SysWOW64
2014-04-15 18:44:47 ----D---- C:\Windows\system32\cs-CZ
2014-04-15 18:44:47 ----D---- C:\Windows\PolicyDefinitions
2014-04-15 18:44:46 ----D---- C:\Windows\system32\en-US
2014-04-15 18:44:45 ----D---- C:\Program Files (x86)\Internet Explorer
2014-04-15 06:54:24 ----D---- C:\Windows\system32\catroot2
2014-04-15 06:54:24 ----D---- C:\Windows\system32\catroot
2014-04-12 23:34:07 ----D---- C:\Users\Venda\AppData\Roaming\uTorrent
2014-04-12 23:33:54 ----D---- C:\Windows\Minidump
2014-04-12 23:33:54 ----D---- C:\Windows\debug
2014-04-11 18:08:56 ----D---- C:\ProgramData
2014-04-11 18:08:54 ----D---- C:\Windows\system32\Tasks
2014-04-09 17:45:44 ----D---- C:\Windows\AppPatch
2014-04-09 17:30:37 ----SHD---- C:\Config.Msi
2014-04-09 17:30:37 ----D---- C:\ProgramData\Microsoft Help
2014-04-09 17:29:39 ----D---- C:\Windows\system32\MRT
2014-04-09 17:23:22 ----A---- C:\Windows\system32\MRT.exe
2014-04-06 20:35:12 ----RD---- C:\Program Files (x86)
2014-03-31 09:35:08 ----N---- C:\Windows\system32\MpSigStub.exe
2014-03-30 11:34:13 ----D---- C:\Windows\SoftwareDistribution
2014-03-26 00:07:09 ----D---- C:\Users\Venda\AppData\Roaming\dvdcss
2014-03-25 21:22:37 ----A---- C:\Windows\system32\cmdcsr.dll
2014-03-25 21:22:36 ----A---- C:\Windows\SYSWOW64\guard32.dll
2014-03-25 21:22:35 ----A---- C:\Windows\system32\guard64.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2013-10-23 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2013-12-29 207904]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2006-07-24 52664]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswRdr;aswRdr; \??\C:\Windows\system32\drivers\aswRdr2.sys [2013-10-23 92544]
R1 aswSnx;aswSnx; \??\C:\Windows\system32\drivers\aswSnx.sys [2014-02-02 1038072]
R1 aswSP;aswSP; \??\C:\Windows\system32\drivers\aswSP.sys [2014-02-02 421704]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\System32\DRIVERS\cmdguard.sys [2014-04-16 738472]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2014-04-16 48360]
R1 cnnctfy3;Connectify LightWeight Filter; C:\Windows\system32\DRIVERS\cnnctfy3.sys [2014-02-05 35352]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-02-17 283200]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2014-04-16 105552]
R1 VWiFiFlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2014-02-02 78648]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmpx64.sys [2009-06-25 67584]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimspx64.sys [2009-06-25 55296]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdpx64.sys [2009-06-25 57856]
R3 aswStm;aswStm; \??\C:\Windows\system32\drivers\aswStm.sys [2014-02-02 80184]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-18 6037504]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2009-06-10 270848]
R3 NETwNs64;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 64 Bit; C:\Windows\system32\DRIVERS\NETwNs64.sys [2012-01-24 8616960]
R3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056]
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt64.sys [2010-01-21 505856]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-08-24 285744]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 cpuz135;cpuz135; \??\C:\Users\Venda\Desktop\pc-wizard\pcwiz_x64.sys []
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-20 19968]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 64bitový systém Windows Vista; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2013-01-23 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2013-01-23 27136]
S3 nmwcdnsucx64;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsucx64.sys [2013-01-23 12800]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys [2013-01-23 171008]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\Windows\system32\DRIVERS\ss_bus.sys [2014-01-23 127488]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\Windows\system32\DRIVERS\ss_mdfl.sys [2014-01-23 18944]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\Windows\system32\DRIVERS\ss_mdm.sys [2014-01-23 161280]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2013-01-23 9216]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2013-01-23 9216]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ABBYY.Licensing.PDFTransformer.Classic.3.0;Aktivace aplikace ABBYY PDF Transformer 3.0 – Licenční služba; D:\programy\PDF\ABBYY\NetworkLicenseServer.exe [2010-02-01 759048]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe [2009-03-03 89600]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-18 203264]
R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2012-12-13 12288]
R2 avast! Antivirus;avast! Antivirus; D:\programy\Antivir\AvastSvc.exe [2014-02-02 50344]
R2 cmdAgent;COMODO Internet Security Helper Service; D:\programy\Firewall\COMODO\COMODO Internet Security\cmdagent.exe [2014-04-16 6817544]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 mitsijm2012;Správce úloh aplikace Autodesk Moldflow Inventor Tool Suite Integration 2012; D:\programy\AutodeskInventor\nainstalovanozde\Inventor 2012\Moldflow\bin\mitsijm.exe [2011-08-03 848704]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-01-20 76888]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\STacSV64.exe [2010-01-21 244736]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-09 123856]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-05-15 116648]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-09 51648]
S3 cmdvirth;COMODO Virtual Service Manager; D:\programy\Firewall\COMODO\COMODO Internet Security\cmdvirth.exe [2014-03-25 2264280]
S3 Connectify;Connectify; C:\Program Files (x86)\Connectify\ConnectifyService.exe [2013-12-23 487936]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2013-11-20 1471792]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-05-15 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-03-06 111616]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-02-16 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]

-----------------EOF-----------------

Zdravim

Podivejte se do slozky C:\Windows\Minidump . Jestli tam budou nejake soubory, hodte je treba na leteckou postu http://leteckaposta.cz/ a dejte mi sem odkaz.

Napiste mi velikost adresare plochy.

Vidim tam COMODO Internet Security. Mate u nej zapnuty jen Firewall?


Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.

Zdravím,
v Minidump nic není, plocha má 111 MB, mám zapnutý firewall a nějaký ''autosandbox''.


# AdwCleaner v3.024 - Report created 19/04/2014 at 13:40:30
# Updated 18/04/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Venda - VENDA-PC
# Running from : C:\Users\Venda\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
Folder Deleted : C:\Users\Venda\AppData\Roaming\Solvusoft
File Deleted : C:\Windows\System32\roboot64.exe

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD501041-8EBE-11CE-8183-00AA00577DA2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKCU\Software\Myfree Codec
Key Deleted : HKLM\Software\Myfree Codec
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17041


-\\ Mozilla Firefox v28.0 (cs)

[ File : C:\Users\Venda\AppData\Roaming\Mozilla\Firefox\Profiles\q4wwl40f.default\prefs.js ]


-\\ Google Chrome v

[ File : C:\Users\Venda\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [3155 octets] - [18/12/2013 20:54:45]
AdwCleaner[R1].txt - [2914 octets] - [19/04/2014 13:39:30]
AdwCleaner[S0].txt - [3206 octets] - [18/12/2013 21:05:39]
AdwCleaner[S1].txt - [2827 octets] - [19/04/2014 13:40:30]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [2887 octets] ##########


Děkuji.

Stahnete crystal disk info http://sourceforge.jp/projects/crystald ... 5_0_0.zip/
Spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)


Udelejte !!!kompletni!!! kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Home Premium Edition SP1 [6.1 Build 7601] (x64)
Date : 2014/04/20 21:45:31

-- Controller Map ----------------------------------------------------------
- Ricoh Memory Stick Controller [ATA]
+ Standardní řadič AHCI 1.0 s rozhraním Serial ATA [ATA]
+ ATA Channel 0 (0)
- TOSHIBA MK5061GSYN ATA Device
+ ATA Channel 1 (1)
- Optiarc DVDRWBD BC-5600S ATA Device
- ATA Channel 5 (5)
- Ricoh SD/MMC Host Controller [ATA]
- ATA Channel 5 (5) [ATA]
- Ricoh xD-Picture Card Controller [ATA]

-- Disk List ---------------------------------------------------------------
(1) TOSHIBA MK5061GSYN : 500,1 GB [0/0/0, pd1]
(2) TOSHIBA MQ01ABD100 : 1000,2 GB [1/X/X, sa1] (V=125F, P=A15A)

----------------------------------------------------------------------------
(1) TOSHIBA MK5061GSYN
----------------------------------------------------------------------------
Model : TOSHIBA MK5061GSYN
Firmware : MH000D
Serial Number : Y1ICTDRST
Disk Size : 500,1 GB (8,4/137,4/500,1)
Buffer Size : 16384 KB
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : 7200 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/300
Power On Hours : 376499 hod.
Power On Count : 2728 krát
Temparature : 32 C (89 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 0080h [ON]
AAM Level : FE80h [ON]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _50 000000000000 Počet chyb čtení
03 100 100 __1 00000000090B Čas na roztočení ploten
05 100 100 _50 000000000000 Počet přemapovaných sektorů
09 _85 _85 __0 00000005BEB3 Hodin v činnosti
0C 100 100 __0 000000000AA8 Počet cyklů zapnutí zařízení
BF 100 100 __0 000000000043 Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 000000000019 Počet vypnutí disku
C1 _91 _91 __0 0000000184D4 Počet cyklů načítání/vymazání
C2 100 100 __0 003A00050020 Teplota
C7 100 100 __0 000003742BDA Počet chyb v kontrolním součtu UltraDMA
C8 100 100 __0 000008943DF1 Počet chyb při zápisu sektorů
F0 _90 _90 __0 00000003C6C7 Čas nastavování hlaviček - v hodinách
F1 100 100 __0 00037A601A05 Total LBAs Written
F2 100 100 __0 00057F878B43 Total LBAs Read
FE 100 100 __0 000000000000 Ochrana proti pádu

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 3149 3149 4354 4452 5354
020: 0000 8000 0000 4D48 3030 2020 2020 544F 5348 4942
030: 4120 4D4B 3530 3631 4753 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0000 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0007 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 6F06 6F06 0004 004C 0040
080: 01F8 0000 746B 7F09 6163 BE09 BE09 6163 203F 003B
090: 003B 0080 FFFE 0000 FE80 0000 0000 0000 0000 0000
100: 6030 3A38 0000 0000 0000 4000 4000 0000 5000 0393
110: A158 6031 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 1028 4000 4000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 003D 003D 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1C20 0000 0000
220: 0000 0000 101F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 6FA5

----------------------------------------------------------------------------
(2) TOSHIBA MQ01ABD100
----------------------------------------------------------------------------
Enclosure : ADATA HD710 USB Device (V=125F, P=A15A, sa1)
Model : TOSHIBA MQ01ABD100
Firmware : AX001U
Serial Number : X23NT485T
Disk Size : 1000,2 GB (8,4/137,4/1000,2)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 1953525168
Rotation Rate : 5400 RPM
Interface : USB (Serial ATA)
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/300
Power On Hours : 1351 hod.
Power On Count : 790 krát
Temparature : 27 C (80 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 0080h [ON]
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _50 000000000000 Počet chyb čtení
02 100 100 _50 000000000000 Průchodnost disku
03 100 100 __1 000000000811 Čas na roztočení ploten
04 100 100 __0 000000000436 Počet spuštění/zastavení
05 100 100 _50 000000000000 Počet přemapovaných sektorů
07 100 100 _50 000000000000 Počet chybných hledání
08 100 100 _50 000000000000 Čas potřebný na vyhledání
09 _97 _97 __0 000000000547 Hodin v činnosti
0A 121 100 _30 000000000000 Počet opakovaných pokusů o roztočení ploten
0C 100 100 __0 000000000316 Počet cyklů zapnutí zařízení
BF 100 100 __0 000000000000 Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 00000000010F Počet vypnutí disku
C1 100 100 __0 000000001C73 Počet cyklů načítání/vymazání
C2 100 100 __0 00300007001B Teplota
C4 100 100 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
DC 100 100 __0 000000000000 Posunutí disku vůči ose
DE 100 100 __0 0000000000C3 Počet hodin zalažení budoucího mechanismu magnetických hlav
DF 100 100 __0 000000000000 Zatížení budiče magnetických hlav způsobené opakovanými úkony
E0 100 100 __0 000000000000 Zatížení budiče magnetických hlav způsobené napětím mechanických částí
E2 100 100 __0 000000000105 Celkový čas zatížení budiče magnetických hlav
F0 100 100 __1 000000000000 Čas nastavování hlaviček - v hodinách

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 3233 3233 4E54 3438 3554
020: 0000 4000 0000 4158 3030 2020 2020 544F 5348 4942
030: 4120 4D51 3031 4142 4431 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0000 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0007 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 0F06 0F06 0004 004C 0040
080: 01F8 0000 746B 7D09 6163 BC09 BC09 6163 203F 0075
090: 0075 0080 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 6DB0 7470 0000 0000 0000 6003 6003 0000 5000 0394
110: 51B0 08E8 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0021 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 003D 003D 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 101F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 6DA5



_______________________________________________________________________ ___


Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 20.4.2014
Scan Time: 22:17:56
Logfile: aaaa.txt
Administrator: Yes

Version: 2.00.1.1004
Malware Database: v2014.04.20.07
Rootkit Database: v2014.03.27.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Chameleon: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Venda

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 311496
Time Elapsed: 21 min, 3 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 1
PUP.Optional.SweetIM.A, HKLM\SOFTWARE\WOW6432NODE\SWEETIM, , [6c2b1715b2c93cfad107b5e127dc9967],

Registry Values: 1
PUP.Optional.SweetIM.A, HKLM\SOFTWARE\WOW6432NODE\SWEETIM|simapp_id, 11111111, , [6c2b1715b2c93cfad107b5e127dc9967]

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)



Snad je to správně, dal jsem Threat scan. Návod v odkazu je zřejmě na již starší verzi. Díky za pomoc.

Tento disk hlasi dost chyb - TOSHIBA MK5061GSYN


Nalezy MBAM nechte odstranit, pak MBAM odinstalujte.


Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe , ulozte ho na plochu, kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Zprava a objevi se log. Ten mi sem vlozte

Dost chyb - u toho vycházíte z toho počtu chyb čtení?

Je to důvod k reklamaci výrobku?

RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Venda [Práva správce]
Mód : Kontrola -- Datum : 04/20/2014 23:26:50
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 1 ¤¤¤
[SUSP PATH] DiskInfo.exe -- C:\Users\Venda\Desktop\yyy\DiskInfo.exe [7] -> SMAZÁNO [TermProc]

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤
[Address] EAT @firefox.exe (DllGetClassObject) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151CF8D)
[Address] EAT @firefox.exe (IEnumString_Next_WIC_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151DFF0)
[Address] EAT @firefox.exe (IEnumString_Reset_WIC_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151E019)
[Address] EAT @firefox.exe (IPropertyBag2_Write_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151E039)
[Address] EAT @firefox.exe (IWICBitmapClipper_Initialize_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151DD1A)
[Address] EAT @firefox.exe (IWICBitmapCodecInfo_DoesSupportAnimation_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151EA8A)
[Address] EAT @firefox.exe (IWICBitmapCodecInfo_DoesSupportLossless_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151EAAD)
[Address] EAT @firefox.exe (IWICBitmapCodecInfo_DoesSupportMultiframe_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151EAD0)
[Address] EAT @firefox.exe (IWICBitmapCodecInfo_GetContainerFormat_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151E9C3)
[Address] EAT @firefox.exe (IWICBitmapCodecInfo_GetDeviceManufacturer_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151E9E6)
[Address] EAT @firefox.exe (IWICBitmapCodecInfo_GetDeviceModels_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151EA0F)
[Address] EAT @firefox.exe (IWICBitmapCodecInfo_GetFileExtensions_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151EA61)
[Address] EAT @firefox.exe (IWICBitmapCodecInfo_GetMimeTypes_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151EA38)
[Address] EAT @firefox.exe (IWICBitmapDecoder_CopyPalette_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151D835)
[Address] EAT @firefox.exe (IWICBitmapDecoder_GetColorContexts_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151E99A)
[Address] EAT @firefox.exe (IWICBitmapDecoder_GetDecoderInfo_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151D812)
[Address] EAT @firefox.exe (IWICBitmapDecoder_GetFrameCount_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151D992)
[Address] EAT @firefox.exe (IWICBitmapDecoder_GetFrame_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151D858)
[Address] EAT @firefox.exe (IWICBitmapDecoder_GetMetadataQueryReader_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151D8CA)
[Address] EAT @firefox.exe (IWICBitmapDecoder_GetPreview_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151DC64)
[Address] EAT @firefox.exe (IWICBitmapDecoder_GetThumbnail_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151E9C3)
[Address] EAT @firefox.exe (IWICBitmapEncoder_Commit_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151DBF5)
[Address] EAT @firefox.exe (IWICBitmapEncoder_CreateNewFrame_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151DB77)
[Address] EAT @firefox.exe (IWICBitmapEncoder_GetEncoderInfo_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151DB4E)
[Address] EAT @firefox.exe (IWICBitmapEncoder_GetMetadataQueryWriter_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151D992)
[Address] EAT @firefox.exe (IWICBitmapEncoder_Initialize_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151DB22)
[Address] EAT @firefox.exe (IWICBitmapEncoder_SetPalette_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151DBCC)
[Address] EAT @firefox.exe (IWICBitmapEncoder_SetThumbnail_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151DBA3)
[Address] EAT @firefox.exe (IWICBitmapFlipRotator_Initialize_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151DD1A)
[Address] EAT @firefox.exe (IWICBitmapFrameDecode_GetColorContexts_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151D87E)
[Address] EAT @firefox.exe (IWICBitmapFrameDecode_GetMetadataQueryReader_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151D8CA)
[Address] EAT @firefox.exe (IWICBitmapFrameDecode_GetThumbnail_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151D8A7)
[Address] EAT @firefox.exe (IWICBitmapFrameEncode_Commit_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151D9B5)
[Address] EAT @firefox.exe (IWICBitmapFrameEncode_GetMetadataQueryWriter_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151EAF3)
[Address] EAT @firefox.exe (IWICBitmapFrameEncode_Initialize_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151DFA7)
[Address] EAT @firefox.exe (IWICBitmapFrameEncode_SetColorContexts_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151DAF6)
[Address] EAT @firefox.exe (IWICBitmapFrameEncode_SetResolution_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151DA07)
[Address] EAT @firefox.exe (IWICBitmapFrameEncode_SetSize_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151D9D5)
[Address] EAT @firefox.exe (IWICBitmapFrameEncode_SetThumbnail_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151DACD)
[Address] EAT @firefox.exe (IWICBitmapFrameEncode_WriteSource_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151DA61)
[Address] EAT @firefox.exe (IWICBitmapLock_GetDataPointer_STA_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151D7EC)
[Address] EAT @firefox.exe (IWICBitmapLock_GetStride_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151DC15)
[Address] EAT @firefox.exe (IWICBitmapScaler_Initialize_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151DCEE)
[Address] EAT @firefox.exe (IWICBitmapSource_CopyPalette_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151D812)
[Address] EAT @firefox.exe (IWICBitmapSource_CopyPixels_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151DC38)
[Address] EAT @firefox.exe (IWICBitmapSource_GetPixelFormat_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151DC15)
[Address] EAT @firefox.exe (IWICBitmapSource_GetResolution_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151D7EC)
[Address] EAT @firefox.exe (IWICBitmapSource_GetSize_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151D90D)
[Address] EAT @firefox.exe (IWICBitmap_Lock_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151E971)
[Address] EAT @firefox.exe (IWICBitmap_SetPalette_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151DC64)
[Address] EAT @firefox.exe (IWICBitmap_SetResolution_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151DC87)
[Address] EAT @firefox.exe (IWICColorContext_InitializeFromMemory_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151EB65)
[Address] EAT @firefox.exe (IWICComponentFactory_CreateMetadataWriterFromReader_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151D79A)
[Address] EAT @firefox.exe (IWICComponentFactory_CreateQueryWriterFromBlockWriter_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151D7C3)
[Address] EAT @firefox.exe (IWICComponentInfo_GetAuthor_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151E948)
[Address] EAT @firefox.exe (IWICComponentInfo_GetCLSID_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151DC15)
[Address] EAT @firefox.exe (IWICComponentInfo_GetFriendlyName_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151E99A)
[Address] EAT @firefox.exe (IWICComponentInfo_GetSpecVersion_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151D87E)
[Address] EAT @firefox.exe (IWICComponentInfo_GetVersion_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151E971)
[Address] EAT @firefox.exe (IWICFastMetadataEncoder_Commit_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151D8ED)
[Address] EAT @firefox.exe (IWICFastMetadataEncoder_GetMetadataQueryWriter_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151DC15)
[Address] EAT @firefox.exe (IWICFormatConverter_Initialize_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151DCB7)
[Address] EAT @firefox.exe (IWICImagingFactory_CreateBitmapClipper_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151D547)
[Address] EAT @firefox.exe (IWICImagingFactory_CreateBitmapFlipRotator_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151D570)
[Address] EAT @firefox.exe (IWICImagingFactory_CreateBitmapFromHBITMAP_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151D6AA)
[Address] EAT @firefox.exe (IWICImagingFactory_CreateBitmapFromHICON_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151D6D6)
[Address] EAT @firefox.exe (IWICImagingFactory_CreateBitmapFromMemory_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151D646)
[Address] EAT @firefox.exe (IWICImagingFactory_CreateBitmapFromSource_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151D61D)
[Address] EAT @firefox.exe (IWICImagingFactory_CreateBitmapScaler_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151D51E)
[Address] EAT @firefox.exe (IWICImagingFactory_CreateBitmap_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151D67B)
[Address] EAT @firefox.exe (IWICImagingFactory_CreateComponentInfo_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151D4C9)
[Address] EAT @firefox.exe (IWICImagingFactory_CreateDecoderFromFileHandle_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151D491)
[Address] EAT @firefox.exe (IWICImagingFactory_CreateDecoderFromFilename_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151D456)
[Address] EAT @firefox.exe (IWICImagingFactory_CreateDecoderFromStream_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151D41E)
[Address] EAT @firefox.exe (IWICImagingFactory_CreateEncoder_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151D5C2)
[Address] EAT @firefox.exe (IWICImagingFactory_CreateFastMetadataEncoderFromDecoder_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151D6FC)
[Address] EAT @firefox.exe (IWICImagingFactory_CreateFastMetadataEncoderFromFrameDecode_Prox¯ì­è™‘ø"A) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151D722)
[Address] EAT @firefox.exe (IWICImagingFactory_CreateFormatConverter_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151D4F5)
[Address] EAT @firefox.exe (IWICImagingFactory_CreatePalette_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151DACD)
[Address] EAT @firefox.exe (IWICImagingFactory_CreateQueryWriterFromReader_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151D771)
[Address] EAT @firefox.exe (IWICImagingFactory_CreateQueryWriter_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151D748)
[Address] EAT @firefox.exe (IWICImagingFactory_CreateStream_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151D599)
[Address] EAT @firefox.exe (IWICMetadataBlockReader_GetCount_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151DC15)
[Address] EAT @firefox.exe (IWICMetadataBlockReader_GetReaderByIndex_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151D7EC)
[Address] EAT @firefox.exe (IWICMetadataQueryReader_GetContainerFormat_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151DFA7)
[Address] EAT @firefox.exe (IWICMetadataQueryReader_GetEnumerator_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151D812)
[Address] EAT @firefox.exe (IWICMetadataQueryReader_GetLocation_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151E039)
[Address] EAT @firefox.exe (IWICMetadataQueryReader_GetMetadataByName_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151D7EC)
[Address] EAT @firefox.exe (IWICMetadataQueryWriter_RemoveMetadataByName_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151D8CA)
[Address] EAT @firefox.exe (IWICMetadataQueryWriter_SetMetadataByName_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151DFCA)
[Address] EAT @firefox.exe (IWICPalette_GetColorCount_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151D95C)
[Address] EAT @firefox.exe (IWICPalette_GetColors_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151D87E)
[Address] EAT @firefox.exe (IWICPalette_GetType_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151D835)
[Address] EAT @firefox.exe (IWICPalette_HasAlpha_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151D992)
[Address] EAT @firefox.exe (IWICPalette_InitializeCustom_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151EB65)
[Address] EAT @firefox.exe (IWICPalette_InitializeFromBitmap_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151D933)
[Address] EAT @firefox.exe (IWICPalette_InitializeFromPalette_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151D812)
[Address] EAT @firefox.exe (IWICPalette_InitializePredefined_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151D90D)
[Address] EAT @firefox.exe (IWICPixelFormatInfo_GetBitsPerPixel_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151EAF3)
[Address] EAT @firefox.exe (IWICPixelFormatInfo_GetChannelCount_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151DD40)
[Address] EAT @firefox.exe (IWICPixelFormatInfo_GetChannelMask_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151EB16)
[Address] EAT @firefox.exe (IWICStream_InitializeFromIStream_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151DD40)
[Address] EAT @firefox.exe (IWICStream_InitializeFromMemory_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151DD63)
[Address] EAT @firefox.exe (WICConvertBitmapSource) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151DDA8)
[Address] EAT @firefox.exe (WICCreateBitmapFromSection) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151DF7D)
[Address] EAT @firefox.exe (WICCreateBitmapFromSectionEx) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151DE7C)
[Address] EAT @firefox.exe (WICCreateColorContext_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151EB42)
[Address] EAT @firefox.exe (WICCreateImagingFactory_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151D01B)
[Address] EAT @firefox.exe (WICGetMetadataContentSize) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151E60D)
[Address] EAT @firefox.exe (WICMapGuidToShortName) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151D0DC)
[Address] EAT @firefox.exe (WICMapSchemaToName) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151D2D0)
[Address] EAT @firefox.exe (WICMapShortNameToGuid) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151D207)
[Address] EAT @firefox.exe (WICMatchMetadataContent) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151E062)
[Address] EAT @firefox.exe (WICSerializeMetadataContent) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151E1A4)
[Address] EAT @firefox.exe (WICSetEncoderFormat_Proxy) : actxprxy.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x6151DD89)

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


ÿþ1

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) TOSHIBA MK5061GSYN ATA Device +++++
--- User ---
[MBR] d5870f1273100b7a2962a68d00fbd0c1
[BSP] e3e0dbb9873430157d84cda999c1a5e0 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 59899 MB
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 122880000 | Size: 100000 MB
3 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 327680000 | Size: 316939 MB
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ USB) ADATA HD710 USB Device +++++
--- User ---
[MBR] 856c1b2dee3df76f21b4dc17e7c958f6
[BSP] 82d7ff69be87504ac178f883a85e526c : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 953867 MB
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] Po?adavek není podporován. )

Dokončeno : << RKreport[0]_S_04202014_232650.txt >>

BF 100 100 __0 000000000043 Počet udalostí zaznamenaných otřesovým senzorem
C7 100 100 __0 000003742BDA Počet chyb v kontrolním součtu UltraDMA
C8 100 100 __0 000008943DF1 Počet chyb při zápisu sektorů

Nevim, jestli je to na reklamaci. Mozna by stacil format a nova instalace systemu.


Dejte novy log z RSIT

Logfile of random's system information tool 1.09 (written by random/random)
Run by Venda at 2014-04-21 00:07:46
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 6 GB (10%) free of 60 GB
Total RAM: 4061 MB (47% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:07:49, on 21.4.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)
Boot mode: Normal

Running processes:
D:\programy\telefon\Samsung\Kies\Kies.exe
D:\programy\Antivir\avastui.exe
D:\programy\telefon\Samsung\Kies\KiesTrayAgent.exe
D:\programy\internet\Mozilla_Firefox\firefox.exe
D:\programy\internet\Mozilla_Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
C:\Program Files\trend micro\Venda.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - D:\programy\tiskarna\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - D:\programy\tiskarna\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [SafeQ Client] "C:\Program Files (x86)\Y Soft\SafeQ Client\Client\SafeQ Client.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "D:\programy\Antivir\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [KiesTrayAgent] D:\programy\telefon\Samsung\Kies\KiesTrayAgent.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [KiesPreload] D:\programy\telefon\Samsung\Kies\Kies.exe /preload
O4 - HKCU\..\Run: [Google Update] "C:\Users\Venda\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-18\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'Default user')
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\programy\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - D:\programy\tiskarna\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.connectify.me
O15 - ESC Trusted Zone: http://*.fastspring.com
O15 - ESC Trusted Zone: http://*.connectify.me (HKLM)
O15 - ESC Trusted Zone: http://*.fastspring.com (HKLM)
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://content.systemrequirementslab.co ... 5.13.0.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O23 - Service: Aktivace aplikace ABBYY PDF Transformer 3.0 – Licenční služba (ABBYY.Licensing.PDFTransformer.Classic.3.0) - ABBYY - D:\programy\PDF\ABBYY\NetworkLicenseServer.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: avast! Antivirus - AVAST Software - D:\programy\Antivir\AvastSvc.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - D:\programy\Firewall\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - D:\programy\Firewall\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: Connectify - Connectify - C:\Program Files (x86)\Connectify\ConnectifyService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Správce úloh aplikace Autodesk Moldflow Inventor Tool Suite Integration 2012 (mitsijm2012) - Autodesk, Inc. - D:\programy\AutodeskInventor\nainstalovanozde\Inventor 2012\Moldflow\bin\mitsijm.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8472 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"D:\programy\Firewall\COMODO\COMODO Internet Security\cmdagent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\STacSV64.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
"D:\programy\Antivir\AvastSvc.exe"
atieclxx
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
D:\programy\PDF\ABBYY\NetworkLicenseServer.exe -service
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe
"C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe"
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
"D:\programy\AutodeskInventor\nainstalovanozde\Inventor 2012\Moldflow\bin\mitsijm.exe"
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\alg.exe
C:\Windows\system32\svchost.exe -k HPService
"D:\programy\Firewall\COMODO\COMODO Internet Security\cavwp.exe" /ModeAvMonitor -Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"D:\programy\Firewall\COMODO\COMODO Internet Security\cistray.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Windows\System32\StikyNot.exe"
"D:\programy\telefon\Samsung\Kies\Kies.exe" /preload
"C:\Program Files (x86)\Y Soft\SafeQ Client\Client\SafeQ Client.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"D:\programy\Antivir\avastui.exe" /nogui
"D:\programy\telefon\Samsung\Kies\KiesTrayAgent.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"D:\programy\Firewall\COMODO\COMODO Internet Security\cis.exe" --alertsUI
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"D:\programy\internet\Mozilla_Firefox\firefox.exe"
"D:\programy\internet\Mozilla_Firefox\plugin-container.exe" --channel=4976.993b9d0.912062093 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll" -greomni "D:\programy\internet\Mozilla_Firefox\omni.ja" -appomni "D:\programy\internet\Mozilla_Firefox\browser\omni.ja" -appdir "D:\programy\internet\Mozilla_Firefox\browser" D89B6F50DCF030DE 4976 "\\.\pipe\gecko-crash-server-pipe.4976" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe" --proxy-stub-channel=Flash4644.5EDC7F48.16521 --host-broker-channel=Flash4644.5EDC7F48.14731 --host-pid=4644 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe" --channel=2064.0038F78C.3167132 --proxy-stub-channel=Flash4644.5EDC7F48.16521 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll" --host-npapi-version=27 --type=renderer
taskhost.exe $(Arg0)
"C:\Users\Venda\Downloads\RSITx64(3).exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-470748899-3113019695-3459368386-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-470748899-3113019695-3459368386-1000UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Venda\AppData\Roaming\Mozilla\Firefox\Profiles\q4wwl40f.default

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.70 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.51.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.70 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.51.2]
"Description"=Java™ Deployment Toolkit
"Path"=D:\programy\internet\Java\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=D:\programy\internet\Java\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll


D:\programy\internet\Mozilla_Firefox\plugins\
np-mswmp.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Users\Venda\AppData\Roaming\Mozilla\Firefox\Profiles\q4wwl40f.default\extensions\
{3d7eb24f-2740-49df-8937-200b1cc08f8a}
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - D:\programy\internet\Java\bin\ssv.dll [2014-01-25 553384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - D:\programy\internet\Java\bin\jp2ssv.dll [2014-01-25 210856]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - D:\programy\tiskarna\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-12-18 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-12-18 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - D:\programy\tiskarna\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20 509496]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"COMODO Internet Security"=D:\programy\Firewall\COMODO\COMODO Internet Security\cistray.exe [2014-03-25 1275608]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-08-24 1822504]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 427520]
"WEBTRAN"= []
"ABBYY Screenshot Reader Bonus"= []
""= []
"KiesPreload"=D:\programy\telefon\Samsung\Kies\Kies.exe [2014-02-14 1564992]
"Google Update"=C:\Users\Venda\AppData\Local\Google\Update\GoogleUpdate.exe [2013-02-08 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ABBYY Screenshot Reader Bonus]
D:\programy\PDF\ABBYY\Bonus.ScreenshotReader.exe [2010-03-25 939272]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Autodesk Sync]
C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2013-02-05 1081224]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Connectify]
C:\Program Files (x86)\Connectify\Connectify.exe [2013-12-23 3755296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
D:\programy\systemove_programy\Daemon_Tools_Lite\DTLite.exe [2012-02-13 3481408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dxtory Update Checker 2.0]
D:\programy\systemove_programy\Dxtory2.0\UpdateChecker.exe [2010-10-17 93696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Venda\AppData\Local\Google\Update\GoogleUpdate.exe [2013-02-08 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SysTrayApp]
C:\Program Files\IDT\WDM\sttray64.exe [2010-01-21 487424]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^ElsoftTray.exe]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ElsoftTray.exe []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SafeQ Client"=C:\Program Files (x86)\Y Soft\SafeQ Client\Client\SafeQ Client.exe [2012-07-20 259072]
"AvastUI.exe"=D:\programy\Antivir\AvastUI.exe [2014-04-02 3774312]
"KiesTrayAgent"=D:\programy\telefon\Samsung\Kies\KiesTrayAgent.exe [2014-02-14 311616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\System32\guard64.dll"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"vidc.xtor"=DxtoryCodec.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2014-04-20 21:48:22 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2014-04-15 06:53:44 ----A---- C:\Windows\system32\ieui.dll
2014-04-15 06:53:43 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-04-15 06:53:40 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-04-15 06:53:40 ----A---- C:\Windows\system32\vbscript.dll
2014-04-15 06:53:32 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-15 06:53:32 ----A---- C:\Windows\system32\iernonce.dll
2014-04-15 06:53:32 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-04-15 06:53:32 ----A---- C:\Windows\system32\ie4uinit.exe
2014-04-15 06:53:31 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-04-15 06:53:31 ----A---- C:\Windows\system32\jscript9diag.dll
2014-04-15 06:53:31 ----A---- C:\Windows\system32\dxtrans.dll
2014-04-15 06:53:31 ----A---- C:\Windows\system32\dxtmsft.dll
2014-04-15 06:53:30 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-04-15 06:53:30 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-04-15 06:53:30 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-04-15 06:53:30 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-04-15 06:53:30 ----A---- C:\Windows\system32\msrating.dll
2014-04-15 06:53:30 ----A---- C:\Windows\system32\msfeeds.dll
2014-04-15 06:53:30 ----A---- C:\Windows\system32\jsproxy.dll
2014-04-15 06:53:29 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-04-15 06:53:29 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-04-15 06:53:29 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-04-15 06:53:29 ----A---- C:\Windows\system32\ieUnatt.exe
2014-04-15 06:53:29 ----A---- C:\Windows\system32\iesetup.dll
2014-04-15 06:53:28 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-04-15 06:53:28 ----A---- C:\Windows\system32\mshtml.dll
2014-04-15 06:53:26 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-04-15 06:53:26 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-04-15 06:53:26 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-04-15 06:53:26 ----A---- C:\Windows\system32\ieapfltr.dll
2014-04-15 06:53:25 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-15 06:53:25 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-04-15 06:53:25 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-04-15 06:53:24 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-04-15 06:53:24 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-04-15 06:53:24 ----A---- C:\Windows\system32\iertutil.dll
2014-04-15 06:53:23 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-04-15 06:53:23 ----A---- C:\Windows\system32\wininet.dll
2014-04-15 06:53:23 ----A---- C:\Windows\system32\urlmon.dll
2014-04-15 06:53:22 ----A---- C:\Windows\system32\ieframe.dll
2014-04-15 06:53:21 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-04-15 06:53:20 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-04-15 06:53:20 ----A---- C:\Windows\system32\jscript9.dll
2014-04-15 06:53:19 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-04-11 18:11:47 ----D---- C:\Users\Venda\AppData\Roaming\Comodo
2014-04-11 18:08:56 ----D---- C:\ProgramData\Comodo Downloader
2014-04-11 18:08:24 ----D---- C:\ProgramData\Shared Space
2014-04-11 18:08:07 ----A---- C:\Windows\SYSWOW64\cmdvrt32.dll
2014-04-11 18:08:07 ----A---- C:\Windows\SYSWOW64\cmdkbd32.dll
2014-04-11 18:08:07 ----A---- C:\Windows\system32\cmdvrt64.dll
2014-04-11 18:08:07 ----A---- C:\Windows\system32\cmdkbd64.dll
2014-04-11 00:23:40 ----ASH---- C:\pagefile.sys
2014-04-09 00:02:18 ----A---- C:\Windows\system32\kernel32.dll
2014-04-09 00:02:17 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2014-04-09 00:02:17 ----A---- C:\Windows\system32\wow64.dll
2014-04-09 00:02:16 ----A---- C:\Windows\SYSWOW64\setup16.exe
2014-04-09 00:02:16 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2014-04-09 00:02:16 ----A---- C:\Windows\system32\wow64win.dll
2014-04-09 00:02:16 ----A---- C:\Windows\system32\ntvdm64.dll
2014-04-09 00:02:15 ----A---- C:\Windows\system32\wow64cpu.dll
2014-04-09 00:02:10 ----A---- C:\Windows\SYSWOW64\wow32.dll
2014-04-09 00:02:08 ----A---- C:\Windows\SYSWOW64\instnm.exe
2014-04-09 00:02:07 ----A---- C:\Windows\SYSWOW64\user.exe

======List of files/folders modified in the last 1 month======

2014-04-21 00:07:48 ----D---- C:\Windows\Temp
2014-04-21 00:07:48 ----D---- C:\Program Files\trend micro
2014-04-20 23:27:26 ----D---- C:\Windows\Prefetch
2014-04-20 23:26:33 ----D---- C:\Windows\system32\drivers
2014-04-20 21:52:10 ----D---- C:\Windows\system32\config
2014-04-20 21:47:30 ----D---- C:\ProgramData\Malwarebytes
2014-04-20 21:42:37 ----D---- C:\Windows\System32
2014-04-20 21:42:37 ----D---- C:\Windows\inf
2014-04-20 21:42:37 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-04-19 13:40:40 ----D---- C:\AdwCleaner
2014-04-19 13:24:14 ----D---- C:\Windows
2014-04-18 22:10:36 ----D---- C:\Users\Venda\AppData\Roaming\vlc
2014-04-18 20:57:35 ----D---- C:\Users\Venda\AppData\Roaming\ICQ
2014-04-18 18:15:22 ----SHD---- C:\System Volume Information
2014-04-18 00:06:19 ----SHD---- C:\Windows\Installer
2014-04-15 23:02:17 ----D---- C:\Windows\rescache
2014-04-15 18:45:49 ----D---- C:\Windows\winsxs
2014-04-15 18:44:50 ----D---- C:\Program Files\Internet Explorer
2014-04-15 18:44:49 ----D---- C:\Windows\SYSWOW64\en-US
2014-04-15 18:44:49 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-04-15 18:44:49 ----D---- C:\Windows\SysWOW64
2014-04-15 18:44:47 ----D---- C:\Windows\system32\cs-CZ
2014-04-15 18:44:47 ----D---- C:\Windows\PolicyDefinitions
2014-04-15 18:44:46 ----D---- C:\Windows\system32\en-US
2014-04-15 18:44:45 ----D---- C:\Program Files (x86)\Internet Explorer
2014-04-15 06:54:24 ----D---- C:\Windows\system32\catroot2
2014-04-15 06:54:24 ----D---- C:\Windows\system32\catroot
2014-04-12 23:34:07 ----D---- C:\Users\Venda\AppData\Roaming\uTorrent
2014-04-12 23:33:54 ----D---- C:\Windows\Minidump
2014-04-12 23:33:54 ----D---- C:\Windows\debug
2014-04-11 18:08:56 ----D---- C:\ProgramData
2014-04-11 18:08:54 ----D---- C:\Windows\system32\Tasks
2014-04-09 17:45:44 ----D---- C:\Windows\AppPatch
2014-04-09 17:30:37 ----SHD---- C:\Config.Msi
2014-04-09 17:30:37 ----D---- C:\ProgramData\Microsoft Help
2014-04-09 17:29:39 ----D---- C:\Windows\system32\MRT
2014-04-09 17:23:22 ----A---- C:\Windows\system32\MRT.exe
2014-04-06 20:35:12 ----RD---- C:\Program Files (x86)
2014-03-31 09:35:08 ----N---- C:\Windows\system32\MpSigStub.exe
2014-03-30 11:34:13 ----D---- C:\Windows\SoftwareDistribution
2014-03-26 00:07:09 ----D---- C:\Users\Venda\AppData\Roaming\dvdcss
2014-03-25 21:22:37 ----A---- C:\Windows\system32\cmdcsr.dll
2014-03-25 21:22:36 ----A---- C:\Windows\SYSWOW64\guard32.dll
2014-03-25 21:22:35 ----A---- C:\Windows\system32\guard64.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2013-10-23 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2013-12-29 207904]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2006-07-24 52664]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswRdr;aswRdr; \??\C:\Windows\system32\drivers\aswRdr2.sys [2013-10-23 92544]
R1 aswSnx;aswSnx; \??\C:\Windows\system32\drivers\aswSnx.sys [2014-02-02 1038072]
R1 aswSP;aswSP; \??\C:\Windows\system32\drivers\aswSP.sys [2014-02-02 421704]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\System32\DRIVERS\cmdguard.sys [2014-04-16 738472]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2014-04-16 48360]
R1 cnnctfy3;Connectify LightWeight Filter; C:\Windows\system32\DRIVERS\cnnctfy3.sys [2014-02-05 35352]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-02-17 283200]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2014-04-16 105552]
R1 VWiFiFlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2014-02-02 78648]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmpx64.sys [2009-06-25 67584]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimspx64.sys [2009-06-25 55296]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdpx64.sys [2009-06-25 57856]
R3 aswStm;aswStm; \??\C:\Windows\system32\drivers\aswStm.sys [2014-02-02 80184]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-18 6037504]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2009-06-10 270848]
R3 NETwNs64;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 64 Bit; C:\Windows\system32\DRIVERS\NETwNs64.sys [2012-01-24 8616960]
R3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056]
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt64.sys [2010-01-21 505856]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-08-24 285744]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 cpuz135;cpuz135; \??\C:\Users\Venda\Desktop\pc-wizard\pcwiz_x64.sys []
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-20 19968]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 64bitový systém Windows Vista; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2013-01-23 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2013-01-23 27136]
S3 nmwcdnsucx64;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsucx64.sys [2013-01-23 12800]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys [2013-01-23 171008]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\Windows\system32\DRIVERS\ss_bus.sys [2014-01-23 127488]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\Windows\system32\DRIVERS\ss_mdfl.sys [2014-01-23 18944]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\Windows\system32\DRIVERS\ss_mdm.sys [2014-01-23 161280]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2013-01-23 9216]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2013-01-23 9216]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ABBYY.Licensing.PDFTransformer.Classic.3.0;Aktivace aplikace ABBYY PDF Transformer 3.0 – Licenční služba; D:\programy\PDF\ABBYY\NetworkLicenseServer.exe [2010-02-01 759048]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe [2009-03-03 89600]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-18 203264]
R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2012-12-13 12288]
R2 avast! Antivirus;avast! Antivirus; D:\programy\Antivir\AvastSvc.exe [2014-02-02 50344]
R2 cmdAgent;COMODO Internet Security Helper Service; D:\programy\Firewall\COMODO\COMODO Internet Security\cmdagent.exe [2014-04-16 6817544]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 mitsijm2012;Správce úloh aplikace Autodesk Moldflow Inventor Tool Suite Integration 2012; D:\programy\AutodeskInventor\nainstalovanozde\Inventor 2012\Moldflow\bin\mitsijm.exe [2011-08-03 848704]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-01-20 76888]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\STacSV64.exe [2010-01-21 244736]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-09 123856]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-05-15 116648]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-09 51648]
S3 cmdvirth;COMODO Virtual Service Manager; D:\programy\Firewall\COMODO\COMODO Internet Security\cmdvirth.exe [2014-03-25 2264280]
S3 Connectify;Connectify; C:\Program Files (x86)\Connectify\ConnectifyService.exe [2013-12-23 487936]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2013-11-20 1471792]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-05-15 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-03-06 111616]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-02-16 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]

-----------------EOF-----------------

Jeste jeden sken a budem mazat.


Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

OTL logfile created on: 21.4.2014 8:52:15 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Venda\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17041)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,97 Gb Total Physical Memory | 1,72 Gb Available Physical Memory | 43,42% Memory free
7,93 Gb Paging File | 5,51 Gb Available in Paging File | 69,44% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 58,50 Gb Total Space | 7,66 Gb Free Space | 13,10% Space Free | Partition Type: NTFS
Drive D: | 97,66 Gb Total Space | 25,81 Gb Free Space | 26,43% Space Free | Partition Type: NTFS
Drive F: | 309,51 Gb Total Space | 258,88 Gb Free Space | 83,64% Space Free | Partition Type: NTFS
Drive G: | 931,51 Gb Total Space | 37,63 Gb Free Space | 4,04% Space Free | Partition Type: NTFS

Computer Name: VENDA-PC | User Name: Venda | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014.04.21 07:32:03 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Venda\Desktop\OTL.exe
PRC - [2014.04.02 21:55:29 | 003,774,312 | ---- | M] (AVAST Software) -- D:\programy\Antivir\avastui.exe
PRC - [2014.03.30 02:48:41 | 000,275,568 | ---- | M] (Mozilla Corporation) -- D:\programy\internet\Mozilla_Firefox\firefox.exe
PRC - [2014.03.30 02:48:40 | 000,018,544 | ---- | M] (Mozilla Corporation) -- D:\programy\internet\Mozilla_Firefox\plugin-container.exe
PRC - [2014.02.23 12:09:15 | 001,863,560 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
PRC - [2014.02.14 22:55:24 | 000,311,616 | ---- | M] (Samsung Electronics Co., Ltd.) -- D:\programy\telefon\Samsung\Kies\KiesTrayAgent.exe
PRC - [2014.02.14 22:55:18 | 001,564,992 | ---- | M] (Samsung) -- D:\programy\telefon\Samsung\Kies\Kies.exe
PRC - [2014.02.02 17:42:42 | 000,050,344 | ---- | M] (AVAST Software) -- D:\programy\Antivir\AvastSvc.exe
PRC - [2013.12.21 08:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.01.20 23:53:19 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012.12.13 18:37:26 | 000,012,288 | ---- | M] (Autodesk, Inc.) -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
PRC - [2010.02.01 17:51:07 | 000,759,048 | ---- | M] (ABBYY) -- D:\programy\PDF\ABBYY\NetworkLicenseServer.exe


========== Modules (No Company Name) ==========

MOD - [2014.03.30 02:48:40 | 003,642,480 | ---- | M] () -- D:\programy\internet\Mozilla_Firefox\mozjs.dll
MOD - [2014.02.23 12:09:15 | 016,265,096 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll
MOD - [2014.02.13 22:57:41 | 000,786,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runt73a1fc9d#\c3885cc7cab15da4386e65d2ad552661\System.Runtime.Remoting.ni.dll
MOD - [2014.02.13 22:54:20 | 000,220,160 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\c8bd7b726e571a2948d5547fd030f303\System.ServiceProcess.ni.dll
MOD - [2014.02.13 22:54:12 | 001,880,576 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\9d3572e8c3c314a0f12383d41e8bee78\System.Xaml.ni.dll
MOD - [2014.02.13 22:54:03 | 018,545,152 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\8711b01d60a94d6ef6a02d7fd0578493\PresentationFramework.ni.dll
MOD - [2014.02.13 22:53:50 | 010,926,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\43a5fc0dffa4a254749608452df27b6a\PresentationCore.ni.dll
MOD - [2014.02.13 22:53:41 | 003,910,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\ac2e26bafa70e93b307087d7fe6b9dd2\WindowsBase.ni.dll
MOD - [2014.02.13 22:53:36 | 007,566,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\95a58c416cfe8803af6b325d952a374a\System.Xml.ni.dll
MOD - [2014.02.13 22:53:35 | 006,998,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\6497e394eb0346d9f374976af5033e37\System.Core.ni.dll
MOD - [2014.02.13 22:53:30 | 000,964,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\853f7abd2d9a620ba57c7b4005fe1976\System.Configuration.ni.dll
MOD - [2014.02.13 22:53:29 | 009,937,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\a369005c18456d7fd36347e36d63fe05\System.ni.dll
MOD - [2014.02.13 22:53:22 | 016,546,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\d12f4fda3d1bfabf888342e96983e9a7\mscorlib.ni.dll
MOD - [2013.10.23 18:52:55 | 019,336,120 | ---- | M] () -- D:\programy\Antivir\libcef.dll


========== Services (SafeList) ==========

SRV:64bit: - [2014.03.06 10:29:14 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013.11.20 21:40:04 | 001,471,792 | ---- | M] (Flexera Software LLC) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2013.05.27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2010.01.21 05:10:00 | 000,244,736 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\stacsv64.exe -- (STacSV)
SRV:64bit: - [2009.08.18 03:36:20 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.03.03 03:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe -- (AESTFilters)
SRV - [2014.04.16 23:12:45 | 006,817,544 | ---- | M] (COMODO) [Auto | Running] -- D:\programy\Firewall\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2014.03.25 21:22:18 | 002,264,280 | ---- | M] (COMODO) [On_Demand | Running] -- D:\programy\Firewall\COMODO\COMODO Internet Security\cmdvirth.exe -- (cmdvirth)
SRV - [2014.02.02 17:42:42 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- D:\programy\Antivir\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013.12.23 20:58:48 | 000,487,936 | ---- | M] (Connectify) [On_Demand | Stopped] -- C:\Program Files (x86)\Connectify\ConnectifyService.exe -- (Connectify)
SRV - [2013.12.21 08:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.04.18 11:06:42 | 000,737,616 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2013.01.20 23:53:19 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012.12.13 18:37:26 | 000,012,288 | ---- | M] (Autodesk, Inc.) [Auto | Running] -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe -- (Autodesk Content Service)
SRV - [2012.07.09 01:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2011.08.03 05:23:08 | 000,848,704 | ---- | M] (Autodesk, Inc.) [Auto | Running] -- D:\programy\AutodeskInventor\nainstalovanozde\Inventor 2012\Moldflow\bin\mitsijm.exe -- (mitsijm2012)
SRV - [2010.02.01 17:51:07 | 000,759,048 | ---- | M] (ABBYY) [Auto | Running] -- D:\programy\PDF\ABBYY\NetworkLicenseServer.exe -- (ABBYY.Licensing.PDFTransformer.Classic.3.0)
SRV - [2010.01.21 05:10:00 | 000,244,736 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\STacSV64.exe -- (STacSV)
SRV - [2009.09.20 12:55:20 | 001,037,824 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- D:\programy\tiskarna\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.03.03 03:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe -- (AESTFilters)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2014.02.05 23:14:37 | 000,035,352 | ---- | M] (Connectify) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\cnnctfy3.sys -- (cnnctfy3)
DRV:64bit: - [2014.02.02 17:42:46 | 000,080,184 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\aswstm.sys -- (aswStm)
DRV:64bit: - [2014.02.02 17:42:45 | 001,038,072 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2014.02.02 17:42:45 | 000,421,704 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsp.sys -- (aswSP)
DRV:64bit: - [2014.02.02 17:42:45 | 000,078,648 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2014.01.23 05:20:58 | 000,161,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_mdm.sys -- (ss_mdm)
DRV:64bit: - [2014.01.23 05:20:58 | 000,127,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bus.sys -- (ss_bus)
DRV:64bit: - [2014.01.23 05:20:58 | 000,018,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_mdfl.sys -- (ss_mdfl)
DRV:64bit: - [2013.12.29 14:50:38 | 000,207,904 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013.10.23 18:52:57 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013.10.23 18:52:56 | 000,092,544 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013.08.29 03:29:52 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2013.01.23 10:31:52 | 000,171,008 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys -- (nmwcdnsux64)
DRV:64bit: - [2013.01.23 10:31:52 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2013.01.23 10:31:52 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2013.01.23 10:31:52 | 000,012,800 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsucx64.sys -- (nmwcdnsucx64)
DRV:64bit: - [2013.01.23 10:31:52 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2013.01.23 10:31:52 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2012.10.17 14:53:46 | 000,026,112 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2012.08.23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 16:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.02.17 12:15:50 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012.01.24 00:44:12 | 008,616,960 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 11:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010.01.21 05:10:00 | 000,505,856 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2009.08.24 12:20:22 | 000,285,744 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009.08.18 04:48:48 | 006,037,504 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.25 09:04:20 | 000,067,584 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimmpx64.sys -- (rimmptsk)
DRV:64bit: - [2009.06.25 08:38:52 | 000,057,856 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rixdpx64.sys -- (rismxdp)
DRV:64bit: - [2009.06.25 08:13:44 | 000,055,296 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimspx64.sys -- (rimsptsk)
DRV:64bit: - [2009.06.10 22:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64)
DRV:64bit: - [2009.06.10 22:34:36 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2006.07.24 03:00:00 | 000,052,664 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-470748899-3113019695-3459368386-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\S-1-5-21-470748899-3113019695-3459368386-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-470748899-3113019695-3459368386-1000\..\SearchScopes\{E5A31988-1B53-4882-B25D-9A402CDE34F4}: "URL" = http://www.google.com/search?q={searchT ... utEncoding?}
IE - HKU\S-1-5-21-470748899-3113019695-3459368386-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-470748899-3113019695-3459368386-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.param.yahoo-fr: "chrf-comodo"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-comodo"
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledAddons: facebook%40disconnect.me:2.1.3
FF - prefs.js..extensions.enabledAddons: vlcplaylist%40helgatauscher.de:0.8
FF - prefs.js..extensions.enabledAddons: %7B003D3EDC-99B9-4a34-9C20-60CB94F7E829%7D:2009
FF - prefs.js..extensions.enabledAddons: %7B35106bca-6c78-48c7-ac28-56df30b51d2a%7D:1.3.8
FF - prefs.js..extensions.enabledAddons: %7B3d7eb24f-2740-49df-8937-200b1cc08f8a%7D:1.5.17
FF - prefs.js..extensions.enabledAddons: %7B54BB9F3F-07E5-486c-9B39-C7398B99391C%7D:4.1.2013040601
FF - prefs.js..extensions.enabledAddons: %7Baff87fa2-a58e-4edd-b852-0a20203c1e17%7D:0.9
FF - prefs.js..extensions.enabledAddons: %7Bde9644c0-a985-11e1-afa6-0800200c9a66%7D:1.0.3
FF - prefs.js..extensions.enabledAddons: %7B097d3191-e6fa-4728-9826-b533d755359d%7D:0.7.21
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.22
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:28.0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: D:\programy\internet\Java\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: D:\programy\internet\Java\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Venda\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Venda\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: D:\programy\tiskarna\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.02.27 00:21:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Components: D:\programy\internet\Mozilla_Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Plugins: D:\programy\internet\Mozilla_Firefox\plugins [2014.03.30 02:48:36 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: D:\programy\tiskarna\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.02.27 00:21:49 | 000,000,000 | ---D | M]

[2012.02.16 22:33:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Venda\AppData\Roaming\Mozilla\Extensions
[2014.03.25 18:15:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Venda\AppData\Roaming\Mozilla\Firefox\Profiles\q4wwl40f.default\extensions
[2013.04.16 07:56:47 | 000,000,000 | ---D | M] (Flashblock) -- C:\Users\Venda\AppData\Roaming\Mozilla\Firefox\Profiles\q4wwl40f.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
[2014.03.25 18:15:58 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Venda\AppData\Roaming\Mozilla\Firefox\Profiles\q4wwl40f.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012.08.13 23:23:08 | 000,035,735 | ---- | M] () (No name found) -- C:\Users\Venda\AppData\Roaming\Mozilla\Firefox\Profiles\q4wwl40f.default\extensions\facebook@disconnect.me.xpi
[2013.05.02 19:52:22 | 000,009,582 | ---- | M] () (No name found) -- C:\Users\Venda\AppData\Roaming\Mozilla\Firefox\Profiles\q4wwl40f.default\extensions\vlcplaylist@helgatauscher.de.xpi
[2013.11.25 23:53:34 | 000,146,598 | ---- | M] () (No name found) -- C:\Users\Venda\AppData\Roaming\Mozilla\Firefox\Profiles\q4wwl40f.default\extensions\{003D3EDC-99B9-4a34-9C20-60CB94F7E829}.xpi
[2014.01.03 21:57:18 | 000,475,779 | ---- | M] () (No name found) -- C:\Users\Venda\AppData\Roaming\Mozilla\Firefox\Profiles\q4wwl40f.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}.xpi
[2012.11.25 19:26:27 | 000,067,812 | ---- | M] () (No name found) -- C:\Users\Venda\AppData\Roaming\Mozilla\Firefox\Profiles\q4wwl40f.default\extensions\{35106bca-6c78-48c7-ac28-56df30b51d2a}.xpi
[2013.04.13 19:16:44 | 000,307,011 | ---- | M] () (No name found) -- C:\Users\Venda\AppData\Roaming\Mozilla\Firefox\Profiles\q4wwl40f.default\extensions\{54BB9F3F-07E5-486c-9B39-C7398B99391C}.xpi
[2012.11.30 16:21:40 | 000,042,737 | ---- | M] () (No name found) -- C:\Users\Venda\AppData\Roaming\Mozilla\Firefox\Profiles\q4wwl40f.default\extensions\{aff87fa2-a58e-4edd-b852-0a20203c1e17}.xpi
[2014.02.26 03:46:39 | 000,957,290 | ---- | M] () (No name found) -- C:\Users\Venda\AppData\Roaming\Mozilla\Firefox\Profiles\q4wwl40f.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.02.16 23:29:44 | 000,434,392 | ---- | M] () (No name found) -- C:\Users\Venda\AppData\Roaming\Mozilla\Firefox\Profiles\q4wwl40f.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi
[2013.03.09 01:56:22 | 000,004,728 | ---- | M] () (No name found) -- C:\Users\Venda\AppData\Roaming\Mozilla\Firefox\Profiles\q4wwl40f.default\extensions\{de9644c0-a985-11e1-afa6-0800200c9a66}.xpi

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.seznam.cz/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Venda\AppData\Local\Google\Chrome\Application\34.0.1847.116\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Venda\AppData\Local\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Venda\AppData\Local\Google\Chrome\Application\34.0.1847.116\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft® Windows Media Player Firefox Plugin (Enabled) = D:\programy\internet\Mozilla_Firefox\plugins\np-mswmp.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Java(TM) Platform SE 7 U9 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Nokia Suite Enabler Plugin (Enabled) = C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Venda\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.10 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - Extension: Dokumenty Google = C:\Users\Venda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Disk Google = C:\Users\Venda\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Venda\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Vyhledávání Google = C:\Users\Venda\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: http://www.gamepark.cz/space/?$SPACE_STARTUP= = C:\Users\Venda\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcibgdpfmnockhhdjfbfknopocomcghd\2013.2.11.45502_0\
CHR - Extension: avast! Online Security = C:\Users\Venda\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2018.93_0\
CHR - Extension: Peněženka Google = C:\Users\Venda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Venda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2013.11.03 11:49:17 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\programy\internet\Java\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\programy\internet\Java\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [COMODO Internet Security] D:\programy\Firewall\COMODO\COMODO Internet Security\cistray.exe (COMODO)
O4 - HKLM..\Run: [AvastUI.exe] D:\programy\Antivir\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [KiesTrayAgent] D:\programy\telefon\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [SafeQ Client] C:\Program Files (x86)\Y Soft\SafeQ Client\Client\SafeQ Client.exe ()
O4 - HKU\.DEFAULT..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (Autodesk, Inc.)
O4 - HKU\S-1-5-18..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (Autodesk, Inc.)
O4 - HKU\S-1-5-21-470748899-3113019695-3459368386-1000..\Run: [] File not found
O4 - HKU\S-1-5-21-470748899-3113019695-3459368386-1000..\Run: [ABBYY Screenshot Reader Bonus] File not found
O4 - HKU\S-1-5-21-470748899-3113019695-3459368386-1000..\Run: [KiesPreload] D:\programy\telefon\Samsung\Kies\Kies.exe (Samsung)
O4 - HKU\S-1-5-21-470748899-3113019695-3459368386-1000..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O4 - HKU\S-1-5-21-470748899-3113019695-3459368386-1000..\Run: [WEBTRAN] File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-470748899-3113019695-3459368386-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-470748899-3113019695-3459368386-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: =
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\programy\Microsoft_Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.co ... 5.13.0.cab (SysInfo Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5A496FDD-2AD4-4BDC-B780-FA05CC0FFC90}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{801179E5-F2CB-433E-B103-B72511B67CE6}: DhcpNameServer = 147.230.16.140 147.230.16.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - AppInit_DLLs: (C:\Windows\System32\guard64.dll) - C:\Windows\SysNative\guard64.dll (COMODO)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point


Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: vidc.xtor - DxtoryCodec.dll (Dxtory Software)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\Windows\SysWow64\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.xtor - C:\Windows\SysWow64\DxtoryCodec.dll (Dxtory Software)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2014.04.21 08:47:20 | 000,000,000 | -H-D | C] -- C:\VTRoot
[2014.04.21 07:32:00 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Venda\Desktop\OTL.exe
[2014.04.20 23:23:52 | 000,000,000 | ---D | C] -- C:\Users\Venda\Desktop\RK_Quarantine
[2014.04.20 21:48:22 | 000,119,512 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014.04.20 21:44:05 | 000,000,000 | ---D | C] -- C:\Users\Venda\Desktop\yyy
[2014.04.15 06:53:44 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014.04.15 06:53:43 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014.04.15 06:53:40 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014.04.15 06:53:32 | 000,586,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014.04.15 06:53:32 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2014.04.15 06:53:32 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014.04.15 06:53:32 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014.04.15 06:53:31 | 000,752,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014.04.15 06:53:31 | 000,453,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014.04.15 06:53:31 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014.04.15 06:53:30 | 000,628,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014.04.15 06:53:30 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014.04.15 06:53:30 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014.04.15 06:53:29 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014.04.15 06:53:29 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014.04.15 06:53:29 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014.04.15 06:53:29 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014.04.15 06:53:29 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014.04.15 06:53:28 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2014.04.15 06:53:26 | 000,846,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014.04.15 06:53:26 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014.04.15 06:53:26 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014.04.15 06:53:26 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014.04.15 06:53:25 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2014.04.15 06:53:25 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014.04.15 06:53:25 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014.04.15 06:53:23 | 002,043,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014.04.15 06:53:23 | 001,967,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014.04.15 06:53:20 | 005,784,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014.04.11 18:11:47 | 000,000,000 | ---D | C] -- C:\Users\Venda\AppData\Roaming\Comodo
[2014.04.11 18:08:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo Downloader
[2014.04.11 18:08:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Shared Space
[2014.04.11 18:08:07 | 000,352,984 | ---- | C] (COMODO) -- C:\Windows\SysNative\cmdvrt64.dll
[2014.04.11 18:08:07 | 000,284,888 | ---- | C] (COMODO) -- C:\Windows\SysWow64\cmdvrt32.dll
[2014.04.11 18:08:07 | 000,045,784 | ---- | C] (COMODO) -- C:\Windows\SysNative\cmdkbd64.dll
[2014.04.11 18:08:07 | 000,040,664 | ---- | C] (COMODO) -- C:\Windows\SysWow64\cmdkbd32.dll
[2014.04.09 00:02:18 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2014.04.09 00:02:17 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2014.04.09 00:02:16 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2014.04.09 00:02:16 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2014.04.09 00:02:16 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2014.04.09 00:02:16 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2014.04.09 00:02:15 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2014.04.09 00:02:10 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2014.04.09 00:02:08 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2014.04.09 00:02:07 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe

========== Files - Modified Within 30 Days ==========

[2014.04.21 08:54:24 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.04.21 08:47:17 | 000,001,774 | ---- | M] () -- C:\Windows\SysNative\drivers\fvstore.dat
[2014.04.21 08:40:00 | 000,000,952 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014.04.21 08:24:22 | 000,000,962 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-470748899-3113019695-3459368386-1000UA.job
[2014.04.21 08:23:22 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-470748899-3113019695-3459368386-1000Core.job
[2014.04.21 07:35:51 | 000,015,344 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.04.21 07:35:51 | 000,015,344 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.04.21 07:33:05 | 001,584,554 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014.04.21 07:33:05 | 000,669,116 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2014.04.21 07:33:05 | 000,654,464 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014.04.21 07:33:05 | 000,141,744 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2014.04.21 07:33:05 | 000,122,336 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014.04.21 07:32:03 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Venda\Desktop\OTL.exe
[2014.04.21 07:28:48 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014.04.21 07:28:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.04.21 07:28:13 | 3193,581,568 | -HS- | M] () -- C:\hiberfil.sys
[2014.04.20 23:23:10 | 003,972,608 | ---- | M] () -- C:\Users\Venda\Desktop\RogueKiller.exe
[2014.04.20 21:48:36 | 000,119,512 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014.04.19 13:36:00 | 001,258,805 | ---- | M] () -- C:\Users\Venda\Desktop\adwcleaner.exe
[2014.04.18 22:09:45 | 000,000,680 | ---- | M] () -- C:\Users\Venda\Documents\cc_20140418_220943.reg
[2014.04.16 23:12:55 | 000,023,168 | ---- | M] (COMODO) -- C:\Windows\SysNative\drivers\cmderd.sys
[2014.04.13 00:19:28 | 000,002,186 | ---- | M] () -- C:\Users\Venda\Documents\cc_20140413_001925.reg
[2014.04.07 22:24:05 | 000,141,101 | ---- | M] () -- C:\Users\Venda\Desktop\jao.png
[2014.03.30 21:45:07 | 000,001,850 | ---- | M] () -- C:\Users\Venda\Desktop\VPR+SKFS+2014+harmonogramy+programy+termíny.pdf
[2014.03.30 11:42:30 | 000,000,628 | ---- | M] () -- C:\Users\Venda\Documents\cc_20140330_114226.reg
[2014.03.29 05:56:47 | 000,495,162 | ---- | M] () -- C:\Users\Venda\Desktop\xcv.png
[2014.03.25 21:22:37 | 000,043,216 | ---- | M] (COMODO) -- C:\Windows\SysNative\cmdcsr.dll
[2014.03.25 21:22:36 | 000,363,504 | ---- | M] (COMODO) -- C:\Windows\SysWow64\guard32.dll
[2014.03.25 21:22:35 | 000,453,680 | ---- | M] (COMODO) -- C:\Windows\SysNative\guard64.dll
[2014.03.25 21:22:29 | 000,352,984 | ---- | M] (COMODO) -- C:\Windows\SysNative\cmdvrt64.dll
[2014.03.25 21:22:28 | 000,045,784 | ---- | M] (COMODO) -- C:\Windows\SysNative\cmdkbd64.dll
[2014.03.25 21:22:25 | 000,284,888 | ---- | M] (COMODO) -- C:\Windows\SysWow64\cmdvrt32.dll
[2014.03.25 21:22:23 | 000,040,664 | ---- | M] (COMODO) -- C:\Windows\SysWow64\cmdkbd32.dll
[2014.03.24 02:06:43 | 000,138,516 | ---- | M] () -- C:\Users\Venda\Desktop\rodokmen.jpg

========== Files Created - No Company Name ==========

[2014.04.21 08:47:17 | 000,001,774 | ---- | C] () -- C:\Windows\SysNative\drivers\fvstore.dat
[2014.04.21 07:36:22 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.04.20 23:23:06 | 003,972,608 | ---- | C] () -- C:\Users\Venda\Desktop\RogueKiller.exe
[2014.04.19 13:35:37 | 001,258,805 | ---- | C] () -- C:\Users\Venda\Desktop\adwcleaner.exe
[2014.04.18 22:09:44 | 000,000,680 | ---- | C] () -- C:\Users\Venda\Documents\cc_20140418_220943.reg
[2014.04.13 00:19:27 | 000,002,186 | ---- | C] () -- C:\Users\Venda\Documents\cc_20140413_001925.reg
[2014.04.07 22:21:41 | 000,141,101 | ---- | C] () -- C:\Users\Venda\Desktop\jao.png
[2014.03.30 21:45:06 | 000,001,850 | ---- | C] () -- C:\Users\Venda\Desktop\VPR+SKFS+2014+harmonogramy+programy+termíny.pdf
[2014.03.30 11:42:28 | 000,000,628 | ---- | C] () -- C:\Users\Venda\Documents\cc_20140330_114226.reg
[2014.03.29 05:56:47 | 000,495,162 | ---- | C] () -- C:\Users\Venda\Desktop\xcv.png
[2014.03.24 02:06:37 | 000,138,516 | ---- | C] () -- C:\Users\Venda\Desktop\rodokmen.jpg
[2014.03.10 00:56:23 | 000,033,193 | ---- | C] () -- C:\Users\Venda\AppData\Roaming\UserTile.png
[2014.01.23 19:31:12 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2014.01.23 19:31:08 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2014.01.23 19:31:08 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2014.01.23 19:31:08 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2014.01.23 19:31:08 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2013.11.26 02:14:22 | 000,001,024 | ---- | C] () -- C:\Windows\SysWow64\Image2PDF.dat
[2013.11.26 02:11:45 | 000,001,024 | ---- | C] () -- C:\Windows\SysWow64\PDF2TXT.DAT
[2013.11.26 02:02:18 | 000,000,329 | ---- | C] () -- C:\Windows\pdf2word.INI
[2013.11.26 01:24:08 | 002,106,893 | ---- | C] () -- C:\Users\Venda\AppData\Roaming\langInstall.exe
[2013.11.25 23:52:58 | 000,002,686 | ---- | C] () -- C:\Windows\TRNCOM.INI
[2013.11.20 21:40:23 | 000,000,153 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2013.10.24 22:27:13 | 000,000,000 | ---- | C] () -- C:\Users\Venda\ipconfig
[2013.06.26 20:03:27 | 000,000,709 | ---- | C] () -- C:\Windows\COD.INI
[2013.06.16 18:00:39 | 000,000,251 | ---- | C] () -- C:\Users\Venda\zu_test.properties
[2013.06.16 18:00:12 | 000,000,867 | ---- | C] () -- C:\Users\Venda\zu.properties
[2013.05.30 19:42:39 | 000,004,096 | -H-- | C] () -- C:\Users\Venda\AppData\Local\keyfile3.drm
[2013.01.20 23:53:21 | 000,214,520 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013.01.20 23:53:19 | 000,840,264 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2013.01.20 23:53:19 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013.01.20 16:44:42 | 000,000,263 | ---- | C] () -- C:\Windows\game.ini
[2012.11.26 22:58:58 | 000,007,592 | ---- | C] () -- C:\Users\Venda\AppData\Local\resmon.resmoncfg
[2012.09.07 17:28:31 | 000,237,568 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll
[2012.05.14 17:49:23 | 000,561,664 | ---- | C] () -- C:\Windows\SysWow64\plplacesystemdll.dll
[2012.05.09 00:03:27 | 000,000,079 | ---- | C] () -- C:\Users\Venda\AppData\Local\CrystalDiskMark30.ini
[2012.02.18 22:09:41 | 000,003,584 | ---- | C] () -- C:\Users\Venda\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2002.08.29 17:33:56 | 000,319,488 | R--- | C] () -- C:\Users\Venda\AppData\Roaming\MafiaSetup.exe

========== ZeroAccess Check ==========

[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.07.26 04:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.07.26 03:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2014.02.28 22:29:42 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\AVAST Software
[2012.11.22 01:17:34 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\.links
[2012.06.20 23:01:53 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\ARA
[2014.03.06 00:12:51 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\ATViewer
[2013.11.20 21:44:47 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Autodesk
[2013.10.24 01:26:33 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\AVAST Software
[2014.02.13 23:38:42 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\DAEMON Tools Lite
[2013.11.26 01:18:55 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Foxit Advanced PDF Editor
[2012.05.13 21:03:30 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\FreeFLVConverter
[2013.11.16 22:04:30 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\GHISLER
[2012.11.06 13:11:17 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Hard Disk Sentinel
[2014.04.18 20:57:35 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\ICQ
[2014.03.05 23:42:31 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\IsolatedStorage
[2013.11.26 00:34:28 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\LangSoft
[2012.10.01 16:15:18 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Mathsoft
[2012.09.05 18:45:25 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Miranda
[2012.05.11 10:34:36 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Mobile Atlas Creator
[2013.11.19 16:29:58 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\NesterSoft
[2012.11.27 18:40:33 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\NetMeter
[2012.07.02 18:42:23 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Nokia
[2012.02.27 21:25:30 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Nokia Suite
[2012.02.27 21:08:04 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\PC Suite
[2012.05.13 23:56:08 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\PLANStudio Setup
[2012.10.01 16:20:00 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\PTC
[2014.03.05 23:22:52 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Samsung
[2013.11.26 02:21:24 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\SomePDF
[2012.12.31 13:07:56 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Ulozto File Manager
[2014.04.12 23:34:07 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\uTorrent
[2012.04.17 14:51:18 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\XnView
[2013.03.03 17:23:39 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\YCanPDF
[2014.02.13 23:44:17 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\YouTube Downloader

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,032,552 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2014.02.10 15:29:10 | 000,000,948 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2014.02.10 15:29:12 | 000,000,952 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2014.02.14 17:12:36 | 000,000,910 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-470748899-3113019695-3459368386-1000Core.job
[2014.02.14 17:12:37 | 000,000,962 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-470748899-3113019695-3459368386-1000UA.job

< >

< MD5 for: AGP440.SYS >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2012.06.02 06:52:32 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=063DD65889D21035311463337BD268E7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_788c7cc71232cc19\cryptsvc.dll
[2012.04.24 06:36:42 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=06E771AA596B8761107AB57E99F128D7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_77ff39f3f916c65f\cryptsvc.dll
[2010.11.20 15:25:59 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2012.04.24 06:28:22 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=21993009E0CCB9B4FA195F14D3408626 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_7854c7b7125b248c\cryptsvc.dll
[2013.05.10 06:49:59 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=33ADF6E0853AB39EA1723BE82842C1D3 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_77d7a417f9359661\cryptsvc.dll
[2013.05.13 06:45:55 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=3897DFF247D9ED0006190349DE264E14 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_77d8a461f934afb8\cryptsvc.dll
[2013.07.09 16:47:30 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=434CCE8E7150CD1324C5FAA088D1D061 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_d45f6e88cac8f85b\cryptsvc.dll
[2012.06.02 07:32:25 | 000,183,808 | ---- | M] (Microsoft Corporation) MD5=456107D69D4EE850A559434F19EFEE65 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21225_none_d2beeccacd6d6c07\cryptsvc.dll
[2012.04.24 07:37:37 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=4F5414602E2544A4554D95517948B705 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_d41dd577b1743795\cryptsvc.dll
[2013.10.05 04:25:30 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=509D31797A4B8A3D6ED78A330B19A919 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22473_none_d46d4138cabe2596\cryptsvc.dll
[2012.04.24 06:47:04 | 000,139,264 | ---- | M] (Microsoft Corporation) MD5=520A108A2657F4BCA7FCED9CA7D885DE -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17008_none_762f534bfbdf7203\cryptsvc.dll
[2013.07.09 07:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=6B400F211BEE880A37A1ED0368776BF4 -- C:\Windows\SysNative\cryptsvc.dll
[2013.07.09 07:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=6B400F211BEE880A37A1ED0368776BF4 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_d431528fb165f7bc\cryptsvc.dll
[2013.07.09 15:57:37 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=6DB499DEFCC827317C5371164A7CDB27 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_7840d305126b8725\cryptsvc.dll
[2013.07.09 06:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\SysWOW64\cryptsvc.dll
[2013.07.09 06:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_7812b70bf9088686\cryptsvc.dll
[2012.06.04 09:52:35 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=7E7D2DACF65D750D466F36BD3D09AE20 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_d4ab184aca903d4f\cryptsvc.dll
[2013.05.10 07:49:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=7FDC4626B01106A8EF328C88C7C0DEE3 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_d3f63f9bb1930797\cryptsvc.dll
[2013.05.11 07:18:23 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=8122252F0A4ACFA92FA0C1D50D18493B -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_d4a24ea4ca968363\cryptsvc.dll
[2009.07.14 03:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_d1f48b0bb4805490\cryptsvc.dll
[2012.06.02 06:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=96C0E38905CFD788313BE8E11DAE3F2F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_77ddc9e5f93000db\cryptsvc.dll
[2012.06.02 07:41:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=9C01375BE382E834CC26D1B7EAF2C4FE -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_d3fc6569b18d7211\cryptsvc.dll
[2009.07.14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
[2010.11.20 14:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
[2013.05.11 06:59:05 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=AC04D05309BB2C418D0D80B9FB014642 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_7883b3211239122d\cryptsvc.dll
[2012.04.24 07:22:32 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=B7337E9C9E5936355BB700AA33E0936E -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_d473633acab895c2\cryptsvc.dll
[2012.06.02 07:25:12 | 000,182,272 | ---- | M] (Microsoft Corporation) MD5=BAF19B633933A9FB4883D27D66C39E9A -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17035_none_d22a7e2db457eb07\cryptsvc.dll
[2013.05.10 07:18:53 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=CA13C4F92BEE66DB48E58AB3223DDF6E -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_d4a14e5aca976a0c\cryptsvc.dll
[2012.04.24 07:36:46 | 000,183,808 | ---- | M] (Microsoft Corporation) MD5=CE8BF1423AEE47DA5275FBC8AD3BD642 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21199_none_d2773c98cda297d3\cryptsvc.dll
[2013.05.13 07:51:01 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=D8129C49798CBBFB2E4351D4B7B8EF9C -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_d3f73fe5b19220ee\cryptsvc.dll
[2013.05.10 07:06:21 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=E122AA1C9A3CC46FF9DDDE46E5EB0C58 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_7882b2d71239f8d6\cryptsvc.dll
[2012.06.02 06:41:59 | 000,141,312 | ---- | M] (Microsoft Corporation) MD5=EA8C26ECF1656D9647EF044F115EC6DA -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21225_none_76a05147150ffad1\cryptsvc.dll
[2012.04.24 07:59:45 | 000,182,272 | ---- | M] (Microsoft Corporation) MD5=F02786B66375292E58C8777082D4396D -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17008_none_d24deecfb43ce339\cryptsvc.dll
[2013.10.05 03:52:03 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=F2D9242C3BBD1C36467FCAE1AE01733F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22473_none_784ea5b51260b460\cryptsvc.dll
[2012.06.02 06:45:21 | 000,139,264 | ---- | M] (Microsoft Corporation) MD5=F2FDE6C8DBAAD44CC58D1E07E4AF4EED -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17035_none_760be2a9fbfa79d1\cryptsvc.dll
[2012.04.24 06:33:53 | 000,141,312 | ---- | M] (Microsoft Corporation) MD5=F522279B4717E2BFF269C771FAC2B78E -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21199_none_7658a1151545269d\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009.08.03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009.08.03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: HAL.DLL >
[2009.07.14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: IASTORV.SYS >
[2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011.03.11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011.03.11 08:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\drivers\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\isapnp.sys

< MD5 for: LSASS.EXE >
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_023f7c69767c3edd\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_023e7e05767d22ad\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_02bd4ae48fa2de68\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe
[2011.11.17 08:20:34 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0A10B74FBB437FF9A23F1D5DE4446A83 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_04c1204e8cb39c3f\lsass.exe
[2011.11.17 09:05:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=156F6159457D0AA7E59B62681B56EB90 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16915_none_028b374176436a30\lsass.exe
[2011.11.17 09:05:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=156F6159457D0AA7E59B62681B56EB90 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.17035_none_02756f8b7653d554\lsass.exe
[2013.09.25 03:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=4D71227301DD8D09097B9E4CC6527E5A -- C:\Windows\SysNative\lsass.exe
[2013.09.25 03:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=4D71227301DD8D09097B9E4CC6527E5A -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18270_none_042b9307739f26ed\lsass.exe
[2012.08.24 19:43:36 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=77119F1F9B492B260030C34F9BE327FA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22099_none_04a88ce28cc4eb33\lsass.exe
[2012.06.04 09:51:10 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=79C908CAA6F43021EB05F4C733A927D1 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_04f609a88c8c279c\lsass.exe
[2012.06.02 07:30:31 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=BF63CE11A25F3509129888710D5111FC -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21225_none_0309de288f695654\lsass.exe
[2011.11.17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_0466c45b7371f20d\lsass.exe
[2011.11.17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_044756c773895c5e\lsass.exe
[2011.11.17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17940_none_044c26dd7386a58a\lsass.exe
[2011.11.17 08:42:52 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=D21BD47E528CD62E79311FB5DF0150E6 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21092_none_02bb2a0a8fa4d398\lsass.exe
[2013.09.25 03:08:17 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=F021DAFB1F87616FCEBA159C2ED7042F -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22465_none_04c503168cb026a0\lsass.exe

< MD5 for: NDIS.SYS >
[2012.08.22 20:06:07 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=5E74508FCB5820B29EEAFE24E6035BCF -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_06232d534c0a8d67\ndis.sys
[2012.08.22 20:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\SysNative\drivers\ndis.sys
[2012.08.22 20:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_05dc9a6832ba428a\ndis.sys
[2010.11.20 15:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys
[2009.07.14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

< MD5 for: NVRAID.SYS >
[2011.03.11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\drivers\nvraid.sys
[2011.03.11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvraid.sys
[2011.03.11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvraid.sys
[2009.07.14 03:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvraid.sys
[2010.11.20 15:33:48 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvraid.sys
[2010.11.20 15:33:48 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvraid.sys
[2011.03.11 08:19:21 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=666CA16F17914C1CD3616CF16DE0A6EA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvraid.sys
[2011.03.11 08:23:06 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A4D9C9A608A97F59307C2F2600EDC6A4 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvraid.sys
[2011.03.11 08:25:53 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A5C82EB2F72AA004887F90B84A771F73 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011.03.11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011.03.11 08:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SMSS.EXE >
[2009.07.14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe
[2013.03.19 04:57:17 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=498E2A20E145199709CD100CDBA8603D -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22280_none_0a9a7b3b492b4d05\smss.exe
[2013.03.19 05:20:12 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=7180204786A9DED8723B2D8CF3CDD388 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.21490_none_08a94e494c0cfd0a\smss.exe
[2013.08.29 03:04:30 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=B2B31D4C79EFD883097FA24D02E79C12 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22436_none_0ad6905f48fd53a8\smss.exe
[2013.08.02 07:06:34 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=CB5DA3E44456D1084BCD87F5B1B3152B -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22411_none_0ae72ec548f19d13\smss.exe
[2013.03.19 05:06:33 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0371DE302FFFF8F086661611BE60848 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18113_none_0a5f8ec22fd235a9\smss.exe
[2013.08.02 02:59:09 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0970A4BC8395659C22BF53D0FADF16F -- C:\Windows\SysNative\smss.exe
[2013.08.02 02:59:09 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0970A4BC8395659C22BF53D0FADF16F -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18229_none_0a5ac2782fd4e6cb\smss.exe
[2013.03.19 05:19:03 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=FA64733BD65F52712F0545F56FDB4BE6 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.17273_none_0838504e32dc743c\smss.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2012.10.03 19:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2011.09.29 19:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2013.05.08 08:14:42 | 001,900,392 | ---- | M] (Microsoft Corporation) MD5=3E94650745D4DAB67E161F5F32CEA597 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22319_none_11d29984961f0be0\tcpip.sys
[2013.09.08 04:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\SysNative\drivers\tcpip.sys
[2013.09.08 04:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_1118bb977d265d27\tcpip.sys
[2010.11.20 15:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2013.01.04 07:41:01 | 001,893,224 | ---- | M] (Microsoft Corporation) MD5=5CFB7AB8F9524D1A1E14369DE63B83CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_0f6a6af57fd59de6\tcpip.sys
[2012.03.30 12:19:17 | 001,877,872 | ---- | M] (Microsoft Corporation) MD5=5EFD096DEF47F8B88EF591DA92143440 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_0faa5514992a39a7\tcpip.sys
[2012.03.30 13:09:53 | 001,895,280 | ---- | M] (Microsoft Corporation) MD5=624C5B3AA4C99B3184BB922D9ECE3FF0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_0f140fa780164fde\tcpip.sys
[2013.01.03 07:57:12 | 001,876,824 | ---- | M] (Microsoft Corporation) MD5=692969AB90BDA19F56E27BF89A9260E2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_0fe8397098fc3d71\tcpip.sys
[2013.09.07 04:27:48 | 001,896,896 | ---- | M] (Microsoft Corporation) MD5=75F9106B74585D38C8FF6BB5CAD262D7 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_11ad2a34963bde27\tcpip.sys
[2012.08.22 20:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2012.03.30 12:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2009.07.14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2013.05.08 08:39:01 | 001,910,632 | ---- | M] (Microsoft Corporation) MD5=9849EA3843A2ADBDD1497E97A85D8CAE -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18148_none_11278ac57d1aa96b\tcpip.sys
[2011.09.29 18:17:51 | 001,886,064 | ---- | M] (Microsoft Corporation) MD5=AC3E29880DB5659532A1AA3439304A43 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_0fad20ca992955d7\tcpip.sys
[2012.03.30 13:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2013.07.06 07:20:38 | 001,900,992 | ---- | M] (Microsoft Corporation) MD5=B27F13153343BC37A27EAE01634D94E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_1190b9b296509a2f\tcpip.sys
[2013.01.03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2013.01.04 07:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys
[2012.10.03 19:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2013.07.06 08:03:53 | 001,910,208 | ---- | M] (Microsoft Corporation) MD5=DB74544B75566C974815E79A62433F29 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_114dcae97cfeb81b\tcpip.sys
[2011.09.29 18:24:44 | 001,897,328 | ---- | M] (Microsoft Corporation) MD5=F18F56EFC0BFB9C87BA01C37B27F4DA5 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_0f170e9f80139ebc\tcpip.sys
[2012.08.22 20:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys
[2011.09.29 18:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< MD5 for: WS2_32.DLL >
[2010.11.20 15:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\SysNative\ws2_32.dll
[2010.11.20 15:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[2009.07.14 03:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_4eaca269e8070c6b\ws2_32.dll
[2010.11.20 14:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SysWOW64\ws2_32.dll
[2010.11.20 14:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
[2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[2 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[2 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[4 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2012.11.22 01:17:34 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\.links
[2012.10.01 16:16:52 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Adobe
[2012.06.20 23:01:53 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\ARA
[2013.11.26 01:25:47 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Aspell
[2014.03.06 00:12:51 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\ATViewer
[2013.11.20 21:44:47 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Autodesk
[2013.10.24 01:26:33 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\AVAST Software
[2014.04.11 18:11:47 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Comodo
[2014.02.13 23:38:42 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\DAEMON Tools Lite
[2014.03.26 00:07:09 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\dvdcss
[2013.11.26 01:18:55 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Foxit Advanced PDF Editor
[2012.05.13 21:03:30 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\FreeFLVConverter
[2013.11.16 22:04:30 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\GHISLER
[2012.11.06 13:11:17 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Hard Disk Sentinel
[2012.02.27 00:35:45 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\HP
[2014.04.18 20:57:35 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\ICQ
[2012.02.16 18:47:46 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Identities
[2013.10.30 16:00:43 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\InstallShield Installation Information
[2014.03.05 23:42:31 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\IsolatedStorage
[2013.11.26 00:34:28 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\LangSoft
[2012.02.16 22:53:24 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Macromedia
[2012.11.29 15:08:17 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Malwarebytes
[2012.10.01 16:15:18 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Mathsoft
[2009.07.14 17:36:31 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Media Center Programs
[2014.01.04 22:37:37 | 000,000,000 | --SD | M] -- C:\Users\Venda\AppData\Roaming\Microsoft
[2012.09.05 18:45:25 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Miranda
[2012.05.11 10:34:36 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Mobile Atlas Creator
[2012.02.16 22:33:19 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Mozilla
[2013.11.19 16:29:58 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\NesterSoft
[2012.11.27 18:40:33 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\NetMeter
[2012.07.02 18:42:23 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Nokia
[2012.02.27 21:25:30 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Nokia Suite
[2012.02.27 21:08:04 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\PC Suite
[2012.05.13 23:56:08 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\PLANStudio Setup
[2012.10.01 16:20:00 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\PTC
[2014.03.05 23:22:52 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Samsung
[2013.01.16 20:44:09 | 000,000,000 | RH-D | M] -- C:\Users\Venda\AppData\Roaming\SecuROM
[2013.11.26 02:21:24 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\SomePDF
[2012.12.31 13:07:56 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Ulozto File Manager
[2014.04.12 23:34:07 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\uTorrent
[2014.04.18 22:10:36 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\vlc
[2012.02.17 23:03:05 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\WinRAR
[2012.04.17 14:51:18 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\XnView
[2013.03.03 17:23:39 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\YCanPDF
[2014.02.13 23:44:17 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\YouTube Downloader

< %APPDATA%\*.exe /s >
[2013.11.26 01:24:14 | 002,106,893 | ---- | M] () -- C:\Users\Venda\AppData\Roaming\langInstall.exe
[2002.08.29 17:33:56 | 000,319,488 | R--- | M] () -- C:\Users\Venda\AppData\Roaming\MafiaSetup.exe
[2013.11.26 01:25:40 | 000,049,535 | ---- | M] () -- C:\Users\Venda\AppData\Roaming\Aspell\Dictionaries\Uninstall-AspellDict-cs.exe
[2012.10.18 19:56:52 | 000,806,400 | ---- | M] (OriginLab) -- C:\Users\Venda\AppData\Roaming\InstallShield Installation Information\{685A89CB-DF27-42D6-A623-34F40DBBFFB2}\setup.exe
[2012.03.15 12:04:16 | 000,010,134 | R--- | M] () -- C:\Users\Venda\AppData\Roaming\Microsoft\Installer\{42929F0F-CE14-47AF-9FC7-FF297A603021}\ARPPRODUCTICON.exe
[2012.03.15 12:04:16 | 000,045,056 | R--- | M] (Macrovision Corporation) -- C:\Users\Venda\AppData\Roaming\Microsoft\Installer\{42929F0F-CE14-47AF-9FC7-FF297A603021}\NewShortcut1_42929F0FCE1447AF9FC7FF297A603021_1.exe
[2013.11.20 21:42:41 | 000,026,622 | R--- | M] () -- C:\Users\Venda\AppData\Roaming\Microsoft\Installer\{644E9589-F73A-49A4-AC61-A953B9DE5669}\ARPPRODUCTICON.EXE
[2013.11.20 21:43:40 | 000,026,622 | R--- | M] () -- C:\Users\Venda\AppData\Roaming\Microsoft\Installer\{C070121A-C8C5-4D52-9A7D-D240631BD433}\ARPPRODUCTICON.EXE
[2012.04.04 17:06:03 | 000,010,134 | R--- | M] () -- C:\Users\Venda\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2012.02.18 03:00:36 | 000,028,056 | R--- | M] () -- C:\Users\Venda\AppData\Roaming\Microsoft\Installer\{F5663E7F-79CA-4022-8B39-D855A4E0BF58}\_2508C1C8AF5B72F1116F03.exe
[2012.02.18 03:00:36 | 000,028,056 | R--- | M] () -- C:\Users\Venda\AppData\Roaming\Microsoft\Installer\{F5663E7F-79CA-4022-8B39-D855A4E0BF58}\_853F67D554F05449430E7E.exe
[2012.02.18 03:00:37 | 000,028,056 | R--- | M] () -- C:\Users\Venda\AppData\Roaming\Microsoft\Installer\{F5663E7F-79CA-4022-8B39-D855A4E0BF58}\_CD325AD717DCC95249DBD0.exe
[2013.11.20 21:43:42 | 000,026,622 | R--- | M] () -- C:\Users\Venda\AppData\Roaming\Microsoft\Installer\{F732FEDA-7713-4428-934B-EF83B8DD65D0}\ARPPRODUCTICON.EXE
[2010.04.01 21:16:24 | 003,217,056 | ---- | M] (Dell Inc.) -- C:\Users\Venda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\quickset.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2010.11.20 15:25:17 | 001,475,584 | ---- | M] (Microsoft Corporation)
"RESTART_STICKY_NOTES" = C:\Windows\System32\StikyNot.exe
"WEBTRAN" =
"ABBYY Screenshot Reader Bonus" =
"" =
"KiesPreload" = D:\programy\telefon\Samsung\Kies\Kies.exe /preload -- [2014.02.14 22:55:18 | 001,564,992 | ---- | M] (Samsung)
"Google Update" = "C:\Users\Venda\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2013.02.08 10:48:34 | 000,136,176 | ---- | M] (Google Inc.)

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014.04.21 08:54:24 | 000,000,512 | ---- | M] () MD5=D5870F1273100B7A2962A68D00FBD0C1 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2001.08.15 01:31:08 | 000,030,054 | ---- | M] () -- \ProgramData\Autodesk\Inventor Fusion 2012\Design Data\surfaces\Cracks.bmp
[2001.08.15 01:31:08 | 000,030,054 | ---- | M] () -- \Users\All Users\Autodesk\Inventor Fusion 2012\Design Data\surfaces\Cracks.bmp
[2001.08.15 01:31:08 | 000,030,054 | ---- | M] () -- \Users\Public\Documents\Autodesk\Inventor 2012\Textures\surfaces\Cracks.bmp
[2014.03.05 23:45:50 | 000,014,347 | ---- | M] () -- \Users\Venda\AppData\Roaming\uTorrent\Universal.Viewer.Pro.v6.4.5.0.Multilingual.Cracked-MAZE.torrent
[2014.02.06 16:11:50 | 015,030,722 | ---- | M] () -- \Users\Venda\Downloads\Connectify Hotspot and Dispatch PRO 7.2.1.29658 + Crack Final 2014.rar

< *keygen* /s >
[2014.02.05 22:32:09 | 003,927,040 | ---- | M] () -- \Users\Venda\Desktop\Connectify\Keygen.exe

< *AntiWPA* /s >

< *loader* /s >
[2006.10.26 14:40:34 | 000,057,344 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 14:40:34 | 000,005,120 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2012.09.25 05:39:16 | 000,112,128 | ---- | M] () -- \Program Files (x86)\Common Files\Nokia\Tss\ProductApiLoader\ta_productapiloader.dll
[2012.02.15 09:37:04 | 002,592,768 | ---- | M] () -- \Program Files (x86)\Free FLV Converter\TubeDownloader.ocx
[2009.10.06 06:08:30 | 000,145,082 | ---- | M] () -- \Program Files (x86)\HP\HP Deskjet 2510 series\bin\HelpViewer\Resources\Loader.gif
[2011.01.17 13:19:24 | 000,037,888 | ---- | M] () -- \Program Files\Common Files\Autodesk Shared\Extensions 2012\Loader\Autodesk.REX.Loader.dll
[2011.01.17 13:19:24 | 000,013,360 | ---- | M] () -- \Program Files\Common Files\Autodesk Shared\Extensions 2012\Loader\Autodesk.REX.Loader.tlb
[2010.06.24 00:08:48 | 000,034,500 | ---- | M] () -- \ProgramData\Autodesk\Inventor Fusion 2012\Design Data\Loader2.ani
[2010.06.24 00:08:48 | 000,034,500 | ---- | M] () -- \Users\All Users\Autodesk\Inventor Fusion 2012\Design Data\Loader2.ani
[2011.03.02 12:45:10 | 000,053,408 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\195DD4F746619040000017707DF0D34B\16.0.16000\Autodesk.iLogic.AddinLoader.dll.28691BDE_1664_429C_B035_DB257F4DD720
[2011.03.02 12:45:30 | 000,047,776 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\195DD4F746619040000017707DF0D34B\16.0.16000\ClrAddinLoader.dll.DE6FF520_1664_4537_B911_8FF8D97370EB
[2010.06.24 00:08:48 | 000,034,500 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\F9165FFF96665CE48AE599497FA0E9D5\1.0.0\BusyLoader.ani
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:04:54 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_66c2596d956d1920\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.18 17:22:27 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_66ff46fd953e6c5c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:28:57 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_66dcd6a595588d81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:41:11 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_66b5981d957562a1\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 07:26:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_66fe4899953f502c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:06:43 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_67770e0aae6a7c68\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 20:46:36 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_6787e564ae5ceff6\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:26:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_67667556ae762a72\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:36:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_67316604ae9dcf7e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 16:12:39 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_677d175eae65090e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 20:38:32 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_68c05c919281774d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:38:48 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 04:12:19 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_68d20a7192733a4d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 20:09:47 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_6907efc6abd0db81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 07:32:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 08:20:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_695e76beab8ff095\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.29 04:18:31 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_694dd858ab9ba72a\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.04 13:03:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_69637bfcab8b6996\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 17:17:49 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 17:17:49 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2009.07.14 17:17:49 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2009.07.14 17:17:49 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2009.07.14 17:17:49 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2012.02.16 20:46:15 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2012.02.16 20:46:15 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2012.02.16 20:46:15 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2012.02.16 20:46:15 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2012.02.16 20:46:15 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009.07.14 17:15:51 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 04:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011.02.05 15:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.02.05 15:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010.11.20 07:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:19:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.18 13:09:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_0ae0ab79dce0fb26\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:45:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:56:23 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_0a96fc99dd17f16b\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:53 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_0adfad15dce1def6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:42:56 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_0b6949e0f5ff7ec0\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:48:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:44:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_0b12ca80f6405e48\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:39:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_0b5e7bdaf60797d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:32:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 07:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.29 03:54:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_0d2f3cd4f33e35f4\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.04 12:35:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_0d44e078f32df860\api-ms-win-core-libraryloader-l1-1-0.dll

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >
[2014.01.03 08:03:21 | 000,373,361 | R--- | M] () -- \Users\Venda\Desktop\zástupci\Connectify Activator [-=GOLDENSHARK=-].exe
[2013.12.31 00:24:13 | 000,921,600 | ---- | M] () -- \Windows\Onhax-temp\Connectiact\Connectify Activator.exe

< *serial* /s >
[2014.02.13 23:57:42 | 000,434,368 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.30214.0\System.Runtime.Serialization.dll
[2014.03.12 04:02:13 | 001,164,288 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.30214.0\System.Runtime.Serialization.ni.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.05 03:53:39 | 000,090,112 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2008.07.31 22:41:44 | 000,002,502 | ---- | M] () -- \Program Files\Common Files\Autodesk Shared\AdLM\R4\cs-CZ\Webdepot\RTSerialNumberHelp.html
[2011.09.14 17:12:52 | 000,002,594 | ---- | M] () -- \Program Files\Common Files\Autodesk Shared\AdLM\R7\cs-CZ\Webdepot\RTSerialNumberHelp.html
[2014.02.14 00:30:04 | 000,434,368 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.30214.0\System.Runtime.Serialization.dll
[2014.03.12 04:02:54 | 001,546,240 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.30214.0\System.Runtime.Serialization.ni.dll
[2012.10.05 12:52:37 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.05 03:54:42 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2009.09.20 11:53:30 | 000,004,185 | ---- | M] () -- \ProgramData\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009.09.20 11:53:30 | 000,004,185 | ---- | M] () -- \Users\All Users\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2009.07.14 17:17:20 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.13 04:02:06 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2014.02.14 17:05:04 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\553e7bfc9cac5e4feaa83d8ee1e187bd\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.02.15 13:29:26 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\f177ea74036d5fdc6c6b9c967dc877cf\System.Runtime.Serialization.ni.dll
[2014.02.14 17:01:00 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\8653acb87b4a219a84e4ce58df35e62a\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.02.15 13:33:06 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\b73fbf8a2db2192752ad2b13744a393b\System.Runtime.Serialization.ni.dll
[2014.02.13 22:53:25 | 000,304,640 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\48468935b4ab6a800d638092125e4178\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.02.13 22:53:25 | 000,000,580 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\48468935b4ab6a800d638092125e4178\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2014.02.13 22:53:47 | 002,786,816 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\25236561847891b46695b8df614dfa90\System.Runtime.Serialization.ni.dll
[2014.02.13 22:53:47 | 000,001,308 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\25236561847891b46695b8df614dfa90\System.Runtime.Serialization.ni.dll.aux
[2014.02.14 00:18:24 | 000,026,624 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\2274c5ec38ec9aece46207d001b8129e\System.Xml.Serialization.ni.dll
[2014.02.14 00:18:24 | 000,000,376 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\2274c5ec38ec9aece46207d001b8129e\System.Xml.Serialization.ni.dll.aux
[2014.02.14 00:01:11 | 000,373,248 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\085a8ab1a81946ba9c5a437b56080f65\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.02.14 00:01:11 | 000,000,580 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\085a8ab1a81946ba9c5a437b56080f65\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2014.02.14 00:02:35 | 003,602,944 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\1dfcf477cc921dbe8f3b53786911988f\System.Runtime.Serialization.ni.dll
[2014.02.14 00:02:35 | 000,001,308 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\1dfcf477cc921dbe8f3b53786911988f\System.Runtime.Serialization.ni.dll.aux
[2014.02.14 00:15:26 | 000,028,672 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.84e525b7#\a93a6efe8bcbd496a47376ba24406986\System.Xml.Serialization.ni.dll
[2014.02.14 00:15:26 | 000,000,376 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.84e525b7#\a93a6efe8bcbd496a47376ba24406986\System.Xml.Serialization.ni.dll.aux
[2014.02.05 23:08:42 | 002,785,280 | ---- | M] () -- \Windows\assembly\temp\QGCAKA5OFY\System.Runtime.Serialization.ni.dll
[2014.02.05 23:08:42 | 000,001,308 | ---- | M] () -- \Windows\assembly\temp\QGCAKA5OFY\System.Runtime.Serialization.ni.dll.aux
[2014.02.06 14:50:19 | 002,786,816 | ---- | M] () -- \Windows\assembly\temp\TIEXX7AS5S\System.Runtime.Serialization.ni.dll
[2014.02.06 14:50:18 | 000,001,308 | ---- | M] () -- \Windows\assembly\temp\TIEXX7AS5S\System.Runtime.Serialization.ni.dll.aux
[2012.07.09 01:40:08 | 001,050,096 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\0D741DA1E0EBC6D3CA11466FCD14361F\4.5.50709\System.Runtime.Serialization.dll.amd64
[2012.07.09 01:40:08 | 001,050,096 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\0D741DA1E0EBC6D3CA11466FCD14361F\4.5.50709\System.Runtime.Serialization.dll.x86
[2012.07.09 01:40:08 | 001,050,096 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\0D741DA1E0EBC6D3CA11466FCD14361F\4.5.50709\System.Runtime.Serialization.dll_gac_x86
[2011.03.02 12:45:34 | 000,038,560 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\195DD4F746619040000017707DF0D34B\16.0.16000\C.C.P.XmlSerializers.dll.FDCA56EC_1664_4557_B551_7C55B6CDA1FA
[2011.03.02 12:45:36 | 000,095,904 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\195DD4F746619040000017707DF0D34B\16.0.16000\C.C.XmlSerializers.dll.FDCA56EC_1664_4557_B551_7C55B6CDA1FA
[2011.03.02 12:45:36 | 000,016,032 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\195DD4F746619040000017707DF0D34B\16.0.16000\C.P.XmlSerializers.dll.FDCA56EC_1664_4557_B551_7C55B6CDA1FA
[2012.07.09 03:42:12 | 000,027,760 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.07.09 01:40:10 | 000,132,656 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2012.07.09 01:40:08 | 000,022,024 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Json\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Json.dll
[2012.07.09 01:40:08 | 000,022,048 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Primitives\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Primitives.dll
[2012.07.09 03:42:12 | 000,113,704 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2012.07.09 01:40:08 | 000,022,016 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Xml\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Xml.dll
[2013.07.09 14:45:48 | 001,051,288 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2012.07.09 01:40:08 | 000,036,320 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2012.07.09 01:40:08 | 000,022,496 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.XmlSerializer\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Xml.XmlSerializer.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.05 03:53:33 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.10.05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013.07.09 14:45:48 | 001,051,288 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2012.07.09 01:40:10 | 000,132,656 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2012.07.09 01:40:08 | 000,022,024 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Json.dll
[2012.07.09 01:40:08 | 000,022,048 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2012.07.09 01:40:08 | 000,022,016 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2012.07.09 01:40:08 | 000,036,320 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2012.07.09 01:40:08 | 000,022,496 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.XmlSerializer.dll
[2012.07.09 03:42:12 | 000,027,760 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.07.09 03:42:12 | 000,113,704 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.06.10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.05 03:54:38 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2012.10.05 12:52:38 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013.07.09 14:45:48 | 001,051,288 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2012.07.09 01:40:10 | 000,132,656 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2012.07.09 01:40:08 | 000,022,024 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Json.dll
[2012.07.09 01:40:08 | 000,022,048 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2012.07.09 01:40:08 | 000,022,016 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2012.07.09 01:40:08 | 000,036,320 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2012.07.09 01:40:08 | 000,022,496 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.XmlSerializer.dll
[2012.09.27 22:44:46 | 000,027,824 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.07.09 03:42:12 | 000,113,704 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2009.07.14 17:17:13 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009.06.10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2009.07.14 17:17:13 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\cs-CZ\serialui.dll.mui
[2009.07.14 17:17:19 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_1c215c9ac50719c5\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2010.11.05 03:54:38 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_1e527062c1f59d5f\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2009.07.14 17:17:22 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23\serialui.dll.mui
[2009.07.14 03:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2009.07.14 17:17:32 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_b96904386c2fe002\System.RunTime.Serialization.Resources.dll
[2010.11.05 03:54:42 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_bb9a1800691e639c\System.RunTime.Serialization.Resources.dll
[2009.07.14 17:17:25 | 000,009,728 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_20ab142d65ed6acc\serial.sys.mui
[2009.07.14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009.06.10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2009.06.10 22:30:46 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.16385_none_5943b25a748cb06c\System.Runtime.Serialization.dll
[2010.11.05 03:52:16 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722\System.Runtime.Serialization.dll
[2012.10.05 12:52:38 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b\System.Runtime.Serialization.dll
[2012.10.05 12:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53\System.Runtime.Serialization.dll
[2009.06.10 22:30:43 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_941abf24c884ab05\System.Runtime.Serialization.dll
[2010.11.05 03:52:08 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb\System.Runtime.Serialization.dll
[2012.10.05 12:52:37 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4\System.Runtime.Serialization.dll
[2012.10.05 12:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec\System.Runtime.Serialization.dll
[2012.02.16 20:45:55 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2012.02.16 20:45:55 | 000,017,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8_kdcom.dll_db5e7744
[2009.07.14 17:17:49 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23_serialui.dll.mui_7d29d2a3
[2009.07.14 04:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2009.07.14 17:17:47 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009.07.14 04:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009.07.14 04:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2011.02.05 15:10:43 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16757_none_6dccf6b5c641c933.manifest
[2011.02.05 15:05:47 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.20897_none_6e2b53d0df7fd8c1.manifest
[2011.02.05 19:35:45 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011.02.05 15:11:05 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009.07.14 04:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2009.07.14 04:26:23 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.16385_none_5943b25a748cb06c.manifest
[2010.11.20 07:21:24 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722.manifest
[2012.10.05 20:18:30 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b.manifest
[2012.10.05 20:10:31 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53.manifest
[2009.07.14 04:27:09 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_941abf24c884ab05.manifest
[2010.11.20 07:22:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb.manifest
[2012.10.05 20:19:07 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4.manifest
[2012.10.05 20:11:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec.manifest
[2009.07.14 03:52:33 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896.manifest
[2010.11.20 06:06:16 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2012.10.05 19:15:39 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285.manifest
[2012.10.05 19:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d.manifest
[2009.07.14 17:16:38 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2012.10.05 22:12:17 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f.manifest
[2012.10.05 21:59:28 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797.manifest
[2009.07.14 03:51:52 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9.manifest
[2010.11.20 06:05:38 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2012.10.05 19:15:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8.manifest
[2012.10.05 19:17:15 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0.manifest
[2009.07.14 03:57:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b.manifest
[2010.11.20 06:10:46 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2012.10.05 19:19:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa.manifest
[2012.10.05 19:22:10 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2.manifest
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2009.07.14 17:17:20 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 23:14:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896\System.Runtime.Serialization.dll
[2010.11.05 03:52:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2012.10.05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285\System.Runtime.Serialization.dll
[2012.10.05 12:56:07 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d\System.Runtime.Serialization.dll
[2009.07.14 17:17:32 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2010.11.13 04:02:06 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f\System.RunTime.Serialization.Resources.dll
[2010.11.13 04:37:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797\System.RunTime.Serialization.Resources.dll
[2009.06.10 23:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9\System.Runtime.Serialization.dll
[2010.11.05 03:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8\System.Runtime.Serialization.dll
[2012.10.05 12:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0\System.Runtime.Serialization.dll
[2009.07.14 17:17:21 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_267606ecf967dbc0\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.05 03:53:33 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_28a71ab4f6565f5a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.07.14 17:17:13 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2009.07.14 17:17:32 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_5d4a68b4b3d26ecc\System.RunTime.Serialization.Resources.dll
[2010.11.05 03:53:39 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2009.06.10 23:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b\System.Runtime.Serialization.dll
[2010.11.05 03:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa\System.Runtime.Serialization.dll
[2012.10.05 12:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2\System.Runtime.Serialization.dll

< *w7lxe* /s >

< End of report >

OTL Extras logfile created on: 21.4.2014 8:52:15 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Venda\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17041)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,97 Gb Total Physical Memory | 1,72 Gb Available Physical Memory | 43,42% Memory free
7,93 Gb Paging File | 5,51 Gb Available in Paging File | 69,44% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 58,50 Gb Total Space | 7,66 Gb Free Space | 13,10% Space Free | Partition Type: NTFS
Drive D: | 97,66 Gb Total Space | 25,81 Gb Free Space | 26,43% Space Free | Partition Type: NTFS
Drive F: | 309,51 Gb Total Space | 258,88 Gb Free Space | 83,64% Space Free | Partition Type: NTFS
Drive G: | 931,51 Gb Total Space | 37,63 Gb Free Space | 4,04% Space Free | Partition Type: NTFS

Computer Name: VENDA-PC | User Name: Venda | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- Reg Error: Key error. File not found
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-21-470748899-3113019695-3459368386-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\programy\internet\Mozilla_Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "D:\programy\Microsoft_Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\programy\video\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\programy\video\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "D:\programy\Microsoft_Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\programy\video\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\programy\video\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08E90540-6676-47BA-AAB7-7C8447BA6D7A}" = lport=68 | protocol=17 | dir=in | app=c:\program files (x86)\connectify\connectifynetservices.exe |
"{1790090B-F029-4927-8C76-F4F2A60A15C1}" = rport=2869 | protocol=6 | dir=out | app=system |
"{18C7671F-77E2-4C74-8F08-C6750E0FF792}" = lport=2869 | protocol=6 | dir=in | app=system |
"{201A3841-2781-47E4-98F1-DE3BEEE3A2CC}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{23A1BFDF-D186-4F98-96CE-0FB41B560B82}" = lport=139 | protocol=6 | dir=in | app=system |
"{27DF3D51-82BA-4A70-BEA0-EA7C641E2FF5}" = lport=53 | protocol=17 | dir=in | app=c:\program files (x86)\connectify\connectifynetservices.exe |
"{2BB35197-86EF-4316-A3FA-A7F561BA7EB1}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2D0E8837-8680-4933-80DC-78164C8FA585}" = lport=137 | protocol=17 | dir=in | app=system |
"{4964A8AB-E942-4E08-A7D3-73CC165979B8}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{500C9E4D-A343-47A0-ACF7-B3E211DA3F56}" = lport=547 | protocol=17 | dir=in | app=c:\windows\system32\svchost.exe |
"{5C544196-4283-4539-87E7-873C1B864CC6}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{61CADFD1-29A5-4080-9E51-66E694F73913}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6841092E-0BDC-4DA5-8576-EE1B0D483EEF}" = lport=50248 | protocol=6 | dir=in | name=autodesk content service |
"{6A3EE4FF-CAD0-4D98-AB3A-E22415A202CD}" = lport=10243 | protocol=6 | dir=in | app=system |
"{6D49CEBD-A4D7-4884-BE9B-F153A7AD7BD6}" = rport=10243 | protocol=6 | dir=out | app=system |
"{6FA47380-A0F1-468C-8F53-1DCBECF776C7}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{75668BB6-BA99-4026-A1A4-DE64722354B0}" = lport=2869 | protocol=6 | dir=in | app=system |
"{7E338DA7-EFAF-4451-A111-98DE23910B0D}" = lport=2987 | protocol=6 | dir=in | app=c:\program files (x86)\connectify\connectify.exe |
"{82615A36-F962-43F9-A35B-64495C2DE1D1}" = rport=1900 | protocol=17 | dir=out | app=c:\windows\system32\svchost.exe |
"{87C65A49-2A3E-416B-BA21-76D6C993D38F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8B7B1C53-909F-45B0-A5E3-712B63C8AAB9}" = lport=67 | protocol=17 | dir=in | app=c:\program files (x86)\connectify\connectifynetservices.exe |
"{8C277038-DF4D-4488-AC03-07781E4BDA15}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{97BC1AF9-85FA-40B1-A363-1B7917546635}" = rport=445 | protocol=6 | dir=out | app=system |
"{9F4CBB7B-FEB3-4917-9A2B-191DCCB33B5E}" = rport=137 | protocol=17 | dir=out | app=system |
"{A8708481-E8FA-4AEA-89A9-4D2091F5F585}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{AAA92217-BE15-441C-B9E3-ED31E266C9A4}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C65F556D-3E16-4D03-8AF4-70260D159A81}" = lport=445 | protocol=6 | dir=in | app=system |
"{CC56B58D-7609-47B7-8B95-731C27DC5E40}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CCDDFF26-9534-4088-821C-69BCA53B2677}" = rport=139 | protocol=6 | dir=out | app=system |
"{DA802E26-4804-4FD1-AED2-5BD5E568B0D7}" = lport=1900 | protocol=17 | dir=in | app=c:\windows\system32\svchost.exe |
"{E3925C39-20CD-4998-A728-3A3E66BC224B}" = lport=53 | protocol=17 | dir=in | app=c:\program files (x86)\connectify\connectifynetservices.exe |
"{EB03B2B2-DEFC-4BBB-86C1-EBD79F7A5382}" = lport=138 | protocol=17 | dir=in | app=system |
"{F2DF15B3-2C09-420F-9211-11CB716DCD90}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{F8AFE2A7-4F34-4E40-BEE4-3F1B1022B9D5}" = rport=138 | protocol=17 | dir=out | app=system |
"{FDF43582-1A7B-44E0-B530-A95D5685B083}" = lport=67 | protocol=17 | dir=in | app=c:\program files (x86)\connectify\connectifynetservices.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01E551D9-E3BC-4611-97DB-CFB26DAADCEE}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{04FB3EC4-04F6-4E90-BD05-00847D59E714}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe |
"{0E3E1C8F-13EA-4922-9060-F337FC965C94}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{0F5BEDB2-684C-4F10-A7C6-11078AC2B9C2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{1427AAC9-F908-4478-8C0B-6DC1C40F7E0E}" = dir=in | app=d:\programy\tiskarna\hp\digital imaging\bin\hpzwiz01.exe |
"{18DB7A71-310D-4DB0-AFCB-1775FDA629F3}" = protocol=17 | dir=in | app=d:\programy\stahovani\utorrent\utorrent.exe |
"{1AD95CB4-091E-4C33-9392-7D0365B150DC}" = dir=out | app=c:\windows\system32\svchost.exe |
"{202D5962-0CAC-474F-91BE-0DF619044983}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{20975AD0-5F6E-43B0-93FA-A19A289C6C5C}" = dir=in | app=d:\programy\tiskarna\hp\digital imaging\bin\hpfccopy.exe |
"{23A93217-D50E-47A3-9EBE-DC8F4F78A663}" = dir=in | app=d:\programy\tiskarna\hp\digital imaging\bin\hpoews01.exe |
"{24ABC928-52AC-4B57-894E-72EB04E42ACA}" = dir=in | app=d:\programy\tiskarna\hp\digital imaging\bin\hpqpsapp.exe |
"{24E96CF0-0F03-4A60-9A4E-576A198E3408}" = protocol=6 | dir=out | app=c:\windows\system32\svchost.exe |
"{2919A54E-7033-4985-90C9-B408487B2877}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{29EEDB4B-2813-472A-B584-216284CDE1C5}" = dir=in | app=d:\programy\tiskarna\hp\digital imaging\bin\hpqste08.exe |
"{2B132481-AF98-4A89-9F80-77663D0F76A7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2D87758D-8897-48D3-B8D0-5A6DB7997C73}" = dir=in | app=d:\programy\tiskarna\hp\digital imaging\bin\hpqgplgtupl.exe |
"{385BBA45-4F5F-44A8-B2CF-E509D8750348}" = dir=in | app=d:\programy\tiskarna\hp\hp software update\hpwucli.exe |
"{3F4FBAFF-0A29-4A1A-9187-832EA8615470}" = dir=in | app=d:\programy\tiskarna\hp\digital imaging\bin\hpqusgm.exe |
"{439F9F32-8028-46B3-B1E0-A41E6783C4A2}" = protocol=17 | dir=in | app=d:\programy\internet\icq\icq7.7\icq.exe |
"{47702DA8-606E-4CAB-A896-6E0D13D5DB9E}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{4A319DB0-BF40-4E14-BE63-AADC66B890DD}" = protocol=6 | dir=in | app=d:\programy\video\vlc\vlc.exe |
"{4B9E46AB-39D4-4081-A04E-332F90A90503}" = protocol=58 | dir=in | name=internet connection sharing (router solicitation-in) |
"{4BBA6618-2BEF-49EA-B947-948FDFD7FB58}" = protocol=17 | dir=in | app=d:\programy\internet\icq\icq7.7\icq.exe |
"{55C26B31-182D-449C-8CD2-D00C355DFC94}" = protocol=6 | dir=out | app=system |
"{569F3452-598A-40C7-B4FC-0B650ED30648}" = dir=in | app=d:\programy\tiskarna\hp\digital imaging\bin\hpqsudi.exe |
"{5714EA24-DC95-4419-BC80-AD3BF8FE8B44}" = dir=in | app=c:\program files\hp\hp deskjet 2510 series\bin\usbsetup.exe |
"{59A35A70-6D3C-46A2-9C9A-ECE2CF0300D0}" = protocol=6 | dir=in | app=d:\programy\internet\icq\icq7.7\icq.exe |
"{5A204E0F-0A8A-42FB-B845-4C4C0325BFB8}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe |
"{5C343D12-127E-46DD-BCCD-22EC31F69107}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe |
"{65A47D01-B0A3-41F5-99D6-B7583F82635C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{66EF5C5C-8C1C-42F9-9D32-F3B0216EA0CB}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{6D40A154-2412-4BE7-914A-46F78AE7373F}" = dir=in | app=d:\programy\tiskarna\hp\digital imaging\bin\hpqfxt08.exe |
"{729445F6-972B-4003-BB2A-3A6EBA55BF4A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{73B8869A-6EC0-4A21-B9B5-0E0BAB4C80AD}" = protocol=6 | dir=in | app=d:\programy\internet\icq\icq7.7\icq.exe |
"{798B6F85-5F5B-4CC0-97C8-C0751F93C1CD}" = dir=in | app=d:\programy\tiskarna\hp\digital imaging\bin\hpqkygrp.exe |
"{7C10AEC6-CAE1-4F01-A510-4FA7146CA8AE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7F660C20-210F-4192-91F7-1D7B59AF3F50}" = dir=in | app=d:\programy\tiskarna\hp\digital imaging\bin\hpofxs08.exe |
"{871F8396-A906-412D-8E66-8F1BA14FEFEF}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8F13C9E6-D218-41CF-8D79-CF8A6B2DA9D9}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe |
"{9469E774-335C-486E-BDFF-797948FA032A}" = dir=in | app=d:\programy\tiskarna\hp\digital imaging\bin\hpofxm08.exe |
"{98A77421-3B5C-423F-B35B-2E76C6C347CA}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{9D321705-B1DA-417A-A486-61EEF83F189E}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe |
"{9DC9469E-4FD5-4F65-AA3A-1CE3D6F87A9A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A440DDED-5B70-45BB-8153-FD9270D44AFD}" = dir=in | app=d:\programy\tiskarna\hp\digital imaging\bin\hpqpse.exe |
"{A636966C-835C-40DB-AD39-56B64EAF92B7}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{A9CBA3B6-2E1D-4EA8-98C3-70A7FBBCFA46}" = dir=in | app=d:\programy\tiskarna\hp\digital imaging\bin\hpqgpc01.exe |
"{AFA5F1DA-D923-4078-88C1-FA23FB6EFAEF}" = dir=in | app=d:\programy\tiskarna\hp\digital imaging\bin\hposfx08.exe |
"{AFE3DD9F-2FB3-410F-BC8B-E4598EAEFFED}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B7022777-B439-4651-9366-32ADDCA8185C}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{B94EEADE-11BE-4579-9043-CFF95FD8D08B}" = dir=in | app=d:\programy\tiskarna\hp\digital imaging\bin\hposid01.exe |
"{BDBD6F25-4334-4731-8C19-77CE2D5AF686}" = dir=in | app=d:\programy\tiskarna\hp\digital imaging\bin\hpqusgh.exe |
"{BF05C383-5185-4C56-A942-02B96BB85CFE}" = dir=in | app=d:\programy\tiskarna\hp\digital imaging\bin\hpqcopy2.exe |
"{C2DE5D2A-B447-412F-A244-BBB881321B49}" = dir=in | app=d:\programy\tiskarna\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{C4BEC089-9775-4B4D-8424-9380AA12AEFB}" = protocol=6 | dir=in | app=d:\programy\stahovani\utorrent\utorrent.exe |
"{C6B4A6AE-0AB4-401D-AD19-3822DCE7E8CB}" = dir=in | app=d:\programy\tiskarna\hp\digital imaging\bin\hpiscnapp.exe |
"{D6CB56AC-732E-41C9-92D2-EB1DD292D6A4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D777D69E-F3E4-4CD3-84C7-E6C0F2D465CF}" = dir=in | app=d:\programy\tiskarna\hp\digital imaging\bin\hpqnrs08.exe |
"{D7B9AE8F-B0EC-45BA-94B9-F927C1820188}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D8C66F93-1DE4-41BE-BD02-F0342B1C6298}" = dir=in | app=d:\programy\tiskarna\hp\digital imaging\bin\hpqtra08.exe |
"{E25D5C0D-00CA-4DBF-8580-840C5BFB23F3}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E358997F-AF67-4E23-9310-A6D9A48BD879}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{E7E32C03-35E1-4B62-8132-BC55D94C66E9}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{EA4FE368-F0FA-481A-8DE8-FBB3CE6AEC8A}" = protocol=17 | dir=in | app=d:\programy\video\vlc\vlc.exe |
"{FF5D5881-C25F-4411-9FCE-481D3BF584E2}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"TCP Query User{A719113D-1470-48AB-A62F-4B61162695D4}D:\programy\video\vlc\vlc.exe" = protocol=6 | dir=in | app=d:\programy\video\vlc\vlc.exe |
"UDP Query User{6C3DDB8F-5299-46C1-93A7-4E5ABCC90FB5}D:\programy\video\vlc\vlc.exe" = protocol=17 | dir=in | app=d:\programy\video\vlc\vlc.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}" = Network64
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{17016DA1-F040-4032-BD36-34DD317BC9D5}" = HP Photosmart All-In-One Driver Software 13.0 Rel. A
"{1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1}" = Microsoft .NET Framework 4.5
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{26A24AE4-039D-4CA4-87B4-2F86417051FF}" = Java 7 Update 51 (64-bit)
"{293CC68A-32BA-4BA4-84BD-0DCF6583566F}" = HP Deskjet 2510 series Basic Device Software
"{31ABA3F2-0000-1033-0102-111D43815377}" = Autodesk ReCap
"{31ABA3F2-0010-1033-0102-111D43815377}" = Autodesk ReCap Language Pack-English
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{4E1A54A9-FFB3-4BE6-B59B-3CC94C3B31D2}" = Jazykový balíček doplňku Autodesk Inventor Fusion pro aplikaci Inventor 2012
"{4E3B47F2-21EB-4F20-87C8-5A0E4D5F3858}" = Doplněk Autodesk Inventor Fusion pro aplikaci Inventor 2012
"{52B28CAD-F49D-47BA-9FFE-29C2E85F0D0B}" = Autodesk 360
"{5783F2D7-D001-0000-0102-0060B0CE6BBA}" = AutoCAD 2014 – Čeština (Czech)
"{5783F2D7-D001-0405-1102-0060B0CE6BBA}" = AutoCAD 2014 Language Pack – Čeština (Czech)
"{5783F2D7-D001-0405-2102-0060B0CE6BBA}" = AutoCAD 2014 – Čeština (Czech)
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{680EDA59-9266-44B4-949E-0C24F65DFF82}" = Microsoft_VC100_CRT_SP1_x64
"{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}" = Network64
"{7F4DD591-1664-0409-0000-7107D70F3DB4}" = Autodesk Inventor Professional 2012
"{7F4DD591-1664-0409-0001-7107D70F3DB4}" = Autodesk Inventor Professional 2012 Jazykový balíček – čeština
"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.5 CSY Language Pack
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{A4F0DB87-3269-34FE-AFFE-4168FDFA4A22}" = Microsoft .NET Framework 4.5 CSY Language Pack
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B46DECD1-1664-4EF1-0000-22D71E81877C}" = Autodesk Inventor Content Center Libraries 2012 (Desktop Content)
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D25FF5C1-1664-469A-9794-69309387C193}" = Quick Uninstall Tool for Autodesk Inventor 2012
"{D6AB1F5B-FED6-49A9-9747-327BD28FB3C7}" = COMODO Internet Security
"{E027C59C-4C47-4BE8-8078-BCD3D2680EC3}" = Eco Materials Adviser (x64)
"{FA300000-0001-6400-0000-074957833700}" = ABBYY PDF Transformer 3.0
"{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
"{FFF5619F-6669-4EC5-A85E-9994F70A9E5D}" = Autodesk Inventor Fusion 2012
"{FFF7F80F-929E-497F-A112-B070DE816128}" = Jazykový balíček Autodesk Inventor Fusion 2012
"62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F" = Balíček ovladače systému Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0)
"AutoCAD 2014 – Čeština (Czech)" = Autodesk AutoCAD 2014 – Čeština (Czech)
"Autodesk Inventor Fusion 2012" = Autodesk Inventor Fusion 2012
"Autodesk Inventor Professional 2012" = Autodesk Inventor Professional 2012 Čeština
"Autodesk Inventor Professional 2012 SP1" = Autodesk Inventor Professional 2012 SP1
"Autodesk ReCap" = Autodesk ReCap
"Connectify" = Connectify
"Defraggler" = Defraggler
"Doplněk Autodesk Inventor Fusion pro aplikaci Inventor 2012" = Autodesk Inventor Fusion for Inventor 2012 Add-in
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.51
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"SynTPDeinstKey" = Dell Touchpad
"Totalcmd64" = Total Commander 64-bit (Remove or Repair)
"VLC media player" = VLC media player 2.0.2
"WinRAR archiver" = WinRAR 4.10 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{1AE3E621-E0C0-4aa1-B10B-B3E353A8D110}" = c3100_Help
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{24FF088D-CDCF-480C-8A4B-98F14A54CAA8}" = Autodesk Material Library Low Resolution Image Library 2012
"{26A24AE4-039D-4CA4-87B4-2F83217021FF}" = Java 7 Update 51
"{29373274-977E-413C-A4DE-DC0F8E80C429}" = Nokia Connectivity Cable Driver
"{2A7EF808-14F3-4E93-BE3A-1675EE5332A4}" = AIO_CDA_ProductContext
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{354038F6-0A35-4C55-A80B-F86C4C1A6D38}" = C3100
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{42929F0F-CE14-47AF-9FC7-FF297A603021}" = Dell Resource CD
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4AA3D64E-9EC3-4B0F-AB91-5885AC55641F}" = Microsoft Games for Windows - LIVE
"{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{51BF3210-B825-4092-8E0D-66D689916E02}" = Autodesk Material Library Base Resolution Image Library 2014
"{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{62F029AB-85F2-0000-866A-9FC0DD99DDBC}" = Autodesk Content Service
"{62F029AB-85F2-0001-866A-9FC0DD99DDBC}" = Autodesk Content Service Language Pack
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{644E9589-F73A-49A4-AC61-A953B9DE5669}" = SketchUp Import for AutoCAD 2014
"{644F9B19-A462-499C-BF4D-300ABC2A28B1}" = Autodesk Material Library 2014
"{65420DC9-306E-4371-905F-F4DC3B418E52}" = Autodesk Material Library Base Resolution Image Library 2012
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}" = PC Connectivity Solution
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE}" = ICQ7.7
"{8A470330-70B2-49AD-86AF-79885EF9898A}" = FARO LS 1.1.501.0 (64bit)
"{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}" = Autodesk Material Library 2012
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISER_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISER_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISER_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISER_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISER_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISER_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISER_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISER_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISER_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISER_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISER_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0405-1000-0000000FF1CE}_ENTERPRISER_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISER_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISER_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISER_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISER_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A49BDCBE-590E-43A6-AB77-7C40E499B7C1}" = Autodesk Design Review 2012
"{A7AEE29F-839E-46B5-B347-6D430618129F}" = AIO_CDA_Software
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.06) - Czech
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C070121A-C8C5-4D52-9A7D-D240631BD433}" = Autodesk App Manager
"{C13E90B0-4E1C-11DB-6784-0152EAA218BE}" = Call of Duty(R) 2 Patch 1.3
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}" = System Requirements Lab for Intel
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CB49B376-1136-44B4-83FA-036334B59937}" = OLYMPUS Master 2
"{CCA78313-443C-4674-81B8-88919D137258}" = Autodesk Download Manager
"{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{D86B0E2E-DF9A-441C-AF77-8D1A0FF00FA6}" = AIO_Scan
"{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting
"{DDDE47E5-C711-4D17-9FA6-E3D7C340192A}" = OLYMPUS muvee theaterPack
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{EDB188F5-D8E8-42EE-89E0-F212DA48CB81}" = Nokia Suite
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F5663E7F-79CA-4022-8B39-D855A4E0BF58}" = Manažer napájení
"{F732FEDA-7713-4428-934B-EF83B8DD65D0}" = Autodesk Featured Apps
"{FD052FB9-FE90-4438-B355-15EDC89D8FB1}" = Microsoft Games for Windows - LIVE Redistributable
"ABBYY PDF Transformer 3.0" = ABBYY PDF Transformer 3.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 12 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin
"Atf" = Atf Profi
"Autodesk Content Service" = Autodesk Content Service
"Autodesk Design Review 2012" = Autodesk Design Review 2012
"Autodesk Inventor Fusion 2012 SP3" = Autodesk Inventor Fusion 2012 SP3
"avast" = avast! Free Antivirus
"B521582C-6BE3-491D-BCC8-FFB8301298E9_is1" = Foxit Advanced PDF Editor 3
"BSPlayerf" = BS.Player FREE
"Call of Duty" = Call of Duty
"CoD 2 čeština_is1" = CoD 2 čeština
"CrystalDiskInfo_is1" = CrystalDiskInfo 5.0.5
"DAEMON Tools Lite" = DAEMON Tools Lite
"Dxtory2.0_is1" = Dxtory version 2.0.126
"EAX Unified" = EAX Unified
"ENTERPRISER" = Microsoft Office Enterprise 2007
"EXCELdoplnky_is1" = EXCELdoplnky
"Free FLV Converter_is1" = Free FLV Converter V 7.4.0
"Free MP3 Cutter and Editor_is1" = Free MP3 Cutter and Editor 2.6
"Free Mp3/Wma/Ogg Converter_is1" = Free Mp3/Wma/Ogg Converter 3.6
"GameParkClient_is1" = GamePark
"HD Tune_is1" = HD Tune 2.50
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"Mafia" = Mafia
"Mafia Game" = Mafia Game
"Mozilla Firefox 28.0 (x86 cs)" = Mozilla Firefox 28.0 (x86 cs)
"Nokia Suite" = Nokia Suite
"PunkBusterSvc" = PunkBuster Services
"SmartMaps Router - Cyklomapa ČR_is1" = SmartMaps Router - Cyklomapa ČR 1.6.4.7
"StrongDC++" = StrongDC++ 2.41
"TIMELEFT3_is1" = TimeLeft
"Totalcmd" = Total Commander (Remove or Repair)
"uTorrent" = µTorrent
"XnView_is1" = XnView 1.98.8

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-470748899-3113019695-3459368386-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{685A89CB-DF27-42D6-A623-34F40DBBFFB2}" = Origin90
"Aspell6-Dictionary-cs" = Aspell 0.6 Dictionary (Language: cs)
"Google Chrome" = Google Chrome
"Zlatá udice 2012" = Zlatá udice 2012

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 10.3.2014 16:47:24 | Computer Name = Venda-PC | Source = Application Hang | ID = 1002
Description = Program TOTALCMD64.EXE verze 8.0.0.1 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
17d4 Čas spuštění: 01cf3ca1cda27da0 Čas ukončení: 16 Cesta k aplikaci: D:\programy\systemove_programy\totalcmd\TOTALCMD64.EXE

ID
hlášení: 2d08a783-a895-11e3-928e-0026b9080b74

Error - 25.3.2014 12:07:12 | Computer Name = Venda-PC | Source = ESENT | ID = 455
Description = Windows (3784) Windows: Při otevírání souboru protokolu C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS00185.log
došlo k chybě -1811.

Error - 25.3.2014 12:07:12 | Computer Name = Venda-PC | Source = Windows Search Service | ID = 9000
Description =

Error - 25.3.2014 12:07:12 | Computer Name = Venda-PC | Source = Windows Search Service | ID = 7040
Description =

Error - 25.3.2014 12:07:12 | Computer Name = Venda-PC | Source = Windows Search Service | ID = 7042
Description =

Error - 25.3.2014 12:07:12 | Computer Name = Venda-PC | Source = Windows Search Service | ID = 9002
Description =

Error - 25.3.2014 12:07:12 | Computer Name = Venda-PC | Source = Windows Search Service | ID = 3029
Description =

Error - 25.3.2014 12:07:20 | Computer Name = Venda-PC | Source = Windows Search Service | ID = 3029
Description =

Error - 25.3.2014 12:07:20 | Computer Name = Venda-PC | Source = Windows Search Service | ID = 3028
Description =

Error - 25.3.2014 12:07:20 | Computer Name = Venda-PC | Source = Windows Search Service | ID = 3058
Description =

Error - 25.3.2014 12:07:20 | Computer Name = Venda-PC | Source = Windows Search Service | ID = 7010
Description =

[ System Events ]
Error - 19.4.2014 7:41:40 | Computer Name = Venda-PC | Source = atikmdag | ID = 43029
Description = Display is not active

Error - 19.4.2014 7:41:41 | Computer Name = Venda-PC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter

Error - 19.4.2014 7:41:41 | Computer Name = Venda-PC | Source = atikmdag | ID = 43029
Description = Display is not active

Error - 20.4.2014 15:37:43 | Computer Name = Venda-PC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter

Error - 20.4.2014 15:37:43 | Computer Name = Venda-PC | Source = atikmdag | ID = 43029
Description = Display is not active

Error - 20.4.2014 15:37:44 | Computer Name = Venda-PC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter

Error - 20.4.2014 15:37:44 | Computer Name = Venda-PC | Source = atikmdag | ID = 43029
Description = Display is not active

Error - 20.4.2014 18:09:35 | Computer Name = Venda-PC | Source = atikmdag | ID = 43029
Description = Display is not active

Error - 21.4.2014 1:28:22 | Computer Name = Venda-PC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter

Error - 21.4.2014 1:28:22 | Computer Name = Venda-PC | Source = atikmdag | ID = 43029
Description = Display is not active


< End of report >

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
Znovu spustte OTL jako spravce
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands) Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Guest
->Temp folder emptied: 50306 bytes
->Temporary Internet Files folder emptied: 49248 bytes
->FireFox cache emptied: 12805770 bytes

User: Public
->Temp folder emptied: 0 bytes

User: Venda
->Temp folder emptied: 1771387 bytes
->Temporary Internet Files folder emptied: 5928 bytes
->Java cache emptied: 164339 bytes
->FireFox cache emptied: 385424571 bytes
->Google Chrome cache emptied: 6082471 bytes
->Flash cache emptied: 3478 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 587949 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 388,00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Guest

User: Public

User: Venda
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

Restore point Set: OTL Restore Point
========== SERVICES/DRIVERS ==========
Service AdobeARMservice stopped successfully!
Service AdobeARMservice deleted successfully!
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-470748899-3113019695-3459368386-1000Core.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-470748899-3113019695-3459368386-1000UA.job moved successfully.
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKU\S-1-5-21-470748899-3113019695-3459368386-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Prefs.js: "Yahoo" removed from browser.search.defaultenginename
Prefs.js: "" removed from browser.search.order.1
Prefs.js: "chrf-comodo" removed from browser.search.param.yahoo-fr
Prefs.js: "chrf-comodo" removed from browser.search.param.yahoo-fr-cjkt
Registry value HKEY_USERS\S-1-5-21-470748899-3113019695-3459368386-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-470748899-3113019695-3459368386-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ABBYY Screenshot Reader Bonus deleted successfully.
Registry value HKEY_USERS\S-1-5-21-470748899-3113019695-3459368386-1000\Software\Microsoft\Windows\CurrentVersion\Run\\WEBTRAN deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP1515.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPC469.tmp folder deleted successfully.
C:\Windows\Installer\MSI9D43.tmp deleted successfully.
C:\Windows\Installer\MSIE7A6.tmp deleted successfully.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\WEBTRAN not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ABBYY Screenshot Reader Bonus not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\KiesPreload deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ABBYY Screenshot Reader Bonus\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dxtory Update Checker 2.0\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^ElsoftTray.exe\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\KiesTrayAgent deleted successfully.

OTL by OldTimer - Version 3.2.69.0 log created on 04212014_165459

Files\Folders moved on Reboot...
C:\Users\Venda\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Venda\AppData\Local\Temp\SafeQClientUI.log moved successfully.
C:\Users\Venda\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...