VIRY.CZ

Zdravím,

prosil bych pěkně o kontrolu logu, poslední dobou mne celkem zlobí ntb, dost často padá flash, neustále nějaký "neznámý plugin" přestal odpovídat, k tomu i když jsem připojení přes wifi tak v notifikační oblasti je to jako bych byl připojen přes kabel, samovolné vypínání aera a podobné strasti projel jsem to antivirem ale nic, tak si nevím rady čím to může být.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Moody at 2014-05-03 23:47:09
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 14 GB (18%) free of 80 GB
Total RAM: 2038 MB (8% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:47:44, on 3.5.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16506)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Trillian\trillian.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
c:\program files\trillian\plugins\skypekit.exe
C:\Program Files\SmartCam\SmartCam.exe
C:\Program Files\Google\Picasa3\Picasa3.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Moody\Downloads\RSIT.exe
C:\Program Files\trend micro\Moody.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.vbvsearch.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: LinkAirBrowserHelper HistoryTriggerBHO - {21A88CB9-84D2-4020-A2D1-B25A21034884} - C:\Program Files\LG Electronics\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Moody\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: RzKLService - Razer Inc. - C:\Program Files\Razer\Razer Game Booster\RzKLService.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: Vodafone Mobile Connect Service (VMCService) - Vodafone - C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe

--
End of file - 6639 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4195469608-1116802251-820429967-1000Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4195469608-1116802251-820429967-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{21A88CB9-84D2-4020-A2D1-B25A21034884}]
HistoryTriggerBHO Class - C:\Program Files\LG Electronics\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll [2011-01-13 35688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-12-09 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-12-09 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2013-07-18 995184]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"=C:\Users\Moody\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-04-27 138096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LG LinkAir]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MobileConnect]
C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe [2009-09-18 2412032]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nusbantivirus]
C:\Program Files\Naevius USB Antivirus\usbantivirus.exe [2009-08-19 1956864]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Users\Moody\AppData\Roaming\uTorrent\utorrent.exe [2013-10-06 1141328]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2013-03-10 88984]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VolPanel]
C:\Program Files\Creative\Sound Blaster Play\Volume Panel\VolPanlu.exe [2010-12-08 241757]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\prwntdrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\prwntdrv]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-05-03 23:39:07 ----D---- C:\Program Files\trend micro
2014-05-03 23:39:03 ----D---- C:\rsit
2014-04-29 12:53:40 ----D---- C:\Program Files\SmartCam
2014-04-22 13:28:54 ----A---- C:\Windows\system32\FNTCACHE.DAT

======List of files/folders modified in the last 1 month======

2014-05-03 23:39:07 ----RD---- C:\Program Files
2014-05-03 23:38:41 ----D---- C:\Windows\Temp
2014-05-03 14:50:01 ----D---- C:\Windows\Prefetch
2014-05-03 12:13:28 ----D---- C:\Windows\system32\config
2014-05-02 11:07:09 ----SHD---- C:\System Volume Information
2014-04-29 14:11:19 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2014-04-29 14:06:40 ----D---- C:\Windows\System32
2014-04-28 20:54:16 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-04-28 11:50:23 ----D---- C:\ProgramData\firebird
2014-04-27 20:16:22 ----SHD---- C:\Windows\Installer
2014-04-27 20:15:58 ----D---- C:\Windows\Tasks
2014-04-27 20:15:58 ----D---- C:\Windows\system32\Tasks
2014-04-21 21:17:26 ----D---- C:\Windows\system32\drivers
2014-04-21 21:17:25 ----D---- C:\Windows\inf
2014-04-20 22:20:43 ----D---- C:\Windows
2014-04-20 20:27:08 ----D---- C:\Users\Moody\AppData\Roaming\inkscape
2014-04-20 20:27:04 ----D---- C:\Users\Moody\AppData\Roaming\uTorrent
2014-04-19 10:28:32 ----D---- C:\Users\Moody\AppData\Roaming\vlc

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-06-18 211560]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2013-03-04 30616]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-06-18 107392]
R3 athr;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2013-07-02 3200000]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
R3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2010-11-20 60416]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-06-10 4756480]
R3 LgBttPort;LGE Bluetooth TransPort; C:\Windows\system32\DRIVERS\lgbtport.sys [2009-09-29 12160]
R3 lgbusenum;LG Bluetooth Bus Enumerator; C:\Windows\system32\DRIVERS\lgbtbus.sys [2009-09-29 10496]
R3 LGVMODEM;LGE Virtual Modem; C:\Windows\system32\DRIVERS\lgvmodem.sys [2009-09-29 12928]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-20 84992]
R3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-14 207360]
R3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-14 980992]
R3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-14 661504]
R3 tifm21;tifm21; C:\Windows\system32\drivers\tifm21.sys [2007-05-02 290816]
R3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2013-07-24 29696]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 Parvdm;Parvdm; C:\Windows\system32\drivers\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 Andbus;LGE Android Platform Composite USB Device; C:\Windows\system32\DRIVERS\lgandbus.sys [2012-03-02 14336]
S3 AndDiag;LGE Android Platform USB Serial Port; C:\Windows\system32\DRIVERS\lganddiag.sys [2012-03-02 20736]
S3 AndGps;LGE Android Platform USB GPS NMEA Port; C:\Windows\system32\DRIVERS\lgandgps.sys [2012-03-02 20096]
S3 ANDModem;LGE Android Platform USB Modem; C:\Windows\system32\DRIVERS\lgandmodem.sys [2012-03-02 25088]
S3 AndNetDiag;LGE AndroidNet USB Serial Port; C:\Windows\system32\DRIVERS\lgandnetdiag.sys [2012-07-03 23040]
S3 AndNetGps;LGE AndroidNet USB GPS NMEA Port; C:\Windows\system32\DRIVERS\lgandnetgps.sys [2012-07-03 22272]
S3 ANDNetModem;LGE AndroidNet USB Modem; C:\Windows\system32\DRIVERS\lgandnetmodem.sys [2012-07-03 27776]
S3 andnetndis;LGE AndroidNet NDIS Ethernet Adapter; C:\Windows\system32\DRIVERS\lgandnetndis.sys [2012-07-04 73728]
S3 androidusb;ADB Interface Driver; C:\Windows\System32\Drivers\lgandadb.sys [2012-03-02 25728]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2010-11-20 393216]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
S3 ewusbnet;HUAWEI USB-NDIS miniport; C:\Windows\system32\DRIVERS\ewusbnet.sys [2009-07-23 112128]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-07-23 102912]
S3 hwusbfake;Huawei DataCard USB Fake; C:\Windows\system32\DRIVERS\ewusbfake.sys [2009-07-23 100736]
S3 OAfilt;OAfilt; C:\Windows\system32\drivers\OAfilt.sys [2011-07-15 18944]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 PortTalk;PortTalk; C:\Windows\System32\Drivers\PortTalk.sys [2009-01-18 3567]
S3 prwntdrv;prwntdrv; \??\C:\Windows\system32\prwntdrv.sys [2010-08-25 13704]
S3 pwdrvio;pwdrvio; \??\C:\Windows\system32\pwdrvio.sys [2013-09-30 15688]
S3 pwdspio;pwdspio; \??\C:\Windows\system32\pwdspio.sys [2013-09-30 10320]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 15872]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [2010-11-20 77184]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2010-11-20 25600]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [2010-11-20 112640]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files\Creative\Shared Files\CTAudSvc.exe [2010-02-12 286720]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-07-18 22216]
R2 RzKLService;RzKLService; C:\Program Files\Razer\Razer Game Booster\RzKLService.exe [2013-09-18 106472]
R2 TeamViewer9;TeamViewer 9; C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe [2014-02-17 4915040]
R2 VMCService;Vodafone Mobile Connect Service; C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [2009-09-18 9216]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2013-07-18 295376]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]
S2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-09-20 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-29 257712]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2012-07-09 46528]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2013-09-20 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2013-09-20 79360]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-09-20 116648]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-10 136120]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]

-----------------EOF-----------------

Zdravim

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

OTL logfile created on: 4.5.2014 8:33:45 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Moody\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Czech Republic | Language: CSY | Date Format: d.M.yyyy

1,99 Gb Total Physical Memory | 0,47 Gb Available Physical Memory | 23,56% Memory free
3,98 Gb Paging File | 2,00 Gb Available in Paging File | 50,27% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 78,58 Gb Total Space | 13,81 Gb Free Space | 17,57% Space Free | Partition Type: NTFS
Drive D: | 5,85 Gb Total Space | 0,92 Gb Free Space | 15,76% Space Free | Partition Type: FAT32

Computer Name: MOODY-PC | User Name: Moody | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014.05.04 08:31:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Moody\Desktop\OTL.exe
PRC - [2014.04.24 02:33:15 | 000,841,032 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2014.02.17 15:09:48 | 004,915,040 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
PRC - [2013.12.21 08:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.09.18 13:51:02 | 000,106,472 | ---- | M] (Razer Inc.) -- C:\Program Files\Razer\Razer Game Booster\RzKLService.exe
PRC - [2013.07.18 16:49:42 | 000,312,512 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MpCmdRun.exe
PRC - [2013.07.18 16:49:42 | 000,295,376 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\NisSrv.exe
PRC - [2013.07.18 16:49:42 | 000,022,216 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2013.07.18 16:49:24 | 000,995,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2013.06.13 00:00:00 | 005,306,880 | ---- | M] () -- c:\Program Files\Trillian\plugins\skypekit.exe
PRC - [2013.06.13 00:00:00 | 002,606,448 | ---- | M] (Cerulean Studios) -- C:\Program Files\Trillian\trillian.exe
PRC - [2012.11.23 04:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010.11.20 23:29:20 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.02.12 04:23:12 | 000,286,720 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe
PRC - [2009.09.18 18:48:28 | 000,009,216 | ---- | M] (Vodafone) -- C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
PRC - [2009.01.27 12:40:36 | 000,249,856 | ---- | M] () -- C:\Program Files\SmartCam\SmartCam.exe


========== Modules (No Company Name) ==========

MOD - [2014.04.24 02:33:13 | 000,390,472 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\34.0.1847.131\ppgooglenaclpluginchrome.dll
MOD - [2014.04.24 02:33:12 | 013,692,232 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\34.0.1847.131\PepperFlash\pepflashplayer.dll
MOD - [2014.04.24 02:33:10 | 004,081,480 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\34.0.1847.131\pdf.dll
MOD - [2014.04.24 02:33:05 | 000,674,632 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\34.0.1847.131\libglesv2.dll
MOD - [2014.04.24 02:33:04 | 000,093,000 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\34.0.1847.131\libegl.dll
MOD - [2014.04.24 02:33:03 | 001,647,432 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\34.0.1847.131\ffmpegsumo.dll
MOD - [2014.04.24 02:33:01 | 000,065,352 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\34.0.1847.131\chrome_elf.dll
MOD - [2013.06.13 00:00:00 | 005,306,880 | ---- | M] () -- c:\Program Files\Trillian\plugins\skypekit.exe
MOD - [2013.06.13 00:00:00 | 000,187,392 | ---- | M] () -- C:\Program Files\Trillian\libpng15.dll
MOD - [2013.06.13 00:00:00 | 000,065,536 | ---- | M] () -- C:\Program Files\Trillian\libungif.dll
MOD - [2013.06.13 00:00:00 | 000,059,904 | ---- | M] () -- C:\Program Files\Trillian\zlib1.dll
MOD - [2012.11.28 09:21:36 | 000,005,120 | ---- | M] () -- c:\Users\Moody\AppData\Roaming\Trillian\languages\cs\trillian.dll
MOD - [2012.11.28 09:21:36 | 000,002,048 | ---- | M] () -- c:\Users\Moody\AppData\Roaming\Trillian\languages\cs\toolkit.dll
MOD - [2012.11.28 09:21:34 | 000,009,728 | ---- | M] () -- c:\Users\Moody\AppData\Roaming\Trillian\languages\cs\buddy.dll
MOD - [2012.11.28 09:21:34 | 000,007,168 | ---- | M] () -- c:\Users\Moody\AppData\Roaming\Trillian\languages\cs\events.dll
MOD - [2012.11.28 09:21:34 | 000,006,144 | ---- | M] () -- c:\Users\Moody\AppData\Roaming\Trillian\languages\cs\talk.dll
MOD - [2010.01.30 02:41:12 | 004,254,560 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2009.01.27 12:40:36 | 000,249,856 | ---- | M] () -- C:\Program Files\SmartCam\SmartCam.exe
MOD - [2009.01.27 12:40:34 | 000,364,544 | ---- | M] () -- C:\Program Files\SmartCam\SmartCamFilter.ax


========== Services (SafeList) ==========

SRV - [2014.04.29 14:11:20 | 000,257,712 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014.02.17 15:09:48 | 004,915,040 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe -- (TeamViewer9)
SRV - [2013.12.21 08:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.09.20 15:17:01 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2013.09.20 14:28:15 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2013.09.18 13:51:02 | 000,106,472 | ---- | M] (Razer Inc.) [Auto | Running] -- C:\Program Files\Razer\Razer Game Booster\RzKLService.exe -- (RzKLService)
SRV - [2013.07.18 16:49:42 | 000,295,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2013.07.18 16:49:42 | 000,022,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2013.05.27 06:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2010.03.25 10:25:22 | 030,969,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2010.02.12 04:23:12 | 000,286,720 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2009.09.18 18:48:28 | 000,009,216 | ---- | M] (Vodafone) [Auto | Running] -- C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe -- (VMCService)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - [2013.09.30 16:26:46 | 000,015,688 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\pwdrvio.sys -- (pwdrvio)
DRV - [2013.09.30 16:26:44 | 000,010,320 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\pwdspio.sys -- (pwdspio)
DRV - [2013.07.02 10:00:00 | 003,200,000 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2013.06.18 21:50:08 | 000,107,392 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2012.07.04 14:47:00 | 000,073,728 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandnetndis.sys -- (andnetndis)
DRV - [2012.07.03 12:43:00 | 000,027,776 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandnetmodem.sys -- (ANDNetModem)
DRV - [2012.07.03 12:43:00 | 000,023,040 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandnetdiag.sys -- (AndNetDiag)
DRV - [2012.07.03 12:43:00 | 000,022,272 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandnetgps.sys -- (AndNetGps)
DRV - [2012.03.02 17:02:00 | 000,025,728 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandadb.sys -- (androidusb)
DRV - [2012.03.02 17:02:00 | 000,025,088 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandmodem.sys -- (ANDModem)
DRV - [2012.03.02 17:02:00 | 000,020,736 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lganddiag.sys -- (AndDiag)
DRV - [2012.03.02 17:02:00 | 000,020,096 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandgps.sys -- (AndGps)
DRV - [2012.03.02 17:02:00 | 000,014,336 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandbus.sys -- (Andbus)
DRV - [2011.07.15 06:12:57 | 000,018,944 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\OAfilt.sys -- (OAfilt)
DRV - [2010.11.20 23:29:34 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010.11.20 23:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 23:29:03 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 23:29:03 | 000,112,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - [2010.11.20 23:29:03 | 000,077,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV - [2010.11.20 23:29:03 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dmvsc.sys -- (dmvsc)
DRV - [2010.11.20 23:29:03 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 23:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.11.20 23:29:03 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 23:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2010.11.20 23:29:03 | 000,025,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\terminpt.sys -- (terminpt)
DRV - [2010.11.20 23:29:03 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 23:29:03 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010.08.25 19:39:00 | 000,013,704 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\prwntdrv.sys -- (prwntdrv)
DRV - [2009.09.29 09:11:22 | 000,012,160 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lgbtport.sys -- (LgBttPort)
DRV - [2009.09.29 09:11:20 | 000,012,928 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lgvmodem.sys -- (LGVMODEM)
DRV - [2009.09.29 09:11:20 | 000,010,496 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lgbtbus.sys -- (lgbusenum)
DRV - [2009.07.23 12:57:22 | 000,112,128 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2009.07.23 12:57:22 | 000,102,912 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009.07.23 12:57:22 | 000,100,736 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbfake.sys -- (hwusbfake)
DRV - [2009.07.14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009.07.14 01:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\serial.sys -- (Serial)
DRV - [2009.01.18 19:19:10 | 000,003,567 | ---- | M] (Beyond Logic http://www.beyondlogic.org) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\porttalk.sys -- (PortTalk)
DRV - [2007.05.02 03:52:00 | 000,290,816 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tifm21.sys -- (tifm21)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-4195469608-1116802251-820429967-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.vbvsearch.com/
IE - HKU\S-1-5-21-4195469608-1116802251-820429967-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 20 A0 09 94 7C B5 CE 01 [binary data]
IE - HKU\S-1-5-21-4195469608-1116802251-820429967-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-4195469608-1116802251-820429967-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-4195469608-1116802251-820429967-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1209149.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Moody\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)



========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/
CHR - plugin: Widevine Content Decryption Module (Disabled) = C:\Users\Moody\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.2.464\_platform_specific\win_x86\widevinecdmadapter.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\34.0.1847.131\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Disabled) = internal-remoting-viewer
CHR - plugin: Native Client (Disabled) = C:\Program Files\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\34.0.1847.131\pdf.dll
CHR - plugin: Microsoft Office 2010 (Disabled) = C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Disabled) = C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
CHR - plugin: Picasa (Disabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll
CHR - plugin: Java Deployment Toolkit 7.0.450.18 (Enabled) = C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
CHR - plugin: Java(TM) Platform SE 7 U45 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\Moody\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Shockwave for Director (Disabled) = C:\Windows\system32\Adobe\Director\np32dsw_1209149.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_206.dll
CHR - Extension: YouTube = C:\Users\Moody\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Vyhledávání Google = C:\Users\Moody\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Kalendář Google = C:\Users\Moody\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\
CHR - Extension: Stylish = C:\Users\Moody\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe\1.2.2_0\
CHR - Extension: AdBlock = C:\Users\Moody\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.29_0\
CHR - Extension: Peněženka Google = C:\Users\Moody\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Moody\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2014.03.05 14:38:52 | 000,001,339 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 adobe.activate.com
O2 - BHO: (HistoryTriggerBHO Class) - {21A88CB9-84D2-4020-A2D1-B25A21034884} - C:\Program Files\LG Electronics\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll (LG Electronics)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Od&eslat do aplikace OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3FC8C69F-84FB-46F0-80BA-9F5F00E840C7}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5EE150D6-A599-48BC-B6B3-217A2F351DCF}: DhcpNameServer = 93.153.117.1 93.153.117.33
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2005.10.28 02:24:10 | 000,000,000 | ---D | M] - D:\AUTORUN -- [ FAT32 ]
O33 - MountPoints2\{d6fc89c2-5e94-11e3-9de5-001d721584c0}\Shell - "" = AutoRun
O33 - MountPoints2\{d6fc89c2-5e94-11e3-9de5-001d721584c0}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{d6fc8a18-5e94-11e3-9de5-001d721584c0}\Shell - "" = AutoRun
O33 - MountPoints2\{d6fc8a18-5e94-11e3-9de5-001d721584c0}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2014.05.04 08:32:06 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Moody\Desktop\OTL.exe
[2014.05.04 00:17:24 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\Windows\System32\sqlite3.dll
[2014.05.04 00:15:44 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014.05.03 23:39:07 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014.05.03 23:39:03 | 000,000,000 | ---D | C] -- C:\rsit
[2014.05.02 14:02:47 | 000,000,000 | ---D | C] -- C:\Users\Moody\Desktop\Kladno
[2014.04.29 12:53:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SmartCam
[2014.04.29 12:53:41 | 000,000,000 | ---D | C] -- C:\Users\Moody\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartCam
[2014.04.29 12:53:40 | 000,000,000 | ---D | C] -- C:\Program Files\SmartCam
[2014.04.27 20:41:12 | 000,000,000 | -H-D | C] -- C:\Users\Moody\Desktop\.picasaoriginals
[2014.04.27 20:15:52 | 000,000,000 | ---D | C] -- C:\Users\Moody\AppData\Local\Facebook

========== Files - Modified Within 30 Days ==========

[2014.05.04 08:38:52 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.05.04 08:31:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Moody\Desktop\OTL.exe
[2014.05.04 07:59:06 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014.05.04 07:47:38 | 000,026,352 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.05.04 07:47:38 | 000,026,352 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.05.04 07:39:57 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014.05.04 07:38:52 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4195469608-1116802251-820429967-1000UA.job
[2014.05.04 07:38:52 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4195469608-1116802251-820429967-1000Core.job
[2014.05.04 07:38:52 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014.05.04 07:38:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.05.04 07:38:20 | 1603,084,288 | -HS- | M] () -- C:\hiberfil.sys
[2014.05.04 00:15:08 | 001,310,621 | ---- | M] () -- C:\Users\Moody\Desktop\adwcleaner.exe
[2014.05.03 16:15:58 | 002,211,385 | ---- | M] () -- C:\Users\Moody\Desktop\PB150074.JPG
[2014.05.03 16:05:08 | 008,340,157 | ---- | M] () -- C:\Users\Moody\Desktop\P1270011.JPG
[2014.04.30 15:46:41 | 000,321,070 | ---- | M] () -- C:\Users\Moody\Desktop\DSC_3286 [1600x1200].JPG
[2014.04.29 14:11:19 | 000,692,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2014.04.29 14:11:19 | 000,070,832 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2014.04.28 20:54:16 | 001,120,850 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2014.04.28 20:54:16 | 001,113,308 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014.04.28 20:54:16 | 000,297,256 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2014.04.28 20:54:16 | 000,277,466 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014.04.28 20:42:45 | 000,505,827 | ---- | M] () -- C:\Users\Moody\Desktop\IMG_20140428_203952.jpg
[2014.04.28 11:19:16 | 000,304,044 | ---- | M] () -- C:\Users\Moody\Desktop\IMG_20140428_111508.jpg
[2014.04.27 20:41:36 | 000,845,465 | ---- | M] () -- C:\Users\Moody\Desktop\IMG_20140423_182826.jpg
[2014.04.27 11:45:24 | 000,299,851 | ---- | M] () -- C:\Users\Moody\Desktop\IMG_20140426_134539-maly.jpg
[2014.04.27 11:39:30 | 000,346,035 | ---- | M] () -- C:\Users\Moody\Desktop\IMG_20140426_143311 maly.jpg
[2014.04.27 11:36:06 | 000,808,967 | ---- | M] () -- C:\Users\Moody\Desktop\IMG_20140426_134539.jpg
[2014.04.27 11:31:53 | 001,152,748 | ---- | M] () -- C:\Users\Moody\Desktop\IMG_20140426_143311.jpg
[2014.04.23 11:59:23 | 000,911,772 | ---- | M] () -- C:\Users\Moody\Desktop\aim_cenikvoipnew_2012.pdf
[2014.04.23 11:58:19 | 000,230,066 | ---- | M] () -- C:\Users\Moody\Desktop\aim_cenik_fibernet_1_2014.pdf
[2014.04.23 11:35:06 | 000,412,218 | ---- | M] () -- C:\Users\Moody\Desktop\aim_cenik_balicek_4_2014.pdf
[2014.04.23 11:31:17 | 000,167,743 | ---- | M] () -- C:\Users\Moody\Desktop\aim_cenikostatni_1_2014.pdf
[2014.04.22 13:29:59 | 000,409,152 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

========== Files Created - No Company Name ==========

[2014.05.04 08:38:52 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.05.04 00:14:24 | 001,310,621 | ---- | C] () -- C:\Users\Moody\Desktop\adwcleaner.exe
[2014.05.03 16:15:58 | 002,211,385 | ---- | C] () -- C:\Users\Moody\Desktop\PB150074.JPG
[2014.05.03 16:04:52 | 008,340,157 | ---- | C] () -- C:\Users\Moody\Desktop\P1270011.JPG
[2014.04.30 15:46:33 | 000,321,070 | ---- | C] () -- C:\Users\Moody\Desktop\DSC_3286 [1600x1200].JPG
[2014.04.28 20:42:40 | 000,505,827 | ---- | C] () -- C:\Users\Moody\Desktop\IMG_20140428_203952.jpg
[2014.04.28 11:19:16 | 000,304,044 | ---- | C] () -- C:\Users\Moody\Desktop\IMG_20140428_111508.jpg
[2014.04.27 20:41:36 | 000,845,465 | ---- | C] () -- C:\Users\Moody\Desktop\IMG_20140423_182826.jpg
[2014.04.27 20:15:58 | 000,000,928 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4195469608-1116802251-820429967-1000UA.job
[2014.04.27 20:15:56 | 000,000,906 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4195469608-1116802251-820429967-1000Core.job
[2014.04.27 11:45:24 | 000,299,851 | ---- | C] () -- C:\Users\Moody\Desktop\IMG_20140426_134539-maly.jpg
[2014.04.27 11:39:28 | 000,346,035 | ---- | C] () -- C:\Users\Moody\Desktop\IMG_20140426_143311 maly.jpg
[2014.04.27 11:36:03 | 000,808,967 | ---- | C] () -- C:\Users\Moody\Desktop\IMG_20140426_134539.jpg
[2014.04.27 11:31:51 | 001,152,748 | ---- | C] () -- C:\Users\Moody\Desktop\IMG_20140426_143311.jpg
[2014.04.23 11:59:23 | 000,911,772 | ---- | C] () -- C:\Users\Moody\Desktop\aim_cenikvoipnew_2012.pdf
[2014.04.23 11:58:18 | 000,230,066 | ---- | C] () -- C:\Users\Moody\Desktop\aim_cenik_fibernet_1_2014.pdf
[2014.04.23 11:35:02 | 000,412,218 | ---- | C] () -- C:\Users\Moody\Desktop\aim_cenik_balicek_4_2014.pdf
[2014.04.23 11:30:51 | 000,167,743 | ---- | C] () -- C:\Users\Moody\Desktop\aim_cenikostatni_1_2014.pdf
[2014.04.22 13:28:54 | 000,409,152 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2014.03.05 15:05:54 | 000,002,347 | ---- | C] () -- C:\Users\Moody\AppData\Local\recently-used.xbel
[2014.02.13 10:16:07 | 000,053,248 | ---- | C] () -- C:\Windows\System32\CommonDL.dll
[2014.02.13 10:16:07 | 000,002,411 | ---- | C] () -- C:\Windows\System32\lgAxconfig.ini
[2014.01.12 11:43:26 | 000,010,240 | ---- | C] () -- C:\Windows\System32\vidx16.dll
[2014.01.10 22:54:40 | 000,053,248 | ---- | C] () -- C:\Windows\unrar.dll
[2013.12.01 20:52:05 | 000,000,000 | ---- | C] () -- C:\Users\Moody\AppData\Roaming\FileOut.cns
[2013.12.01 20:52:05 | 000,000,000 | ---- | C] () -- C:\Users\Moody\AppData\Roaming\FileIn.cns
[2013.11.18 14:14:21 | 000,000,037 | -HS- | C] () -- C:\Users\Moody\AppData\Local\70149b02515b3bb20dd492.47983420
[2013.11.05 17:52:11 | 000,000,135 | ---- | C] () -- C:\Windows\AutoKMS.ini
[2013.11.04 23:28:10 | 000,292,004 | ---- | C] () -- C:\Windows\System32\perfi005.dat
[2013.11.04 23:28:07 | 001,120,850 | ---- | C] () -- C:\Windows\System32\perfh005.dat
[2013.11.04 23:28:07 | 000,297,256 | ---- | C] () -- C:\Windows\System32\perfc005.dat
[2013.11.04 23:28:07 | 000,036,232 | ---- | C] () -- C:\Windows\System32\perfd005.dat
[2013.11.04 22:36:47 | 000,214,944 | ---- | C] () -- C:\Users\Moody\drawing.pdf
[2013.10.13 18:56:55 | 000,005,632 | ---- | C] () -- C:\Users\Moody\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.10.01 18:18:24 | 002,881,848 | ---- | C] () -- C:\Windows\System32\pwNative.exe
[2013.10.01 18:18:21 | 000,015,688 | ---- | C] () -- C:\Windows\System32\pwdrvio.sys
[2013.10.01 18:18:12 | 000,010,320 | ---- | C] () -- C:\Windows\System32\pwdspio.sys
[2013.09.24 10:06:57 | 000,099,400 | ---- | C] () -- C:\Windows\System32\setupprwdrv03.exe
[2013.09.24 10:06:56 | 000,013,704 | ---- | C] () -- C:\Windows\System32\prwntdrv.sys
[2013.09.20 14:29:14 | 000,001,121 | ---- | C] () -- C:\Windows\SB1260.ini
[2013.09.20 14:29:14 | 000,000,917 | ---- | C] () -- C:\Windows\OAcfg.ini
[2013.09.20 14:29:14 | 000,000,632 | ---- | C] () -- C:\Windows\SB1260L.ini
[2013.09.20 14:29:12 | 000,246,272 | ---- | C] () -- C:\Windows\System32\APOMngr.DLL
[2013.09.20 14:29:12 | 000,074,240 | ---- | C] () -- C:\Windows\System32\CmdRtr.DLL
[2013.09.20 14:14:13 | 000,025,495 | ---- | C] () -- C:\Windows\System32\ctOA.ini
[2009.08.28 15:16:16 | 000,130,238 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4
[2002.08.29 19:33:56 | 000,319,488 | R--- | C] () -- C:\Users\Moody\AppData\Roaming\MafiaSetup.exe

========== ZeroAccess Check ==========

[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.07.26 03:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 23:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013.12.24 13:04:48 | 000,000,000 | ---D | M] -- C:\Users\Ali\AppData\Roaming\inkscape
[2013.12.06 22:53:31 | 000,000,000 | ---D | M] -- C:\Users\Ali\AppData\Roaming\Vodafone
[2013.11.04 23:12:09 | 000,000,000 | ---D | M] -- C:\Users\Moody\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2013.12.12 20:39:21 | 000,000,000 | ---D | M] -- C:\Users\Moody\AppData\Roaming\Exec
[2014.04.20 20:27:08 | 000,000,000 | ---D | M] -- C:\Users\Moody\AppData\Roaming\inkscape
[2014.01.05 16:57:02 | 000,000,000 | ---D | M] -- C:\Users\Moody\AppData\Roaming\PDAppFlex
[2013.10.10 02:36:21 | 000,000,000 | ---D | M] -- C:\Users\Moody\AppData\Roaming\Seznam.cz
[2014.03.02 13:29:08 | 000,000,000 | ---D | M] -- C:\Users\Moody\AppData\Roaming\TeamViewer
[2013.10.14 08:23:16 | 000,000,000 | ---D | M] -- C:\Users\Moody\AppData\Roaming\Trillian
[2014.04.20 20:27:04 | 000,000,000 | ---D | M] -- C:\Users\Moody\AppData\Roaming\uTorrent
[2013.12.06 18:46:41 | 000,000,000 | ---D | M] -- C:\Users\Moody\AppData\Roaming\Vodafone

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009.07.14 06:53:46 | 000,032,618 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 06:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2013.09.20 00:25:53 | 000,000,880 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.09.20 00:26:08 | 000,000,884 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2013.09.20 00:29:25 | 000,000,830 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2014.04.27 20:15:56 | 000,000,906 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4195469608-1116802251-820429967-1000Core.job
[2014.04.27 20:15:58 | 000,000,928 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4195469608-1116802251-820429967-1000UA.job

< >

< MD5 for: AGP440.SYS >
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.20 23:29:06 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010.11.20 23:29:06 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2010.11.20 23:29:03 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010.11.20 23:29:03 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010.11.20 23:29:03 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2013.05.13 06:45:55 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=3897DFF247D9ED0006190349DE264E14 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_77d8a461f934afb8\cryptsvc.dll
[2013.07.09 15:57:37 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=6DB499DEFCC827317C5371164A7CDB27 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_7840d305126b8725\cryptsvc.dll
[2013.07.09 06:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\System32\cryptsvc.dll
[2013.07.09 06:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_7812b70bf9088686\cryptsvc.dll
[2010.11.20 23:29:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
[2013.05.11 06:59:05 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=AC04D05309BB2C418D0D80B9FB014642 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_7883b3211239122d\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2010.11.20 23:29:20 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\explorer.exe
[2010.11.20 23:29:20 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe

< MD5 for: HAL.DLL >
[2010.11.20 23:29:19 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010.11.20 23:29:19 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll

< MD5 for: IASTORV.SYS >
[2010.11.20 23:29:03 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\drivers\iaStorV.sys
[2010.11.20 23:29:03 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 23:29:03 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009.07.14 03:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\System32\drivers\isapnp.sys
[2009.07.14 03:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\isapnp.sys
[2009.07.14 03:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\isapnp.sys

< MD5 for: LSASS.EXE >
[2011.11.17 07:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=81951F51E318AECC2D68559E47485CC4 -- C:\Windows\System32\lsass.exe
[2011.11.17 07:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=81951F51E318AECC2D68559E47485CC4 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_a84828d7bb1480d7\lsass.exe
[2011.11.17 07:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=81951F51E318AECC2D68559E47485CC4 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_a828bb43bb2beb28\lsass.exe
[2009.07.14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_a851f4adbb0d5141\lsass.exe
[2012.06.02 06:51:22 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=FA7B950E4CA6AA260C4EABA19E03644D -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_a8d76e24d42eb666\lsass.exe
[2011.11.17 07:24:04 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=FBCB2DFA40862DAA7B1534C9538208A5 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_a8a284cad4562b09\lsass.exe

< MD5 for: NDIS.SYS >
[2010.11.20 23:29:12 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\System32\drivers\ndis.sys
[2010.11.20 23:29:12 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_a9ce95b27a512623\ndis.sys

< MD5 for: NETLOGON.DLL >
[2010.11.20 23:29:12 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\System32\netlogon.dll
[2010.11.20 23:29:12 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll

< MD5 for: NVRAID.SYS >
[2010.11.20 23:29:03 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=AF2EEC9580C1D32FB7EAF105D9784061 -- C:\Windows\System32\drivers\nvraid.sys
[2010.11.20 23:29:03 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=AF2EEC9580C1D32FB7EAF105D9784061 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvraid.sys
[2010.11.20 23:29:03 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=AF2EEC9580C1D32FB7EAF105D9784061 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2010.11.20 23:29:03 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\drivers\nvstor.sys
[2010.11.20 23:29:03 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 23:29:03 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys

< MD5 for: SCECLI.DLL >
[2010.11.20 23:29:07 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 23:29:07 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll

< MD5 for: SMSS.EXE >
[2009.07.14 03:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=16742790895960690237A5143CEDEC8B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_ac10fe207a85352b\smss.exe
[2013.07.08 05:02:28 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=634E0B45780F502304592C5615A31089 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22379_none_ae8fb42390bda114\smss.exe
[2013.03.19 04:49:16 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=DE91DCC7BC55E940979097E98F743205 -- C:\Windows\System32\smss.exe
[2013.03.19 04:49:16 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=DE91DCC7BC55E940979097E98F743205 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18113_none_ae40f33e7774c473\smss.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.04.25 06:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2010.11.20 23:29:20 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2013.07.06 07:05:35 | 001,293,760 | ---- | M] (Microsoft Corporation) MD5=4E8B9BE71B807B3BAEDB7F4243F85E3C -- C:\Windows\System32\drivers\tcpip.sys
[2013.07.06 07:05:35 | 001,293,760 | ---- | M] (Microsoft Corporation) MD5=4E8B9BE71B807B3BAEDB7F4243F85E3C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_b52f2f65c4a146e5\tcpip.sys
[2013.07.06 06:57:37 | 001,309,120 | ---- | M] (Microsoft Corporation) MD5=528F7CC60391DD0FAB0344F32F051FDF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_b5721e2eddf328f9\tcpip.sys
[2011.04.25 08:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 23:29:06 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 23:29:06 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.20 23:29:06 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010.11.20 23:29:06 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe

< MD5 for: WS2_32.DLL >
[2010.11.20 23:29:06 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\System32\ws2_32.dll
[2010.11.20 23:29:06 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[4 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\09434611e2c1c9b284f7a33fa7424554\*.tmp files -> C:\Windows\SoftwareDistribution\Download\09434611e2c1c9b284f7a33fa7424554\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\983666b5b57fc41b1757a7d01bf00a46\*.tmp files -> C:\Windows\SoftwareDistribution\Download\983666b5b57fc41b1757a7d01bf00a46\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\9a351d8a2ec596b81bd2f58d82b06bc0\*.tmp files -> C:\Windows\SoftwareDistribution\Download\9a351d8a2ec596b81bd2f58d82b06bc0\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\a6b5a940937e70ffe1c0e72340e997e0\*.tmp files -> C:\Windows\SoftwareDistribution\Download\a6b5a940937e70ffe1c0e72340e997e0\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\ad0b9a3c86ba0ba8dddd5f81d3f65003\*.tmp files -> C:\Windows\SoftwareDistribution\Download\ad0b9a3c86ba0ba8dddd5f81d3f65003\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\b90efc167e2183e42fb163ddc4ae663c\*.tmp files -> C:\Windows\SoftwareDistribution\Download\b90efc167e2183e42fb163ddc4ae663c\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\c359c1ecdcb445ac77a5f6d3a92c788f\*.tmp files -> C:\Windows\SoftwareDistribution\Download\c359c1ecdcb445ac77a5f6d3a92c788f\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\ce401b745051a74a5830026bdfc308be\*.tmp files -> C:\Windows\SoftwareDistribution\Download\ce401b745051a74a5830026bdfc308be\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\f3af371881bc1658bdc7d909ed0227f8\*.tmp files -> C:\Windows\SoftwareDistribution\Download\f3af371881bc1658bdc7d909ed0227f8\*.tmp -> ]
[1 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2013.12.17 14:11:00 | 000,000,000 | ---D | M] -- C:\Users\Moody\AppData\Roaming\.clamwin
[2013.11.05 19:22:55 | 000,000,000 | ---D | M] -- C:\Users\Moody\AppData\Roaming\Adobe
[2013.11.04 23:12:09 | 000,000,000 | ---D | M] -- C:\Users\Moody\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2013.11.13 22:26:42 | 000,000,000 | ---D | M] -- C:\Users\Moody\AppData\Roaming\dvdcss
[2013.10.06 21:34:46 | 000,000,000 | ---D | M] -- C:\Users\Moody\AppData\Roaming\ESTsoft
[2013.12.12 20:39:21 | 000,000,000 | ---D | M] -- C:\Users\Moody\AppData\Roaming\Exec
[2013.12.06 18:57:57 | 000,000,000 | ---D | M] -- C:\Users\Moody\AppData\Roaming\FLEXnet
[2013.09.20 08:07:07 | 000,000,000 | ---D | M] -- C:\Users\Moody\AppData\Roaming\Identities
[2014.04.20 20:27:08 | 000,000,000 | ---D | M] -- C:\Users\Moody\AppData\Roaming\inkscape
[2013.09.20 00:29:33 | 000,000,000 | ---D | M] -- C:\Users\Moody\AppData\Roaming\Macromedia
[2010.11.21 02:46:50 | 000,000,000 | ---D | M] -- C:\Users\Moody\AppData\Roaming\Media Center Programs
[2014.01.21 13:51:31 | 000,000,000 | --SD | M] -- C:\Users\Moody\AppData\Roaming\Microsoft
[2014.01.05 16:57:02 | 000,000,000 | ---D | M] -- C:\Users\Moody\AppData\Roaming\PDAppFlex
[2013.10.10 02:36:21 | 000,000,000 | ---D | M] -- C:\Users\Moody\AppData\Roaming\Seznam.cz
[2014.03.02 13:29:08 | 000,000,000 | ---D | M] -- C:\Users\Moody\AppData\Roaming\TeamViewer
[2013.10.14 08:23:16 | 000,000,000 | ---D | M] -- C:\Users\Moody\AppData\Roaming\Trillian
[2014.04.20 20:27:04 | 000,000,000 | ---D | M] -- C:\Users\Moody\AppData\Roaming\uTorrent
[2014.04.19 10:28:32 | 000,000,000 | ---D | M] -- C:\Users\Moody\AppData\Roaming\vlc
[2013.12.06 18:46:41 | 000,000,000 | ---D | M] -- C:\Users\Moody\AppData\Roaming\Vodafone

< %APPDATA%\*.exe /s >
[2002.08.29 19:33:56 | 000,319,488 | R--- | M] () -- C:\Users\Moody\AppData\Roaming\MafiaSetup.exe
[2013.11.04 23:09:40 | 000,054,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\Moody\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2014.01.09 01:24:28 | 000,071,894 | R--- | M] () -- C:\Users\Moody\AppData\Roaming\Microsoft\Installer\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}\GPUploader.exe
[2014.01.01 13:05:20 | 000,071,894 | R--- | M] () -- C:\Users\Moody\AppData\Roaming\Microsoft\Installer\{D4C4A751-F7F3-4DCA-B825-9AC391BFFC3F}\GPUploader.exe
[2013.10.06 10:00:00 | 001,141,328 | ---- | M] (BitTorrent Inc.) -- C:\Users\Moody\AppData\Roaming\uTorrent\utorrent.exe
[2013.10.06 10:00:00 | 001,141,328 | ---- | M] (BitTorrent Inc.) -- C:\Users\Moody\AppData\Roaming\uTorrent\updates\3.3.2_30180.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2014.05.04 07:47:38 | 000,026,352 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.05.04 07:47:38 | 000,026,352 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014.05.04 08:38:52 | 000,000,512 | ---- | M] () MD5=2D00A54F3811C60743F2C31B89E88AE1 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2009.12.19 12:46:24 | 000,042,504 | ---- | M] () -- \Fotky a obrázky\TRIP´s\Trip to Cieszyn\cracked_screen_400x300.jpg
[2010.05.29 22:41:56 | 000,114,899 | ---- | M] () -- \Program Files\Inkscape\python\Lib\site-packages\numpy\f2py\crackfortran.py
[2014.02.21 20:05:27 | 000,003,072 | ---- | M] () -- \Users\Moody\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.cracked.com_0.localstorage
[2014.02.21 20:05:27 | 000,003,608 | ---- | M] () -- \Users\Moody\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.cracked.com_0.localstorage-journal
[2013.11.05 11:53:03 | 000,013,215 | ---- | M] () -- \Users\Moody\AppData\Roaming\uTorrent\Adobe.Acrobat.XI.Pro.v11.0.2.Multilingual.Cracked.torrent
[2013.10.11 14:30:41 | 000,013,979 | ---- | M] () -- \Users\Moody\AppData\Roaming\uTorrent\Postal 2 Share the Pain + Crack + Patch.zip.torrent
[2013.12.05 21:56:53 | 000,051,148 | ---- | M] () -- \Users\Moody\Documents\Članky a texty\Aircrack.docx
[2013.01.26 00:47:12 | 007,088,737 | ---- | M] () -- \Users\Moody\Music\Písničky\Haftbefehl - Blockplatin\112-haftbefehl-crackfurt-noir.mp3

< *keygen* /s >
[2013.10.09 12:30:20 | 000,012,429 | ---- | M] () -- \Users\Moody\AppData\Roaming\uTorrent\Acronis Disk Director Suite 10.0.2239.keygen+serials.torrent

< *AntiWPA* /s >

< *loader* /s >
[2010.03.24 20:12:34 | 000,249,680 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2010.03.24 20:12:34 | 000,018,264 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2012.11.21 17:01:24 | 000,633,928 | ---- | M] () -- \Program Files\EaseUS\EaseUS Partition Recovery 5.6.1\bin\EprDrwLoader.exe
[2010.07.15 08:45:26 | 000,003,614 | ---- | M] () -- \Program Files\EaseUS\EaseUS Partition Recovery 5.6.1\etc\gtk-2.0\gdk-pixbuf.loaders
[2010.07.15 08:44:50 | 000,028,560 | ---- | M] () -- \Program Files\EaseUS\EaseUS Partition Recovery 5.6.1\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ani.dll
[2010.07.15 08:44:50 | 000,027,492 | ---- | M] () -- \Program Files\EaseUS\EaseUS Partition Recovery 5.6.1\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-bmp.dll
[2010.07.15 08:44:50 | 000,041,827 | ---- | M] () -- \Program Files\EaseUS\EaseUS Partition Recovery 5.6.1\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-gif.dll
[2010.07.15 08:44:50 | 000,020,750 | ---- | M] () -- \Program Files\EaseUS\EaseUS Partition Recovery 5.6.1\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-icns.dll
[2010.07.15 08:44:50 | 000,027,004 | ---- | M] () -- \Program Files\EaseUS\EaseUS Partition Recovery 5.6.1\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ico.dll
[2010.07.15 08:44:50 | 000,033,364 | ---- | M] () -- \Program Files\EaseUS\EaseUS Partition Recovery 5.6.1\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-jpeg.dll
[2010.07.15 08:44:50 | 000,021,329 | ---- | M] () -- \Program Files\EaseUS\EaseUS Partition Recovery 5.6.1\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pcx.dll
[2010.07.15 08:44:50 | 000,035,326 | ---- | M] () -- \Program Files\EaseUS\EaseUS Partition Recovery 5.6.1\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-png.dll
[2010.07.15 08:44:50 | 000,023,528 | ---- | M] () -- \Program Files\EaseUS\EaseUS Partition Recovery 5.6.1\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pnm.dll
[2010.07.15 08:44:50 | 000,018,354 | ---- | M] () -- \Program Files\EaseUS\EaseUS Partition Recovery 5.6.1\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ras.dll
[2010.07.15 08:44:50 | 000,023,858 | ---- | M] () -- \Program Files\EaseUS\EaseUS Partition Recovery 5.6.1\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tga.dll
[2010.07.15 08:44:50 | 000,028,334 | ---- | M] () -- \Program Files\EaseUS\EaseUS Partition Recovery 5.6.1\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tiff.dll
[2010.07.15 08:44:50 | 000,017,895 | ---- | M] () -- \Program Files\EaseUS\EaseUS Partition Recovery 5.6.1\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-wbmp.dll
[2010.07.15 08:44:50 | 000,023,851 | ---- | M] () -- \Program Files\EaseUS\EaseUS Partition Recovery 5.6.1\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xbm.dll
[2010.07.15 08:44:50 | 000,041,060 | ---- | M] () -- \Program Files\EaseUS\EaseUS Partition Recovery 5.6.1\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xpm.dll
[2010.07.15 08:44:50 | 000,007,168 | ---- | M] () -- \Program Files\EaseUS\EaseUS Partition Recovery 5.6.1\lib\gtk-2.0\2.10.0\loaders\svg_loader.dll
[2012.11.07 13:10:22 | 000,065,974 | ---- | M] () -- \Program Files\EaseUS\EaseUS Partition Recovery 5.6.1\res\loader_bg.png
[2014.01.06 20:47:02 | 000,000,702 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_advoptions.fen
[2014.01.06 20:47:02 | 000,000,790 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_debug.fen
[2014.01.06 20:47:02 | 000,000,723 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_download.fen
[2014.01.06 20:47:02 | 000,000,694 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_file_errors.fen
[2013.02.09 03:39:28 | 000,000,934 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_main.fen
[2014.01.06 20:47:04 | 000,000,634 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_manage_devices.fen
[2014.01.06 20:47:04 | 000,002,283 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_onboard.fen
[2014.01.06 20:47:04 | 000,001,417 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_options.fen
[2014.01.06 20:47:04 | 000,001,330 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_pinwheel_72.png
[2014.01.06 20:47:04 | 000,002,541 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_pinwheel_72x2.png
[2014.01.06 20:47:04 | 000,002,109 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_prefs.fen
[2014.01.06 20:47:04 | 000,000,956 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_quota_error1.fen
[2014.01.06 20:47:04 | 000,001,080 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_quota_error2.fen
[2014.01.06 20:47:04 | 000,001,139 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_quota_error_estimate.fen
[2014.01.06 20:47:04 | 000,002,181 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_welcome.fen
[2010.03.06 10:24:56 | 000,003,614 | ---- | M] () -- \Program Files\Inkscape\etc\gtk-2.0\gdk-pixbuf.loaders
[2010.03.06 10:24:56 | 000,030,804 | ---- | M] () -- \Program Files\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ani.dll
[2010.03.06 10:24:56 | 000,027,898 | ---- | M] () -- \Program Files\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-bmp.dll
[2010.03.06 10:24:56 | 000,042,058 | ---- | M] () -- \Program Files\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-gif.dll
[2010.03.06 10:24:56 | 000,023,145 | ---- | M] () -- \Program Files\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-icns.dll
[2010.03.06 10:24:56 | 000,028,692 | ---- | M] () -- \Program Files\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ico.dll
[2010.03.06 10:24:56 | 000,034,496 | ---- | M] () -- \Program Files\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-jpeg.dll
[2010.03.06 10:24:56 | 000,022,435 | ---- | M] () -- \Program Files\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pcx.dll
[2010.03.06 10:24:56 | 000,036,528 | ---- | M] () -- \Program Files\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-png.dll
[2010.03.06 10:24:56 | 000,026,252 | ---- | M] () -- \Program Files\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pnm.dll
[2010.03.06 10:24:56 | 000,020,063 | ---- | M] () -- \Program Files\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ras.dll
[2010.03.06 10:24:56 | 000,024,412 | ---- | M] () -- \Program Files\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tga.dll
[2010.03.06 10:24:56 | 000,029,401 | ---- | M] () -- \Program Files\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tiff.dll
[2010.03.06 10:24:56 | 000,019,399 | ---- | M] () -- \Program Files\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-wbmp.dll
[2010.03.06 10:24:56 | 000,025,270 | ---- | M] () -- \Program Files\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xbm.dll
[2010.03.06 10:24:56 | 000,042,114 | ---- | M] () -- \Program Files\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xpm.dll
[2010.03.06 10:24:56 | 000,018,909 | ---- | M] () -- \Program Files\Inkscape\lib\gtk-2.0\2.10.0\loaders\svg_loader.dll
[2010.08.16 11:41:40 | 000,032,958 | ---- | M] () -- \Program Files\Inkscape\python\Lib\site-packages\sk1libs\filters\import\ailoader.py
[2010.08.16 11:41:40 | 000,001,847 | ---- | M] () -- \Program Files\Inkscape\python\Lib\site-packages\sk1libs\filters\import\bziploader.py
[2010.08.16 11:41:40 | 000,057,685 | ---- | M] () -- \Program Files\Inkscape\python\Lib\site-packages\sk1libs\filters\import\ccxloader.py
[2010.08.16 11:41:40 | 000,029,336 | ---- | M] () -- \Program Files\Inkscape\python\Lib\site-packages\sk1libs\filters\import\cdrloader.py
[2010.08.16 11:41:40 | 000,001,341 | ---- | M] () -- \Program Files\Inkscape\python\Lib\site-packages\sk1libs\filters\import\cdrziploader.py
[2010.08.16 11:41:40 | 000,028,643 | ---- | M] () -- \Program Files\Inkscape\python\Lib\site-packages\sk1libs\filters\import\cgmloader.py
[2010.08.16 11:41:40 | 000,055,918 | ---- | M] () -- \Program Files\Inkscape\python\Lib\site-packages\sk1libs\filters\import\cmxloader.py
[2010.08.16 11:41:40 | 000,038,308 | ---- | M] () -- \Program Files\Inkscape\python\Lib\site-packages\sk1libs\filters\import\dxfloader.py
[2010.08.16 11:41:40 | 000,001,949 | ---- | M] () -- \Program Files\Inkscape\python\Lib\site-packages\sk1libs\filters\import\gziploader.py
[2010.08.16 11:41:40 | 000,007,779 | ---- | M] () -- \Program Files\Inkscape\python\Lib\site-packages\sk1libs\filters\import\pltloader.py
[2010.08.16 11:41:40 | 000,017,301 | ---- | M] () -- \Program Files\Inkscape\python\Lib\site-packages\sk1libs\filters\import\sk1loader.py
[2010.08.16 11:41:40 | 000,015,416 | ---- | M] () -- \Program Files\Inkscape\python\Lib\site-packages\sk1libs\filters\import\skloader.py
[2010.08.16 11:41:40 | 000,015,832 | ---- | M] () -- \Program Files\Inkscape\python\Lib\site-packages\sk1libs\filters\import\stitchloader.py
[2010.08.16 11:41:40 | 000,038,937 | ---- | M] () -- \Program Files\Inkscape\python\Lib\site-packages\sk1libs\filters\import\svgloader.py
[2010.08.16 11:41:40 | 000,014,300 | ---- | M] () -- \Program Files\Inkscape\python\Lib\site-packages\sk1libs\filters\import\wmfloader.py
[2010.08.16 11:41:40 | 000,017,550 | ---- | M] () -- \Program Files\Inkscape\python\Lib\site-packages\sk1libs\filters\import\xfigloader.py
[2001.05.08 04:43:30 | 000,010,617 | ---- | M] () -- \Program Files\Microsoft Games\Train Simulator\ROUTES\Breclav - Praha\SHAPES\US2Loader.s
[2006.10.09 14:36:55 | 000,001,286 | ---- | M] () -- \Program Files\Microsoft Games\Train Simulator\ROUTES\Breclav - Praha\SHAPES\US2Loader.sd
[2001.05.08 03:45:08 | 000,175,082 | ---- | M] () -- \Program Files\Microsoft Games\Train Simulator\ROUTES\Breclav - Praha\TEXTURES\US2Loader.ace
[2001.05.08 03:46:12 | 000,175,082 | ---- | M] () -- \Program Files\Microsoft Games\Train Simulator\ROUTES\Breclav - Praha\TEXTURES\Snow\US2Loader.ace
[2001.05.08 03:43:30 | 000,010,617 | ---- | M] () -- \Program Files\Microsoft Games\Train Simulator\ROUTES\USA2\Shapes\US2Loader.s
[2001.05.08 03:43:30 | 000,001,286 | ---- | M] () -- \Program Files\Microsoft Games\Train Simulator\ROUTES\USA2\Shapes\US2Loader.sd
[2001.05.08 03:43:32 | 000,016,734 | ---- | M] () -- \Program Files\Microsoft Games\Train Simulator\ROUTES\USA2\Shapes\US2Loader1.s
[2001.05.08 03:45:08 | 000,175,082 | ---- | M] () -- \Program Files\Microsoft Games\Train Simulator\ROUTES\USA2\Textures\US2Loader.ace
[2001.05.08 03:45:08 | 000,175,082 | ---- | M] () -- \Program Files\Microsoft Games\Train Simulator\ROUTES\USA2\Textures\US2Loader1.ace
[2001.05.08 03:46:12 | 000,175,082 | ---- | M] () -- \Program Files\Microsoft Games\Train Simulator\ROUTES\USA2\Textures\Snow\US2Loader.ace
[2014.01.11 16:19:33 | 000,000,980 | ---- | M] () -- \Program Files\Outbreak\LoadErr.log
[2013.02.19 12:07:28 | 000,030,608 | ---- | M] () -- \Program Files\Seznam.cz\distribution\install\cz.seznam.software.libfoxloader-3.0.0-win32.zip
[2003.09.26 09:15:26 | 000,169,384 | ---- | M] () -- \Program Files\Valve\cstrike\models\qloader.mdl
[2003.09.26 15:19:52 | 000,352,548 | ---- | M] () -- \Program Files\Valve\valve\models\loader.mdl
[2003.09.26 15:24:16 | 000,012,764 | ---- | M] () -- \Program Files\Valve\valve\sound\ambience\loader_hydra1.wav
[2003.09.26 15:24:16 | 000,012,164 | ---- | M] () -- \Program Files\Valve\valve\sound\ambience\loader_step1.wav
[2013.12.18 18:25:28 | 003,244,032 | ---- | M] () -- \Users\Ali\AppData\Local\Programs\Google\Google+ Auto Backup\gpuploader_i18n.dll
[2013.12.18 18:19:08 | 000,000,702 | ---- | M] () -- \Users\Ali\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_advoptions.fen
[2013.12.18 18:19:08 | 000,000,790 | ---- | M] () -- \Users\Ali\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_debug.fen
[2013.12.18 18:19:08 | 000,000,723 | ---- | M] () -- \Users\Ali\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_download.fen
[2013.12.18 18:19:08 | 000,000,694 | ---- | M] () -- \Users\Ali\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_file_errors.fen
[2013.12.18 18:19:08 | 000,171,541 | ---- | M] () -- \Users\Ali\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_icons.psd
[2013.12.18 18:19:08 | 000,000,634 | ---- | M] () -- \Users\Ali\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_manage_devices.fen
[2013.12.18 18:19:08 | 000,002,283 | ---- | M] () -- \Users\Ali\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_onboard.fen
[2013.12.18 18:19:08 | 000,001,417 | ---- | M] () -- \Users\Ali\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_options.fen
[2013.12.18 18:19:08 | 000,002,109 | ---- | M] () -- \Users\Ali\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_prefs.fen
[2013.12.18 18:19:08 | 000,000,956 | ---- | M] () -- \Users\Ali\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_quota_error1.fen
[2013.12.18 18:19:08 | 000,001,080 | ---- | M] () -- \Users\Ali\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_quota_error2.fen
[2013.12.18 18:19:08 | 000,001,139 | ---- | M] () -- \Users\Ali\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_quota_error_estimate.fen
[2013.12.18 18:19:08 | 000,002,181 | ---- | M] () -- \Users\Ali\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_welcome.fen
[2013.12.22 10:25:48 | 000,071,894 | R--- | M] () -- \Users\Ali\AppData\Roaming\Microsoft\Installer\{D1D4D7EA-62B8-4665-9FF7-02A91B925CC9}\GPUploader.exe
[2014.04.29 14:10:33 | 000,000,723 | ---- | M] () -- \Users\Moody\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J7FVT2HW\downloaderror[1].js
[2014.04.29 14:10:33 | 000,001,174 | ---- | M] () -- \Users\Moody\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J7FVT2HW\downloader[1].js
[2014.01.06 11:52:30 | 003,244,032 | ---- | M] () -- \Users\Moody\AppData\Local\Programs\Google\Google+ Auto Backup\gpuploader_i18n.dll
[2014.01.06 11:47:04 | 000,000,702 | ---- | M] () -- \Users\Moody\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_advoptions.fen
[2014.01.06 11:47:04 | 000,000,790 | ---- | M] () -- \Users\Moody\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_debug.fen
[2014.01.06 11:47:04 | 000,000,723 | ---- | M] () -- \Users\Moody\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_download.fen
[2014.01.06 11:47:04 | 000,000,694 | ---- | M] () -- \Users\Moody\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_file_errors.fen
[2014.01.06 11:47:06 | 000,171,541 | ---- | M] () -- \Users\Moody\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_icons.psd
[2014.01.06 11:47:06 | 000,000,634 | ---- | M] () -- \Users\Moody\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_manage_devices.fen
[2014.01.06 11:47:06 | 000,002,283 | ---- | M] () -- \Users\Moody\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_onboard.fen
[2014.01.06 11:47:06 | 000,001,417 | ---- | M] () -- \Users\Moody\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_options.fen
[2014.01.06 11:47:06 | 000,002,109 | ---- | M] () -- \Users\Moody\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_prefs.fen
[2014.01.06 11:47:06 | 000,000,956 | ---- | M] () -- \Users\Moody\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_quota_error1.fen
[2014.01.06 11:47:06 | 000,001,080 | ---- | M] () -- \Users\Moody\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_quota_error2.fen
[2014.01.06 11:47:06 | 000,001,139 | ---- | M] () -- \Users\Moody\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_quota_error_estimate.fen
[2014.01.06 11:47:06 | 000,002,181 | ---- | M] () -- \Users\Moody\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_welcome.fen
[2014.01.11 00:28:06 | 000,135,595 | ---- | M] () -- \Users\Moody\AppData\Local\VirtualStore\Program Files\Outbreak\LoadErr.log
[2014.01.09 01:24:28 | 000,071,894 | R--- | M] () -- \Users\Moody\AppData\Roaming\Microsoft\Installer\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}\GPUploader.exe
[2014.01.01 13:05:20 | 000,071,894 | R--- | M] () -- \Users\Moody\AppData\Roaming\Microsoft\Installer\{D4C4A751-F7F3-4DCA-B825-9AC391BFFC3F}\GPUploader.exe
[2013.10.09 12:08:14 | 000,000,165 | ---- | M] () -- \Users\Moody\AppData\Roaming\Seznam.cz\conf\szndesktop.d\libfoxloader.conf
[2013.02.19 12:07:28 | 000,030,608 | ---- | M] () -- \Users\Moody\AppData\Roaming\Seznam.cz\install\cz.seznam.software.libfoxloader-3.0.0-win32.zip
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2014.01.29 04:11:28 | 000,012,532 | ---- | M] () -- \Windows\System32\Adobe\Shockwave 12\shockwave_Projector_Loader.dcr
[2009.07.14 06:54:01 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2013.11.04 23:23:50 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2013.11.04 23:23:51 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winload.exe.mui_3bc5b827
[2013.11.04 23:23:51 | 000,030,272 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winresume.exe.mui_ff8b5358
[2010.11.21 02:38:44 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4.manifest
[2010.11.21 02:38:44 | 000,033,344 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4_winload.exe.mui_3bc5b827
[2010.11.21 02:38:44 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4_winresume.exe.mui_ff8b5358
[2010.11.20 23:31:02 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2010.11.20 23:31:02 | 000,508,904 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winload.exe_75835076
[2010.11.20 23:31:02 | 000,442,720 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winresume.exe_85cd1215
[2009.07.14 04:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 04:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2009.07.13 19:54:50 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2010.11.21 02:37:59 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4.manifest
[2010.11.20 23:23:54 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2009.07.14 03:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 07:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >
[2013.11.05 17:52:12 | 000,000,135 | ---- | M] () -- \Windows\AutoKMS.ini

< *activator* /s >

< *serial* /s >
[2010.10.09 00:01:12 | 000,060,928 | ---- | M] () -- \Program Files\LG Electronics\LG PC Suite IV\libSerialPort.dll
[2013.10.07 16:33:20 | 000,000,656 | ---- | M] () -- \Program Files\Mafia\Tables\MENU\multiset_serial.mnu
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.04 18:53:40 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2009.09.18 18:48:22 | 000,267,776 | ---- | M] () -- \Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMC.BaseServices.XmlSerializers.dll
[2013.01.31 10:34:54 | 000,366,912 | ---- | M] () -- \ProgramData\ESTsoft\ALAuth\AuthSerialReg.exe
[2013.01.31 10:34:54 | 000,481,600 | ---- | M] () -- \ProgramData\ESTsoft\ALZip\AuthSerialTrl.dll
[2013.01.31 10:34:54 | 000,366,912 | ---- | M] () -- \Users\All Users\ESTsoft\ALAuth\AuthSerialReg.exe
[2013.01.31 10:34:54 | 000,481,600 | ---- | M] () -- \Users\All Users\ESTsoft\ALZip\AuthSerialTrl.dll
[2014.04.12 15:22:44 | 000,003,072 | ---- | M] () -- \Users\Moody\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.serialzone.cz_0.localstorage
[2014.04.12 15:22:44 | 000,003,608 | ---- | M] () -- \Users\Moody\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.serialzone.cz_0.localstorage-journal
[2014.04.02 17:17:51 | 000,022,528 | ---- | M] () -- \Users\Moody\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.sledujuserialy.cz_0.localstorage
[2014.04.02 17:17:51 | 000,003,608 | ---- | M] () -- \Users\Moody\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.sledujuserialy.cz_0.localstorage-journal
[2014.05.03 23:56:01 | 000,000,164 | ---- | M] () -- \Users\Moody\AppData\Local\Google\Picasa2\cache\cacheindex_serial.pmp
[2013.10.09 12:30:20 | 000,012,429 | ---- | M] () -- \Users\Moody\AppData\Roaming\uTorrent\Acronis Disk Director Suite 10.0.2239.keygen+serials.torrent
[2009.06.10 15:14:16 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.08 11:38:48 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.09.20 00:23:20 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\d462f459c4353e2c628e6def1430aed7\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.09.20 00:27:15 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\e043ad64456256a8ee5b934e227d9782\System.Runtime.Serialization.ni.dll
[2013.10.27 21:24:38 | 000,304,640 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\873837befa260d32cd0b3ce811b96efb\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.10.27 21:24:38 | 000,000,580 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\873837befa260d32cd0b3ce811b96efb\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2013.10.27 21:24:00 | 002,785,280 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\293cfe2c05a8ee921726927fd00ea81c\System.Runtime.Serialization.ni.dll
[2013.10.27 21:24:00 | 000,001,308 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\293cfe2c05a8ee921726927fd00ea81c\System.Runtime.Serialization.ni.dll.aux
[2013.10.28 16:07:01 | 000,026,624 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\15ecbb8a1ddca366bda70718005521a1\System.Xml.Serialization.ni.dll
[2013.10.28 16:07:01 | 000,000,376 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\15ecbb8a1ddca366bda70718005521a1\System.Xml.Serialization.ni.dll.aux
[2013.12.12 20:34:18 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.07.09 01:40:10 | 000,132,656 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2012.07.09 01:40:08 | 000,022,024 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Json\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Json.dll
[2012.07.09 01:40:08 | 000,022,048 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Primitives\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Primitives.dll
[2013.12.12 20:34:16 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2012.07.09 01:40:08 | 000,022,016 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Xml\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Xml.dll
[2012.07.09 01:40:08 | 001,050,096 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2012.07.09 01:40:08 | 000,036,320 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2012.07.09 01:40:08 | 000,022,496 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.XmlSerializer\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Xml.XmlSerializer.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.04 18:53:34 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.10.05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2012.07.09 01:40:08 | 001,050,096 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2012.07.09 01:40:10 | 000,132,656 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2012.07.09 01:40:08 | 000,022,024 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Json.dll
[2012.07.09 01:40:08 | 000,022,048 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2012.07.09 01:40:08 | 000,022,016 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2012.07.09 01:40:08 | 000,036,320 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2012.07.09 01:40:08 | 000,022,496 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.XmlSerializer.dll
[2010.06.15 03:33:16 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 03:33:16 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2009.07.13 19:38:14 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 01:45:33 | 000,083,456 | ---- | M] () -- \Windows\System32\drivers\serial.sys
[2009.07.13 19:39:44 | 000,009,728 | ---- | M] () -- \Windows\System32\drivers\cs-CZ\serial.sys.mui
[2010.11.21 02:38:29 | 000,010,240 | ---- | M] () -- \Windows\System32\drivers\en-US\serial.sys.mui
[2009.07.14 00:13:45 | 001,068,032 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\mdmmotsm.inf_x86_neutral_c1415d9789c54b89\smserial.sys
[2009.07.14 01:45:33 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_x86_neutral_c1a802e06677f73f\serial.sys
[2009.07.14 00:09:18 | 000,031,232 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_x86_neutral_63e72c669d043f14\grserial.sys
[2010.11.21 02:38:24 | 000,005,120 | ---- | M] () -- \Windows\System32\en-US\serialui.dll.mui
[2009.07.14 04:18:03 | 000,002,762 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486.manifest
[2009.07.14 04:18:03 | 000,015,952 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486_kdcom.dll_db5e7744
[2013.11.04 23:23:17 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2010.11.21 02:38:44 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_en-us_919783112bf8b64b_serialui.dll.mui_7d29d2a3
[2009.07.14 04:18:51 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2010.11.20 23:24:56 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2012.10.05 19:15:39 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285.manifest
[2012.10.05 19:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d.manifest
[2009.07.13 19:54:22 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2010.11.21 02:38:09 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_en-us_8f71d563bf7aa3c2.manifest
[2012.10.05 19:12:04 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_en-us_8f4bb639bfcd9db1.manifest
[2012.10.05 19:12:20 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_en-us_787a117bd97892a9.manifest
[2010.11.20 23:24:56 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2012.10.05 19:15:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8.manifest
[2012.10.05 19:17:15 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0.manifest
[2009.07.14 03:49:26 | 000,002,762 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486.manifest
[2009.07.14 03:45:27 | 000,000,866 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_2c93290b67c98d09.manifest
[2010.11.20 23:24:56 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2012.10.05 19:19:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa.manifest
[2012.10.05 19:22:10 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2.manifest
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.10 15:14:16 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.20 23:29:48 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2012.10.05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285\System.Runtime.Serialization.dll
[2012.10.05 12:56:07 | 000,970,752 | ---- | M] () --

\Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d\System.Runtime.Serialization.dll
[2009.06.08 11:38:48 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2010.11.20 23:29:48 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8\System.Runtime.Serialization.dll
[2012.10.05 12:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0\System.Runtime.Serialization.dll
[2009.07.14 00:13:45 | 001,068,032 | ---- | M] () -- \Windows\winsxs\x86_mdmmotsm.inf_31bf3856ad364e35_6.1.7600.16385_none_7a97936f8a972896\smserial.sys
[2010.11.04 18:53:34 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_c233d4df09982c29\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.07.13 19:38:14 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2010.11.21 02:38:24 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_en-us_919783112bf8b64b\serialui.dll.mui
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2010.11.04 18:53:40 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2009.07.13 19:39:44 | 000,009,728 | ---- | M] () -- \Windows\winsxs\x86_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_c48c78a9ad8ff996\serial.sys.mui
[2010.11.21 02:38:29 | 000,010,240 | ---- | M] () -- \Windows\winsxs\x86_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_en-us_07e2c405948a55f4\serial.sys.mui
[2009.07.14 01:45:33 | 000,083,456 | ---- | M] () -- \Windows\winsxs\x86_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_f86e06d519b1d9a4\serial.sys
[2009.07.14 00:09:18 | 000,031,232 | ---- | M] () -- \Windows\winsxs\x86_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_7280378295916274\grserial.sys
[2010.11.20 23:29:48 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa\System.Runtime.Serialization.dll
[2012.10.05 12:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2\System.Runtime.Serialization.dll

< *w7lxe* /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 198 bytes -> C:\ProgramData\TEMP:07BB519E
@Alternate Data Stream - 181 bytes -> C:\ProgramData\TEMP:D78D6FF7
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:B755D674

< End of report >

OTL Extras logfile created on: 4.5.2014 8:33:45 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Moody\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Czech Republic | Language: CSY | Date Format: d.M.yyyy

1,99 Gb Total Physical Memory | 0,47 Gb Available Physical Memory | 23,56% Memory free
3,98 Gb Paging File | 2,00 Gb Available in Paging File | 50,27% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 78,58 Gb Total Space | 13,81 Gb Free Space | 17,57% Space Free | Partition Type: NTFS
Drive D: | 5,85 Gb Total Space | 0,92 Gb Free Space | 15,76% Space Free | Partition Type: FAT32

Computer Name: MOODY-PC | User Name: Moody | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-4195469608-1116802251-820429967-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{019085BA-C5A2-4874-B6EC-B554CEA4752B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{22DE6C3B-EE42-4030-A010-5C41296EF3F8}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2B54CB72-C265-44EC-94B3-4D1BCDC01613}" = rport=137 | protocol=17 | dir=out | app=system |
"{2FCF8F4B-DBF0-4229-B037-83892EF4CA09}" = lport=445 | protocol=6 | dir=in | app=system |
"{380EB263-C64A-42AB-BDD3-B309E360C978}" = lport=139 | protocol=6 | dir=in | app=system |
"{5168FB71-61D8-4459-8A53-1B10BBB64212}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{59B64622-453C-43D6-AE84-46316B132513}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{61CD1C2E-F457-43C9-A53A-46805844180B}" = rport=138 | protocol=17 | dir=out | app=system |
"{67050A87-F64F-4D87-A9DF-61C3000E2602}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{69931A36-548D-483C-AC42-4A5B1582849E}" = rport=139 | protocol=6 | dir=out | app=system |
"{79CD60F0-8A25-4AD7-B417-38DD133E78BA}" = rport=445 | protocol=6 | dir=out | app=system |
"{91B94D2B-8BEA-429A-8695-0120A613BC35}" = lport=2869 | protocol=6 | dir=in | app=system |
"{946BFA51-582B-4869-8230-A643286C5A68}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{9DAB6433-4D40-4610-9AC0-D688572B8F34}" = lport=10243 | protocol=6 | dir=in | app=system |
"{ABAC42A4-D513-49DD-BBFA-1FDA41FD6DB8}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AC6B4627-9E17-48CA-81FD-AB1E34C007F7}" = lport=138 | protocol=17 | dir=in | app=system |
"{B9C6A390-0790-4083-9943-F2A45C5296BD}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CC0E8893-9F21-4845-AF4A-FD29CECE0D2B}" = rport=10243 | protocol=6 | dir=out | app=system |
"{CE1927CB-84C6-44EE-A5D4-8D84C7DBC82C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DFC7D62F-50CF-489A-9E03-1A2B7406D35B}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{E60735BB-6174-4C35-B854-62DCCB622707}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{E92DE75E-203F-4A6D-B132-5BB625E8D5A8}" = lport=137 | protocol=17 | dir=in | app=system |
"{F621AE05-A3F1-4346-B748-F3D7A96210CE}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{FBF7A6A0-18F1-4A70-B2F4-E2FEA445608A}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0C5A7C66-1743-4E87-935B-98B25269302B}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{1C8061B7-8518-40FE-BE80-E7D2CB786A87}" = protocol=6 | dir=out | app=system |
"{21636FF2-AB1F-400A-AAD1-C57C93A2C309}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{2A1E248B-BB52-432D-95A1-5E8A84E14F71}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version9\teamviewer_service.exe |
"{2B51F56C-B6FF-4F36-A0FF-3E9CC7616E48}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{574E0A02-CB67-4E58-B3DA-83AFE82B9F03}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version9\teamviewer_service.exe |
"{6C19394D-013D-444E-B52E-C742BBD1BBF6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{75E65243-2BC2-476F-A44E-96CBCD4A09AB}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{7AF1C381-9CE9-4AF7-BD2C-82C3630EC985}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version9\teamviewer.exe |
"{85DA02FC-AC52-4210-B6F7-092A531871F3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8A605C52-B28E-4697-B963-15F268928050}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{8F798013-D569-4469-95FE-62A296407B9B}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{92F3C845-1398-4AA1-A090-70FF212797D3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9910386A-820D-43D4-B4A1-FF56A70D8A11}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{9AE066EA-240E-4A9F-AB40-2CA39E73DA83}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version9\teamviewer.exe |
"{AAB5CDEB-CD9F-4CC1-869B-D4AED7ADB0F2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B4F74BF2-23CF-499C-BCA5-2F0AABCEB831}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BFFDE49C-6F7E-4F49-BFB4-E536B1E94FCF}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{CB31870A-9C84-4581-99A2-E2FDD4DF3D7A}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{D16938E2-3654-4EC2-9867-434CCE06B2D9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D1789AAC-1152-4DBF-825A-FF49B378C60C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D24E7B7C-D939-4306-83BD-05C17B4FC600}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{E138E660-EC4E-457A-91FE-5258648EF9DB}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{EED2EB8E-6A7D-449F-A1EF-74D56AEFF131}" = dir=in | app=c:\users\moody\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{F2CF010E-2EDD-4F1E-837C-FA2E9B606F47}" = protocol=6 | dir=in | app=c:\program files\valve\hl.exe |
"{F5567606-ADA3-49F7-A345-4041183B1A9F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{FE9D2B9C-F326-439E-9170-2F4A7B8315F3}" = protocol=17 | dir=in | app=c:\program files\valve\hl.exe |
"TCP Query User{1FB48CA6-A916-420C-9F97-5BE6C5572AF6}C:\program files\outbreak\outbreak.exe" = protocol=6 | dir=in | app=c:\program files\outbreak\outbreak.exe |
"TCP Query User{2063483A-5B75-4A6A-937E-89A4D7D9505E}C:\users\moody\documents\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\users\moody\documents\warcraft iii\war3.exe |
"TCP Query User{2288FB2D-B828-4A8A-A799-FB83C764DB5B}C:\program files\openttd\openttd.exe" = protocol=6 | dir=in | app=c:\program files\openttd\openttd.exe |
"TCP Query User{25AADD45-1AA9-494C-A39C-A05A54BE4C6F}C:\program files\valve\hl.exe" = protocol=6 | dir=in | app=c:\program files\valve\hl.exe |
"TCP Query User{A43A4180-36ED-4AC8-A8A9-46B2CEE08265}C:\program files\trillian\plugins\skypekit.exe" = protocol=6 | dir=in | app=c:\program files\trillian\plugins\skypekit.exe |
"TCP Query User{A5A5B303-7325-4EAD-84D5-6B84C0B4CE8A}C:\users\moody\documents\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\users\moody\documents\warcraft iii\war3.exe |
"TCP Query User{DF3D15C9-29F6-40B6-B62F-2D388864F087}C:\users\moody\appdata\roaming\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\users\moody\appdata\roaming\utorrent\utorrent.exe |
"TCP Query User{ECAFC494-9877-42AE-B016-A19ED87D7178}C:\program files\smartcam\smartcam.exe" = protocol=6 | dir=in | app=c:\program files\smartcam\smartcam.exe |
"TCP Query User{F50AFC7A-38DD-47C2-A73B-CF60BA2DB4B8}C:\users\moody\appdata\roaming\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\users\moody\appdata\roaming\utorrent\utorrent.exe |
"UDP Query User{00184B8D-8BBE-4A35-B09B-A3DF71AE5CEC}C:\users\moody\appdata\roaming\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\users\moody\appdata\roaming\utorrent\utorrent.exe |
"UDP Query User{070A39C1-FCEA-4A95-B86D-BAB85B0C31BC}C:\users\moody\documents\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\users\moody\documents\warcraft iii\war3.exe |
"UDP Query User{4C90060C-87C1-43EA-A6FE-6D713A20DB6F}C:\users\moody\appdata\roaming\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\users\moody\appdata\roaming\utorrent\utorrent.exe |
"UDP Query User{546F608E-AEDA-4F56-BC5C-1C5192335917}C:\program files\openttd\openttd.exe" = protocol=17 | dir=in | app=c:\program files\openttd\openttd.exe |
"UDP Query User{6224AE32-F968-4F3F-86EE-756678FCB127}C:\users\moody\documents\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\users\moody\documents\warcraft iii\war3.exe |
"UDP Query User{97C40FF6-42E0-42E6-9A92-7325DA52EBEF}C:\program files\smartcam\smartcam.exe" = protocol=17 | dir=in | app=c:\program files\smartcam\smartcam.exe |
"UDP Query User{BF4635E0-3B46-4B4A-A060-385DA51602FE}C:\program files\valve\hl.exe" = protocol=17 | dir=in | app=c:\program files\valve\hl.exe |
"UDP Query User{C2E5939C-4C6B-4A90-B163-018B7E3EF611}C:\program files\trillian\plugins\skypekit.exe" = protocol=17 | dir=in | app=c:\program files\trillian\plugins\skypekit.exe |
"UDP Query User{E8E6DF0F-6689-4E62-B6E3-763D32A52708}C:\program files\outbreak\outbreak.exe" = protocol=17 | dir=in | app=c:\program files\outbreak\outbreak.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00DD2CD7-5242-42F5-9C3A-7CA942DFB653}" = Bontia Studio 4.6
"{13B792AA-C078-43A4-8A3A-8B12D629940D}" = Counter-Strike 1.6
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{26A24AE4-039D-4CA4-87B4-2F83217045FF}" = Java 7 Update 45
"{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}" = LG United Mobile Driver
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{52E225FC-FCB4-41F7-837B-6E37FB05BD7B}" = Adobe AIR
"{587A2120-41D3-11DB-3D6C-00E19E4D4AE1}" = MSTS Patch 1.7.00819
"{59D268DF-CCA9-44C5-8F96-2E51BB34C829}" = Microsoft Security Client
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{6C8D0421-2896-45E0-AFDA-960BC2E2E2EF}" = Sound Blaster Play!
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}" = Facebook Video Calling 2.0.0.447
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{96B51C0B-D3BE-4DF3-959C-28B22C10CFBB}" = Vodafone Mobile Connect Lite
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9F612429-4A00-3D44-88CF-146DA2EE1F92}" = Microsoft .NET Framework 4.5
"{A50DE037-B5C0-4C8A-8049-B0C576B313D1}" = Google+ Auto Backup
"{A80CEA4E-74C1-4F9F-806B-E1D9AFC01768}" = inSSIDer 3
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.06) - Czech
"{AC7EE5F1-0DE4-4256-8E43-92B73C8E6019}" = LG Bluetooth Drivers
"{BE1826A9-7EEE-492A-B3BC-DEF3DFAE37EE}" = TIPCI
"{D1D4D7EA-62B8-4665-9FF7-02A91B925CC9}" = Google+ Auto Backup
"{E15BC10F-04AA-0AFD-A6C9-476730195F8B}" = Adobe Download Assistant
"AceIt_is1" = AceIt v1.3.1
"ActivityChanger 1.5" = ActivityChanger 1.5
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 13 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 13 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"ALchemy" = Creative ALchemy
"ALUpdate_is1" = ALTools Update
"ALZip_is1" = ALZip 8.51
"A-PDF Page Cut_is1" = A-PDF Page Cut
"CCleaner" = CCleaner
"Codename: Outbreak" = Codename: Outbreak
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"ConBuilder" = ConBuilder
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"EAX Unified" = EAX Unified
"ESET Online Scanner" = ESET Online Scanner v3
"Google Chrome" = Google Chrome
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"Inkscape" = Inkscape 0.48.4
"InstallShield_{BE1826A9-7EEE-492A-B3BC-DEF3DFAE37EE}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"LG PC Suite IV" = LG PC Suite IV
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft Security Client" = Microsoft Security Essentials
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"OpenTTD" = OpenTTD 1.3.2
"Picasa 3" = Picasa 3
"Razer Game Booster_is1" = Razer Game Booster
"Recuva" = Recuva
"SysInfo" = Creative System Information
"TeamViewer 9" = TeamViewer 9
"Tra Bratislava-Brno-Praha pro MSTS_is1" = Tra Bratislava-Brno-Praha pro MSTS verze BP81-T7-02.04.2008
"Train Simulator 1.0" = Microsoft Train Simulator
"Train Store V3.2" = Train Store V3.2
"Trillian" = Trillian
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player 2.1.0

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 3.5.2014 17:28:40 | Computer Name = Moody-PC | Source = Application Error | ID = 1005
Description = Systém Windows nemuže získat prístup k souboru C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-4195469608-1116802251-820429967-1000.db
z jednoho z techto duvodu: došlo k problému s pripojením k síti, s diskem, na kterém
je soubor uložen, nebo s ovladaci ukládání nainstalovanými v tomto pocítaci; nebo
disk chybí. Systém Windows kvuli této chybe ukoncil program Host Process for Windows
Services. Program: Host Process for Windows Services Soubor: C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-4195469608-1116802251-820429967-1000.db

Hodnota
chyby je uvedena v cásti Další údaje. Akce uživatele 1. Otevrete soubor znovu. Muže
se jednat o docasný problém, který se pri novém spuštení programu nebude opakovat.
2.
Pokud
k souboru stále nelze získat prístup a: - Nachází se v síti, mel by správce síte
overit, zda nedošlo k problému se sítí a zda lze server kontaktovat. - Je na vymenitelném
disku (napríklad diskete nebo disku CD-ROM), overte, zda je disk správne vložen
do pocítace. 3. Zkontrolujte a opravte systém souboru pomocí nástroje CHKDSK. Ten
lze spustit tak, že kliknete na tlacítko Start a príkaz Spustit, zadáte príkaz
CMD a kliknete na tlacítko OK. Do príkazového rádku zadejte príkaz CHKDSK /F a stisknete
klávesu ENTER. 4. Pokud potíže potrvají, obnovte soubor ze záložní kopie. 5. Zjistete,
zda lze otevrít jiné soubory na stejném disku. Pokud ne, muže být disk poškozen.
Jedná-li se o pevný disk, obratte se na správce nebo na dodavatele pocítacového
hardwaru se žádostí o pomoc. Další údaje Hodnota chyby: C000009C Typ disku: 3

Error - 3.5.2014 18:26:15 | Computer Name = Moody-PC | Source = VMCService | ID = 0
Description = conflictManagerTypeValue

Error - 3.5.2014 18:27:17 | Computer Name = Moody-PC | Source = WinMgmt | ID = 10
Description =

Error - 3.5.2014 19:08:33 | Computer Name = Moody-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: svchost.exe_SysMain, verze: 6.1.7600.16385,
casové razítko: 0x4a5bc100 Název chybujícího modulu: sysmain.dll, verze: 6.1.7601.17514,
casové razítko: 0x4ce7ba10 Kód výjimky: 0xc0000006 Posun chyby: 0x0001815d ID chybujícího
procesu: 0x420 Cas spuštení chybující aplikace: 0x01cf671eafa300db Cesta k chybující
aplikaci: C:\Windows\System32\svchost.exe Cesta k chybujícímu modulu: c:\windows\system32\sysmain.dll
ID
zprávy: d8cb558d-d317-11e3-bbd5-001d721584c0

Error - 3.5.2014 19:08:33 | Computer Name = Moody-PC | Source = Application Error | ID = 1005
Description = Systém Windows nemuže získat prístup k souboru C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-4195469608-1116802251-820429967-1000.db
z jednoho z techto duvodu: došlo k problému s pripojením k síti, s diskem, na kterém
je soubor uložen, nebo s ovladaci ukládání nainstalovanými v tomto pocítaci; nebo
disk chybí. Systém Windows kvuli této chybe ukoncil program Host Process for Windows
Services. Program: Host Process for Windows Services Soubor: C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-4195469608-1116802251-820429967-1000.db

Hodnota
chyby je uvedena v cásti Další údaje. Akce uživatele 1. Otevrete soubor znovu. Muže
se jednat o docasný problém, který se pri novém spuštení programu nebude opakovat.
2.
Pokud
k souboru stále nelze získat prístup a: - Nachází se v síti, mel by správce síte
overit, zda nedošlo k problému se sítí a zda lze server kontaktovat. - Je na vymenitelném
disku (napríklad diskete nebo disku CD-ROM), overte, zda je disk správne vložen
do pocítace. 3. Zkontrolujte a opravte systém souboru pomocí nástroje CHKDSK. Ten
lze spustit tak, že kliknete na tlacítko Start a príkaz Spustit, zadáte príkaz
CMD a kliknete na tlacítko OK. Do príkazového rádku zadejte príkaz CHKDSK /F a stisknete
klávesu ENTER. 4. Pokud potíže potrvají, obnovte soubor ze záložní kopie. 5. Zjistete,
zda lze otevrít jiné soubory na stejném disku. Pokud ne, muže být disk poškozen.
Jedná-li se o pevný disk, obratte se na správce nebo na dodavatele pocítacového
hardwaru se žádostí o pomoc. Další údaje Hodnota chyby: C000009C Typ disku: 3

Error - 4.5.2014 1:38:55 | Computer Name = Moody-PC | Source = VMCService | ID = 0
Description = conflictManagerTypeValue

Error - 4.5.2014 1:40:04 | Computer Name = Moody-PC | Source = WinMgmt | ID = 10
Description =

Error - 4.5.2014 2:23:04 | Computer Name = Moody-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: svchost.exe_SysMain, verze: 6.1.7600.16385,
casové razítko: 0x4a5bc100 Název chybujícího modulu: sysmain.dll, verze: 6.1.7601.17514,
casové razítko: 0x4ce7ba10 Kód výjimky: 0xc0000006 Posun chyby: 0x0001815d ID chybujícího
procesu: 0x418 Cas spuštení chybující aplikace: 0x01cf675b20baf098 Cesta k chybující
aplikaci: C:\Windows\System32\svchost.exe Cesta k chybujícímu modulu: c:\windows\system32\sysmain.dll
ID
zprávy: 8c09ec8a-d354-11e3-bbe5-001d721584c0

Error - 4.5.2014 2:23:04 | Computer Name = Moody-PC | Source = Application Error | ID = 1005
Description = Systém Windows nemuže získat prístup k souboru C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-4195469608-1116802251-820429967-1000.db
z jednoho z techto duvodu: došlo k problému s pripojením k síti, s diskem, na kterém
je soubor uložen, nebo s ovladaci ukládání nainstalovanými v tomto pocítaci; nebo
disk chybí. Systém Windows kvuli této chybe ukoncil program Host Process for Windows
Services. Program: Host Process for Windows Services Soubor: C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-4195469608-1116802251-820429967-1000.db

Hodnota
chyby je uvedena v cásti Další údaje. Akce uživatele 1. Otevrete soubor znovu. Muže
se jednat o docasný problém, který se pri novém spuštení programu nebude opakovat.
2.
Pokud
k souboru stále nelze získat prístup a: - Nachází se v síti, mel by správce síte
overit, zda nedošlo k problému se sítí a zda lze server kontaktovat. - Je na vymenitelném
disku (napríklad diskete nebo disku CD-ROM), overte, zda je disk správne vložen
do pocítace. 3. Zkontrolujte a opravte systém souboru pomocí nástroje CHKDSK. Ten
lze spustit tak, že kliknete na tlacítko Start a príkaz Spustit, zadáte príkaz
CMD a kliknete na tlacítko OK. Do príkazového rádku zadejte príkaz CHKDSK /F a stisknete
klávesu ENTER. 4. Pokud potíže potrvají, obnovte soubor ze záložní kopie. 5. Zjistete,
zda lze otevrít jiné soubory na stejném disku. Pokud ne, muže být disk poškozen.
Jedná-li se o pevný disk, obratte se na správce nebo na dodavatele pocítacového
hardwaru se žádostí o pomoc. Další údaje Hodnota chyby: C000009C Typ disku: 3

Error - 4.5.2014 3:55:10 | Computer Name = Moody-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: svchost.exe_SysMain, verze: 6.1.7600.16385,
casové razítko: 0x4a5bc100 Název chybujícího modulu: sysmain.dll, verze: 6.1.7601.17514,
casové razítko: 0x4ce7ba10 Kód výjimky: 0xc0000006 Posun chyby: 0x0001815d ID chybujícího
procesu: 0x7b0 Cas spuštení chybující aplikace: 0x01cf6761502d84ed Cesta k chybující
aplikaci: C:\Windows\System32\svchost.exe Cesta k chybujícímu modulu: c:\windows\system32\sysmain.dll
ID
zprávy: 69c0b308-d361-11e3-bbe5-001d721584c0

Error - 4.5.2014 3:55:10 | Computer Name = Moody-PC | Source = Application Error | ID = 1005
Description = Systém Windows nemuže získat prístup k souboru C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-4195469608-1116802251-820429967-1000.db
z jednoho z techto duvodu: došlo k problému s pripojením k síti, s diskem, na kterém
je soubor uložen, nebo s ovladaci ukládání nainstalovanými v tomto pocítaci; nebo
disk chybí. Systém Windows kvuli této chybe ukoncil program Host Process for Windows
Services. Program: Host Process for Windows Services Soubor: C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-4195469608-1116802251-820429967-1000.db

Hodnota
chyby je uvedena v cásti Další údaje. Akce uživatele 1. Otevrete soubor znovu. Muže
se jednat o docasný problém, který se pri novém spuštení programu nebude opakovat.
2.
Pokud
k souboru stále nelze získat prístup a: - Nachází se v síti, mel by správce síte
overit, zda nedošlo k problému se sítí a zda lze server kontaktovat. - Je na vymenitelném
disku (napríklad diskete nebo disku CD-ROM), overte, zda je disk správne vložen
do pocítace. 3. Zkontrolujte a opravte systém souboru pomocí nástroje CHKDSK. Ten
lze spustit tak, že kliknete na tlacítko Start a príkaz Spustit, zadáte príkaz
CMD a kliknete na tlacítko OK. Do príkazového rádku zadejte príkaz CHKDSK /F a stisknete
klávesu ENTER. 4. Pokud potíže potrvají, obnovte soubor ze záložní kopie. 5. Zjistete,
zda lze otevrít jiné soubory na stejném disku. Pokud ne, muže být disk poškozen.
Jedná-li se o pevný disk, obratte se na správce nebo na dodavatele pocítacového
hardwaru se žádostí o pomoc. Další údaje Hodnota chyby: C000009C Typ disku: 3

[ Media Center Events ]
Error - 2.1.2014 17:31:50 | Computer Name = Moody-PC | Source = MCUpdate | ID = 0
Description = 10:31:49 PM - Failed to retrieve Directory (Error: The operation has
timed out)

Error - 4.1.2014 6:39:41 | Computer Name = Moody-PC | Source = MCUpdate | ID = 0
Description = 11:39:29 AM - Error connecting to the internet. 11:39:29 AM - Unable
to contact server..

Error - 12.1.2014 5:22:30 | Computer Name = Moody-PC | Source = MCUpdate | ID = 0
Description = 10:22:29 AM - Error connecting to the internet. 10:22:29 AM - Unable
to contact server..

Error - 12.1.2014 6:22:42 | Computer Name = Moody-PC | Source = MCUpdate | ID = 0
Description = 11:22:40 AM - Error connecting to the internet. 11:22:40 AM - Unable
to contact server..

Error - 12.1.2014 7:22:59 | Computer Name = Moody-PC | Source = MCUpdate | ID = 0
Description = 12:22:58 PM - Error connecting to the internet. 12:22:58 PM - Unable
to contact server..

Error - 12.1.2014 8:23:33 | Computer Name = Moody-PC | Source = MCUpdate | ID = 0
Description = 1:23:32 PM - Error connecting to the internet. 1:23:32 PM - Unable
to contact server..

Error - 18.1.2014 9:35:59 | Computer Name = Moody-PC | Source = MCUpdate | ID = 0
Description = 2:35:58 PM - Error connecting to the internet. 2:35:58 PM - Unable
to contact server..

Error - 23.1.2014 17:43:46 | Computer Name = Moody-PC | Source = MCUpdate | ID = 0
Description = 10:43:45 PM - Error connecting to the internet. 10:43:45 PM - Unable
to contact server..

Error - 2.2.2014 5:57:39 | Computer Name = Moody-PC | Source = MCUpdate | ID = 0
Description = 10:57:38 AM - Error connecting to the internet. 10:57:38 AM - Unable
to contact server..

Error - 12.2.2014 4:11:08 | Computer Name = Moody-PC | Source = MCUpdate | ID = 0
Description = 9:11:05 AM - Error connecting to the internet. 9:11:06 AM - Unable
to contact server..

[ System Events ]
Error - 4.5.2014 3:55:05 | Computer Name = Moody-PC | Source = Disk | ID = 262151
Description = Zarízení \Device\Harddisk0\DR0 má chybný blok.

Error - 4.5.2014 3:55:20 | Computer Name = Moody-PC | Source = Service Control Manager | ID = 7031
Description = Služba Windows Audio Endpoint Builder byla necekane ukoncena. Stalo
se to 2 krát. Následující opravná akce bude spuštena za 120000 milisekund: Restart
the service.

Error - 4.5.2014 3:55:20 | Computer Name = Moody-PC | Source = Service Control Manager | ID = 7031
Description = Služba Offline Files byla necekane ukoncena. Stalo se to 2 krát. Následující
opravná akce bude spuštena za 300000 milisekund: Restart the service.

Error - 4.5.2014 3:55:20 | Computer Name = Moody-PC | Source = Service Control Manager | ID = 7031
Description = Služba Network Connections byla necekane ukoncena. Stalo se to 2 krát.
Následující opravná akce bude spuštena za 100 milisekund: Restart the service.

Error - 4.5.2014 3:55:20 | Computer Name = Moody-PC | Source = Service Control Manager | ID = 7031
Description = Služba Program Compatibility Assistant Service byla necekane ukoncena.
Stalo se to 2 krát. Následující opravná akce bude spuštena za 60000 milisekund:
Restart the service.

Error - 4.5.2014 3:55:20 | Computer Name = Moody-PC | Source = Service Control Manager | ID = 7031
Description = Služba Superfetch byla necekane ukoncena. Stalo se to 2 krát. Následující
opravná akce bude spuštena za 60000 milisekund: Restart the service.

Error - 4.5.2014 3:55:21 | Computer Name = Moody-PC | Source = Service Control Manager | ID = 7031
Description = Služba Distributed Link Tracking Client byla necekane ukoncena. Stalo
se to 2 krát. Následující opravná akce bude spuštena za 300000 milisekund: Restart
the service.

Error - 4.5.2014 3:55:21 | Computer Name = Moody-PC | Source = Service Control Manager | ID = 7031
Description = Služba Desktop Window Manager Session Manager byla necekane ukoncena.
Stalo se to 1 krát. Následující opravná akce bude spuštena za 120000 milisekund:
Restart the service.

Error - 4.5.2014 3:55:21 | Computer Name = Moody-PC | Source = Service Control Manager | ID = 7031
Description = Služba WLAN AutoConfig byla necekane ukoncena. Stalo se to 1 krát.
Následující opravná akce bude spuštena za 120000 milisekund: Restart the service.

Error - 4.5.2014 3:55:21 | Computer Name = Moody-PC | Source = Service Control Manager | ID = 7031
Description = Služba Windows Driver Foundation - User-mode Driver Framework byla
necekane ukoncena. Stalo se to 1 krát. Následující opravná akce bude spuštena za
120000 milisekund: Restart the service.


< End of report >

Jen se jeste zeptam, jak je to s legalitou systemu? Ultimate neni zrovna bezna domaci verze


Udelejte !!!kompletni!!! kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

Takhle jsem ten notebook koupil, tak předpokládám že by to mělo bejt ok? Onálepkováno mám a v tento počitač se taky hlasi jako legalni.

Tak scan skončil prej bez jakýchkoliv nálezů.

Vy jste editoval svuj prispevek? Puvodne tam byla jen prvni veta a pak uz se mi to neukazalo jako nova zprava, proto jste zapadl do zapomeni Ale pozorna kolegyne motji vas nasla

Je problem stale aktualni? Nebo uz je vyreseno?



31.5. http://forum.viry.cz/viewtopic.php?f=12&t=123975