VIRY.CZ

zdravim mam podezreni na vir ve svem pc nebo nejaky jinej neporadek. Jedna se o to ze nektera videa nejdou prehravam na internetu, pise to ze je u me chyba, ale ja na nic neprisel.
Dale se jedna o to ze kdyz zapnu pc a najede do winu nactou se ikony vse, tak jako by se zacne zasekavat a to trva asi 10 min pak to prestane. Explore ma 58 mb coz neni moc. Takze nevim v cem by to mohlo bejt
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:02-06-2014
Ran by Honzík (administrator) on HONZÍK-PC on 04-06-2014 20:11:51
Running from C:\Users\Honzík\Desktop
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(IVT Corporation) C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(IVT Corporation) C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
() C:\Program Files\Genius\Gila\mousehid.exe
(IVT Corporation) C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe
() C:\Program Files\Genius\Gila\trayicon.exe
(KYE) C:\Program Files\Genius\Imperator Pro\IMProHid.exe
(DT Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTLite.exe
(Spotify Ltd) C:\Users\Honzík\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Nullsoft) C:\Program Files\Winamp\winamp.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(OSD) C:\Program Files\Genius\Gila\OSD.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10807912 2011-08-09] (Realtek Semiconductor)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-10-12] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3888648 2014-05-26] (AVAST Software)
HKLM\...\Run: [Gila] => C:\Program Files\Genius\Gila\mousehid.exe [307712 2013-01-16] ()
HKLM\...\Run: [BtTray] => C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe [315478 2009-11-17] (IVT Corporation)
HKLM\...\Run: [Imperator pro] => C:\Program Files\Genius\Imperator Pro\IMProhid.exe [287232 2012-02-24] (KYE)
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [280576 2013-12-03] (Microsoft Corporation)
HKU\S-1-5-21-1434225337-3457470663-2483908841-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [357696 2010-04-01] (DT Soft Ltd)
HKU\S-1-5-21-1434225337-3457470663-2483908841-1000\...\Run: [Spotify Web Helper] => C:\Users\Honzík\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171000 2014-04-28] (Spotify Ltd)
HKU\S-1-5-21-1434225337-3457470663-2483908841-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
SearchScopes: HKLM - DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
SearchScopes: HKLM - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
SearchScopes: HKCU - DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
SearchScopes: HKCU - {1B7944C5-928C-49e9-A566-3B2EB09F018C} URL = http://uk.search.yahoo.com/search?p={se ... ype=IEBDSV
SearchScopes: HKCU - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
SearchScopes: HKCU - {66EF56BE-38D4-4184-B5C2-BBA3C7C02B73} URL = http://www.google.com/cse?cx=partner-pu ... earchTerms}
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Honzík\AppData\Roaming\Mozilla\Firefox\Profiles\pd4n3p98.default-1399104959828
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.seznam.cz/
FF Keyword.URL: https://www.google.com/search
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Hotspot Shield Extension - C:\Program Files\Mozilla Firefox\browser\extensions\afproxy@anchorfree.com [2014-01-13]
FF HKLM\...\Firefox\Extensions: [{91c612bf-2a7a-48b8-8c8c-6de28589b7a1}] - C:\Program Files\Splashtop\Splashtop Connect for Firefox\{91c612bf-2a7a-48b8-8c8c-6de28589b7a1}
FF HKLM\...\Firefox\Extensions: [{91c612bf-2a7a-48b8-8c8c-6de28589b7a0}] - C:\Program Files\Splashtop\Splashtop Connect for Firefox\{91c612bf-2a7a-48b8-8c8c-6de28589b7a0}
FF HKLM\...\Firefox\Extensions: [{d9284e50-81fc-11da-a72b-0800200c9a66}] - C:\Program Files\Splashtop\Splashtop Connect for Firefox\{d9284e50-81fc-11da-a72b-0800200c9a66}
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-12-03]

Chrome:
=======
CHR HomePage: www.google.com
CHR StartupUrls: "www.google.com"
CHR Extension: (Dokumenty Google) - C:\Users\Honzík\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-29]
CHR Extension: (Disk Google) - C:\Users\Honzík\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-29]
CHR Extension: (YouTube) - C:\Users\Honzík\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-29]
CHR Extension: (Vyhledávání Google) - C:\Users\Honzík\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-29]
CHR Extension: (avast! Online Security) - C:\Users\Honzík\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-01-04]
CHR Extension: (Peněženka Google) - C:\Users\Honzík\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-29]
CHR Extension: (Gmail) - C:\Users\Honzík\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-29]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-04-25]

========================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [291840 2011-10-12] (Advanced Micro Devices, Inc.)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-04-25] (AVAST Software)
R2 BlueSoleilCS; C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe [854016 2009-11-18] (IVT Corporation)
R3 BsHelpCS; C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe [102503 2009-11-17] (IVT Corporation)

==================== Drivers (Whitelisted) ====================

S3 AODDriver; C:\Program Files\GIGABYTE\ET6\i386\AODDriver.sys [36864 2010-03-12] (Advanced Micro Devices)
R2 AODDriver4.01; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [39424 2011-06-24] (Advanced Micro Devices)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [18544 2011-01-10] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-04-25] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-04-25] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-04-25] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-04-25] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [777488 2014-05-15] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [411680 2014-05-15] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [68312 2014-05-15] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [180632 2014-04-25] ()
R3 BT; C:\Windows\System32\DRIVERS\btnetdrv.sys [17928 2009-06-17] (IVT Corporation.)
S3 Btcsrusb; C:\Windows\System32\Drivers\btcusb.sys [32640 2009-09-24] (IVT Corporation.)
S3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [22528 2009-08-13] (CSR, plc)
R0 BtHidBus; C:\Windows\System32\Drivers\BtHidBus.sys [19592 2009-09-24] (IVT Corporation.)
R3 btnetBUs; C:\Windows\System32\Drivers\btnetBus.sys [22528 2009-09-24] ()
S3 gdrv; C:\Windows\gdrv.sys [17488 2013-12-05] (Windows (R) 2000 DDK provider)
S3 GVTDrv; C:\Windows\system32\Drivers\GVTDrv.sys [24944 2013-12-05] ()
R3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [25280 2014-03-15] (LogMeIn, Inc.)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [39624 2013-11-13] (AnchorFree Inc.)
R3 IvtBtBUs; C:\Windows\System32\Drivers\IvtBtBus.sys [25480 2009-08-26] (IVT Corporation.)
R3 KYEKBPRO; C:\Windows\System32\Drivers\KYEKBPRO.sys [18944 2011-10-14] ( )
R3 RTHDMIAzAudService; C:\Windows\System32\drivers\RtHDMIV.sys [328552 2011-07-06] (Realtek Semiconductor Corp.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2013-12-03] ()
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [35288 2013-08-22] (The OpenVPN Project)
R3 VComm; C:\Windows\System32\DRIVERS\VComm.sys [14856 2009-08-26] (IVT Corporation.)
R3 VcommMgr; C:\Windows\System32\Drivers\VcommMgr.sys [32392 2009-08-28] (IVT Corporation.)
R1 VirtDiskBus; C:\Windows\System32\DRIVERS\VirtDiskBus.sys [57456 2011-02-08] (Giga-Byte Technology CO., LTD.)
U3 alfrkiuy; C:\Windows\system32\Drivers\alfrkiuy.sys [0 ] (Microsoft Corporation)
U5 BlueletAudio; C:\Windows\System32\Drivers\BlueletAudio.sys [33800 2009-06-17] (IVT Corporation.)
S3 pccsmcfd; system32\DRIVERS\pccsmcfd.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-04 20:11 - 2014-06-04 20:12 - 00013958 _____ () C:\Users\Honzík\Desktop\FRST.txt
2014-06-04 20:11 - 2014-06-04 20:11 - 01059840 _____ (Farbar) C:\Users\Honzík\Desktop\FRST.exe
2014-06-04 20:11 - 2014-06-04 20:11 - 00000000 ____D () C:\FRST
2014-06-02 20:29 - 2014-06-02 20:49 - 180049268 _____ () C:\Users\Honzík\Desktop\Simpsonovi-25x09-Piráti-ze-Springfieldu.avi
2014-06-02 20:29 - 2014-06-02 20:48 - 172593010 _____ () C:\Users\Honzík\Desktop\Simpsonovi-25x10-Můj-muž-je-Komiksák.avi
2014-05-31 08:25 - 2014-06-04 19:08 - 00000560 _____ () C:\Windows\setupact.log
2014-05-31 08:25 - 2014-05-31 08:25 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-20 21:48 - 2014-05-20 23:18 - 862996178 _____ () C:\Users\Honzík\Desktop\Šimon-a-Matouš-Obchodníci-s-diamanty.avi
2014-05-20 00:31 - 2014-05-19 17:45 - 00000000 ____D () C:\Users\Honzík\Desktop\19.5.2014
2014-05-20 00:27 - 2014-05-20 00:28 - 55189418 _____ () C:\Users\Honzík\Desktop\19.5.2014.rar
2014-05-16 12:10 - 2014-05-16 12:10 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-05-16 12:05 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-16 12:05 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-16 12:05 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-15 14:33 - 2014-05-09 09:06 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-15 14:33 - 2014-05-09 09:04 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-15 14:32 - 2014-04-12 04:15 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-15 14:32 - 2014-04-12 04:15 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-15 14:32 - 2014-04-12 04:12 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-15 14:32 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-15 14:32 - 2014-04-12 04:12 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-15 14:32 - 2014-04-12 04:11 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-15 14:32 - 2014-04-12 04:11 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-15 14:32 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-15 14:32 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2014-05-15 14:32 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-15 14:32 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-15 14:32 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-15 14:32 - 2014-03-04 11:17 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-15 14:32 - 2014-03-04 11:17 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-15 14:32 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-15 14:32 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-15 14:32 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-15 14:32 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-15 14:32 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-15 14:32 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-15 14:32 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-15 14:32 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-15 14:32 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-15 14:32 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-15 14:32 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-14 10:59 - 2014-05-14 10:59 - 17938608 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe
2014-05-09 13:00 - 2014-05-09 13:00 - 00000000 ____D () C:\Users\Honzík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\F.E.A.R. 2
2014-05-09 08:29 - 2014-06-04 19:34 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-09 08:29 - 2014-06-04 19:08 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-06 12:03 - 2014-05-16 13:15 - 00000000 ___SD () C:\Windows\system32\CompatTel

==================== One Month Modified Files and Folders =======

2014-06-04 20:12 - 2014-06-04 20:11 - 00013958 _____ () C:\Users\Honzík\Desktop\FRST.txt
2014-06-04 20:12 - 2014-03-07 00:13 - 00000000 ____D () C:\Users\Honzík\AppData\Local\temp
2014-06-04 20:11 - 2014-06-04 20:11 - 01059840 _____ (Farbar) C:\Users\Honzík\Desktop\FRST.exe
2014-06-04 20:11 - 2014-06-04 20:11 - 00000000 ____D () C:\FRST
2014-06-04 20:10 - 2013-12-03 15:36 - 00000000 ____D () C:\Users\Honzík\AppData\Roaming\Skype
2014-06-04 20:10 - 2013-12-03 10:24 - 01558143 _____ () C:\Windows\WindowsUpdate.log
2014-06-04 19:44 - 2013-12-03 21:22 - 00000125 _____ () C:\Windows\system32\REMOTEDEVICE.INI
2014-06-04 19:44 - 2013-12-03 21:20 - 00005065 _____ () C:\Windows\system32\LOCALSERVICE.INI
2014-06-04 19:44 - 2013-12-03 21:20 - 00000091 _____ () C:\Windows\system32\LOCALDEVICE.INI
2014-06-04 19:44 - 2009-11-17 12:44 - 00001035 _____ () C:\Windows\system32\bscs.ini
2014-06-04 19:43 - 2013-12-03 11:45 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-04 19:34 - 2014-05-09 08:29 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-04 19:19 - 2009-07-14 06:34 - 00014224 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-04 19:19 - 2009-07-14 06:34 - 00014224 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-04 19:09 - 2014-03-07 09:55 - 00000374 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-06-04 19:08 - 2014-05-31 08:25 - 00000560 _____ () C:\Windows\setupact.log
2014-06-04 19:08 - 2014-05-09 08:29 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-04 19:08 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-03 19:55 - 2013-12-03 11:40 - 00000000 ____D () C:\Users\Honzík\AppData\Roaming\vlc
2014-06-03 18:46 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\tracing
2014-06-02 21:08 - 2013-12-24 02:28 - 00000000 ____D () C:\Users\Honzík\AppData\Roaming\TS3Client
2014-06-02 20:49 - 2014-06-02 20:29 - 180049268 _____ () C:\Users\Honzík\Desktop\Simpsonovi-25x09-Piráti-ze-Springfieldu.avi
2014-06-02 20:48 - 2014-06-02 20:29 - 172593010 _____ () C:\Users\Honzík\Desktop\Simpsonovi-25x10-Můj-muž-je-Komiksák.avi
2014-06-01 17:45 - 2013-12-03 23:23 - 00000000 ____D () C:\Users\Honzík\AppData\Roaming\BitTorrent
2014-06-01 17:00 - 2014-01-11 23:27 - 00000392 _____ () C:\Windows\Tasks\RegCure Program Check.job
2014-06-01 14:54 - 2014-02-23 23:22 - 00000000 ____D () C:\Users\Honzík\Desktop\wowrm
2014-05-31 22:08 - 2014-03-13 23:43 - 00000000 ____D () C:\Users\Honzík\Desktop\Metro LL
2014-05-31 08:25 - 2014-05-31 08:25 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-27 13:52 - 2013-12-29 10:25 - 00002117 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-27 13:52 - 2013-12-03 13:04 - 00001097 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-05-27 13:52 - 2013-12-03 13:04 - 00001097 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-27 11:34 - 2013-12-03 16:07 - 00001199 _____ () C:\Users\Honzík\Desktop\Nový textový dokument (2).txt
2014-05-23 11:09 - 2013-12-04 20:17 - 00000000 ____D () C:\Program Files\Zrychleni Pocitace
2014-05-23 11:04 - 2014-03-29 11:45 - 00000000 ____D () C:\AdwCleaner
2014-05-21 11:15 - 2013-12-03 23:24 - 00000873 _____ () C:\Users\Honzík\Desktop\BitTorrent.lnk
2014-05-21 11:15 - 2013-12-03 23:24 - 00000853 _____ () C:\Users\Honzík\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk
2014-05-20 23:18 - 2014-05-20 21:48 - 862996178 _____ () C:\Users\Honzík\Desktop\Šimon-a-Matouš-Obchodníci-s-diamanty.avi
2014-05-20 00:28 - 2014-05-20 00:27 - 55189418 _____ () C:\Users\Honzík\Desktop\19.5.2014.rar
2014-05-19 17:45 - 2014-05-20 00:31 - 00000000 ____D () C:\Users\Honzík\Desktop\19.5.2014
2014-05-18 04:36 - 2014-01-11 23:27 - 00000374 _____ () C:\Windows\Tasks\RegCure.job
2014-05-18 02:10 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2014-05-16 13:33 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-05-16 13:15 - 2014-05-06 12:03 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-16 13:15 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\zh-TW
2014-05-16 13:15 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\zh-CN
2014-05-16 13:15 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-05-16 13:15 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\sv-SE
2014-05-16 13:15 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\ru-RU
2014-05-16 13:15 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\pt-PT
2014-05-16 13:15 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\pt-BR
2014-05-16 13:15 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\pl-PL
2014-05-16 13:15 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\nl-NL
2014-05-16 13:15 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\nb-NO
2014-05-16 13:15 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\ko-KR
2014-05-16 13:15 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\ja-JP
2014-05-16 13:15 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\it-IT
2014-05-16 13:15 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\hu-HU
2014-05-16 13:15 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\he-IL
2014-05-16 13:15 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\fr-FR
2014-05-16 13:15 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\fi-FI
2014-05-16 13:15 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\el-GR
2014-05-16 13:15 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-05-16 13:15 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\ar-SA
2014-05-16 12:13 - 2013-12-03 12:08 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-16 12:12 - 2013-12-03 14:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-16 12:10 - 2014-05-16 12:10 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-05-16 12:10 - 2013-12-03 14:01 - 90547776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-15 21:51 - 2013-12-28 19:06 - 00068312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-05-15 21:51 - 2013-12-03 11:52 - 00777488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-05-15 21:51 - 2013-12-03 11:52 - 00411680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-05-14 10:59 - 2014-05-14 10:59 - 17938608 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe
2014-05-14 10:59 - 2013-12-03 11:45 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-05-14 10:59 - 2013-12-03 11:45 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-05-11 15:52 - 2013-12-03 16:00 - 00000000 ____D () C:\Users\Honzík\Desktop\Hacker
2014-05-10 01:44 - 2013-12-20 02:40 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-09 13:00 - 2014-05-09 13:00 - 00000000 ____D () C:\Users\Honzík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\F.E.A.R. 2
2014-05-09 09:06 - 2014-05-15 14:33 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 09:04 - 2014-05-15 14:33 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-07 22:23 - 2013-12-07 23:02 - 00000000 ____D () C:\Users\Honzík\AppData\Roaming\Hamachi
2014-05-06 05:25 - 2014-05-16 12:05 - 17382912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 05:07 - 2014-05-16 12:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 04:10 - 2014-05-16 12:05 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-30 08:44

==================== End Of Log ============================
http://leteckaposta.cz/820419799

Zdravím!
Je váš oper. systém legální?

Zdravim dekuji za bleskovou odpoved. Ano:) uz sme tu spolu primo svami muj pc nejednou resili mam ho legalni

Ani bych neřekl: http://forum.viry.cz/viewtopic.php?f=13 ... 8#p1307154 .

to sme tehda resili notas moji mamky uzivatel p.Martina (administrator) on PMARTINA-PC
a muj Ran by Honzík (administrator) on HONZÍK-PC
sem si myslel ze si to budete pamatovat:) ale nenapsal sem to do uvodu

OK. Zkusíme tento postup:

Stáhněte a spusťte OTL: http://oldtimer.geekstogo.com/OTL.exe . Spusťte, zaškrněte "Pro všechny uživatele", Kontrola na havěť LOP" a Kontrola na hvěť PURITY" a do dolního bílého okna zkopírujte:

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*loader* /s

a klikněte na >Prohledat<. Dejte oba logy.

zdravim omlouvam se ze pisi az ted byl sem v praci. zde je prvni log. Druhej log se neobevil. spis se mi zda ze se mi to po skenu zhorsilo vsude se objevili slozky a soubory(registr ikony) a jak sem ten druhej log hledal nenasel sem. nemuze to bejt nejaky virus nebo neco takove co mi to blokuje?
OTL logfile created on: 5.6.2014 18:56:12 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Honzík\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17041)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,25 Gb Total Physical Memory | 1,71 Gb Available Physical Memory | 52,65% Memory free
6,49 Gb Paging File | 4,45 Gb Available in Paging File | 68,59% Paging File free
Paging file location(s): c:\pagefile.sys 3325 3325 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 53,13 Gb Free Space | 35,65% Space Free | Partition Type: NTFS
Drive D: | 465,75 Gb Total Space | 89,02 Gb Free Space | 19,11% Space Free | Partition Type: NTFS
Drive E: | 100,00 Mb Total Space | 84,73 Mb Free Space | 84,74% Space Free | Partition Type: NTFS
Drive F: | 465,66 Gb Total Space | 104,63 Gb Free Space | 22,47% Space Free | Partition Type: NTFS

Computer Name: HONZÍK-PC | User Name: Honzík | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014.06.04 21:15:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Honzík\Desktop\OTL.exe
PRC - [2014.05.26 20:39:18 | 003,888,648 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\avastui.exe
PRC - [2014.05.14 10:59:53 | 001,863,856 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
PRC - [2014.05.10 01:44:32 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2014.04.28 12:25:11 | 001,171,000 | ---- | M] (Spotify Ltd) -- C:\Users\Honzík\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2014.04.25 09:51:06 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013.12.03 22:08:53 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2013.01.16 13:38:16 | 000,307,712 | ---- | M] () -- C:\Program Files\Genius\Gila\mousehid.exe
PRC - [2012.08.17 14:57:52 | 002,206,720 | ---- | M] (OSD) -- C:\Program Files\Genius\Gila\OSD.exe
PRC - [2012.06.10 20:01:44 | 000,222,720 | ---- | M] () -- C:\Program Files\Genius\Gila\trayicon.exe
PRC - [2012.02.24 18:16:10 | 000,287,232 | ---- | M] (KYE) -- C:\Program Files\Genius\Imperator Pro\IMProHid.exe
PRC - [2011.10.12 22:10:00 | 000,397,312 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2011.10.12 22:09:32 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2011.10.12 17:18:28 | 000,291,840 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.04.01 11:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
PRC - [2009.11.18 19:08:30 | 000,854,016 | ---- | M] (IVT Corporation) -- C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
PRC - [2009.11.17 12:50:14 | 000,315,478 | ---- | M] (IVT Corporation) -- C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe
PRC - [2009.11.17 12:48:10 | 000,102,503 | ---- | M] (IVT Corporation) -- C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe


========== Modules (No Company Name) ==========

MOD - [2014.05.16 13:22:52 | 011,922,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\70dbdd46969daf2bea2443c75b7629d4\System.Web.ni.dll
MOD - [2014.05.16 13:22:46 | 000,774,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\98c91b8d3f1d54c41ada5f37e0935303\System.Runtime.Remoting.ni.dll
MOD - [2014.05.14 10:59:53 | 016,361,136 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_13_0_0_214.dll
MOD - [2014.05.10 01:44:31 | 003,839,088 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2014.02.15 03:09:13 | 000,240,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\8f2441d71e42bd17d5afd83524c67c57\WindowsFormsIntegration.ni.dll
MOD - [2014.02.15 03:00:45 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\868ad9d8acc0bf80a973c0e4e9cae4fa\System.Core.ni.dll
MOD - [2014.02.14 01:37:09 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\72284863df9bea3f081ae98996400619\PresentationFramework.Aero.ni.dll
MOD - [2014.02.14 01:36:40 | 014,340,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\f703846404bb66a4ae03ef8133755007\PresentationFramework.ni.dll
MOD - [2014.02.14 01:36:27 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\8bc548587e91ecf0552a40e47bbf99cc\System.Windows.Forms.ni.dll
MOD - [2014.02.14 01:36:20 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5c24d3b0041ebf4f48a93615b9fa3de9\System.Drawing.ni.dll
MOD - [2014.02.14 01:36:17 | 000,060,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\549aa924ef5af7232f4024eb6f8cb97a\UIAutomationProvider.ni.dll
MOD - [2014.02.14 01:36:14 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\217ece46920546d718414291d463bb1c\System.Xml.ni.dll
MOD - [2014.02.14 01:36:11 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\5b6ddf934128d538cd5cd77bf4209b93\System.Configuration.ni.dll
MOD - [2014.02.14 01:36:08 | 012,238,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\660ac5d6da77df8e86fb26f05c6a9816\PresentationCore.ni.dll
MOD - [2014.02.14 01:35:59 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\1d696b2d3de530f7ee971070263667ff\WindowsBase.ni.dll
MOD - [2014.02.14 01:35:56 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b3a78269847005365001c33870cd121f\System.ni.dll
MOD - [2014.02.14 01:35:47 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ede2c6c842840e009f01bcc74fa4c457\mscorlib.ni.dll
MOD - [2013.12.03 13:29:58 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2013.01.16 13:38:16 | 000,307,712 | ---- | M] () -- C:\Program Files\Genius\Gila\mousehid.exe
MOD - [2013.01.15 18:06:32 | 000,061,952 | ---- | M] () -- C:\Program Files\Genius\Gila\HidDevice.dll
MOD - [2012.12.18 11:02:22 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2012.06.10 20:01:44 | 000,222,720 | ---- | M] () -- C:\Program Files\Genius\Gila\trayicon.exe
MOD - [2011.10.12 17:23:40 | 000,369,152 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2011.10.12 17:18:34 | 000,095,232 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
MOD - [2010.11.13 03:54:29 | 000,425,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_cs_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2010.11.05 03:53:44 | 000,237,568 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_cs_31bf3856ad364e35\PresentationFramework.resources.dll
MOD - [2010.11.05 03:53:33 | 000,204,800 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_cs_b77a5c561934e089\System.resources.dll
MOD - [2007.10.02 16:41:38 | 000,319,488 | ---- | M] () -- C:\Program Files\WinRAR\rarlng.dll
MOD - [2007.09.20 19:34:58 | 000,129,024 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll


========== Services (SafeList) ==========

SRV - [2014.05.14 10:59:54 | 000,257,712 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014.04.25 09:51:06 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2014.03.06 09:38:10 | 000,108,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2014.01.29 10:23:27 | 004,915,040 | ---- | M] (TeamViewer GmbH) [Disabled | Stopped] -- C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe -- (TeamViewer9)
SRV - [2013.12.03 21:43:48 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2013.10.23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.05.27 06:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2011.10.12 22:09:32 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2011.10.12 17:18:28 | 000,291,840 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV - [2010.04.06 17:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\System32\AppleChargerSrv.exe -- (AppleChargerSrv)
SRV - [2009.11.18 19:08:30 | 000,854,016 | ---- | M] (IVT Corporation) [Auto | Running] -- C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe -- (BlueSoleilCS)
SRV - [2009.11.17 12:48:10 | 000,102,503 | ---- | M] (IVT Corporation) [On_Demand | Running] -- C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe -- (BsHelpCS)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\pccsmcfd.sys -- (pccsmcfd)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (a5pz3bjk)
DRV - [2014.05.15 21:51:34 | 000,777,488 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswsnx.sys -- (aswSnx)
DRV - [2014.05.15 21:51:34 | 000,411,680 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswsp.sys -- (aswSP)
DRV - [2014.05.15 21:51:34 | 000,068,312 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\aswstm.sys -- (aswStm)
DRV - [2014.04.25 09:51:17 | 000,180,632 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2014.04.25 09:51:17 | 000,081,768 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2014.04.25 09:51:17 | 000,067,824 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2014.04.25 09:51:17 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2014.04.25 09:51:17 | 000,024,184 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\aswHwid.sys -- (aswHwid)
DRV - [2014.03.15 19:11:47 | 000,025,280 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2013.12.05 16:10:51 | 000,024,944 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\GVTDrv.sys -- (GVTDrv)
DRV - [2013.12.05 16:10:32 | 000,017,488 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2013.12.03 15:46:44 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2013.11.13 12:47:12 | 000,039,624 | ---- | M] (AnchorFree Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\hssdrv6.sys -- (HssDRV6)
DRV - [2013.08.22 14:40:22 | 000,035,288 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tap0901.sys -- (tap0901)
DRV - [2011.10.14 16:24:22 | 000,018,944 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\KYEKBPRO.sys -- (KYEKBPRO)
DRV - [2011.10.12 22:55:06 | 008,598,528 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2011.10.12 21:30:18 | 000,257,024 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2011.08.11 08:54:02 | 000,088,176 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C)
DRV - [2011.07.06 12:12:48 | 000,328,552 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService)
DRV - [2011.06.24 07:25:26 | 000,039,424 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\aoddriver2.sys -- (AODDriver4.01)
DRV - [2011.02.08 17:03:26 | 000,057,456 | ---- | M] (Giga-Byte Technology CO., LTD.) [Kernel | System | Running] -- C:\Windows\System32\drivers\VirtDiskBus.sys -- (VirtDiskBus)
DRV - [2011.01.10 19:16:16 | 000,018,544 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\AppleCharger.sys -- (AppleCharger)
DRV - [2010.11.20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 12:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010.11.20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010.03.12 06:35:48 | 000,036,864 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Program Files\GIGABYTE\ET6\i386\AODDriver.sys -- (AODDriver)
DRV - [2010.02.18 10:18:22 | 000,037,944 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\amdiox86.sys -- (amdiox86)
DRV - [2009.09.24 14:38:42 | 000,022,528 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btnetBus.sys -- (btnetBUs)
DRV - [2009.09.24 06:40:12 | 000,019,592 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\BtHidBus.sys -- (BtHidBus)
DRV - [2009.09.24 06:35:24 | 000,032,640 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btcusb.sys -- (Btcsrusb)
DRV - [2009.08.28 17:04:58 | 000,032,392 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VCommMgr.sys -- (VcommMgr)
DRV - [2009.08.26 12:16:48 | 000,025,480 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IvtBtBus.sys -- (IvtBtBUs)
DRV - [2009.08.26 12:16:16 | 000,014,856 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VComm.sys -- (VComm)
DRV - [2009.08.13 09:23:02 | 000,022,528 | ---- | M] (CSR, plc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BthAvrcp.sys -- (BthAvrcp)
DRV - [2009.06.17 15:02:40 | 000,017,928 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btnetdrv.sys -- (BT)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
IE - HKLM\..\SearchScopes,DefaultScope = {632F07F3-19A1-4d16-A23F-E6CE9486BAB5}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}: "URL" = http://www.bing.com/search?q={searchTer ... DF&PC=AV01


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1434225337-3457470663-2483908841-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
IE - HKU\S-1-5-21-1434225337-3457470663-2483908841-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
IE - HKU\S-1-5-21-1434225337-3457470663-2483908841-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
IE - HKU\S-1-5-21-1434225337-3457470663-2483908841-1000\..\SearchScopes,DefaultScope = {632F07F3-19A1-4d16-A23F-E6CE9486BAB5}
IE - HKU\S-1-5-21-1434225337-3457470663-2483908841-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE11SR
IE - HKU\S-1-5-21-1434225337-3457470663-2483908841-1000\..\SearchScopes\{1B7944C5-928C-49e9-A566-3B2EB09F018C}: "URL" = http://uk.search.yahoo.com/search?p={se ... ype=IEBDSV
IE - HKU\S-1-5-21-1434225337-3457470663-2483908841-1000\..\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}: "URL" = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
IE - HKU\S-1-5-21-1434225337-3457470663-2483908841-1000\..\SearchScopes\{66EF56BE-38D4-4184-B5C2-BBA3C7C02B73}: "URL" = http://www.google.com/cse?cx=partner-pu ... earchTerms}
IE - HKU\S-1-5-21-1434225337-3457470663-2483908841-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.defaultthis.engineName: "Google"
FF - prefs.js..browser.search.defaulturl: "https://www.google.com/search"
FF - prefs.js..browser.search.order.1: "Google"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:29.0.1
FF - prefs.js..keyword.URL: "https://www.google.com/search"
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{91c612bf-2a7a-48b8-8c8c-6de28589b7a1}: C:\Program Files\Splashtop\Splashtop Connect for Firefox\{91c612bf-2a7a-48b8-8c8c-6de28589b7a1}
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{91c612bf-2a7a-48b8-8c8c-6de28589b7a0}: C:\Program Files\Splashtop\Splashtop Connect for Firefox\{91c612bf-2a7a-48b8-8c8c-6de28589b7a0}
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{d9284e50-81fc-11da-a72b-0800200c9a66}: C:\Program Files\Splashtop\Splashtop Connect for Firefox\{d9284e50-81fc-11da-a72b-0800200c9a66}
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014.04.25 09:51:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2013.12.03 13:05:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Honzík\AppData\Roaming\Mozilla\Extensions
[2014.05.03 10:28:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Honzík\AppData\Roaming\Mozilla\Firefox\Profiles\pd4n3p98.default-1399104959828\extensions
[2014.05.27 13:52:07 | 000,002,823 | ---- | M] () -- C:\Users\Honzík\AppData\Roaming\Mozilla\Firefox\Profiles\pd4n3p98.default-1399104959828\searchplugins\Google.xml
[2014.01.13 13:52:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014.05.10 01:44:34 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014.01.13 13:52:17 | 000,000,000 | ---D | M] (Hotspot Shield Extension) -- C:\Program Files\Mozilla Firefox\browser\extensions\afproxy@anchorfree.com

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: www.google.com
CHR - plugin: Error reading preferences file
CHR - Extension: Dokumenty Google = C:\Users\Honzík\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.6_0\
CHR - Extension: Disk Google = C:\Users\Honzík\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Honzík\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: VyhledávánĂ­ Google = C:\Users\Honzík\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: avast! Online Security = C:\Users\Honzík\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2018.95_0\
CHR - Extension: Peněženka Google = C:\Users\Honzík\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Honzík\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2014.03.07 00:11:19 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BtTray] C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe (IVT Corporation)
O4 - HKLM..\Run: [Gila] C:\Program Files\Genius\Gila\mousehid.exe ()
O4 - HKLM..\Run: [Imperator pro] C:\Program Files\Genius\Imperator Pro\IMProhid.exe (KYE)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-21-1434225337-3457470663-2483908841-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1434225337-3457470663-2483908841-1000..\Run: [Spotify Web Helper] C:\Users\Honzík\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - HKU\.DEFAULT..\RunOnce: [SPReview] C:\Windows\System32\SPReview\SPReview.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [SPReview] C:\Windows\System32\SPReview\SPReview.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1434225337-3457470663-2483908841-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1434225337-3457470663-2483908841-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - Reg Error: Key error. File not found
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{00530555-EFD5-481C-94DF-258D11C12B78}: DhcpNameServer = 217.77.165.81 217.77.161.131
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F1F4C2CE-0683-494F-A6C9-01E48DC21F8D}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FMVC - C:\Windows\System32\fmcodec.DLL (Fox Magic Software)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2014.06.04 21:15:35 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Honzík\Desktop\OTL.exe
[2014.06.04 20:11:44 | 000,000,000 | ---D | C] -- C:\FRST
[2014.06.04 20:11:19 | 001,059,840 | ---- | C] (Farbar) -- C:\Users\Honzík\Desktop\FRST.exe
[2014.05.20 00:31:39 | 000,000,000 | ---D | C] -- C:\Users\Honzík\Desktop\19.5.2014
[2014.05.16 12:10:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2014.05.16 12:05:31 | 002,724,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2014.05.15 14:33:03 | 000,369,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aepdu.dll
[2014.05.15 14:33:02 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aeinv.dll
[2014.05.15 14:32:57 | 003,969,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2014.05.15 14:32:57 | 003,914,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2014.05.15 14:32:55 | 000,538,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\objsel.dll
[2014.05.15 14:32:52 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adprovider.dll
[2014.05.15 14:32:52 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dimsroam.dll
[2014.05.15 14:32:51 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cngprovider.dll
[2014.05.15 14:32:51 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\capiprovider.dll
[2014.05.15 14:32:50 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpapiprovider.dll
[2014.05.15 14:32:48 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wincredprovider.dll
[2014.05.15 14:32:46 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sspisrv.dll
[2014.05.14 10:59:51 | 017,938,608 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerInstaller.exe
[2014.05.09 13:00:18 | 000,000,000 | ---D | C] -- C:\Users\Honzík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\F.E.A.R. 2

========== Files - Modified Within 30 Days ==========

[2014.06.05 19:01:13 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.06.05 18:43:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014.06.05 18:34:16 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014.06.05 18:13:39 | 000,014,224 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.06.05 18:13:39 | 000,014,224 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.06.05 18:04:20 | 000,005,065 | ---- | M] () -- C:\Windows\System32\LOCALSERVICE.INI
[2014.06.05 18:03:50 | 000,001,035 | ---- | M] () -- C:\Windows\System32\bscs.ini
[2014.06.05 18:03:50 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014.06.05 18:03:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.06.05 18:03:35 | 2615,320,576 | -HS- | M] () -- C:\hiberfil.sys
[2014.06.05 04:37:26 | 000,000,374 | ---- | M] () -- C:\Windows\tasks\RegCure.job
[2014.06.04 21:15:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Honzík\Desktop\OTL.exe
[2014.06.04 20:29:04 | 001,307,088 | ---- | M] () -- C:\Users\Honzík\Desktop\WoWScrnShot_060414_202223.jpg
[2014.06.04 20:11:24 | 001,059,840 | ---- | M] (Farbar) -- C:\Users\Honzík\Desktop\FRST.exe
[2014.06.04 19:44:42 | 000,000,125 | ---- | M] () -- C:\Windows\System32\REMOTEDEVICE.INI
[2014.06.04 19:44:08 | 000,000,091 | ---- | M] () -- C:\Windows\System32\LOCALDEVICE.INI
[2014.06.02 20:49:20 | 180,049,268 | ---- | M] () -- C:\Users\Honzík\Desktop\Simpsonovi-25x09-Piráti-ze-Springfieldu.avi
[2014.06.02 20:48:59 | 172,593,010 | ---- | M] () -- C:\Users\Honzík\Desktop\Simpsonovi-25x10-Můj-muž-je-Komiksák.avi
[2014.06.02 18:44:26 | 000,912,633 | ---- | M] () -- C:\Users\Honzík\Desktop\Fotografie0611.jpg
[2014.06.01 17:00:01 | 000,000,392 | ---- | M] () -- C:\Windows\tasks\RegCure Program Check.job
[2014.05.30 21:34:32 | 000,552,654 | ---- | M] () -- C:\Users\Honzík\Desktop\WoWScrnShot_053014_213337.jpg
[2014.05.30 18:42:10 | 000,062,768 | ---- | M] () -- C:\Users\Honzík\Desktop\helldiver.jpg
[2014.05.29 21:38:30 | 000,166,826 | ---- | M] () -- C:\Users\Honzík\Desktop\WoWScrnShot_052914_082703.jpg
[2014.05.27 13:52:07 | 000,001,097 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014.05.27 13:52:06 | 000,002,117 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014.05.21 11:15:26 | 000,000,873 | ---- | M] () -- C:\Users\Honzík\Desktop\BitTorrent.lnk
[2014.05.20 23:18:50 | 862,996,178 | ---- | M] () -- C:\Users\Honzík\Desktop\Šimon-a-Matouš-Obchodníci-s-diamanty.avi
[2014.05.20 00:28:18 | 055,189,418 | ---- | M] () -- C:\Users\Honzík\Desktop\19.5.2014.rar
[2014.05.15 21:51:34 | 000,777,488 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswsnx.sys
[2014.05.15 21:51:34 | 000,411,680 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswsp.sys
[2014.05.15 21:51:34 | 000,068,312 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswstm.sys
[2014.05.14 10:59:54 | 000,692,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2014.05.14 10:59:53 | 000,070,832 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2014.05.14 10:59:51 | 017,938,608 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerInstaller.exe
[2014.05.12 12:05:02 | 000,026,446 | ---- | M] () -- C:\Users\Honzík\Desktop\10277458_10201512916418853_8685453167723260594_n.jpg
[2014.05.09 09:06:23 | 000,369,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\aepdu.dll
[2014.05.09 09:04:12 | 000,302,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\aeinv.dll
[2014.05.06 19:38:53 | 000,010,453 | ---- | M] () -- C:\Users\Honzík\Desktop\10156027_645416802203598_5866937709176705439_n.jpg

========== Files Created - No Company Name ==========

[2014.06.05 19:01:13 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.06.04 20:28:24 | 001,307,088 | ---- | C] () -- C:\Users\Honzík\Desktop\WoWScrnShot_060414_202223.jpg
[2014.06.02 20:29:42 | 172,593,010 | ---- | C] () -- C:\Users\Honzík\Desktop\Simpsonovi-25x10-Můj-muž-je-Komiksák.avi
[2014.06.02 20:29:16 | 180,049,268 | ---- | C] () -- C:\Users\Honzík\Desktop\Simpsonovi-25x09-Piráti-ze-Springfieldu.avi
[2014.06.02 18:44:21 | 000,912,633 | ---- | C] () -- C:\Users\Honzík\Desktop\Fotografie0611.jpg
[2014.05.30 21:34:00 | 000,552,654 | ---- | C] () -- C:\Users\Honzík\Desktop\WoWScrnShot_053014_213337.jpg
[2014.05.30 18:41:56 | 000,062,768 | ---- | C] () -- C:\Users\Honzík\Desktop\helldiver.jpg
[2014.05.29 21:38:13 | 000,166,826 | ---- | C] () -- C:\Users\Honzík\Desktop\WoWScrnShot_052914_082703.jpg
[2014.05.20 21:48:42 | 862,996,178 | ---- | C] () -- C:\Users\Honzík\Desktop\Šimon-a-Matouš-Obchodníci-s-diamanty.avi
[2014.05.20 00:27:10 | 055,189,418 | ---- | C] () -- C:\Users\Honzík\Desktop\19.5.2014.rar
[2014.05.12 12:05:01 | 000,026,446 | ---- | C] () -- C:\Users\Honzík\Desktop\10277458_10201512916418853_8685453167723260594_n.jpg
[2014.05.09 08:29:03 | 000,000,940 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014.05.09 08:29:02 | 000,000,936 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014.05.06 19:38:53 | 000,010,453 | ---- | C] () -- C:\Users\Honzík\Desktop\10156027_645416802203598_5866937709176705439_n.jpg
[2014.04.25 09:51:20 | 000,024,184 | ---- | C] () -- C:\Windows\System32\drivers\aswHwid.sys
[2014.01.25 13:53:51 | 001,208,831 | ---- | C] () -- C:\Windows\unins000.exe
[2014.01.25 13:53:51 | 000,036,640 | ---- | C] () -- C:\Windows\unins000.dat
[2013.12.07 23:56:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\Access.dat
[2013.12.04 19:13:16 | 000,294,764 | ---- | C] () -- C:\Windows\System32\perfi01D.dat
[2013.12.04 19:13:13 | 000,654,910 | ---- | C] () -- C:\Windows\System32\perfh01D.dat
[2013.12.04 19:13:13 | 000,141,728 | ---- | C] () -- C:\Windows\System32\perfc01D.dat
[2013.12.04 19:13:13 | 000,037,052 | ---- | C] () -- C:\Windows\System32\perfd01D.dat
[2013.12.04 18:50:04 | 000,157,694 | ---- | C] () -- C:\Windows\System32\perfi012.dat
[2013.12.04 18:50:02 | 000,419,614 | ---- | C] () -- C:\Windows\System32\perfh012.dat
[2013.12.04 18:50:02 | 000,119,638 | ---- | C] () -- C:\Windows\System32\perfc012.dat
[2013.12.04 18:50:02 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd012.dat
[2013.12.04 17:41:40 | 000,111,310 | ---- | C] () -- C:\Windows\System32\prfi0804.dat
[2013.12.04 17:41:37 | 000,372,360 | ---- | C] () -- C:\Windows\System32\prfh0804.dat
[2013.12.04 17:41:37 | 000,118,846 | ---- | C] () -- C:\Windows\System32\prfc0804.dat
[2013.12.04 17:41:37 | 000,031,548 | ---- | C] () -- C:\Windows\System32\prfd0804.dat
[2013.12.04 17:00:27 | 000,141,988 | ---- | C] () -- C:\Windows\System32\perfi011.dat
[2013.12.04 17:00:25 | 000,407,968 | ---- | C] () -- C:\Windows\System32\perfh011.dat
[2013.12.04 17:00:25 | 000,121,354 | ---- | C] () -- C:\Windows\System32\perfc011.dat
[2013.12.04 17:00:25 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd011.dat
[2013.12.04 16:46:23 | 000,287,518 | ---- | C] () -- C:\Windows\System32\perfi00E.dat
[2013.12.04 16:46:22 | 000,674,944 | ---- | C] () -- C:\Windows\System32\perfh00E.dat
[2013.12.04 16:46:22 | 000,170,528 | ---- | C] () -- C:\Windows\System32\perfc00E.dat
[2013.12.04 16:46:22 | 000,048,094 | ---- | C] () -- C:\Windows\System32\perfd00E.dat
[2013.12.04 16:33:06 | 000,279,790 | ---- | C] () -- C:\Windows\System32\perfi00B.dat
[2013.12.04 16:33:05 | 000,472,692 | ---- | C] () -- C:\Windows\System32\perfh00B.dat
[2013.12.04 16:33:05 | 000,100,774 | ---- | C] () -- C:\Windows\System32\perfc00B.dat
[2013.12.04 16:33:05 | 000,038,258 | ---- | C] () -- C:\Windows\System32\perfd00B.dat
[2013.12.04 16:16:00 | 000,229,316 | ---- | C] () -- C:\Windows\System32\perfi00D.dat
[2013.12.04 16:15:58 | 000,383,534 | ---- | C] () -- C:\Windows\System32\perfh00D.dat
[2013.12.04 16:15:58 | 000,084,012 | ---- | C] () -- C:\Windows\System32\perfc00D.dat
[2013.12.04 16:15:58 | 000,032,166 | ---- | C] () -- C:\Windows\System32\perfd00D.dat
[2013.12.04 15:58:25 | 000,341,322 | ---- | C] () -- C:\Windows\System32\perfi013.dat
[2013.12.04 15:58:23 | 000,734,688 | ---- | C] () -- C:\Windows\System32\perfh013.dat
[2013.12.04 15:58:23 | 000,152,356 | ---- | C] () -- C:\Windows\System32\perfc013.dat
[2013.12.04 15:58:23 | 000,043,068 | ---- | C] () -- C:\Windows\System32\perfd013.dat
[2013.12.04 15:38:42 | 000,298,300 | ---- | C] () -- C:\Windows\System32\perfi014.dat
[2013.12.04 15:38:39 | 000,485,704 | ---- | C] () -- C:\Windows\System32\perfh014.dat
[2013.12.04 15:38:39 | 000,094,658 | ---- | C] () -- C:\Windows\System32\perfc014.dat
[2013.12.04 15:38:39 | 000,036,156 | ---- | C] () -- C:\Windows\System32\perfd014.dat
[2013.12.04 15:09:44 | 000,369,984 | ---- | C] () -- C:\Windows\System32\perfi008.dat
[2013.12.04 15:09:42 | 000,598,178 | ---- | C] () -- C:\Windows\System32\perfh008.dat
[2013.12.04 15:09:42 | 000,110,382 | ---- | C] () -- C:\Windows\System32\perfc008.dat
[2013.12.04 15:09:42 | 000,045,182 | ---- | C] () -- C:\Windows\System32\perfd008.dat
[2013.12.04 14:40:01 | 000,335,478 | ---- | C] () -- C:\Windows\System32\perfi010.dat
[2013.12.04 14:39:59 | 000,731,236 | ---- | C] () -- C:\Windows\System32\perfh010.dat
[2013.12.04 14:39:59 | 000,146,100 | ---- | C] () -- C:\Windows\System32\perfc010.dat
[2013.12.04 14:39:59 | 000,037,534 | ---- | C] () -- C:\Windows\System32\perfd010.dat
[2013.12.04 14:23:27 | 000,289,060 | ---- | C] () -- C:\Windows\System32\perfi001.dat
[2013.12.04 14:23:25 | 000,470,204 | ---- | C] () -- C:\Windows\System32\perfh001.dat
[2013.12.04 14:23:25 | 000,094,026 | ---- | C] () -- C:\Windows\System32\perfc001.dat
[2013.12.04 14:23:25 | 000,042,056 | ---- | C] () -- C:\Windows\System32\perfd001.dat
[2013.12.04 14:05:13 | 000,344,522 | ---- | C] () -- C:\Windows\System32\perfi00C.dat
[2013.12.04 14:05:11 | 000,736,906 | ---- | C] () -- C:\Windows\System32\perfh00C.dat
[2013.12.04 14:05:11 | 000,148,834 | ---- | C] () -- C:\Windows\System32\perfc00C.dat
[2013.12.04 14:05:11 | 000,038,160 | ---- | C] () -- C:\Windows\System32\perfd00C.dat
[2013.12.04 13:51:37 | 000,336,656 | ---- | C] () -- C:\Windows\System32\prfi0816.dat
[2013.12.04 13:51:36 | 000,720,208 | ---- | C] () -- C:\Windows\System32\prfh0816.dat
[2013.12.04 13:51:36 | 000,152,160 | ---- | C] () -- C:\Windows\System32\prfc0816.dat
[2013.12.04 13:51:36 | 000,040,548 | ---- | C] () -- C:\Windows\System32\prfd0816.dat
[2013.12.04 13:41:17 | 000,306,636 | ---- | C] () -- C:\Windows\System32\perfi006.dat
[2013.12.04 13:41:15 | 000,500,604 | ---- | C] () -- C:\Windows\System32\perfh006.dat
[2013.12.04 13:41:15 | 000,097,912 | ---- | C] () -- C:\Windows\System32\perfc006.dat
[2013.12.04 13:41:15 | 000,039,236 | ---- | C] () -- C:\Windows\System32\perfd006.dat
[2013.12.04 13:29:42 | 000,341,432 | ---- | C] () -- C:\Windows\System32\perfi00A.dat
[2013.12.04 13:29:40 | 000,736,646 | ---- | C] () -- C:\Windows\System32\perfh00A.dat
[2013.12.04 13:29:40 | 000,157,728 | ---- | C] () -- C:\Windows\System32\perfc00A.dat
[2013.12.04 13:29:40 | 000,041,390 | ---- | C] () -- C:\Windows\System32\perfd00A.dat
[2013.12.04 13:17:15 | 000,117,840 | ---- | C] () -- C:\Windows\System32\prfi0404.dat
[2013.12.04 13:17:13 | 000,389,532 | ---- | C] () -- C:\Windows\System32\prfh0404.dat
[2013.12.04 13:17:13 | 000,114,344 | ---- | C] () -- C:\Windows\System32\prfc0404.dat
[2013.12.04 13:17:13 | 000,031,548 | ---- | C] () -- C:\Windows\System32\prfd0404.dat
[2013.12.04 13:04:48 | 000,337,158 | ---- | C] () -- C:\Windows\System32\perfi015.dat
[2013.12.04 13:04:46 | 000,731,548 | ---- | C] () -- C:\Windows\System32\perfh015.dat
[2013.12.04 13:04:46 | 000,155,126 | ---- | C] () -- C:\Windows\System32\perfc015.dat
[2013.12.04 13:04:46 | 000,038,710 | ---- | C] () -- C:\Windows\System32\perfd015.dat
[2013.12.04 12:52:29 | 000,336,704 | ---- | C] () -- C:\Windows\System32\perfi019.dat
[2013.12.04 12:52:27 | 000,715,790 | ---- | C] () -- C:\Windows\System32\perfh019.dat
[2013.12.04 12:52:27 | 000,150,096 | ---- | C] () -- C:\Windows\System32\perfc019.dat
[2013.12.04 12:52:27 | 000,039,446 | ---- | C] () -- C:\Windows\System32\perfd019.dat
[2013.12.04 12:39:44 | 000,323,154 | ---- | C] () -- C:\Windows\System32\prfi0416.dat
[2013.12.04 12:39:42 | 000,705,070 | ---- | C] () -- C:\Windows\System32\prfh0416.dat
[2013.12.04 12:39:42 | 000,146,910 | ---- | C] () -- C:\Windows\System32\prfc0416.dat
[2013.12.04 12:39:42 | 000,038,536 | ---- | C] () -- C:\Windows\System32\prfd0416.dat
[2013.12.04 10:43:50 | 000,285,034 | ---- | C] () -- C:\Windows\System32\perfi01F.dat
[2013.12.04 10:43:48 | 000,647,872 | ---- | C] () -- C:\Windows\System32\perfh01F.dat
[2013.12.04 10:43:48 | 000,139,254 | ---- | C] () -- C:\Windows\System32\perfc01F.dat
[2013.12.04 10:43:48 | 000,037,160 | ---- | C] () -- C:\Windows\System32\perfd01F.dat
[2013.12.04 10:43:47 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2013.12.04 10:43:45 | 000,688,398 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2013.12.04 10:43:45 | 000,148,370 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2013.12.04 10:43:45 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2013.12.03 21:22:53 | 000,001,859 | ---- | C] () -- C:\Windows\System32\SHORTCUT.INI
[2013.12.03 21:22:39 | 000,000,125 | ---- | C] () -- C:\Windows\System32\REMOTEDEVICE.INI
[2013.12.03 21:20:32 | 000,005,065 | ---- | C] () -- C:\Windows\System32\LOCALSERVICE.INI
[2013.12.03 21:20:31 | 000,000,091 | ---- | C] () -- C:\Windows\System32\LOCALDEVICE.INI
[2013.12.03 21:18:27 | 000,000,000 | ---- | C] () -- C:\Windows\System32\BSPRINT.INI
[2013.12.03 16:18:40 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2013.12.03 16:17:28 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2013.12.03 15:39:55 | 001,216,471 | ---- | C] () -- C:\Windows\unins001.exe
[2013.12.03 15:39:55 | 000,044,942 | ---- | C] () -- C:\Windows\unins001.dat
[2013.12.03 15:27:18 | 000,018,944 | ---- | C] ( ) -- C:\Windows\System32\drivers\KYEKBPRO.sys
[2013.12.03 13:28:00 | 000,180,632 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2013.12.03 13:27:59 | 000,049,944 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2013.12.03 11:33:37 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2013.12.03 11:29:22 | 000,003,929 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2013.12.03 11:03:46 | 000,024,944 | ---- | C] () -- C:\Windows\System32\drivers\GVTDrv.sys
[2013.12.03 10:48:45 | 000,031,272 | ---- | C] () -- C:\Windows\System32\AppleChargerSrv.exe
[2013.12.03 10:48:45 | 000,018,544 | ---- | C] () -- C:\Windows\System32\drivers\AppleCharger.sys
[2013.12.03 10:44:29 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini

========== ZeroAccess Check ==========

[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014.03.25 04:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013.12.03 13:35:58 | 000,000,000 | ---D | M] -- C:\Users\Honzík\AppData\Roaming\AVAST Software
[2014.03.23 15:00:47 | 000,000,000 | ---D | M] -- C:\Users\Honzík\AppData\Roaming\AVG
[2014.06.01 17:45:39 | 000,000,000 | ---D | M] -- C:\Users\Honzík\AppData\Roaming\BitTorrent
[2014.01.20 20:40:35 | 000,000,000 | ---D | M] -- C:\Users\Honzík\AppData\Roaming\DAEMON Tools Lite
[2014.02.02 17:45:05 | 000,000,000 | ---D | M] -- C:\Users\Honzík\AppData\Roaming\KYE Gila
[2014.02.08 10:46:17 | 000,000,000 | ---D | M] -- C:\Users\Honzík\AppData\Roaming\KYE ImperatorPro
[2014.01.13 20:54:45 | 000,000,000 | ---D | M] -- C:\Users\Honzík\AppData\Roaming\MaskMyIP
[2014.02.02 17:45:05 | 000,000,000 | ---D | M] -- C:\Users\Honzík\AppData\Roaming\OBS
[2014.01.25 22:46:02 | 000,000,000 | ---D | M] -- C:\Users\Honzík\AppData\Roaming\Seznam.cz
[2014.05.02 00:41:31 | 000,000,000 | ---D | M] -- C:\Users\Honzík\AppData\Roaming\Spotify
[2014.02.27 18:11:56 | 000,000,000 | ---D | M] -- C:\Users\Honzík\AppData\Roaming\TeamViewer
[2014.06.02 21:08:00 | 000,000,000 | ---D | M] -- C:\Users\Honzík\AppData\Roaming\TS3Client
[2013.12.08 00:09:40 | 000,000,000 | ---D | M] -- C:\Users\Honzík\AppData\Roaming\Tunngle
[2013.12.03 23:58:39 | 000,000,000 | ---D | M] -- C:\Users\Honzík\AppData\Roaming\VitySoft

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009.07.14 06:53:46 | 000,032,620 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 06:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2013.12.03 11:45:12 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2014.01.11 23:27:33 | 000,000,374 | ---- | C] () -- C:\Windows\Tasks\RegCure.job
[2014.01.11 23:27:34 | 000,000,392 | ---- | C] () -- C:\Windows\Tasks\RegCure Program Check.job
[2014.05.09 08:29:02 | 000,000,936 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2014.05.09 08:29:03 | 000,000,940 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_a5025d31bee4647c\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_df26d4d57fdef5b0\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_dfc9143c98e9a6c4\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2010.11.20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010.11.20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010.11.20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe

< MD5 for: HAL.DLL >
[2010.11.20 14:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010.11.20 14:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
[2009.07.14 03:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll

< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.07.14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\System32\services.exe
[2009.07.14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: TCPIP.SYS >
[2009.07.14 03:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2010.11.20 14:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2013.09.07 04:06:48 | 001,309,120 | ---- | M] (Microsoft Corporation) MD5=6C4F3D92764FFA22D28061A4D9235446 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_b58e8eb0ddde6cf1\tcpip.sys
[2013.09.08 04:07:12 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=CA59F7C570AF70BC174F477CFE2D9EE3 -- C:\Windows\System32\drivers\tcpip.sys
[2013.09.08 04:07:12 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=CA59F7C570AF70BC174F477CFE2D9EE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_b4fa2013c4c8ebf1\tcpip.sys
[2012.10.03 18:44:01 | 001,308,040 | ---- | M] (Microsoft Corporation) MD5=D490DD0A91B4EAC3B4EE08D11EE37C31 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_b5a428d6ddce3d9a\tcpip.sys
[2013.11.26 13:07:37 | 001,309,632 | ---- | M] (Microsoft Corporation) MD5=DC08335B30D83FB61E9EFE6FDD09D40D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22525_none_b5a530b8ddcd4b8d\tcpip.sys
[2012.10.03 18:58:30 | 001,293,680 | ---- | M] (Microsoft Corporation) MD5=E23A56F843E2AEBBB209D0ACCA73C640 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_b4ef7439c4d0da52\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
[2014.03.04 11:17:02 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=998507B046BA314CE8245364C686FA67 -- C:\Windows\System32\winlogon.exe
[2014.03.04 11:17:02 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=998507B046BA314CE8245364C686FA67 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_71da23b23327143c\winlogon.exe
[2014.03.04 12:39:02 | 000,304,640 | ---- | M] (Microsoft Corporation) MD5=D53972F87D850CD2EB4B29B60CAFDD77 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_7255f1994c4f8119\winlogon.exe

< >

< %systemroot%*.* /U /s >
[5 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[329 C:\Windows\temp\*.tmp files -> C:\Windows\temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2013.12.03 11:47:47 | 000,000,000 | ---D | M] -- C:\Users\Honzík\AppData\Roaming\Adobe
[2014.03.06 20:09:06 | 000,000,000 | ---D | M] -- C:\Users\Honzík\AppData\Roaming\Ahead
[2013.12.03 11:34:13 | 000,000,000 | ---D | M] -- C:\Users\Honzík\AppData\Roaming\ATI
[2013.12.03 13:35:58 | 000,000,000 | ---D | M] -- C:\Users\Honzík\AppData\Roaming\AVAST Software
[2014.03.23 15:00:47 | 000,000,000 | ---D | M] -- C:\Users\Honzík\AppData\Roaming\AVG
[2014.06.01 17:45:39 | 000,000,000 | ---D | M] -- C:\Users\Honzík\AppData\Roaming\BitTorrent
[2014.01.20 20:40:35 | 000,000,000 | ---D | M] -- C:\Users\Honzík\AppData\Roaming\DAEMON Tools Lite
[2014.05.07 22:23:51 | 000,000,000 | ---D | M] -- C:\Users\Honzík\AppData\Roaming\Hamachi
[2013.12.03 10:40:26 | 000,000,000 | ---D | M] -- C:\Users\Honzík\AppData\Roaming\Identities
[2014.02.02 17:45:05 | 000,000,000 | ---D | M] -- C:\Users\Honzík\AppData\Roaming\KYE Gila
[2014.02.08 10:46:17 | 000,000,000 | ---D | M] -- C:\Users\Honzík\AppData\Roaming\KYE ImperatorPro
[2013.12.03 11:47:48 | 000,000,000 | ---D | M] -- C:\Users\Honzík\AppData\Roaming\Macromedia
[2014.01.13 20:54:45 | 000,000,000 | ---D | M] -- C:\Users\Honzík\AppData\Roaming\MaskMyIP
[2009.07.14 11:20:06 | 000,000,000 | ---D | M] -- C:\Users\Honzík\AppData\Roaming\Media Center Programs
[2014.04.03 20:53:26 | 000,000,000 | --SD | M] -- C:\Users\Honzík\AppData\Roaming\Microsoft
[2013.12.03 13:05:12 | 000,000,000 | ---D | M] -- C:\Users\Honzík\AppData\Roaming\Mozilla
[2014.02.02 17:45:05 | 000,000,000 | ---D | M] -- C:\Users\Honzík\AppData\Roaming\OBS
[2014.01.25 22:46:02 | 000,000,000 | ---D | M] -- C:\Users\Honzík\AppData\Roaming\Seznam.cz
[2014.06.05 19:44:29 | 000,000,000 | ---D | M] -- C:\Users\Honzík\AppData\Roaming\Skype
[2014.05.02 00:41:31 | 000,000,000 | ---D | M] -- C:\Users\Honzík\AppData\Roaming\Spotify
[2014.02.27 18:11:56 | 000,000,000 | ---D | M] -- C:\Users\Honzík\AppData\Roaming\TeamViewer
[2014.06.02 21:08:00 | 000,000,000 | ---D | M] -- C:\Users\Honzík\AppData\Roaming\TS3Client
[2013.12.08 00:09:40 | 000,000,000 | ---D | M] -- C:\Users\Honzík\AppData\Roaming\Tunngle
[2013.12.03 23:58:39 | 000,000,000 | ---D | M] -- C:\Users\Honzík\AppData\Roaming\VitySoft
[2014.06.05 18:54:45 | 000,000,000 | ---D | M] -- C:\Users\Honzík\AppData\Roaming\vlc
[2014.02.08 10:46:17 | 000,000,000 | ---D | M] -- C:\Users\Honzík\AppData\Roaming\Winamp
[2013.12.03 12:14:41 | 000,000,000 | ---D | M] -- C:\Users\Honzík\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2014.05.21 11:15:26 | 001,242,704 | ---- | M] (BitTorrent Inc.) -- C:\Users\Honzík\AppData\Roaming\BitTorrent\BitTorrent.exe
[2013.12.03 23:24:29 | 001,137,240 | ---- | M] (BitTorrent Inc.) -- C:\Users\Honzík\AppData\Roaming\BitTorrent\updates\7.8.2_30265.exe
[2013.12.03 23:25:03 | 000,895,328 | ---- | M] (BitTorrent Inc.) -- C:\Users\Honzík\AppData\Roaming\BitTorrent\updates\7.8.2_30332.exe
[2014.04.28 22:10:33 | 001,240,664 | ---- | M] (BitTorrent Inc.) -- C:\Users\Honzík\AppData\Roaming\BitTorrent\updates\7.9.1_30889.exe
[2014.05.21 11:14:48 | 001,242,704 | ---- | M] (BitTorrent Inc.) -- C:\Users\Honzík\AppData\Roaming\BitTorrent\updates\7.9.1_31141.exe
[2014.05.21 21:23:24 | 000,155,648 | ---- | M] (obsproject.com) -- C:\Users\Honzík\AppData\Roaming\OBS\updates\updater.exe
[2013.05.16 15:25:04 | 001,062,472 | ---- | M] () -- C:\Users\Honzík\AppData\Roaming\Seznam.cz\szninstall.exe
[2013.04.23 16:35:56 | 001,266,688 | ---- | M] () -- C:\Users\Honzík\AppData\Roaming\Seznam.cz\sznsetup-lt.exe
[2013.05.16 15:26:24 | 002,589,256 | ---- | M] () -- C:\Users\Honzík\AppData\Roaming\Seznam.cz\sznsetup.exe
[2014.04.28 12:25:14 | 006,087,224 | ---- | M] (Spotify Ltd) -- C:\Users\Honzík\AppData\Roaming\Spotify\spotify.exe
[2014.04.28 12:25:14 | 000,061,496 | ---- | M] (Spotify Ltd) -- C:\Users\Honzík\AppData\Roaming\Spotify\SpotifyLauncher.exe
[2014.04.28 12:25:11 | 000,602,680 | ---- | M] () -- C:\Users\Honzík\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
[2014.04.28 12:25:11 | 001,171,000 | ---- | M] (Spotify Ltd) -- C:\Users\Honzík\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2014.06.05 19:43:32 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2014.06.05 18:03:50 | 000,000,936 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2014.06.05 19:34:05 | 000,000,940 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2014.06.01 17:00:01 | 000,000,392 | ---- | M] () -- C:\Windows\Tasks\RegCure Program Check.job
[2014.06.05 04:37:26 | 000,000,374 | ---- | M] () -- C:\Windows\Tasks\RegCure.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2013.12.03 15:46:44 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2014.06.05 18:13:39 | 000,014,224 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.06.05 18:13:39 | 000,014,224 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.06.05 18:03:50 | 000,001,035 | ---- | M] () -- C:\Windows\system32\bscs.ini
[2014.06.04 19:44:08 | 000,000,091 | ---- | M] () -- C:\Windows\system32\LOCALDEVICE.INI
[2014.06.05 18:04:20 | 000,005,065 | ---- | M] () -- C:\Windows\system32\LOCALSERVICE.INI
[2014.06.04 19:44:42 | 000,000,125 | ---- | M] () -- C:\Windows\system32\REMOTEDEVICE.INI

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"DAEMON Tools Lite" = "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun -- [2010.04.01 11:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd)
"Spotify Web Helper" = "C:\Users\Honzík\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" -- [2014.04.28 12:25:11 | 001,171,000 | ---- | M] (Spotify Ltd)
"Skype" = "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun -- [2014.02.10 18:46:14 | 020,922,016 | R--- | M] (Skype Technologies S.A.)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2014.05.10 01:44:32 | 000,275,568 | ---- | M] (Mozilla Corporation) MD5=0DA891CB0703D912CEAFA072F54D002B -- C:\Program Files\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2014.03.08 03:59:00 | 000,811,728 | ---- | M] (Microsoft Corporation) MD5=0667ED9F8E905E1F73DB60ACCEDCBCA7 -- C:\Program Files\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2014.05.14 01:40:56 | 000,860,488 | ---- | M] (Google Inc.) MD5=1620FE36666F4BBC2314B7F360FB1965 -- C:\Program Files\Google\Chrome\Application\chrome.exe

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014.06.05 19:01:13 | 000,000,512 | ---- | M] () MD5=5C463DBAC5472075579482DDA21FB183 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2010.08.06 23:23:48 | 000,000,403 | ---- | M] () -- \Program Files\Amnesia - The Dark Descent\redist\sounds\11\11_glass_crack.snt
[2010.08.06 23:23:48 | 000,020,362 | ---- | M] () -- \Program Files\Amnesia - The Dark Descent\redist\sounds\11\11_glass_crack01.ogg
[2010.08.06 23:23:48 | 000,020,539 | ---- | M] () -- \Program Files\Amnesia - The Dark Descent\redist\sounds\11\11_glass_crack02.ogg
[2010.08.06 23:23:48 | 000,019,081 | ---- | M] () -- \Program Files\Amnesia - The Dark Descent\redist\sounds\11\11_glass_crack03.ogg
[2010.08.07 00:00:56 | 000,013,009 | ---- | M] () -- \Program Files\Amnesia - The Dark Descent\redist\static_objects\castlebase\ceiling\corridor_crack.dae
[2010.08.27 07:33:12 | 000,014,477 | ---- | M] () -- \Program Files\Amnesia - The Dark Descent\redist\static_objects\castlebase\ceiling\corridor_crack.msh
[2010.08.06 23:50:20 | 000,094,462 | ---- | M] () -- \Program Files\Amnesia - The Dark Descent\redist\static_objects\cellarbase\special\cracked_ceiling.dae
[2010.08.27 07:33:24 | 000,065,436 | ---- | M] () -- \Program Files\Amnesia - The Dark Descent\redist\static_objects\cellarbase\special\cracked_ceiling.msh
[2010.08.06 23:50:02 | 000,349,680 | ---- | M] () -- \Program Files\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_blue.dds
[2010.08.06 23:50:02 | 000,000,932 | ---- | M] () -- \Program Files\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_blue.mat
[2010.08.06 23:50:02 | 000,016,101 | ---- | M] () -- \Program Files\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_blue01.dae
[2010.08.27 07:33:34 | 000,001,220 | ---- | M] () -- \Program Files\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_blue01.msh
[2010.08.06 23:50:04 | 000,016,053 | ---- | M] () -- \Program Files\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_blue02.dae
[2010.08.27 07:33:34 | 000,001,220 | ---- | M] () -- \Program Files\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_blue02.msh
[2010.08.06 23:50:02 | 000,016,053 | ---- | M] () -- \Program Files\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_blue03.dae
[2010.08.27 07:33:34 | 000,001,220 | ---- | M] () -- \Program Files\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_blue03.msh
[2010.08.06 23:50:04 | 000,016,053 | ---- | M] () -- \Program Files\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_blue04.dae
[2010.08.27 07:33:34 | 000,001,220 | ---- | M] () -- \Program Files\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_blue04.msh
[2010.08.06 23:50:04 | 000,349,680 | ---- | M] () -- \Program Files\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_blue_back.dds
[2010.08.06 23:50:04 | 000,000,410 | ---- | M] () -- \Program Files\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_blue_back.mat
[2010.08.06 23:50:02 | 000,349,680 | ---- | M] () -- \Program Files\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_brown.dds
[2010.08.06 23:50:02 | 000,000,933 | ---- | M] () -- \Program Files\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_brown.mat
[2010.08.06 23:50:02 | 000,016,057 | ---- | M] () -- \Program Files\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_brown01.dae
[2010.08.27 07:33:34 | 000,001,222 | ---- | M] () -- \Program Files\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_brown01.msh
[2010.08.06 23:50:04 | 000,016,057 | ---- | M] () -- \Program Files\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_brown02.dae
[2010.08.27 07:33:34 | 000,001,222 | ---- | M] () -- \Program Files\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_brown02.msh
[2010.08.06 23:50:02 | 000,016,057 | ---- | M] () -- \Program Files\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_brown03.dae
[2010.08.27 07:33:34 | 000,001,222 | ---- | M] () -- \Program Files\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_brown03.msh
[2010.08.06 23:50:04 | 000,016,057 | ---- | M] () -- \Program Files\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_brown04.dae
[2010.08.27 07:33:34 | 000,001,222 | ---- | M] () -- \Program Files\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_brown04.msh
[2010.08.06 23:50:02 | 000,349,680 | ---- | M] () -- \Program Files\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_brown_back.dds
[2010.08.06 23:50:04 | 000,000,409 | ---- | M] () -- \Program Files\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_brown_back.mat
[2010.08.06 23:50:02 | 000,349,680 | ---- | M] () -- \Program Files\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_nrm.dds
[2010.08.06 23:50:02 | 000,174,904 | ---- | M] () -- \Program Files\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_spec.dds
[2010.08.06 23:49:16 | 000,062,915 | ---- | M] () -- \Program Files\Amnesia - The Dark Descent\redist\static_objects\dungeonbase\ceiling\default_cracked.dae
[2010.08.27 07:33:40 | 000,037,741 | ---- | M] () -- \Program Files\Amnesia - The Dark Descent\redist\static_objects\dungeonbase\ceiling\default_cracked.msh
[2010.08.06 23:48:40 | 000,019,532 | ---- | M] () -- \Program Files\Amnesia - The Dark Descent\redist\static_objects\dungeonbase\wall\corridor_graves_cracked.dae
[2010.08.27 07:33:50 | 000,017,545 | ---- | M] () -- \Program Files\Amnesia - The Dark Descent\redist\static_objects\dungeonbase\wall\corridor_graves_cracked.msh
[2013.12.03 23:58:45 | 000,005,592 | ---- | M] () -- \Users\Honzík\AppData\Roaming\VitySoft\FRD\plugins\crackle.frp
[2014.03.15 18:42:39 | 000,012,116 | ---- | M] () -- \Users\Honzík\Documents\Battlefield 2\mods\bf2\cache\{D7B71EE2-2419-11CF-B070-99C1BEC2C535}_2442_3\rashaderstmbasedetailcrack.cfx
[2014.03.15 18:42:43 | 000,012,168 | ---- | M] () -- \Users\Honzík\Documents\Battlefield 2\mods\bf2\cache\{D7B71EE2-2419-11CF-B070-99C1BEC2C535}_2442_3\rashaderstmbasedetailcrackalphatest.cfx
[2014.03.15 18:42:43 | 000,012,536 | ---- | M] () -- \Users\Honzík\Documents\Battlefield 2\mods\bf2\cache\{D7B71EE2-2419-11CF-B070-99C1BEC2C535}_2442_3\rashaderstmbasedetailcrackalphatestlightmap.cfx
[2014.03.15 18:42:45 | 000,013,084 | ---- | M] () -- \Users\Honzík\Documents\Battlefield 2\mods\bf2\cache\{D7B71EE2-2419-11CF-B070-99C1BEC2C535}_2442_3\rashaderstmbasedetailcrackalphatestlightmapshadow.cfx
[2014.03.15 18:42:47 | 000,012,436 | ---- | M] () -- \Users\Honzík\Documents\Battlefield 2\mods\bf2\cache\{D7B71EE2-2419-11CF-B070-99C1BEC2C535}_2442_3\rashaderstmbasedetailcrackalphatestpointlight.cfx
[2014.03.15 18:42:45 | 000,012,720 | ---- | M] () -- \Users\Honzík\Documents\Battlefield 2\mods\bf2\cache\{D7B71EE2-2419-11CF-B070-99C1BEC2C535}_2442_3\rashaderstmbasedetailcrackalphatestshadow.cfx
[2014.03.15 18:42:39 | 000,012,484 | ---- | M] () -- \Users\Honzík\Documents\Battlefield 2\mods\bf2\cache\{D7B71EE2-2419-11CF-B070-99C1BEC2C535}_2442_3\rashaderstmbasedetailcracklightmap.cfx
[2014.03.15 18:42:41 | 000,013,032 | ---- | M] () -- \Users\Honzík\Documents\Battlefield 2\mods\bf2\cache\{D7B71EE2-2419-11CF-B070-99C1BEC2C535}_2442_3\rashaderstmbasedetailcracklightmapshadow.cfx
[2014.03.15 18:42:40 | 000,012,720 | ---- | M] () -- \Users\Honzík\Documents\Battlefield 2\mods\bf2\cache\{D7B71EE2-2419-11CF-B070-99C1BEC2C535}_2442_3\rashaderstmbasedetailcrackndetailncrack.cfx
[2014.03.15 18:42:44 | 000,012,756 | ---- | M] () -- \Users\Honzík\Documents\Battlefield 2\mods\bf2\cache\{D7B71EE2-2419-11CF-B070-99C1BEC2C535}_2442_3\rashaderstmbasedetailcrackndetailncrackalphatest.cfx
[2014.03.15 18:42:44 | 000,013,096 | ---- | M] () -- \Users\Honzík\Documents\Battlefield 2\mods\bf2\cache\{D7B71EE2-2419-11CF-B070-99C1BEC2C535}_2442_3\rashaderstmbasedetailcrackndetailncrackalphatestlightmap.cfx
[2014.03.15 18:42:46 | 000,013,672 | ---- | M] () -- \Users\Honzík\Documents\Battlefield 2\mods\bf2\cache\{D7B71EE2-2419-11CF-B070-99C1BEC2C535}_2442_3\rashaderstmbasedetailcrackndetailncrackalphatestlightmapshadow.cfx
[2014.03.15 18:42:47 | 000,012,816 | ---- | M] () -- \Users\Honzík\Documents\Battlefield 2\mods\bf2\cache\{D7B71EE2-2419-11CF-B070-99C1BEC2C535}_2442_3\rashaderstmbasedetailcrackndetailncrackalphatestpointlight.cfx
[2014.03.15 18:42:46 | 000,013,348 | ---- | M] () -- \Users\Honzík\Documents\Battlefield 2\mods\bf2\cache\{D7B71EE2-2419-11CF-B070-99C1BEC2C535}_2442_3\rashaderstmbasedetailcrackndetailncrackalphatestshadow.cfx
[2014.03.15 18:42:40 | 000,013,060 | ---- | M] () -- \Users\Honzík\Documents\Battlefield 2\mods\bf2\cache\{D7B71EE2-2419-11CF-B070-99C1BEC2C535}_2442_3\rashaderstmbasedetailcrackndetailncracklightmap.cfx
[2014.03.15 18:42:42 | 000,013,636 | ---- | M] () -- \Users\Honzík\Documents\Battlefield 2\mods\bf2\cache\{D7B71EE2-2419-11CF-B070-99C1BEC2C535}_2442_3\rashaderstmbasedetailcrackndetailncracklightmapshadow.cfx
[2014.03.15 18:42:40 | 000,012,880 | ---- | M] () -- \Users\Honzík\Documents\Battlefield 2\mods\bf2\cache\{D7B71EE2-2419-11CF-B070-99C1BEC2C535}_2442_3\rashaderstmbasedetailcrackndetailncrackparallaxdetail.cfx
[2014.03.15 18:42:44 | 000,012,916 | ---- | M] () -- \Users\Honzík\Documents\Battlefield 2\mods\bf2\cache\{D7B71EE2-2419-11CF-B070-99C1BEC2C535}_2442_3\rashaderstmbasedetailcrackndetailncrackparallaxdetailalphatest.cfx
[2014.03.15 18:42:44 | 000,013,256 | ---- | M] () -- \Users\Honzík\Documents\Battlefield 2\mods\bf2\cache\{D7B71EE2-2419-11CF-B070-99C1BEC2C535}_2442_3\rashaderstmbasedetailcrackndetailncrackparallaxdetailalphatestlightmap.cfx
[2014.03.15 18:42:47 | 000,013,832 | ---- | M] () -- \Users\Honzík\Documents\Battlefield 2\mods\bf2\cache\{D7B71EE2-2419-11CF-B070-99C1BEC2C535}_2442_3\rashaderstmbasedetailcrackndetailncrackparallaxdetailalphatestlightmapshadow.cfx
[2014.03.15 18:42:47 | 000,012,940 | ---- | M] () -- \Users\Honzík\Documents\Battlefield 2\mods\bf2\cache\{D7B71EE2-2419-11CF-B070-99C1BEC2C535}_2442_3\rashaderstmbasedetailcrackndetailncrackparallaxdetailalphatestpointlight.cfx
[2014.03.15 18:42:46 | 000,013,508 | ---- | M] () -- \Users\Honzík\Documents\Battlefield 2\mods\bf2\cache\{D7B71EE2-2419-11CF-B070-99C1BEC2C535}_2442_3\rashaderstmbasedetailcrackndetailncrackparallaxdetailalphatestshadow.cfx
[2014.03.15 18:42:40 | 000,013,220 | ---- | M] () -- \Users\Honzík\Documents\Battlefield 2\mods\bf2\cache\{D7B71EE2-2419-11CF-B070-99C1BEC2C535}_2442_3\rashaderstmbasedetailcrackndetailncrackparallaxdetaillightmap.cfx
[2014.03.15 18:42:42 | 000,013,796 | ---- | M] () -- \Users\Honzík\Documents\Battlefield 2\mods\bf2\cache\{D7B71EE2-2419-11CF-B070-99C1BEC2C535}_2442_3\rashaderstmbasedetailcrackndetailncrackparallaxdetaillightmapshadow.cfx
[2014.03.15 18:42:43 | 000,012,904 | ---- | M] () -- \Users\Honzík\Documents\Battlefield 2\mods\bf2\cache\{D7B71EE2-2419-11CF-B070-99C1BEC2C535}_2442_3\rashaderstmbasedetailcrackndetailncrackparallaxdetailpointlight.cfx
[2014.03.15 18:42:42 | 000,013,472 | ---- | M] () -- \Users\Honzík\Documents\Battlefield 2\mods\bf2\cache\{D7B71EE2-2419-11CF-B070-99C1BEC2C535}_2442_3\rashaderstmbasedetailcrackndetailncrackparallaxdetailshadow.cfx
[2014.03.15 18:42:43 | 000,012,780 | ---- | M] () -- \Users\Honzík\Documents\Battlefield 2\mods\bf2\cache\{D7B71EE2-2419-11CF-B070-99C1BEC2C535}_2442_3\rashaderstmbasedetailcrackndetailncrackpointlight.cfx
[2014.03.15 18:42:42 | 000,013,312 | ---- | M] () -- \Users\Honzík\Documents\Battlefield 2\mods\bf2\cache\{D7B71EE2-2419-11CF-B070-99C1BEC2C535}_2442_3\rashaderstmbasedetailcrackndetailncrackshadow.cfx
[2014.03.15 18:42:42 | 000,012,400 | ---- | M] () -- \Users\Honzík\Documents\Battlefield 2\mods\bf2\cache\{D7B71EE2-2419-11CF-B070-99C1BEC2C535}_2442_3\rashaderstmbasedetailcrackpointlight.cfx
[2014.03.15 18:42:41 | 000,012,668 | ---- | M] () -- \Users\Honzík\Documents\Battlefield 2\mods\bf2\cache\{D7B71EE2-2419-11CF-B070-99C1BEC2C535}_2442_3\rashaderstmbasedetailcrackshadow.cfx
[2014.03.15 18:42:39 | 000,012,296 | ---- | M] () -- \Users\Honzík\Documents\Battlefield 2\mods\bf2\cache\{D7B71EE2-2419-11CF-B070-99C1BEC2C535}_2442_3\rashaderstmbasedetaildirtcrack.cfx
[2014.03.15 18:42:43 | 000,012,348 | ---- | M] () -- \Users\Honzík\Documents\Battlefield 2\mods\bf2\cache\{D7B71EE2-2419-11CF-B070-99C1BEC2C535}_2442_3\rashaderstmbasedetaildirtcrackalphatest.cfx
[2014.03.15 18:42:43 | 000,012,716 | ---- | M] () -- \Users\Honzík\Documents\Battlefield 2\mods\bf2\cache\{D7B71EE2-2419-11CF-B070-99C1BEC2C535}_2442_3\rashaderstmbasedetaildirtcrackalphatestlightmap.cfx
[2014.03.15 18:42:45 | 000,013,264 | ---- | M] () -- \Users\Honzík\Documents\Battlefield 2\mods\bf2\cache\{D7B71EE2-2419-11CF-B070-99C1BEC2C535}_2442_3\rashaderstmbasedetaildirtcrackalphatestlightmapshadow.cfx
[2014.03.15 18:42:47 | 000,012,612 | ---- | M] () -- \Users\Honzík\Documents\Battlefield 2\mods\bf2\cache\{D7B71EE2-2419-11CF-B070-99C1BEC2C535}_2442_3\rashaderstmbasedetaildirtcrackalphatestpointlight.cfx
[2014.03.15 18:42:45 | 000,012,900 | ---- | M] () -- \Users\Honzík\Documents\Battlefield 2\mods\bf2\cache\{D7B71EE2-2419-11CF-B070-99C1BEC2C535}_2442_3\rashaderstmbasedetaildirtcrackalphatestshadow.cfx
[2014.03.15 18:42:39 | 000,012,664 | ---- | M] () -- \Users\Honzík\Documents\Battlefield 2\mods\bf2\cache\{D7B71EE2-2419-11CF-B070-99C1BEC2C535}_2442_3\rashaderstmbasedetaildirtcracklightmap.cfx
[2014.03.15 18:42:41 | 000,013,212 | ---- | M] () -- \Users\Honzík\Documents\Battlefield 2\mods\bf2\cache\{D7B71EE2-2419-11CF-B070-99C1BEC2C535}_2442_3\rashaderstmbasedetaildirtcracklightmapshadow.cfx
[2014.03.15 18:42:40 | 000,012,900 | ---- | M] () -- \Users\Honzík\Documents\Battlefield 2\mods\bf2\cache\{D7B71EE2-2419-11CF-B070-99C1BEC2C535}_2442_3\rashaderstmbasedetaildirtcrackndetailncrack.cfx
[2014.03.15 18:42:44 | 000,012,936 | ---- | M] () -- \Users\Honzík\Documents\Battlefield 2\mods\bf2\cache\{D7B71EE2-2419-11CF-B070-99C1BEC2C535}_2442_3\rashaderstmbasedetaildirtcrackndetailncrackalphatest.cfx
[2014.03.15 18:42:44 | 000,013,276 | ---- | M] () -- \Users\Honzík\Documents\Battlefield 2\mods\bf2\cache\{D7B71EE2-2419-11CF-B070-99C1BEC2C535}_2442_3\rashaderstmbasedetaildirtcrackndetailncrackalphatestlightmap.cfx
[2014.03.15 18:42:46 | 000,013,852 | ---- | M] () -- \Users\Honzík\Documents\Battlefield 2\mods\bf2\cache\{D7B71EE2-2419-11CF-B070-99C1BEC2C535}_2442_3\rashaderstmbasedetaildirtcrackndetailncrackalphatestlightmapshadow.cfx
[2014.03.15 18:42:47 | 000,012,996 | ---- | M] () -- \Users\Honzík\Documents\Battlefield 2\mods\bf2\cache\{D7B71EE2-2419-11CF-B070-99C1BEC2C535}_2442_3\rashaderstmbasedetaildirtcrackndetailncrackalphatestpointlight.cfx
[2014.03.15 18:42:46 | 000,013,528 | ---- | M] () -- \Users\Honzík\Documents\Battlefield 2\mods\bf2\cache\{D7B71EE2-2419-11CF-B070-99C1BEC2C535}_2442_3\rashaderstmbasedetaildirtcrackndetailncrackalphatestshadow.cfx
[2014.03.15 18:42:40 | 000,013,240 | ---- | M] () -- \Users\Honzík\Documents\Battlefield 2\mods\bf2\cache\{D7B71EE2-2419-11CF-B070-99C1BEC2C535}_2442_3\rashaderstmbasedetaildirtcrackndetailncracklightmap.cfx
[2014.03.15 18:42:42 | 000,013,816 | ---- | M] () -- \Users\Honzík\Documents\Battlefield 2\mods\bf2\cache\{D7B71EE2-2419-11CF-B070-99C1BEC2C535}_2442_3\rashaderstmbasedetaildirtcrackndetailncracklightmapshadow.cfx
[2014.03.15 18:42:40 | 000,013,060 | ---- | M] () -- \Users\Honzík\Documents\Battlefield 2\mods\bf2\cache\{D7B71EE2-2419-11CF-B070-99C1BEC2C535}_2442_3\rashaderstmbasedetaildirtcrackndetailncrackparallaxdetail.cfx
[2014.03.15 18:42:44 | 000,013,096 | ---- | M] () -- \Users\Honzík\Documents\Battlefield 2\mods\bf2\cache\{D7B71EE2-2419-11CF-B070-99C1BEC2C535}_2442_3\rashaderstmbasedetaildirtcrackndetailncrackparallaxdetailalphatest.cfx
[2014.03.15 18:42:45 | 000,013,436 | ---- | M] () -- \Users\Honzík\Documents\Battlefield 2\mods\bf2\cache\{D7B71EE2-2419-11CF-B070-99C1BEC2C535}_2442_3\rashaderstmbasedetaildirtcrackndetailncrackparallaxdetailalphatestlightmap.cfx
[2014.03.15 18:42:47 | 000,014,012 | ---- | M] () -- \Users\Honzík\Documents\Battlefield 2\mods\bf2\cache\{D7B71EE2-2419-11CF-B070-99C1BEC2C535}_2442_3\rashaderstmbasedetaildirtcrackndetailncrackparallaxdetailalphatestlightmapshadow.cfx
[2014.03.15 18:42:47 | 000,013,120 | ---- | M] () -- \Users\Honzík\Documents\Battlefield 2\mods\bf2\cache\{D7B71EE2-2419-11CF-B070-99C1BEC2C535}_2442_3\rashaderstmbasedetaildirtcrackndetailncrackparallaxdetailalphatestpointlight.cfx
[2014.03.15 18:42:47 | 000,013,688 | ---- | M] () -- \Users\Honzík\Documents\Battlefield 2\mods\bf2\cache\{D7B71EE2-2419-11CF-B070-99C1BEC2C535}_2442_3\rashaderstmbasedetaildirtcrackndetailncrackparallaxdetailalphatestshadow.cfx
[2014.03.15 18:42:40 | 000,013,400 | ---- | M] () -- \Users\Honzík\Documents\Battlefield 2\mods\bf2\cache\{D7B71EE2-2419-11CF-B070-99C1BEC2C535}_2442_3\rashaderstmbasedetaildirtcrackndetailncrackparallaxdetaillightmap.cfx
[2014.03.15 18:42:42 | 000,013,976 | ---- | M] () -- \Users\Honzík\Documents\Battlefield 2\mods\bf2\cache\{D7B71EE2-2419-11CF-B070-99C1BEC2C535}_2442_3\rashaderstmbasedetaildirtcrackndetailncrackparallaxdetaillightmapshadow.cfx
[2014.03.15 18:42:43 | 000,013,084 | ---- | M] () -- \Users\Honzík\Documents\Battlefield 2\mods\bf2\cache\{D7B71EE2-2419-11CF-B070-99C1BEC2C535}_2442_3\rashaderstmbasedetaildirtcrackndetailncrackparallaxdetailpointlight.cfx
[2014.03.15 18:42:42 | 000,013,652 | ---- | M] () -- \Users\Honzík\Documents\Battlefield 2\mods\bf2\cache\{D7B71EE2-2419-11CF-B070-99C1BEC2C535}_2442_3\rashaderstmbasedetaildirtcrackndetailncrackparallaxdetailshadow.cfx
[2014.03.15 18:42:43 | 000,012,960 | ---- | M] () -- \Users\Honzík\Documents\Battlefield 2\mods\bf2\cache\{D7B71EE2-2419-11CF-B070-99C1BEC2C535}_2442_3\rashaderstmbasedetaildirtcrackndetailncrackpointlight.cfx
[2014.03.15 18:42:42 | 000,013,492 | ---- | M] () -- \Users\Honzík\Documents\Battlefield 2\mods\bf2\cache\{D7B71EE2-2419-11CF-B070-99C1BEC2C535}_2442_3\rashaderstmbasedetaildirtcrackndetailncrackshadow.cfx
[2014.03.15 18:42:42 | 000,012,576 | ---- | M] () -- \Users\Honzík\Documents\Battlefield 2\mods\bf2\cache\{D7B71EE2-2419-11CF-B070-99C1BEC2C535}_2442_3\rashaderstmbasedetaildirtcrackpointlight.cfx
[2014.03.15 18:42:41 | 000,012,848 | ---- | M] () -- \Users\Honzík\Documents\Battlefield 2\mods\bf2\cache\{D7B71EE2-2419-11CF-B070-99C1BEC2C535}_2442_3\rashaderstmbasedetaildirtcrackshadow.cfx

< *keygen* /s >

< *loader* /s >
[2010.08.24 18:23:59 | 000,071,008 | ---- | M] () -- \Program Files\2K Games\Mafia II\pc\PhysXLoader.dll
[2014.04.25 09:51:05 | 000,072,480 | ---- | M] () -- \Program Files\AVAST Software\Avast\aswWrcIELoader32.exe
[2007.03.12 14:48:46 | 000,177,712 | ---- | M] () -- \Program Files\Common Files\Ahead\Lib\NeGuideStoreLoader.dll
[2006.10.26 14:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 14:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2010.10.13 00:06:53 | 000,132,096 | ---- | M] () -- \Program Files\Electronic Arts\Medal of Honor\Binaries\loader.dll
[2010.09.02 05:45:20 | 000,065,536 | ---- | M] () -- \Program Files\Electronic Arts\Medal of Honor\Binaries\PhysXLocal\PhysXLoader.dll
[2013.12.18 22:04:09 | 000,175,016 | ---- | M] () -- \Program Files\Java\jre7\launch4j-tmp\Free Rapid Downloader.exe
[2009.05.31 04:21:00 | 000,071,008 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2006.12.23 18:37:56 | 000,044,032 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2014.06.01 08:40:55 | 000,001,980 | ---- | M] () -- \Users\Honzík\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\51H803D6\AdLoader[1].htm
[2014.05.30 17:01:03 | 000,001,980 | ---- | M] () -- \Users\Honzík\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CJ51K88Z\AdLoader[1].htm
[2014.05.30 13:30:42 | 000,017,912 | ---- | M] () -- \Users\Honzík\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DAZNU9S5\AdLoader-3b8e790904fffcf74f96367cd382e261.min[1].js
[2014.06.04 04:20:51 | 000,001,980 | ---- | M] () -- \Users\Honzík\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DAZNU9S5\AdLoader[1].htm
[2014.01.28 20:35:56 | 000,072,638 | ---- | M] () -- \Users\Honzík\AppData\Local\Skype\Apps\login\images\loader.gif
[2014.01.28 20:35:56 | 000,003,032 | ---- | M] () -- \Users\Honzík\AppData\Local\Skype\Apps\login\images\loader.png
[2014.01.28 20:35:56 | 000,006,012 | ---- | M] () -- \Users\Honzík\AppData\Local\Skype\Apps\login\images\normal\loader_15fps.gif
[2014.01.28 20:35:56 | 000,021,956 | ---- | M] () -- \Users\Honzík\AppData\Local\Skype\Apps\login\images\normal\loader_30fps.gif
[2014.01.28 20:35:56 | 000,009,772 | ---- | M] () -- \Users\Honzík\AppData\Local\Skype\Apps\login\images\retina\loader@2x.png
[2013.04.23 16:35:56 | 000,031,516 | ---- | M] () -- \Users\Honzík\AppData\Roaming\Seznam.cz\install\cz.seznam.software.libfoxloader-3.1.2-win32.zip
[2013.12.03 23:58:32 | 000,001,242 | ---- | M] () -- \Users\Honzík\Desktop\Free Rapid Downloader – zástupce.lnk
[2013.09.15 21:50:00 | 000,035,840 | ---- | M] () -- \Users\Honzík\Desktop\FreeRapid-0.9u3\Free Rapid Downloader.exe
[2013.12.03 12:11:32 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2014.06.02 20:27:07 | 000,012,740 | ---- | M] () -- \Windows\Prefetch\FREE RAPID DOWNLOADER.EXE-0BDA892C.pf
[2014.06.02 20:27:19 | 000,219,052 | ---- | M] () -- \Windows\Prefetch\FREE RAPID DOWNLOADER.EXE-746363A3.pf
[2009.07.14 14:25:34 | 002,202,645 | R--- | M] () -- \Windows\Setup\SCRIPTS\Windows7Loader.exe
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2009.07.14 06:54:01 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2009.07.14 10:43:57 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest

[2009.07.14 10:43:57 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winload.exe.mui_3bc5b827
[2009.07.14 10:43:57 | 000,030,272 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winresume.exe.mui_ff8b5358
[2013.12.04 13:40:17 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_da-dk_d052a4f454a30b85.manifest
[2013.12.04 13:40:17 | 000,034,384 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_da-dk_d052a4f454a30b85_winload.exe.mui_3bc5b827
[2013.12.04 13:40:17 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_da-dk_d052a4f454a30b85_winresume.exe.mui_ff8b5358
[2013.12.04 01:17:18 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_de-de_cd7e3a305679601f.manifest
[2013.12.04 01:17:18 | 000,035,920 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_de-de_cd7e3a305679601f_winload.exe.mui_3bc5b827
[2013.12.04 01:17:18 | 000,030,800 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_de-de_cd7e3a305679601f_winresume.exe.mui_ff8b5358
[2013.12.04 15:08:42 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_el-gr_761467c3458ec8ad.manifest
[2013.12.04 15:08:42 | 000,036,944 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_el-gr_761467c3458ec8ad_winload.exe.mui_3bc5b827
[2013.12.04 15:08:42 | 000,031,312 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_el-gr_761467c3458ec8ad_winresume.exe.mui_ff8b5358
[2013.12.04 00:41:06 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4.manifest
[2013.12.04 00:41:06 | 000,033,344 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4_winload.exe.mui_3bc5b827
[2013.12.04 00:41:06 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4_winresume.exe.mui_ff8b5358
[2013.12.04 13:28:25 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_es-es_763a6d0d457e5d89.manifest
[2013.12.04 13:28:25 | 000,035,408 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_es-es_763a6d0d457e5d89_winload.exe.mui_3bc5b827
[2013.12.04 13:28:25 | 000,030,272 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_es-es_763a6d0d457e5d89_winresume.exe.mui_ff8b5358
[2013.12.04 14:04:01 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_fr-fr_18f1e30c385073eb.manifest
[2013.12.04 14:04:01 | 000,035,904 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_fr-fr_18f1e30c385073eb_winload.exe.mui_3bc5b827
[2013.12.04 14:04:01 | 000,030,784 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_fr-fr_18f1e30c385073eb_winresume.exe.mui_ff8b5358
[2013.12.04 16:45:17 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_hu-hu_606263541cb04307.manifest
[2013.12.04 16:45:17 | 000,035,392 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_hu-hu_606263541cb04307_winload.exe.mui_3bc5b827
[2013.12.04 16:45:17 | 000,030,272 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_hu-hu_606263541cb04307_winresume.exe.mui_ff8b5358
[2013.12.04 14:38:49 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_it-it_0319d9530f825969.manifest
[2013.12.04 14:38:49 | 000,035,408 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_it-it_0319d9530f825969_winload.exe.mui_3bc5b827
[2013.12.04 14:38:49 | 000,030,800 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_it-it_0319d9530f825969_winresume.exe.mui_ff8b5358
[2013.12.04 16:58:52 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_ja-jp_a53f5860029d6b44.manifest
[2013.12.04 16:58:52 | 000,029,264 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_ja-jp_a53f5860029d6b44_winload.exe.mui_3bc5b827
[2013.12.04 16:58:52 | 000,026,704 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_ja-jp_a53f5860029d6b44_winresume.exe.mui_ff8b5358
[2013.12.04 18:48:52 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_ko-kr_48a93514f50e325a.manifest
[2013.12.04 18:48:52 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_ko-kr_48a93514f50e325a_winload.exe.mui_3bc5b827
[2013.12.04 18:48:52 | 000,027,216 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_ko-kr_48a93514f50e325a_winresume.exe.mui_ff8b5358
[2013.12.04 15:37:36 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_nb-no_313bb649cd335e16.manifest
[2013.12.04 15:37:36 | 000,034,384 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_nb-no_313bb649cd335e16_winload.exe.mui_3bc5b827
[2013.12.04 15:37:36 | 000,029,760 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_nb-no_313bb649cd335e16_winresume.exe.mui_ff8b5358
[2013.12.04 15:56:51 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_nl-nl_2f7b0187ce5f67eb.manifest
[2013.12.04 15:56:51 | 000,035,392 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_nl-nl_2f7b0187ce5f67eb_winload.exe.mui_3bc5b827
[2013.12.04 15:56:51 | 000,030,272 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_nl-nl_2f7b0187ce5f67eb_winresume.exe.mui_ff8b5358
[2013.12.04 13:03:43 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_pl-pl_75b75c09b381d59f.manifest
[2013.12.04 13:03:43 | 000,035,904 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_pl-pl_75b75c09b381d59f_winload.exe.mui_3bc5b827
[2013.12.04 13:03:43 | 000,030,272 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_pl-pl_75b75c09b381d59f_winresume.exe.mui_ff8b5358
[2013.12.04 12:38:10 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_pt-br_780b46adb20b6983.manifest
[2013.12.04 12:38:10 | 000,035,408 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_pt-br_780b46adb20b6983_winload.exe.mui_3bc5b827
[2013.12.04 12:38:10 | 000,030,272 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_pt-br_780b46adb20b6983_winresume.exe.mui_ff8b5358
[2013.12.04 13:50:24 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_pt-pt_78ed1619b17ad95f.manifest
[2013.12.04 13:50:24 | 000,035,920 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_pt-pt_78ed1619b17ad95f_winload.exe.mui_3bc5b827
[2013.12.04 13:50:24 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_pt-pt_78ed1619b17ad95f_winresume.exe.mui_ff8b5358
[2013.12.04 12:51:20 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_ru-ru_bf9027dd965c678b.manifest
[2013.12.04 12:51:20 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_ru-ru_bf9027dd965c678b_winload.exe.mui_3bc5b827
[2013.12.04 12:51:20 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_ru-ru_bf9027dd965c678b_winresume.exe.mui_ff8b5358
[2013.12.04 19:11:45 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_sv-se_5b8b12528d8571e6.manifest
[2013.12.04 19:11:45 | 000,034,384 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_sv-se_5b8b12528d8571e6_winload.exe.mui_3bc5b827
[2013.12.04 19:11:45 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_sv-se_5b8b12528d8571e6_winresume.exe.mui_ff8b5358
[2013.12.04 00:49:35 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_tr-tr_04985c997c4173d7.manifest
[2013.12.04 00:49:35 | 000,033,872 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_tr-tr_04985c997c4173d7_winload.exe.mui_3bc5b827
[2013.12.04 00:49:35 | 000,030,272 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_tr-tr_04985c997c4173d7_winresume.exe.mui_ff8b5358
[2013.12.04 13:15:52 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_zh-hk_d4a073252d54b886.manifest
[2013.12.04 13:15:52 | 000,028,224 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_zh-hk_d4a073252d54b886_winload.exe.mui_3bc5b827
[2013.12.04 13:15:52 | 000,026,176 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_zh-hk_d4a073252d54b886_winresume.exe.mui_ff8b5358
[2013.12.04 16:31:51 | 000,002,838 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.17514_fi-fi_178685823786d34d.manifest
[2013.12.04 16:31:51 | 000,034,880 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.17514_fi-fi_178685823786d34d_winload.exe.mui_3bc5b827
[2013.12.04 16:31:51 | 000,030,080 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.17514_fi-fi_178685823786d34d_winresume.exe.mui_ff8b5358
[2013.12.04 17:40:19 | 000,002,838 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.17514_zh-cn_d8268e5f2967c990.manifest
[2013.12.04 17:40:19 | 000,028,224 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.17514_zh-cn_d8268e5f2967c990_winload.exe.mui_3bc5b827
[2013.12.04 17:40:19 | 000,026,496 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.17514_zh-cn_d8268e5f2967c990_winresume.exe.mui_ff8b5358
[2013.12.03 18:57:43 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2013.12.03 18:57:43 | 000,508,904 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winload.exe_75835076
[2013.12.03 18:57:43 | 000,442,720 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winresume.exe_85cd1215
[2009.07.14 04:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 04:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2009.07.14 10:42:11 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.07.13 19:52:48 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_da-dk_d052a4f454a30b85.manifest
[2009.07.13 19:59:34 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_de-de_cd7e3a305679601f.manifest
[2009.07.13 19:57:28 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_el-gr_761467c3458ec8ad.manifest
[2009.07.13 19:29:12 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4.manifest
[2009.07.13 19:54:18 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_es-es_763a6d0d457e5d89.manifest
[2009.07.13 19:57:16 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_fi-fi_155571ba3a984fb3.manifest
[2009.07.13 19:59:56 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_fr-fr_18f1e30c385073eb.manifest
[2009.07.13 19:55:58 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_hu-hu_606263541cb04307.manifest
[2009.07.13 19:54:10 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_it-it_0319d9530f825969.manifest
[2009.07.13 22:07:04 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_ja-jp_a53f5860029d6b44.manifest
[2009.07.13 21:13:38 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_ko-kr_48a93514f50e325a.manifest
[2009.07.13 19:57:30 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_nb-no_313bb649cd335e16.manifest
[2009.07.13 19:59:36 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_nl-nl_2f7b0187ce5f67eb.manifest
[2009.07.13 19:59:10 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_pl-pl_75b75c09b381d59f.manifest
[2009.07.13 19:59:10 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_pt-br_780b46adb20b6983.manifest
[2009.07.13 19:56:06 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_pt-pt_78ed1619b17ad95f.manifest
[2009.07.13 19:59:58 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_ru-ru_bf9027dd965c678b.manifest
[2009.07.13 19:55:58 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_sv-se_5b8b12528d8571e6.manifest
[2009.07.13 19:59:58 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_tr-tr_04985c997c4173d7.manifest
[2009.07.13 21:12:50 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_zh-cn_d5f57a972c7945f6.manifest
[2009.07.13 19:49:16 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_zh-hk_d4a073252d54b886.manifest
[2010.11.20 08:28:20 | 000,002,838 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.17514_fi-fi_178685823786d34d.manifest
[2010.11.20 08:38:52 | 000,002,838 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.17514_zh-cn_d8268e5f2967c990.manifest
[2009.07.14 03:47:46 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2010.11.20 06:02:40 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2009.07.14 03:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:56:23 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_0a96fc99dd17f16b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:44:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_0b12ca80f6405e48\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 07:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.04 12:35:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_0d44e078f32df860\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.12 04:03:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_0d169feaf3511c1f\api-ms-win-core-libraryloader-l1-1-0.dll

< End of report >

Když je tedy váš operační systém legální, co tam dělá aktivátor, který obchází aktivaci a registraci legálního OS?

Rudy píše:který obchází aktivaci a registraci legálního OS?

tady tomu nerozumim. win sem osobne aktivoval jak sem delal v prosinci format tak sem sam osobne delal aktivaci. Bo mam doma Cd win 7 ktere sem zakoupil v alze. Nemuze jit o nejaky podvod nebo nejakou havet ktera by toto zpusobovala? Bo jako moc se mi nechce verit ze by me okradli v alze

Je tam, ať už tomu věříte, nebo ne. Verze OS, kterou v PC máte stála svého času na trhu kolem 6000Kč a pochybuji, že by si ji platil home user, když má možnost si pořídit OEM verzi za cca 40% této ceny. Proto jsem si váš systém hloubkově prověřil.

no v alze sem za nej tehda daval 5400kc, doprdele. Tak sem se krasne ais nechal posekat ze. to fakt ze me v takovem obchode jako posekaji to je skvely.... A fakt neexistuje nejaka havet ktera by toto prepisovala nebo nejaky vir, kterej by zpusoboval ze to pise ze mam nelegalni system?

Ano, ten aktivátor je svým způsobem virus. Ten, kdo systém instaloval, ho spustil úmyslně. Pokud by se tak nestalo, systém by se po 30ti dnech od instalace zablokoval. Legální OS se aktivuje přes internet sám, u toho nelgálního se to dělá právě tímto aktivátorem. Neboli - v legálním OS tento aktivátor není.

vsak ja sem sam osobne instaloval tento os v zacatkem prosince a instaloval sem to z CD, a aktivoval sem ho takze ja osobne sem toto urcite nedelal, sakris. tak sem se na vecer krasne nasral. bo sem se dozvedel ze me nekdo osidil nebo posekal. Tak bych vas chtel poprosit(jelikos znam pravidla fora, a verit mi to nejspis nebudete ze sem si fakt koupil legal os za velkej balik penez) poradit nejaku ulitu ktera by mi ten pc udrzela nez budu moct po vyplate zajit koupit novej win? sem na pc docela zavislej(ne pracovne ale osobni vyuziti)

Tak to je mi líto. Pokud jste si sám systém instaloval z legálního instal. DVD, potom nevím, kde se tam vzal ten aktivátor. Ten se totiž spouští zvlášť (není součástí instal. disku - ani toho nelegálního). Věřte, že nemám zájem někoho poškodit a tvrdit mu, že nemá legální OS, kdyby to nebyla pravda, já jen jednám v souladu s pravidly fóra, na jejichž tvorbě jsem se podílel. A ta deklarují, že se nelegálními systémy nezabýváme.