VIRY.CZ

prosím o kontrolu logu- ve správci úloh se mě objevuje run32.dll a bere skoro 100% prostředků.Compje pak dost pomalý.

Logfile of random's system information tool 1.06 (written by random/random)
Run by Jarmila at 2014-06-06 09:48:20
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 12 GB (10%) free of 119 GB
Total RAM: 2939 MB (31% free)

HijackThis download failed

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-18Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-18UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\TRANSLAT\WebIE.dll [2014-05-04 643072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-06-05 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-05-06 436600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-06-05 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\TRANSLAT\WebIE.dll [2014-05-04 643072]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-11-16 138808]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-11-16 172088]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-11-16 173624]
"RUSB3MON"=C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe [2011-09-20 115048]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-05-06 3873704]
"Toshiba TEMPRO"=C:\Program Files\Toshiba TEMPRO\TemproTray.exe [2010-10-26 1050072]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2014-05-07 256896]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"20140526"=C:\Program Files\AVAST Software\Avast\setup\emupdate\e60f69e0-a625-4979-a79c-c059d2049ac6.exe [2014-05-27 182720]
"20140529"=C:\Program Files\AVAST Software\Avast\setup\emupdate\ad16c581-c6fa-4f6c-aab4-2c094d5cb845.exe [2014-05-31 183208]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"WEBTRAN"= []
""= []
"NokiaSuite.exe"=C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [2013-10-02 1090912]
"Process Liquidator"= []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoStartNPSAgent]
C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [2010-07-04 95576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlazeServoTool]
C:\Program Files\BlazeVideo\BlazeDTV 6.0\MediaDetector.exe [2010-03-06 286720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EaseUS EPM tray]
C:\Program Files\EaseUS\EaseUS Partition Master 9.3.0\bin\EpmNews.exe [2013-03-29 2081792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
C:\Windows\ehome\ehTray.exe [2008-01-21 125952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON SX110 Series (kopie 1)]
C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFBE.EXE [2008-09-26 199680]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GIGABYTEMOUSE]
C:\Program Files\GIGABYTE\GIGABYTE Sim Series7\Mouse.exe [2009-11-26 1278464]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google+ Auto Backup]
C:\Program Files\Google\Google+ Auto Backup\Google+ Auto Backup.exe [2014-01-06 3619096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\Windows\system32\hkcmd.exe [2012-11-16 172088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\Windows\system32\igfxtray.exe [2012-11-16 138808]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Vid]
C:\Program Files\Logitech\Logitech Vid\vid.exe [2009-07-16 5458704]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2009-10-14 2793304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\Windows\system32\igfxpers.exe [2012-11-16 173624]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2000-01-01 12017368]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Samsung PanelMgr]
C:\Windows\Samsung\PanelMgr\SSMMgr.exe [2009-08-15 614400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\SideBar.exe [2009-04-11 1233920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2014-02-10 20924064]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-08-14 1348904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uninstall0001]
C:\Program Files\Common Files\Totem Shared\Uninstall0001\upd.exe [2014-04-13 57344]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USB2Check]
C:\Windows\system32\PCLECoInst.dll [2007-02-20 81920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USBToolTip]
C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe [2007-02-20 199752]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WindowsWelcomeCenter]
oobefldr.dll,ShowWelcomeCenter []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Snagit 11.lnk]
C:\PROGRA~1\TECHSM~1\SNAGIT~1\Snagit32.exe [2013-12-18 9894256]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Jarmila^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
C:\Users\Jarmila\AppData\Roaming\Dropbox\bin\Dropbox.exe [2014-03-19 32667896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Jarmila^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Registrace produktu.lnk]
C:\PROGRA~1\Logitech\LOGITE~1\eReg.exe [2009-10-14 517384]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Snagit 11.lnk - C:\Program Files\TechSmith\Snagit 11\Snagit32.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-11-13 228864]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=3
"NoDriveTypeAutoRun"=0
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit -
.js - open - "C:\Program Files\URUSoft\Subtitle Workshop\SubtitleWorkshop.exe" /OPEN("%1")

======List of files/folders created in the last 1 months======

2014-06-06 09:48:20 ----D---- C:\rsit
2014-06-05 09:35:20 ----D---- C:\ProgramData\Informer Technologies, Inc
2014-06-05 09:34:58 ----D---- C:\Users\Jarmila\AppData\Roaming\Software Informer
2014-06-05 09:34:58 ----D---- C:\Program Files\Software Informer
2014-06-05 09:07:30 ----A---- C:\Windows\system32\javaws.exe
2014-06-05 09:07:11 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2014-06-05 09:07:11 ----A---- C:\Windows\system32\javaw.exe
2014-06-05 09:07:11 ----A---- C:\Windows\system32\java.exe
2014-06-02 19:11:18 ----D---- C:\Program Files\Abrosoft
2014-05-31 17:40:44 ----D---- C:\Users\Jarmila\AppData\Roaming\XBMC
2014-05-31 17:37:41 ----D---- C:\Program Files\XBMC
2014-05-31 17:14:26 ----D---- C:\Users\Jarmila\AppData\Roaming\VitySoft
2014-05-26 11:44:32 ----SHD---- C:\Windows\system32\AI_RecycleBin
2014-05-26 08:08:20 ----D---- C:\Program Files\CCleaner
2014-05-23 15:22:37 ----D---- C:\ProgramData\Xilisoft
2014-05-23 15:22:37 ----D---- C:\Program Files\Xilisoft
2014-05-22 22:32:46 ----D---- C:\Program Files\Avidemux 2.6
2014-05-22 22:16:02 ----D---- C:\Users\Jarmila\AppData\Roaming\avidemux
2014-05-22 18:55:28 ----D---- C:\Program Files\XviD
2014-05-22 18:53:41 ----D---- C:\Program Files\Gabest
2014-05-18 10:03:02 ----D---- C:\Program Files\Wondershare
2014-05-14 12:01:04 ----D---- C:\Program Files\Common Files\DESIGNER
2014-05-14 11:56:20 ----A---- C:\Windows\system32\mshtmled.dll
2014-05-14 11:56:18 ----A---- C:\Windows\system32\mshtml.dll
2014-05-14 09:38:36 ----A---- C:\Windows\system32\shell32.dll
2014-05-13 12:40:42 ----A---- C:\Windows\AviSplitter.INI
2014-05-08 07:37:19 ----D---- C:\The KMPlayer

======List of files/folders modified in the last 1 months======

2014-06-06 09:48:23 ----D---- C:\Program Files\trend micro
2014-06-06 09:48:22 ----D---- C:\Windows\Prefetch
2014-06-06 09:35:41 ----D---- C:\Users\Jarmila\AppData\Roaming\Skype
2014-06-06 08:56:20 ----D---- C:\Windows\temp
2014-06-06 08:33:39 ----D---- C:\Users\Jarmila\AppData\Roaming\uTorrent
2014-06-05 18:09:52 ----D---- C:\Program Files\rajce
2014-06-05 16:07:49 ----D---- C:\Windows
2014-06-05 16:07:09 ----D---- C:\Windows\inf
2014-06-05 11:39:37 ----D---- C:\Windows\system32\Tasks
2014-06-05 09:35:20 ----D---- C:\ProgramData
2014-06-05 09:34:58 ----D---- C:\Program Files
2014-06-05 09:23:34 ----D---- C:\Users\Jarmila\AppData\Roaming\Vso
2014-06-05 09:22:48 ----D---- C:\Windows\Logs
2014-06-05 09:11:30 ----SHD---- C:\System Volume Information
2014-06-05 09:07:54 ----D---- C:\ProgramData\Oracle
2014-06-05 09:07:48 ----SHD---- C:\Windows\Installer
2014-06-05 09:07:47 ----D---- C:\Program Files\Common Files\Java
2014-06-05 09:07:30 ----AD---- C:\Windows\System32
2014-06-02 15:38:19 ----D---- C:\Windows\system32\drivers
2014-06-01 14:07:08 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-05-28 19:00:46 ----D---- C:\Program Files\VideoLAN
2014-05-26 08:09:54 ----D---- C:\Windows\Debug
2014-05-25 12:08:31 ----D---- C:\AdwCleaner
2014-05-24 22:38:47 ----D---- C:\Users\Jarmila\AppData\Roaming\Ashampoo Slideshow Studio HD 3
2014-05-23 08:09:16 ----A---- C:\Users\Jarmila\AppData\Roaming\JARIS.MTBF.txt
2014-05-22 21:37:44 ----D---- C:\FFOutput
2014-05-22 09:30:17 ----D---- C:\Windows\Microsoft.NET
2014-05-22 09:27:58 ----RSD---- C:\Windows\assembly
2014-05-16 22:55:46 ----D---- C:\Users\Jarmila\AppData\Roaming\TeamViewer
2014-05-16 16:08:13 ----D---- C:\Windows\winsxs
2014-05-15 16:35:40 ----D---- C:\Windows\system32\catroot2
2014-05-15 13:25:11 ----A---- C:\Users\Jarmila\AppData\Roaming\CamShapes.ini
2014-05-15 13:25:11 ----A---- C:\Users\Jarmila\AppData\Roaming\CamLayout.ini
2014-05-15 13:25:11 ----A---- C:\Users\Jarmila\AppData\Roaming\Camdata.ini
2014-05-14 12:12:02 ----D---- C:\Windows\system32\MRT
2014-05-14 12:02:08 ----A---- C:\Windows\system32\mrt.exe
2014-05-14 12:01:28 ----D---- C:\ProgramData\Microsoft Help
2014-05-14 12:01:04 ----D---- C:\Program Files\Common Files
2014-05-14 11:56:49 ----D---- C:\Windows\system32\catroot
2014-05-13 23:03:18 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2014-05-13 13:06:01 ----D---- C:\Program Files\MP3Resizer
2014-05-13 13:02:22 ----D---- C:\Users\Jarmila\AppData\Roaming\Audacity
2014-05-12 17:24:33 ----AD---- C:\Windows\OEMDrv
2014-05-11 22:15:21 ----D---- C:\Program Files\Mozilla Firefox
2014-05-07 08:01:01 ----D---- C:\Program Files\SamsungPrinterLiveUpdate
2014-05-07 00:00:02 ----A---- C:\Windows\system32\aswBoot.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2014-05-15 54832]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-05-15 777488]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-05-15 411680]
R1 aswTdi;aswTdi; C:\Windows\system32\drivers\aswTdi.sys [2014-05-07 57672]
R1 RtlProt;Realtke RtlProt WLAN Utility Protocol Driver; C:\Windows\system32\DRIVERS\rtlprot.sys [2007-04-23 25896]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2011-06-15 60156]
R1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2006-07-24 5632]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-05-07 24184]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-05-07 67824]
R2 npf;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2011-02-11 35088]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2008-01-10 5120]
R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-11-28 1161888]
R3 CmBatt;Ovladač baterie Microsoft ACPI Control Method Battery; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2010-06-14 36608]
R3 FwLnk;FwLnk Driver; C:\Windows\system32\DRIVERS\FwLnk.sys [2006-11-20 7168]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2012-11-13 9037312]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2000-01-01 2888536]
R3 KMWDFILTER;HIDUASDesc; C:\Windows\system32\DRIVERS\KMWDFILTER.sys [2008-10-09 17408]
R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\Windows\system32\DRIVERS\LVPr2Mon.sys [2009-10-07 25752]
R3 MarvinBus;Pinnacle Marvin Bus; C:\Windows\system32\DRIVERS\MarvinBus.sys [2005-09-23 171520]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2014-04-17 47360]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2000-01-01 363112]
R3 RTL8187B;Síťový adaptér Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0; C:\Windows\system32\DRIVERS\RTL8187B.sys [2000-01-01 347648]
R3 rusb3hub;Renesas Electronics USB 3.0 Hub Driver (Version 3.0); C:\Windows\system32\DRIVERS\rusb3hub.sys [2012-08-27 91016]
R3 rusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver (Version 3.0); C:\Windows\system32\DRIVERS\rusb3xhc.sys [2012-08-27 181128]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\DRIVERS\serscan.sys [2008-01-21 9216]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-08-14 203312]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2006-10-18 16128]
R3 usbvideo;Chicony USB 2.0 Camera; C:\Windows\System32\Drivers\usbvideo.sys [2013-07-12 134272]
R3 UVCFTR;UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [2008-07-15 17960]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
S2 DgiVecp;DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [2009-06-09 38400]
S3 61883;61883 Unit Device; C:\Windows\system32\DRIVERS\61883.sys [2008-01-21 45696]
S3 Avc;Zařízení AVC; C:\Windows\system32\DRIVERS\avc.sys [2008-01-21 40448]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-21 508416]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-06-17 30208]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 epmntdrv;epmntdrv; \??\C:\Windows\system32\epmntdrv.sys [2013-03-07 14920]
S3 EuGdiDrv;EuGdiDrv; \??\C:\Windows\system32\EuGdiDrv.sys [2013-03-07 9160]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
S3 IT9135BDA;IT9135 BDA Devices; C:\Windows\System32\Drivers\IT9135BDA.sys [2013-07-27 145152]
S3 LAN7500;LAN7500 USB 2.0 to Ethernet 10/100/1000 Adapter Service; C:\Windows\system32\DRIVERS\lan7500-x86-n60f.sys [2013-11-06 73728]
S3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 22856]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2013-01-23 18560]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2013-01-23 23168]
S3 OlyCamComm;OLYMPUS USB Communication Device; C:\Windows\system32\DRIVERS\OlyCamComm.sys [2009-09-10 21648]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2012-10-17 19072]
S3 PID_0928;Logitech QuickCam Express(PID_0928); C:\Windows\system32\DRIVERS\LV561AV.SYS [2009-05-01 495768]
S3 PinnacleMarvinAVS;Pinnacle AVStream Service for MovieBox Deluxe, 500-USB and 700-USB; C:\Windows\system32\DRIVERS\MarvinAVS.sys [2007-05-09 434176]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
S3 RTSTOR;Realtek USB 2.0 Card Reader; C:\Windows\system32\drivers\RTSTOR.SYS [2009-03-11 63488]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); C:\Windows\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS); C:\Windows\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM); C:\Windows\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
S3 SE31bus;Sony Ericsson Device 049 Driver driver (WDM); C:\Windows\system32\DRIVERS\SE31bus.sys [2006-05-01 61600]
S3 SE31mdfl;Sony Ericsson Device 049 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\SE31mdfl.sys [2006-05-01 9360]
S3 SE31mdm;Sony Ericsson Device 049 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\SE31mdm.sys [2006-05-01 97184]
S3 SE31mgmt;Sony Ericsson Device 049 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\SE31mgmt.sys [2006-05-01 88688]
S3 se31nd5;Sony Ericsson Device 049 USB Ethernet Emulation SEMC49 (NDIS); C:\Windows\system32\DRIVERS\se31nd5.sys [2006-05-01 18704]
S3 SE31obex;Sony Ericsson Device 049 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\SE31obex.sys [2006-05-01 86560]
S3 se31unic;Sony Ericsson Device 049 USB Ethernet Emulation SEMC49 (WDM); C:\Windows\system32\DRIVERS\se31unic.sys [2006-05-01 90800]
S3 SWDUMon;SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [2014-04-15 13464]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2013-01-23 8192]
S3 usbaudio;Ovladač zvuků USB (WDM); C:\Windows\system32\drivers\usbaudio.sys [2013-07-12 73344]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 35328]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2013-01-23 8192]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 IObitUnlocker;IObitUnlocker; \??\C:\Program Files\IObit\IObit Unlocker\IObitUnlocker.sys [2011-08-26 28016]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2008-01-21 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2006-10-05 9216]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-05-06 50344]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-09 3275136]
R2 TeamViewer9;TeamViewer 9; C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe [2014-04-25 5024576]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2007-11-21 129632]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
R3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-09-11 770168]
R4 FreemakeVideoCapture;FreemakeVideoCapture; C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe [2013-11-21 9216]
S2 Abrosoft: Abrosoft FantaMorph update permissions manager. 12810.;Abrosoft: Abrosoft FantaMorph update permissions manager. 12810.; C:\Program Files\Abrosoft\FantaMorph5\FantaUp.exe [2010-11-18 224176]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 FsUsbExService;FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [2010-07-04 238952]
S2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-10-07 154136]
S2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
S2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-10-23 172192]
S2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO); C:\Program Files\Toshiba TEMPRO\TemproSvc.exe [2010-10-26 124368]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-13 257712]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S3 Macromedia Licensing Service;Macromedia Licensing Service; C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe [2009-03-15 68096]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

Zdravim

Udelejte !!!kompletni!!! kontrolu s MBAM http://www.bleepingcomputer.com/downloa ... re/dl/241/ a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce. Navod zde http://forum.viry.cz/viewtopic.php?f=29&t=115222

zde log:

Malwarebytes Anti-Malware (PRO) 1.75.0.1300
www.malwarebytes.org

Verze: v2014.06.07.05

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Jarmila :: JARIS [administrátor]

Ochrana: Zakázána

7.6.2014 18:00:08
mbam-log-2014-06-07 (18-00-08).txt

Typ: Kompletní kontrola (C:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM | P2P
Nastavení kontroly zakázáno:
Kontrolované objekty: 440155
Uplynulý čas: 1 hodin, 48 minut, 43 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 4
C:\Users\Jarmila\Downloads\Stažené soubory\Torso_The_Evelyn_Dick_Story_2002_avi(1).exe (PUP.Optional.OneClickDownloader.A) -> Přesun do karantény a smazání se zdařilo.
C:\Users\Jarmila\Downloads\Stažené soubory\Torso_The_Evelyn_Dick_Story_2002_avi.exe.part (PUP.Optional.OneClickDownloader.A) -> Přesun do karantény a smazání se zdařilo.
C:\Users\Jarmila\Downloads\Stažené soubory\[HIGHSPEED]_Abrosoft_FantaMorph_Deluxe_5.3.6.exe (PUP.Optional.OneClickDownloader.A) -> Přesun do karantény a smazání se zdařilo.
C:\Users\Jarmila\Downloads\Stažené soubory\FaceMorpherSetup.exe (PUP.Optional.OpenCandy) -> Přesun do karantény a smazání se zdařilo.

(konec)

Nalezy nechte odstranit, pak muzete MBAM odinstalovat.

Najdete ten problemovy run32.dll a otestujte ho na virustotal a jotti http://forum.viry.cz/viewtopic.php?f=29&t=5846 Vysledky sem zkopirujte, nebo dejte odkaz.

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.

adwcleaner dělám pravidelně.dělal jsem to i před několika dny.ten run32.dll nemohu nikde najít.Je dost možné že ho adwcleaner před těma několika dny už odstranil?Ale nemohu najít ten aktuální výpis adwcleaner*?.txt.Mám to udělat s tím adwcleanerem opět znova i když už ten run32dll není k nalezení?Díky

jarda.otta píše:Mám to udělat s tím adwcleanerem opět znova i když už ten run32dll není k nalezení?

Ano, spustte ho znovu.

zde výpis:

# AdwCleaner v3.212 - Report created 08/06/2014 at 22:37:05
# Updated 05/06/2014 by Xplode
# Operating System : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Username : Jarmila - JARIS
# Running from : C:\Users\Jarmila\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16545

-\\ Mozilla Firefox v29.0.1 (cs)

[ File : C:\Users\Jarmila\AppData\Roaming\Mozilla\Firefox\Profiles\9r7lebi0.default\prefs.js ]

-\\ Google Chrome v34.0.1847.116

[ File : C:\Users\Jarmila\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R10].txt - [1152 octets] - [15/03/2014 15:00:33]
AdwCleaner[R11].txt - [1905 octets] - [09/04/2014 23:21:30]
AdwCleaner[R12].txt - [1152 octets] - [13/04/2014 18:44:56]
AdwCleaner[R13].txt - [1435 octets] - [18/04/2014 02:05:32]
AdwCleaner[R14].txt - [3503 octets] - [05/05/2014 07:46:11]
AdwCleaner[R15].txt - [1527 octets] - [25/05/2014 12:07:49]
AdwCleaner[R16].txt - [1582 octets] - [08/06/2014 22:27:06]
AdwCleaner[S10].txt - [2028 octets] - [09/04/2014 23:23:07]
AdwCleaner[S11].txt - [1215 octets] - [13/04/2014 18:48:59]
AdwCleaner[S12].txt - [1501 octets] - [18/04/2014 02:07:10]
AdwCleaner[S13].txt - [3649 octets] - [05/05/2014 07:49:16]
AdwCleaner[S14].txt - [1442 octets] - [08/06/2014 22:37:05]
AdwCleaner[S9].txt - [1234 octets] - [15/03/2014 15:01:50]

########## EOF - C:\AdwCleaner\AdwCleaner[S14].txt - [1563 octets] ##########

Objevil se jeste ten soubor? Je pocitac jeste vytizeny?

Aktualizujem skener
Smazte RSIT a slozku C:\Program Files\trend micro , pokud ji najdete.
Pak stahnete nove RSIT http://images.malwareremoval.com/random/RSIT.exe a dejte log z nej.

ten soubor se už neobjevil a vytíženost dobrá.dle spuštěného software.tak ncca 15-40.rsit dám.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Jarmila at 2014-06-09 18:36:43
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 14 GB (11%) free of 119 GB
Total RAM: 2939 MB (63% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:36:59, on 9.6.2014
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16545)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\Toshiba TEMPRO\TemproTray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\Samsung\PanelMgr\SSMMgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\TechSmith\Snagit 11\Snagit32.exe
C:\Program Files\TechSmith\Snagit 11\TSCHelp.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\TechSmith\Snagit 11\SnagPriv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
C:\Program Files\TechSmith\Snagit 11\snagiteditor.exe
C:\Program Files\Windows Mail\WinMail.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Java\jre7\bin\javaws.exe
C:\Program Files\Java\jre6\bin\javaw.exe
C:\Program Files\Java\jre7\bin\javaws.exe
C:\Program Files\Java\jre6\bin\javaw.exe
C:\Windows\Explorer.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Jarmila\Downloads\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\Jarmila.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 81.27.195.6:3128
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: Kód:
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\TRANSLAT\WebIE.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\TRANSLAT\WebIE.dll
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RUSB3MON] "C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Toshiba TEMPRO] C:\Program Files\Toshiba TEMPRO\TemproTray.exe
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe /autorun
O4 - HKCU\..\Run: [NokiaSuite.exe] C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe -tray
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: Snagit 11.lnk = C:\Program Files\TechSmith\Snagit 11\Snagit32.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre7\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre7\bin\jp2iexp.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Přeložit - {230D1201-7607-4CF6-A11F-9E4BF0A333E0} - (no file)
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\TRANSLAT\WebIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\TRANSLAT\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\TRANSLAT\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\TRANSLAT\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\TRANSLAT\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\TRANSLAT\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\TRANSLAT\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\TRANSLAT\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\TRANSLAT\WebIE.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Abrosoft: Abrosoft FantaMorph update permissions manager. 12810. - Unknown owner - C:\Program Files\Abrosoft\FantaMorph5\FantaUp.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe

--
End of file - 8868 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-18Core.job - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-18UA.job - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Jarmila\AppData\Roaming\Mozilla\Firefox\Profiles\9r7lebi0.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "www.seznam.cz"

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 13.0.0.214 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw_1209149.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.60.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.60.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll

C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

C:\Program Files\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
NPNXCatcher(Audio).dll
NPNXCatcher(Video).dll
NPNXCatcher.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
QuickTimePlugin.class
Read Me.txt
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Users\Jarmila\AppData\Roaming\Mozilla\Firefox\Profiles\9r7lebi0.default\extensions\
btpersonas@brandthunder.com
support@lastpass.com
{003D3EDC-99B9-4a34-9C20-60CB94F7E829}
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
{d91a2be6-3b56-4dfb-97f5-5e48fe3ed473}

C:\Users\Jarmila\AppData\Roaming\Mozilla\Firefox\Profiles\9r7lebi0.default\searchplugins\
filmova-databaze-fdbcz.xml
firmycz.xml
mapycz.xml
vyhledvn-vide-ve-slub-youtube.xml
wwwslovnik-cizich-slovcz.xml
yahoo.xml
zbocz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\TRANSLAT\WebIE.dll [2014-05-04 643072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-06-05 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-05-06 436600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-06-05 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\TRANSLAT\WebIE.dll [2014-05-04 643072]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-11-16 138808]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-11-16 172088]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-11-16 173624]
"RUSB3MON"=C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe [2011-09-20 115048]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-06-07 3890208]
"Toshiba TEMPRO"=C:\Program Files\Toshiba TEMPRO\TemproTray.exe [2010-10-26 1050072]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2014-05-07 256896]
"Samsung PanelMgr"=C:\Windows\Samsung\PanelMgr\SSMMgr.exe [2009-08-15 614400]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"WEBTRAN"= []
""= []
"NokiaSuite.exe"=C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [2013-10-02 1090912]
"Process Liquidator"= []
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoStartNPSAgent]
C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [2010-07-04 95576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlazeServoTool]
C:\Program Files\BlazeVideo\BlazeDTV 6.0\MediaDetector.exe [2010-03-06 286720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EaseUS EPM tray]
C:\Program Files\EaseUS\EaseUS Partition Master 9.3.0\bin\EpmNews.exe [2013-03-29 2081792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
C:\Windows\ehome\ehTray.exe [2008-01-21 125952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON SX110 Series (kopie 1)]
C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFBE.EXE [2008-09-26 199680]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GIGABYTEMOUSE]
C:\Program Files\GIGABYTE\GIGABYTE Sim Series7\Mouse.exe [2009-11-26 1278464]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google+ Auto Backup]
C:\Program Files\Google\Google+ Auto Backup\Google+ Auto Backup.exe [2014-01-06 3619096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\Windows\system32\hkcmd.exe [2012-11-16 172088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\Windows\system32\igfxtray.exe [2012-11-16 138808]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Vid]
C:\Program Files\Logitech\Logitech Vid\vid.exe [2009-07-16 5458704]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2009-10-14 2793304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\Windows\system32\igfxpers.exe [2012-11-16 173624]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2000-01-01 12017368]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Samsung PanelMgr]
C:\Windows\Samsung\PanelMgr\SSMMgr.exe [2009-08-15 614400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\SideBar.exe [2009-04-11 1233920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2014-02-10 20924064]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-08-14 1348904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uninstall0001]
C:\Program Files\Common Files\Totem Shared\Uninstall0001\upd.exe [2014-04-13 57344]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USB2Check]
C:\Windows\system32\PCLECoInst.dll [2007-02-20 81920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USBToolTip]
C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe [2007-02-20 199752]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WindowsWelcomeCenter]
oobefldr.dll,ShowWelcomeCenter []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Snagit 11.lnk]
C:\PROGRA~1\TECHSM~1\SNAGIT~1\Snagit32.exe [2013-12-18 9894256]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Jarmila^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
C:\Users\Jarmila\AppData\Roaming\Dropbox\bin\Dropbox.exe [2014-03-19 32667896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Jarmila^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Registrace produktu.lnk]
C:\PROGRA~1\Logitech\LOGITE~1\eReg.exe [2009-10-14 517384]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Snagit 11.lnk - C:\Program Files\TechSmith\Snagit 11\Snagit32.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-11-13 228864]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=3
"NoDriveTypeAutoRun"=0
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
"NoDriveAutoRun"=3
"NoDriveTypeAutoRun"=0
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"VIDC.I420"=lvcodec2.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"msacm.voxacm160"=vct3216.acm
"msacm.scg726"=scg726.acm
"msacm.alf2cd"=alf2cd.acm
"msacm.ac3acm"=AC3ACM.acm
"vidc.dvsd"=mcdvd_32.dll
"vidc.xvid"=xvidvfw.dll
"vidc.DIVX"=DivX.dll
"vidc.mpg4"=mpg4c32.dll
"vidc.mp42"=mpg4c32.dll
"vidc.mp43"=mpg4c32.dll
"VIDC.FFDS"=ff_vfw.dll
"vidc.mjpg"=pvmjpg30.dll
"vidc.pDAD"=prodad-codec.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo"=vfwwdm32.dll

======File associations======

.js - edit -
.js - open - "C:\Program Files\URUSoft\Subtitle Workshop\SubtitleWorkshop.exe" /OPEN("%1")

======List of files/folders created in the last 1 month======

2014-06-09 18:36:43 ----D---- C:\Program Files\trend micro
2014-06-07 15:07:02 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2014-06-06 10:28:18 ----D---- C:\Users\Jarmila\AppData\Roaming\Windows Live Writer
2014-06-06 09:48:20 ----D---- C:\rsit
2014-06-05 09:35:20 ----D---- C:\ProgramData\Informer Technologies, Inc
2014-06-05 09:34:58 ----D---- C:\Users\Jarmila\AppData\Roaming\Software Informer
2014-06-05 09:34:58 ----D---- C:\Program Files\Software Informer
2014-06-05 09:07:30 ----A---- C:\Windows\system32\javaws.exe
2014-06-05 09:07:11 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2014-06-05 09:07:11 ----A---- C:\Windows\system32\javaw.exe
2014-06-05 09:07:11 ----A---- C:\Windows\system32\java.exe
2014-06-02 19:11:18 ----D---- C:\Program Files\Abrosoft
2014-05-31 17:40:44 ----D---- C:\Users\Jarmila\AppData\Roaming\XBMC
2014-05-31 17:37:41 ----D---- C:\Program Files\XBMC
2014-05-31 17:14:26 ----D---- C:\Users\Jarmila\AppData\Roaming\VitySoft
2014-05-26 11:44:32 ----SHD---- C:\Windows\system32\AI_RecycleBin
2014-05-26 08:08:20 ----D---- C:\Program Files\CCleaner
2014-05-23 15:22:37 ----D---- C:\ProgramData\Xilisoft
2014-05-23 15:22:37 ----D---- C:\Program Files\Xilisoft
2014-05-22 22:32:46 ----D---- C:\Program Files\Avidemux 2.6
2014-05-22 22:16:02 ----D---- C:\Users\Jarmila\AppData\Roaming\avidemux
2014-05-22 18:55:28 ----D---- C:\Program Files\XviD
2014-05-22 18:53:41 ----D---- C:\Program Files\Gabest
2014-05-18 10:03:02 ----D---- C:\Program Files\Wondershare
2014-05-14 12:01:04 ----D---- C:\Program Files\Common Files\DESIGNER
2014-05-14 11:56:20 ----A---- C:\Windows\system32\mshtmled.dll
2014-05-14 11:56:18 ----A---- C:\Windows\system32\mshtml.dll
2014-05-14 09:38:36 ----A---- C:\Windows\system32\shell32.dll
2014-05-13 12:40:42 ----A---- C:\Windows\AviSplitter.INI

======List of files/folders modified in the last 1 month======

2014-06-09 18:36:57 ----D---- C:\Windows\Prefetch
2014-06-09 18:36:43 ----D---- C:\Program Files
2014-06-09 18:36:38 ----D---- C:\Windows\temp
2014-06-09 14:24:28 ----D---- C:\Users\Jarmila\AppData\Roaming\XnView
2014-06-08 22:37:11 ----D---- C:\AdwCleaner
2014-06-08 22:20:29 ----D---- C:\The KMPlayer
2014-06-08 22:19:28 ----D---- C:\Users\Jarmila\AppData\Roaming\Skype
2014-06-08 20:48:44 ----SHD---- C:\System Volume Information
2014-06-08 20:47:19 ----D---- C:\Windows
2014-06-08 20:44:49 ----HD---- C:\Program Files\InstallShield Installation Information
2014-06-08 19:58:59 ----D---- C:\Windows\inf
2014-06-08 19:22:51 ----D---- C:\Windows\system32\drivers
2014-06-08 06:26:54 ----D---- C:\Windows\Logs
2014-06-07 17:44:24 ----AD---- C:\Windows\System32
2014-06-07 17:44:24 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-06-07 15:07:03 ----D---- C:\Windows\Tasks
2014-06-07 15:07:03 ----D---- C:\Windows\system32\Tasks
2014-06-06 16:02:16 ----D---- C:\Users\Jarmila\AppData\Roaming\uTorrent
2014-06-05 18:09:52 ----D---- C:\Program Files\rajce
2014-06-05 09:35:20 ----D---- C:\ProgramData
2014-06-05 09:23:34 ----D---- C:\Users\Jarmila\AppData\Roaming\Vso
2014-06-05 09:07:54 ----D---- C:\ProgramData\Oracle
2014-06-05 09:07:48 ----SHD---- C:\Windows\Installer
2014-06-05 09:07:47 ----D---- C:\Program Files\Common Files\Java
2014-05-28 19:00:46 ----D---- C:\Program Files\VideoLAN
2014-05-26 08:09:54 ----D---- C:\Windows\Debug
2014-05-24 22:38:47 ----D---- C:\Users\Jarmila\AppData\Roaming\Ashampoo Slideshow Studio HD 3
2014-05-23 08:09:16 ----A---- C:\Users\Jarmila\AppData\Roaming\JARIS.MTBF.txt
2014-05-22 21:37:44 ----D---- C:\FFOutput
2014-05-22 09:30:17 ----D---- C:\Windows\Microsoft.NET
2014-05-22 09:27:58 ----RSD---- C:\Windows\assembly
2014-05-16 22:55:46 ----D---- C:\Users\Jarmila\AppData\Roaming\TeamViewer
2014-05-16 16:08:13 ----D---- C:\Windows\winsxs
2014-05-15 16:35:40 ----D---- C:\Windows\system32\catroot2
2014-05-15 13:25:11 ----A---- C:\Users\Jarmila\AppData\Roaming\CamShapes.ini
2014-05-15 13:25:11 ----A---- C:\Users\Jarmila\AppData\Roaming\CamLayout.ini
2014-05-15 13:25:11 ----A---- C:\Users\Jarmila\AppData\Roaming\Camdata.ini
2014-05-14 12:12:02 ----D---- C:\Windows\system32\MRT
2014-05-14 12:02:08 ----A---- C:\Windows\system32\mrt.exe
2014-05-14 12:01:28 ----D---- C:\ProgramData\Microsoft Help
2014-05-14 12:01:04 ----D---- C:\Program Files\Common Files
2014-05-14 11:56:49 ----D---- C:\Windows\system32\catroot
2014-05-13 13:06:01 ----D---- C:\Program Files\MP3Resizer
2014-05-13 13:02:22 ----D---- C:\Users\Jarmila\AppData\Roaming\Audacity
2014-05-12 17:24:33 ----AD---- C:\Windows\OEMDrv
2014-05-11 22:15:21 ----D---- C:\Program Files\Mozilla Firefox

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-05-07 49944]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-05-07 180632]
R0 giveio;giveio; C:\Windows\system32\giveio.sys [1996-04-03 5248]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2008-04-15 312344]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2008-11-20 43872]
R0 speedfan;speedfan; C:\Windows\system32\speedfan.sys [2012-12-29 24184]
R0 tos_sps32;TOSHIBA tos_sps32 Service; C:\Windows\system32\DRIVERS\tos_sps32.sys [2008-07-18 279376]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2007-11-09 23640]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2014-05-15 54832]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-05-15 777488]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-05-15 411680]
R1 aswTdi;aswTdi; C:\Windows\system32\drivers\aswTdi.sys [2014-05-07 57672]
R1 RtlProt;Realtke RtlProt WLAN Utility Protocol Driver; C:\Windows\system32\DRIVERS\rtlprot.sys [2007-04-23 25896]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2011-06-15 60156]
R1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2006-07-24 5632]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-05-07 24184]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-05-07 67824]
R2 npf;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2011-02-11 35088]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2008-01-10 5120]
R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-11-28 1161888]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2010-06-14 36608]
R3 FwLnk;FwLnk Driver; C:\Windows\system32\DRIVERS\FwLnk.sys [2006-11-20 7168]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2012-11-13 9037312]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2000-01-01 2888536]
R3 KMWDFILTER;HIDUASDesc; C:\Windows\system32\DRIVERS\KMWDFILTER.sys [2008-10-09 17408]
R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\Windows\system32\DRIVERS\LVPr2Mon.sys [2009-10-07 25752]
R3 MarvinBus;Pinnacle Marvin Bus; C:\Windows\system32\DRIVERS\MarvinBus.sys [2005-09-23 171520]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 22856]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2014-04-17 47360]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2000-01-01 363112]
R3 RTL8187B;Síťový adaptér Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0; C:\Windows\system32\DRIVERS\RTL8187B.sys [2000-01-01 347648]
R3 rusb3hub;Renesas Electronics USB 3.0 Hub Driver (Version 3.0); C:\Windows\system32\DRIVERS\rusb3hub.sys [2012-08-27 91016]
R3 rusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver (Version 3.0); C:\Windows\system32\DRIVERS\rusb3xhc.sys [2012-08-27 181128]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\DRIVERS\serscan.sys [2008-01-21 9216]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-08-14 203312]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2006-10-18 16128]
R3 usbvideo;Chicony USB 2.0 Camera; C:\Windows\System32\Drivers\usbvideo.sys [2013-07-12 134272]
R3 UVCFTR;UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [2008-07-15 17960]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
S2 DgiVecp;DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [2009-06-09 38400]
S3 61883;61883 Unit Device; C:\Windows\system32\DRIVERS\61883.sys [2008-01-21 45696]
S3 Avc;Zařízení AVC; C:\Windows\system32\DRIVERS\avc.sys [2008-01-21 40448]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-21 508416]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-06-17 30208]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 epmntdrv;epmntdrv; \??\C:\Windows\system32\epmntdrv.sys [2013-03-07 14920]
S3 EuGdiDrv;EuGdiDrv; \??\C:\Windows\system32\EuGdiDrv.sys [2013-03-07 9160]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
S3 IT9135BDA;IT9135 BDA Devices; C:\Windows\System32\Drivers\IT9135BDA.sys [2013-07-27 145152]
S3 LAN7500;LAN7500 USB 2.0 to Ethernet 10/100/1000 Adapter Service; C:\Windows\system32\DRIVERS\lan7500-x86-n60f.sys [2013-11-06 73728]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2013-01-23 18560]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2013-01-23 23168]
S3 OlyCamComm;OLYMPUS USB Communication Device; C:\Windows\system32\DRIVERS\OlyCamComm.sys [2009-09-10 21648]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2012-10-17 19072]
S3 PID_0928;Logitech QuickCam Express(PID_0928); C:\Windows\system32\DRIVERS\LV561AV.SYS [2009-05-01 495768]
S3 PinnacleMarvinAVS;Pinnacle AVStream Service for MovieBox Deluxe, 500-USB and 700-USB; C:\Windows\system32\DRIVERS\MarvinAVS.sys [2007-05-09 434176]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
S3 RTSTOR;Realtek USB 2.0 Card Reader; C:\Windows\system32\drivers\RTSTOR.SYS [2009-03-11 63488]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); C:\Windows\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS); C:\Windows\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM); C:\Windows\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
S3 SE31bus;Sony Ericsson Device 049 Driver driver (WDM); C:\Windows\system32\DRIVERS\SE31bus.sys [2006-05-01 61600]
S3 SE31mdfl;Sony Ericsson Device 049 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\SE31mdfl.sys [2006-05-01 9360]
S3 SE31mdm;Sony Ericsson Device 049 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\SE31mdm.sys [2006-05-01 97184]
S3 SE31mgmt;Sony Ericsson Device 049 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\SE31mgmt.sys [2006-05-01 88688]
S3 se31nd5;Sony Ericsson Device 049 USB Ethernet Emulation SEMC49 (NDIS); C:\Windows\system32\DRIVERS\se31nd5.sys [2006-05-01 18704]
S3 SE31obex;Sony Ericsson Device 049 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\SE31obex.sys [2006-05-01 86560]
S3 se31unic;Sony Ericsson Device 049 USB Ethernet Emulation SEMC49 (WDM); C:\Windows\system32\DRIVERS\se31unic.sys [2006-05-01 90800]
S3 SWDUMon;SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [2014-04-15 13464]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2013-01-23 8192]
S3 usbaudio;Ovladač zvuků USB (WDM); C:\Windows\system32\drivers\usbaudio.sys [2013-07-12 73344]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 35328]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2013-01-23 8192]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 IObitUnlocker;IObitUnlocker; \??\C:\Program Files\IObit\IObit Unlocker\IObitUnlocker.sys [2011-08-26 28016]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Abrosoft: Abrosoft FantaMorph update permissions manager. 12810.;Abrosoft: Abrosoft FantaMorph update permissions manager. 12810.; C:\Program Files\Abrosoft\FantaMorph5\FantaUp.exe [2010-11-18 224176]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2006-10-05 9216]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-05-06 50344]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 FsUsbExService;FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [2010-07-04 238952]
R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-10-07 154136]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-09 3275136]
R2 TeamViewer9;TeamViewer 9; C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe [2014-04-25 5024576]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2007-11-21 129632]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
R3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-09-11 770168]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-10-23 172192]
S2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO); C:\Program Files\Toshiba TEMPRO\TemproSvc.exe [2010-10-26 124368]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S3 Macromedia Licensing Service;Macromedia Licensing Service; C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe [2009-03-15 68096]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S4 FreemakeVideoCapture;FreemakeVideoCapture; C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe [2013-11-21 9216]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

Porad vam tam bezi MBAM. Odinstalujte ho, zere zbytecne pamet.

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

OTL logfile created on: 10.6.2014 7:51:42 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jarmila\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,87 Gb Total Physical Memory | 1,50 Gb Available Physical Memory | 52,27% Memory free
5,95 Gb Paging File | 3,88 Gb Available in Paging File | 65,30% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 116,29 Gb Total Space | 13,24 Gb Free Space | 11,39% Space Free | Partition Type: NTFS
Drive D: | 931,29 Gb Total Space | 425,92 Gb Free Space | 45,73% Space Free | Partition Type: FAT32
Drive E: | 115,13 Gb Total Space | 85,22 Gb Free Space | 74,02% Space Free | Partition Type: NTFS
Drive H: | 127,99 Gb Total Space | 83,33 Gb Free Space | 65,11% Space Free | Partition Type: NTFS
Drive J: | 104,89 Gb Total Space | 51,77 Gb Free Space | 49,35% Space Free | Partition Type: NTFS

Computer Name: JARIS | User Name: Jarmila | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014.06.10 07:42:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jarmila\Desktop\OTL.exe
PRC - [2014.06.07 00:00:40 | 003,890,208 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\avastui.exe
PRC - [2014.06.05 09:06:59 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\javaws.exe
PRC - [2014.05.11 22:15:00 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2014.05.06 23:59:47 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014.04.25 11:56:12 | 005,024,576 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
PRC - [2013.12.18 12:01:54 | 009,894,256 | ---- | M] (TechSmith Corporation) -- C:\Program Files\TechSmith\Snagit 11\Snagit32.exe
PRC - [2013.12.18 12:01:54 | 009,351,024 | ---- | M] (TechSmith Corporation) -- C:\Program Files\TechSmith\Snagit 11\SnagitEditor.exe
PRC - [2013.12.18 12:01:54 | 000,130,416 | ---- | M] (TechSmith Corporation) -- C:\Program Files\TechSmith\Snagit 11\SnagPriv.exe
PRC - [2013.12.18 11:45:10 | 000,046,080 | ---- | M] (TechSmith Corporation) -- C:\Program Files\TechSmith\Snagit 11\TscHelp.exe
PRC - [2013.10.09 10:58:16 | 003,275,136 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2013.04.18 11:06:42 | 000,737,616 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2013.04.18 11:06:32 | 000,179,024 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2013.04.18 11:06:24 | 000,158,032 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
PRC - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013.04.04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013.04.02 21:15:17 | 000,149,488 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\javaw.exe
PRC - [2011.09.20 10:17:44 | 000,115,048 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe
PRC - [2010.11.18 18:26:22 | 000,224,176 | ---- | M] () -- C:\Program Files\Abrosoft\FantaMorph5\FantaUp.exe
PRC - [2010.10.26 15:00:24 | 001,050,072 | ---- | M] (Toshiba Europe GmbH) -- C:\Program Files\Toshiba TEMPRO\TemproTray.exe
PRC - [2010.07.04 20:07:40 | 000,238,952 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe
PRC - [2009.10.07 01:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2009.08.15 06:38:20 | 000,614,400 | ---- | M] () -- C:\Windows\Samsung\PanelMgr\SSMMgr.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2007.11.21 17:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe
PRC - [2006.10.05 13:10:12 | 000,009,216 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe

========== Modules (No Company Name) ==========

MOD - [2014.05.22 09:26:03 | 001,711,616 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\ce6c051500f9e64025b58921cc632f51\Microsoft.VisualBasic.ni.dll
MOD - [2014.05.22 09:23:48 | 000,774,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\fbf434299b068c463296945c12845734\System.Runtime.Remoting.ni.dll
MOD - [2014.05.11 22:14:59 | 003,839,088 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2014.02.13 13:29:24 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\73726634ae4a00a21279a6a66b081301\System.ServiceProcess.ni.dll
MOD - [2014.02.13 13:28:24 | 000,978,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\d17ceca243fabda73eefb21d9bd072df\System.Configuration.ni.dll
MOD - [2014.02.13 13:26:51 | 005,462,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f87e71868aedbc6c4e8fe7160d17c4ab\System.Xml.ni.dll
MOD - [2014.02.13 13:26:29 | 012,434,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d2b605fc7deda872727d1ed37710420e\System.Windows.Forms.ni.dll
MOD - [2014.02.13 13:26:16 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\8e6265a54260bddfc05951e764f5bc48\System.Drawing.ni.dll
MOD - [2014.02.13 13:25:01 | 012,218,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\07d57714fff9db216537473f4a777f22\PresentationCore.ni.dll
MOD - [2014.02.13 13:24:46 | 003,325,440 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d981bccab40fbbdc1d35bf2a58c947b7\WindowsBase.ni.dll
MOD - [2014.02.13 13:24:38 | 007,977,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\957628d9dd7b3bf370a56dca7835a997\System.ni.dll
MOD - [2014.02.13 13:24:19 | 011,497,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\694a37a84dee2cd2609a1dfab27c0433\mscorlib.ni.dll
MOD - [2014.02.13 11:36:09 | 000,260,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsForm0b574481#\1ab52f8951c2ab97592ec25830dd5165\WindowsFormsIntegration.ni.dll
MOD - [2014.02.13 11:32:24 | 000,190,976 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\75b6a68103e1b76063d9f69b8275ae61\UIAutomationTypes.ni.dll
MOD - [2014.02.13 11:32:18 | 000,018,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio49d6fefe#\47e7fc401facd4a5d3f2237f16948f36\PresentationFramework-SystemXml.ni.dll
MOD - [2014.02.13 10:03:02 | 001,889,792 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\3fe705796c6a41d4889d9001d1c56af8\System.Xaml.ni.dll
MOD - [2014.02.13 10:02:35 | 012,894,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\f4f6ee0df2aa4189bf36e6335cb92761\System.Windows.Forms.ni.dll
MOD - [2014.02.13 10:02:33 | 018,813,440 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\a4b45c44490c75bc2fb22780e7ef087d\PresentationFramework.ni.dll
MOD - [2014.02.13 10:02:18 | 001,644,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\5cd2aee5e7c07227c694d89219688ab3\System.Drawing.ni.dll
MOD - [2014.02.13 10:01:56 | 011,025,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\a74542efbeb46445949a39026c501132\PresentationCore.ni.dll
MOD - [2014.02.13 10:01:32 | 000,470,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio1c9175f8#\75f8bc4cf08030c4a53b6d5e0ae20046\PresentationFramework.Aero.ni.dll
MOD - [2014.02.13 10:01:30 | 003,950,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\acf97bfe2a931d4a47253b26b7218991\WindowsBase.ni.dll
MOD - [2014.02.13 10:01:12 | 007,662,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\bada32953bb6b16a53d653eae23d78dc\System.Xml.ni.dll
MOD - [2014.02.13 10:01:12 | 006,990,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\dce99d8de14d8a015313db98c72552ee\System.Core.ni.dll
MOD - [2014.02.13 10:00:57 | 000,976,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\bbc48ec4245e502ae19b0601d3799c9e\System.Configuration.ni.dll
MOD - [2014.02.13 10:00:45 | 010,060,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\ff26cc03e6d57d8abd13b990332e67c6\System.ni.dll
MOD - [2014.02.13 10:00:25 | 016,953,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ce5f61c5754789df97be8dc991c47d07\mscorlib.ni.dll
MOD - [2013.12.18 11:50:56 | 000,128,512 | ---- | M] () -- C:\Program Files\TechSmith\Snagit 11\VideoRecording.dll
MOD - [2013.12.18 11:50:36 | 000,110,592 | ---- | M] () -- C:\Program Files\TechSmith\Snagit 11\SDKRecorder.dll
MOD - [2013.12.18 11:48:00 | 001,298,432 | R--- | M] () -- C:\Program Files\TechSmith\Snagit 11\PDFLib.dll
MOD - [2013.11.01 11:46:15 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2013.04.02 21:15:18 | 000,158,704 | ---- | M] () -- C:\Program Files\Java\jre6\lib\deploy\lzma.dll
MOD - [2012.01.29 17:54:40 | 000,408,576 | ---- | M] () -- C:\Program Files\TeraCopy\TeraCopy.dll
MOD - [2011.09.27 08:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.09.27 08:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2009.08.15 06:38:20 | 000,614,400 | ---- | M] () -- C:\Windows\Samsung\PanelMgr\SSMMgr.exe
MOD - [2009.03.31 20:04:50 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009.03.31 20:04:50 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_cs_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2007.05.22 10:59:22 | 000,128,512 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2007.03.20 17:19:36 | 000,319,488 | ---- | M] () -- C:\Program Files\WinRAR\rarlng.dll

========== Services (SafeList) ==========

SRV - [2014.05.06 23:59:47 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2014.04.25 11:56:12 | 005,024,576 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe -- (TeamViewer9)
SRV - [2013.11.21 10:58:56 | 000,009,216 | ---- | M] (Ellora Assets Corp.) [Disabled | Stopped] -- C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe -- (FreemakeVideoCapture)
SRV - [2013.10.23 08:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.10.09 10:58:16 | 003,275,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013.04.18 11:06:42 | 000,737,616 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013.02.04 18:43:22 | 000,155,824 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2010.11.18 18:26:22 | 000,224,176 | ---- | M] () [Auto | Running] -- C:\Program Files\Abrosoft\FantaMorph5\FantaUp.exe -- (Abrosoft: Abrosoft FantaMorph update permissions manager. 12810.)
SRV - [2010.10.26 15:00:16 | 000,124,368 | ---- | M] (Toshiba Europe GmbH) [Auto | Stopped] -- C:\Program Files\Toshiba TEMPRO\TemproSvc.exe -- (TemproMonitoringService)
SRV - [2010.07.04 20:07:40 | 000,238,952 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2009.10.07 01:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2009.03.15 16:32:56 | 000,068,096 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe -- (Macromedia Licensing Service)
SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.11.21 17:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
SRV - [2006.10.05 13:10:12 | 000,009,216 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)

========== Driver Services (SafeList) ==========

DRV - [2014.05.15 14:56:26 | 000,777,488 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswsnx.sys -- (aswSnx)
DRV - [2014.05.15 14:56:25 | 000,054,832 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswrdr.sys -- (aswRdr)
DRV - [2014.05.15 14:56:24 | 000,411,680 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswsp.sys -- (aswSP)
DRV - [2014.05.07 00:00:05 | 000,057,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2014.05.07 00:00:04 | 000,180,632 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2014.05.07 00:00:04 | 000,067,824 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2014.05.07 00:00:04 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2014.05.07 00:00:04 | 000,024,184 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\aswHwid.sys -- (aswHwid)
DRV - [2014.04.15 16:34:40 | 000,013,464 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SWDUMon.sys -- (SWDUMon)
DRV - [2013.11.06 21:33:12 | 000,073,728 | ---- | M] (SMSC) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lan7500-x86-n60f.sys -- (LAN7500)
DRV - [2013.07.27 09:54:10 | 000,145,152 | ---- | M] (ITE ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\IT9135BDA.sys -- (IT9135BDA)
DRV - [2013.04.04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2013.03.07 10:49:20 | 000,014,920 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\epmntdrv.sys -- (epmntdrv)
DRV - [2013.03.07 10:49:20 | 000,009,160 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\EuGdiDrv.sys -- (EuGdiDrv)
DRV - [2013.01.23 10:31:50 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2013.01.23 10:31:50 | 000,018,560 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2013.01.23 10:31:50 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2013.01.23 10:31:50 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2012.12.29 22:59:38 | 000,024,184 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- C:\Windows\System32\speedfan.sys -- (speedfan)
DRV - [2012.10.17 14:53:46 | 000,019,072 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2012.08.27 20:51:50 | 000,181,128 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rusb3xhc.sys -- (rusb3xhc)
DRV - [2012.08.27 20:51:46 | 000,091,016 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rusb3hub.sys -- (rusb3hub)
DRV - [2011.08.26 15:11:34 | 000,028,016 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Program Files\IObit\IObit Unlocker\IObitUnlocker.sys -- (IObitUnlocker)
DRV - [2011.06.15 10:23:56 | 000,060,156 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2011.02.11 23:23:34 | 000,035,088 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\npf.sys -- (npf)
DRV - [2010.06.14 10:32:54 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009.12.30 11:21:18 | 000,027,192 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\revoflt.sys -- (Revoflt)
DRV - [2009.10.07 01:46:36 | 000,025,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2009.09.10 15:58:26 | 000,021,648 | ---- | M] (OLYMPUS IMAGING CORP.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\OlyCamComm.sys -- (OlyCamComm)
DRV - [2009.06.09 04:18:16 | 000,038,400 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\DGIVECP.SYS -- (DgiVecp)
DRV - [2009.05.01 00:56:30 | 000,495,768 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LV561AV.SYS -- (PID_0928)
DRV - [2008.10.09 15:42:42 | 000,017,408 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\KMWDFILTER.sys -- (KMWDFILTER)
DRV - [2008.07.18 19:52:16 | 000,279,376 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\tos_sps32.sys -- (tos_sps32)
DRV - [2008.07.15 19:59:06 | 000,017,960 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\UVCFTR_S.SYS -- (UVCFTR)
DRV - [2008.05.16 11:33:14 | 000,115,752 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016unic.sys -- (s0016unic)
DRV - [2008.05.16 11:33:14 | 000,025,512 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016nd5.sys -- (s0016nd5)
DRV - [2008.05.16 11:33:14 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016mdfl.sys -- (s0016mdfl)
DRV - [2008.05.16 11:33:12 | 000,120,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016mdm.sys -- (s0016mdm)
DRV - [2008.05.16 11:33:12 | 000,114,216 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016mgmt.sys -- (s0016mgmt)
DRV - [2008.05.16 11:33:12 | 000,110,632 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016obex.sys -- (s0016obex)
DRV - [2008.05.16 11:33:12 | 000,089,256 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016bus.sys -- (s0016bus)
DRV - [2008.01.10 19:34:44 | 000,005,120 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\SSPORT.SYS -- (SSPORT)
DRV - [2007.11.09 15:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\TVALZ_O.SYS -- (TVALZ)
DRV - [2007.04.23 11:50:50 | 000,025,896 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | System | Running] -- C:\Windows\System32\drivers\RtlProt.sys -- (RtlProt)
DRV - [2006.11.28 16:11:00 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006.11.20 14:11:14 | 000,007,168 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\FwLnk.sys -- (FwLnk)
DRV - [2006.10.18 11:50:04 | 000,016,128 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2006.07.24 17:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2006.05.01 13:59:18 | 000,086,560 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SE31obex.sys -- (SE31obex)
DRV - [2006.05.01 13:58:30 | 000,088,688 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SE31mgmt.sys -- (SE31mgmt)
DRV - [2006.05.01 13:57:42 | 000,097,184 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SE31mdm.sys -- (SE31mdm)
DRV - [2006.05.01 13:57:38 | 000,009,360 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SE31mdfl.sys -- (SE31mdfl)
DRV - [2006.05.01 13:56:48 | 000,061,600 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SE31bus.sys -- (SE31bus)
DRV - [2006.05.01 13:56:16 | 000,018,704 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\se31nd5.sys -- (se31nd5)
DRV - [2006.05.01 13:56:12 | 000,090,800 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\se31unic.sys -- (se31unic)
DRV - [2000.01.01 02:00:00 | 000,363,112 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2000.01.01 02:00:00 | 000,347,648 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTL8187B.sys -- (RTL8187B)
DRV - [1996.04.03 21:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\giveio.sys -- (giveio)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1455131556-454660493-2243824727-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-1455131556-454660493-2243824727-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-1455131556-454660493-2243824727-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1455131556-454660493-2243824727-1000\..\SearchScopes\${searchCLSID}: "URL" = http://search.live.com/results.aspx?q={ ... rer:source?}
IE - HKU\S-1-5-21-1455131556-454660493-2243824727-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1455131556-454660493-2243824727-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1455131556-454660493-2243824727-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1455131556-454660493-2243824727-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 81.27.195.6:3128

========== FireFox ==========

FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=183666"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.seznam.cz"
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.15
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.22
FF - prefs.js..extensions.enabledAddons: %7B003D3EDC-99B9-4a34-9C20-60CB94F7E829%7D:14.0
FF - prefs.js..extensions.enabledAddons: %7Bd91a2be6-3b56-4dfb-97f5-5e48fe3ed473%7D:1.0
FF - prefs.js..extensions.enabledAddons: ClassicThemeRestorer%40ArisT2Noia4dev:1.1.8
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:29.0.1
FF - prefs.js..network.proxy.type: 4
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1209149.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.60.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.60.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014.05.07 00:00:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2014.05.04 15:11:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014.05.04 15:11:14 | 000,000,000 | ---D | M]

[2012.03.27 21:58:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jarmila\AppData\Roaming\mozilla\Extensions
[2014.06.07 09:15:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jarmila\AppData\Roaming\mozilla\Firefox\Profiles\9r7lebi0.default\extensions
[2014.05.04 16:02:29 | 000,000,000 | ---D | M] (WebTran) -- C:\Users\Jarmila\AppData\Roaming\mozilla\Firefox\Profiles\9r7lebi0.default\extensions\{003D3EDC-99B9-4a34-9C20-60CB94F7E829}
[2014.03.31 09:38:06 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Jarmila\AppData\Roaming\mozilla\Firefox\Profiles\9r7lebi0.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2014.05.06 15:53:40 | 000,000,000 | ---D | M] (CSHelper) -- C:\Users\Jarmila\AppData\Roaming\mozilla\Firefox\Profiles\9r7lebi0.default\extensions\{d91a2be6-3b56-4dfb-97f5-5e48fe3ed473}
[2014.04.26 14:20:29 | 000,000,000 | ---D | M] ("Default Theme Engine - Personas Interactive") -- C:\Users\Jarmila\AppData\Roaming\mozilla\Firefox\Profiles\9r7lebi0.default\extensions\btpersonas@brandthunder.com
[2014.02.28 18:43:28 | 000,000,000 | ---D | M] (LastPass) -- C:\Users\Jarmila\AppData\Roaming\mozilla\Firefox\Profiles\9r7lebi0.default\extensions\support@lastpass.com
[2014.05.06 16:38:01 | 000,232,523 | ---- | M] () (No name found) -- C:\Users\Jarmila\AppData\Roaming\mozilla\firefox\profiles\9r7lebi0.default\extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi
[2014.06.06 22:34:37 | 000,161,137 | ---- | M] () (No name found) -- C:\Users\Jarmila\AppData\Roaming\mozilla\firefox\profiles\9r7lebi0.default\extensions\no-clickjacking@daohoangson.com.xpi
[2014.04.24 14:18:23 | 000,053,620 | ---- | M] () (No name found) -- C:\Users\Jarmila\AppData\Roaming\mozilla\firefox\profiles\9r7lebi0.default\extensions\yesscript@userstyles.org.xpi
[2014.06.07 09:15:05 | 000,537,510 | ---- | M] () (No name found) -- C:\Users\Jarmila\AppData\Roaming\mozilla\firefox\profiles\9r7lebi0.default\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi
[2014.06.04 06:52:51 | 000,533,636 | ---- | M] () (No name found) -- C:\Users\Jarmila\AppData\Roaming\mozilla\firefox\profiles\9r7lebi0.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2014.06.05 09:10:57 | 000,152,572 | ---- | M] () (No name found) -- C:\Users\Jarmila\AppData\Roaming\mozilla\firefox\profiles\9r7lebi0.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi
[2014.06.05 09:10:57 | 000,967,387 | ---- | M] () (No name found) -- C:\Users\Jarmila\AppData\Roaming\mozilla\firefox\profiles\9r7lebi0.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014.02.15 19:58:49 | 000,287,566 | ---- | M] () (No name found) -- C:\Users\Jarmila\AppData\Roaming\mozilla\firefox\profiles\9r7lebi0.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2014.06.09 18:33:18 | 000,002,304 | ---- | M] () -- C:\Users\Jarmila\AppData\Roaming\mozilla\firefox\profiles\9r7lebi0.default\searchplugins\filmova-databaze-fdbcz.xml
[2012.04.08 12:50:05 | 000,002,053 | ---- | M] () -- C:\Users\Jarmila\AppData\Roaming\mozilla\firefox\profiles\9r7lebi0.default\searchplugins\firmycz.xml
[2012.10.06 22:13:04 | 000,002,048 | ---- | M] () -- C:\Users\Jarmila\AppData\Roaming\mozilla\firefox\profiles\9r7lebi0.default\searchplugins\mapycz.xml
[2012.04.08 09:11:18 | 000,002,091 | ---- | M] () -- C:\Users\Jarmila\AppData\Roaming\mozilla\firefox\profiles\9r7lebi0.default\searchplugins\vyhledvn-vide-ve-slub-youtube.xml
[2012.04.01 18:00:04 | 000,001,470 | ---- | M] () -- C:\Users\Jarmila\AppData\Roaming\mozilla\firefox\profiles\9r7lebi0.default\searchplugins\wwwslovnik-cizich-slovcz.xml
[2013.08.20 11:21:46 | 000,000,904 | ---- | M] () -- C:\Users\Jarmila\AppData\Roaming\mozilla\firefox\profiles\9r7lebi0.default\searchplugins\yahoo.xml
[2012.10.06 22:13:11 | 000,002,214 | ---- | M] () -- C:\Users\Jarmila\AppData\Roaming\mozilla\firefox\profiles\9r7lebi0.default\searchplugins\zbocz.xml
[2014.05.04 15:11:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2014.05.04 15:11:13 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2014.05.04 15:11:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014.05.04 15:11:12 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2014.05.11 22:15:01 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013.06.29 06:22:12 | 000,028,672 | ---- | M] (Xi) -- C:\Program Files\mozilla firefox\plugins\NPNXCatcher(Audio).dll
[2013.06.29 06:24:23 | 000,028,672 | ---- | M] (Xi) -- C:\Program Files\mozilla firefox\plugins\NPNXCatcher(Video).dll
[2013.06.29 06:19:46 | 000,028,672 | ---- | M] (Xi) -- C:\Program Files\mozilla firefox\plugins\NPNXCatcher.dll

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Error reading preferences file
CHR - Extension: Dokumenty Google = C:\Users\Jarmila\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Disk Google = C:\Users\Jarmila\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Jarmila\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: VyhledĂˇvĂˇnĂ Google = C:\Users\Jarmila\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: avast! Online Security = C:\Users\Jarmila\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2016.82_0\
CHR - Extension: avast! Online Security = C:\Users\Jarmila\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2018.95_0\
CHR - Extension: Pen\u011b\u017eenka Google = C:\Users\Jarmila\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Jarmila\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2014.05.20 12:14:49 | 000,001,113 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: Kód:
O1 - Hosts: 127.0.0.1 ad-emea.doubleclick.net
O1 - Hosts: 127.0.0.1 googleads.g.doubleclick.net
O1 - Hosts: 127.0.0.1 pagead2.googlesyndication.com
O1 - Hosts: 127.0.0.1 player.kmpmedia.net
O1 - Hosts: 0.0.0.0 a.dlqm.síť
O1 - Hosts: 0.0.0.0 adchoices-ikona-cde-1968696106.nás-east - 1.elb.amazonaws.com
O1 - Hosts: 0.0.0.0 inzerátamgdgt.com
O1 - Hosts: 0.0.0.0 inzerátdvojstisk.síť
O1 - Hosts: 0.0.0.0 ads1.msads.síť
O1 - Hosts: 0.0.0.0 ads2.msads.síť
O1 - Hosts: 0.0.0.0 aidps.atdmt.com
O1 - Hosts: 0.0.0.0 ajax.aspnetcdn.com
O1 - Hosts: 0.0.0.0 amch.questionmarket.com
O1 - Hosts: 0.0.0.0 v.amgdgt.com
O1 - Hosts: 0.0.0.0 c.msn.com
O1 - Hosts: 0.0.0.0 cdn.amgdgt.com
O1 - Hosts: 0.0.0.0 cdn.doubleverify.com
O1 - Hosts: 0.0.0.0 cm.ac3.microsoft.com
O1 - Hosts: 0.0.0.0 cm.adc.glbdns.microsoft.com
O1 - Hosts: 0.0.0.0 ošizený.Skype.com
O1 - Hosts: 0.0.0.0 jádro.insightexpressai.com
O1 - Hosts: 0.0.0.0 fw.adsafeprotected.com
O1 - Hosts: 0.0.0.0 grsregister.trafficmanager.síť
O1 - Hosts: 12 more lines...
O2 - BHO: (WebTransBHO Class) - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\TRANSLAT\WebIE.dll ()
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (WebTranslator) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\TRANSLAT\WebIE.dll ()
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [RUSB3MON] C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe ()
O4 - HKLM..\Run: [Toshiba TEMPRO] C:\Program Files\Toshiba TEMPRO\TemproTray.exe (Toshiba Europe GmbH)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1455131556-454660493-2243824727-1000..\Run: [] File not found
O4 - HKU\S-1-5-21-1455131556-454660493-2243824727-1000..\Run: [NokiaSuite.exe] C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe (Nokia)
O4 - HKU\S-1-5-21-1455131556-454660493-2243824727-1000..\Run: [Process Liquidator] File not found
O4 - HKU\S-1-5-21-1455131556-454660493-2243824727-1000..\Run: [WEBTRAN] File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1455131556-454660493-2243824727-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1455131556-454660493-2243824727-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3
O7 - HKU\S-1-5-21-1455131556-454660493-2243824727-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKU\S-1-5-21-1455131556-454660493-2243824727-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
O9 - Extra Button: Přeložit - {230D1201-7607-4CF6-A11F-9E4BF0A333E0} - Reg Error: Key error. File not found
O9 - Extra Button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\TRANSLAT\WebIE.dll ()
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\TRANSLAT\WebIE.dll ()
O9 - Extra 'Tools' menuitem : &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\TRANSLAT\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\TRANSLAT\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\TRANSLAT\WebIE.dll ()
O15 - HKU\S-1-5-21-1455131556-454660493-2243824727-1000\..Trusted Domains: localhost ([]http in Internet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 10.60.2)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_34)
O16 - DPF: {CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 10.60.2)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 213.46.172.37
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9B0225FC-D3EC-4418-ABC6-98251462BD30}: DhcpNameServer = 213.46.172.36 213.46.172.37
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img23.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img23.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013.08.26 15:02:20 | 000,000,000 | R--D | M] - C:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2013.08.26 15:02:28 | 000,000,000 | ---D | M] - E:\Autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.ac3acm - C:\Windows\System32\AC3ACM.acm (fccHandler)
Drivers32: msacm.alf2cd - C:\Windows\System32\alf2cd.acm (NCT Company)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.scg726 - C:\Windows\System32\Scg726.acm (SHARP Corporation)
Drivers32: msacm.voxacm160 - C:\Windows\System32\vct3216.acm (Voxware, Inc.)
Drivers32: MSVideo - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\System32\divx.dll (DivXNetworks, Inc.)
Drivers32: vidc.dvsd - C:\Windows\System32\mcdvd_32.dll (MainConcept)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: VIDC.I420 - C:\Windows\System32\LVCodec2.dll (Logitech Inc.)
Drivers32: vidc.mjpg - pvmjpg30.dll File not found
Drivers32: vidc.pDAD - C:\Windows\System32\prodad-codec.dll (proDAD GmbH)
Drivers32: vidc.xvid - C:\Windows\System32\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2014.06.10 07:42:28 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Jarmila\Desktop\OTL.exe
[2014.06.09 18:36:43 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014.06.09 08:54:43 | 000,000,000 | ---D | C] -- C:\Users\Jarmila\AppData\Local\{587DB551-9061-4EAA-85F9-472A7A11ED35}
[2014.06.07 15:07:02 | 000,692,400 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2014.06.07 15:07:02 | 000,070,832 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2014.06.06 10:28:19 | 000,000,000 | ---D | C] -- C:\Users\Jarmila\AppData\Local\Windows Live Writer
[2014.06.06 10:28:18 | 000,000,000 | ---D | C] -- C:\Users\Jarmila\AppData\Roaming\Windows Live Writer
[2014.06.06 10:28:07 | 000,000,000 | ---D | C] -- C:\Users\Jarmila\AppData\Local\{6F1BE955-6471-422F-A837-AB3E19DD1F80}
[2014.06.06 09:48:20 | 000,000,000 | ---D | C] -- C:\rsit
[2014.06.05 09:35:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Informer Technologies, Inc
[2014.06.05 09:34:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Software Informer
[2014.06.05 09:34:58 | 000,000,000 | ---D | C] -- C:\Users\Jarmila\AppData\Roaming\Software Informer
[2014.06.05 09:34:58 | 000,000,000 | ---D | C] -- C:\Program Files\Software Informer
[2014.06.05 09:07:30 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2014.06.05 09:07:11 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2014.06.05 09:07:11 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2014.06.05 09:07:11 | 000,096,680 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2014.06.02 19:11:37 | 000,000,000 | ---D | C] -- C:\Users\Jarmila\Documents\Abrosoft FantaMorph
[2014.06.02 19:11:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Abrosoft FantaMorph 5
[2014.06.02 19:11:18 | 000,000,000 | ---D | C] -- C:\Program Files\Abrosoft
[2014.05.31 17:40:44 | 000,000,000 | ---D | C] -- C:\Users\Jarmila\AppData\Roaming\XBMC
[2014.05.31 17:38:23 | 000,000,000 | ---D | C] -- C:\Users\Jarmila\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XBMC
[2014.05.31 17:37:41 | 000,000,000 | ---D | C] -- C:\Program Files\XBMC
[2014.05.31 17:14:32 | 000,000,000 | ---D | C] -- C:\Users\Jarmila\.objectdb
[2014.05.31 17:14:26 | 000,000,000 | ---D | C] -- C:\Users\Jarmila\AppData\Roaming\VitySoft
[2014.05.26 11:44:32 | 000,000,000 | -HSD | C] -- C:\Windows\System32\AI_RecycleBin
[2014.05.26 08:08:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2014.05.26 08:08:20 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2014.05.23 15:23:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xilisoft
[2014.05.23 15:22:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Xilisoft
[2014.05.23 15:22:37 | 000,000,000 | ---D | C] -- C:\Program Files\Xilisoft
[2014.05.22 22:32:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avidemux
[2014.05.22 22:32:46 | 000,000,000 | ---D | C] -- C:\Program Files\Avidemux 2.6
[2014.05.22 22:16:02 | 000,000,000 | ---D | C] -- C:\Users\Jarmila\AppData\Roaming\avidemux
[2014.05.22 18:55:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XviD
[2014.05.22 18:55:28 | 000,000,000 | ---D | C] -- C:\Program Files\XviD
[2014.05.22 18:53:43 | 000,000,000 | ---D | C] -- C:\Users\Jarmila\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VobSub
[2014.05.22 18:53:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VobSub
[2014.05.22 18:53:41 | 000,000,000 | ---D | C] -- C:\Program Files\Gabest
[2014.05.22 18:11:32 | 000,000,000 | ---D | C] -- C:\Users\Jarmila\AppData\Local\{38041798-ED31-440F-B16C-08427ACDF34F}
[2014.05.22 18:11:02 | 000,000,000 | ---D | C] -- C:\Users\Jarmila\AppData\Local\{A0AD24BC-CC47-4829-9C6C-ED869E43F51E}
[2014.05.22 15:51:03 | 000,000,000 | ---D | C] -- C:\Users\Jarmila\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
[2014.05.18 10:07:31 | 000,000,000 | ---D | C] -- C:\Users\Jarmila\Documents\PPT to Video
[2014.05.18 10:03:27 | 000,000,000 | ---D | C] -- C:\Users\Jarmila\Documents\PPT to Video Log Files
[2014.05.18 10:03:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
[2014.05.18 10:03:02 | 000,000,000 | ---D | C] -- C:\Program Files\Wondershare
[2014.05.17 19:27:10 | 000,000,000 | ---D | C] -- C:\Users\Jarmila\Documents\PPT to Video Pro
[2014.05.17 19:24:58 | 000,000,000 | ---D | C] -- C:\Users\Jarmila\Documents\PPT to Video Pro Log Files
[2014.05.14 12:01:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2014.05.14 11:56:18 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2014.04.17 10:13:30 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Jarmila\AppData\Roaming\pcouffin.sys
[2013.03.13 09:03:40 | 002,174,976 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Program Files\Common Files\atimpenc.dll
[2008.10.26 04:13:58 | 002,592,349 | ---- | C] (The GLib developer community) -- C:\Program Files\libglib-2.0-0.dll

========== Files - Modified Within 30 Days ==========

[2014.06.10 07:55:10 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.06.10 07:42:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jarmila\Desktop\OTL.exe
[2014.06.10 06:46:56 | 000,003,216 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2014.06.10 06:46:56 | 000,003,216 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2014.06.09 14:31:27 | 047,775,744 | ---- | M] () -- C:\Users\Jarmila\Desktop\P4080765.raw
[2014.06.09 14:30:41 | 000,194,048 | ---- | M] () -- C:\Users\Jarmila\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014.06.08 22:46:17 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.06.08 22:44:41 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2014.06.08 20:47:14 | 000,001,844 | ---- | M] () -- C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
[2014.06.08 19:25:49 | 001,333,465 | ---- | M] () -- C:\Users\Jarmila\Desktop\AdwCleaner.exe
[2014.06.08 12:07:46 | 060,495,245 | ---- | M] () -- C:\Users\Jarmila\Desktop\Počasí v Řepých 25.5.2014.mov
[2014.06.08 09:55:19 | 197,969,487 | ---- | M] () -- C:\Users\Jarmila\Desktop\export.gif
[2014.06.08 09:15:39 | 047,325,776 | ---- | M] () -- C:\Users\Jarmila\Desktop\Řepy za 12 hod.swf
[2014.06.07 17:44:24 | 000,645,320 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2014.06.07 17:44:24 | 000,634,484 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014.06.07 17:44:24 | 000,137,958 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2014.06.07 17:44:24 | 000,120,050 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014.06.07 15:45:09 | 000,000,057 | ---- | M] () -- C:\trl.cfg
[2014.06.07 15:07:02 | 000,692,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2014.06.07 15:07:02 | 000,070,832 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2014.06.06 08:04:32 | 000,002,355 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2014.06.05 11:39:59 | 000,000,920 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 9.lnk
[2014.06.05 09:34:59 | 000,000,832 | ---- | M] () -- C:\Users\Public\Desktop\Software Informer.lnk
[2014.06.05 09:31:18 | 000,000,838 | ---- | M] () -- C:\Users\Jarmila\Documents\cc_20140605_093115.reg
[2014.06.05 09:30:26 | 000,013,690 | ---- | M] () -- C:\Users\Jarmila\Documents\cc_20140605_093021.reg
[2014.06.05 09:07:02 | 000,096,680 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2014.06.05 09:06:59 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2014.06.05 09:06:59 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2014.06.05 09:06:59 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2014.06.05 08:39:20 | 000,001,016 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-18UA.job
[2014.06.05 08:39:20 | 000,000,964 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-18Core.job
[2014.06.05 08:39:20 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014.06.05 08:39:20 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014.06.05 07:33:02 | 000,001,189 | ---- | M] () -- C:\Users\Jarmila\AppData\Roaming\vso_ts_preview.xml
[2014.06.04 08:22:16 | 049,383,936 | ---- | M] () -- C:\Users\Jarmila\Desktop\Bratranci.avi
[2014.06.04 08:21:23 | 001,789,926 | ---- | M] () -- C:\Users\Jarmila\Desktop\bratranci.swf
[2014.06.02 19:11:22 | 000,000,927 | ---- | M] () -- C:\Users\Jarmila\Desktop\Abrosoft FantaMorph 5.lnk
[2014.06.01 14:19:28 | 000,000,270 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2014.05.26 17:04:55 | 000,000,038 | ---- | M] () -- C:\Windows\AviSplitter.INI
[2014.05.26 14:23:58 | 000,001,024 | ---- | M] () -- C:\.rnd
[2014.05.26 08:16:06 | 000,000,468 | ---- | M] () -- C:\Users\Jarmila\Documents\cc_20140526_081603.reg
[2014.05.26 08:15:20 | 000,034,602 | ---- | M] () -- C:\Users\Jarmila\Documents\cc_20140526_081515.reg
[2014.05.26 08:08:27 | 000,000,769 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014.05.24 22:25:48 | 040,572,250 | ---- | M] () -- C:\Users\Jarmila\Moje prezentace.avi
[2014.05.23 16:07:29 | 000,000,644 | ---- | M] () -- C:\Users\Jarmila\Desktop\VirtualDub.exe – zástupce.lnk
[2014.05.23 15:23:22 | 000,001,924 | ---- | M] () -- C:\Users\Public\Desktop\Xilisoft Video Converter Ultimate.lnk
[2014.05.23 11:56:42 | 000,000,349 | ---- | M] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2014.05.22 22:32:55 | 000,000,799 | ---- | M] () -- C:\Users\Public\Desktop\Avidemux 2.6 (32-bit).lnk
[2014.05.22 15:51:04 | 000,000,956 | ---- | M] () -- C:\Users\Jarmila\Desktop\Format Factory.lnk
[2014.05.18 10:03:09 | 000,000,931 | ---- | M] () -- C:\Users\Public\Desktop\Wondershare PPT to Video.lnk
[2014.05.15 14:56:26 | 000,777,488 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswsnx.sys
[2014.05.15 14:56:25 | 000,054,832 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswrdr.sys
[2014.05.15 14:56:24 | 000,411,680 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswsp.sys
[2014.05.15 13:25:11 | 000,000,408 | ---- | M] () -- C:\Users\Jarmila\AppData\Roaming\CamShapes.ini
[2014.05.15 13:25:11 | 000,000,408 | ---- | M] () -- C:\Users\Jarmila\AppData\Roaming\CamLayout.ini
[2014.05.15 13:25:11 | 000,000,120 | ---- | M] () -- C:\Users\Jarmila\AppData\Roaming\Camdata.ini
[2014.05.15 13:24:32 | 000,004,416 | ---- | M] () -- C:\Users\Jarmila\AppData\Roaming\CamStudio.cfg
[2014.05.12 07:23:35 | 000,007,728 | ---- | M] () -- C:\Users\Jarmila\AppData\Local\d3d9caps.dat

========== Files Created - No Company Name ==========

[2014.06.10 07:55:10 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.06.09 14:31:26 | 047,775,744 | ---- | C] () -- C:\Users\Jarmila\Desktop\P4080765.raw
[2014.06.08 20:47:14 | 000,001,844 | ---- | C] () -- C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
[2014.06.08 19:25:41 | 001,333,465 | ---- | C] () -- C:\Users\Jarmila\Desktop\AdwCleaner.exe
[2014.06.08 12:04:18 | 060,495,245 | ---- | C] () -- C:\Users\Jarmila\Desktop\Počasí v Řepých 25.5.2014.mov
[2014.06.08 09:28:18 | 197,969,487 | ---- | C] () -- C:\Users\Jarmila\Desktop\export.gif
[2014.06.08 09:15:37 | 047,325,776 | ---- | C] () -- C:\Users\Jarmila\Desktop\Řepy za 12 hod.swf
[2014.06.05 09:34:59 | 000,000,832 | ---- | C] () -- C:\Users\Public\Desktop\Software Informer.lnk
[2014.06.05 09:31:16 | 000,000,838 | ---- | C] () -- C:\Users\Jarmila\Documents\cc_20140605_093115.reg
[2014.06.05 09:30:23 | 000,013,690 | ---- | C] () -- C:\Users\Jarmila\Documents\cc_20140605_093021.reg
[2014.06.04 08:21:14 | 001,789,926 | ---- | C] () -- C:\Users\Jarmila\Desktop\bratranci.swf
[2014.06.04 08:18:34 | 049,383,936 | ---- | C] () -- C:\Users\Jarmila\Desktop\Bratranci.avi
[2014.06.02 19:11:22 | 000,000,927 | ---- | C] () -- C:\Users\Jarmila\Desktop\Abrosoft FantaMorph 5.lnk
[2014.05.26 08:16:05 | 000,000,468 | ---- | C] () -- C:\Users\Jarmila\Documents\cc_20140526_081603.reg
[2014.05.26 08:15:17 | 000,034,602 | ---- | C] () -- C:\Users\Jarmila\Documents\cc_20140526_081515.reg
[2014.05.26 08:08:27 | 000,000,769 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014.05.24 22:19:08 | 040,572,250 | ---- | C] () -- C:\Users\Jarmila\Moje prezentace.avi
[2014.05.23 16:07:29 | 000,000,644 | ---- | C] () -- C:\Users\Jarmila\Desktop\VirtualDub.exe – zástupce.lnk
[2014.05.23 15:23:22 | 000,001,924 | ---- | C] () -- C:\Users\Public\Desktop\Xilisoft Video Converter Ultimate.lnk
[2014.05.22 22:32:55 | 000,000,799 | ---- | C] () -- C:\Users\Public\Desktop\Avidemux 2.6 (32-bit).lnk
[2014.05.22 15:51:04 | 000,000,956 | ---- | C] () -- C:\Users\Jarmila\Desktop\Format Factory.lnk
[2014.05.21 11:41:21 | 000,001,024 | ---- | C] () -- C:\.rnd
[2014.05.18 10:03:09 | 000,000,931 | ---- | C] () -- C:\Users\Public\Desktop\Wondershare PPT to Video.lnk
[2014.05.13 12:40:42 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2014.05.07 00:00:15 | 000,024,184 | ---- | C] () -- C:\Windows\System32\drivers\aswHwid.sys
[2014.04.17 10:26:21 | 000,001,189 | ---- | C] () -- C:\Users\Jarmila\AppData\Roaming\vso_ts_preview.xml
[2014.04.17 10:13:30 | 000,087,608 | ---- | C] () -- C:\Users\Jarmila\AppData\Roaming\inst.exe
[2014.04.17 10:13:30 | 000,007,887 | ---- | C] () -- C:\Users\Jarmila\AppData\Roaming\pcouffin.cat
[2014.04.17 10:13:30 | 000,001,144 | ---- | C] () -- C:\Users\Jarmila\AppData\Roaming\pcouffin.inf
[2014.03.31 11:30:18 | 000,082,289 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2014.02.25 20:54:37 | 000,180,632 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2014.02.25 20:54:34 | 000,049,944 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2014.02.05 13:13:51 | 000,000,218 | ---- | C] () -- C:\Users\Jarmila\.recently-used.xbel
[2014.01.30 12:01:38 | 000,000,373 | ---- | C] () -- C:\Windows\EMICLOCK.INI
[2014.01.30 03:37:39 | 000,000,176 | ---- | C] () -- C:\Windows\SpeechPad.INI
[2014.01.12 12:54:04 | 000,007,728 | ---- | C] () -- C:\Users\Jarmila\AppData\Local\d3d9caps.dat
[2014.01.12 12:24:11 | 002,499,656 | ---- | C] () -- C:\Windows\System32\BootMan.exe
[2014.01.12 12:24:11 | 000,087,112 | ---- | C] () -- C:\Windows\System32\setupempdrv03.exe
[2014.01.12 12:24:11 | 000,019,840 | ---- | C] () -- C:\Windows\System32\EuEpmGdi.dll
[2014.01.12 12:24:11 | 000,014,920 | ---- | C] () -- C:\Windows\System32\epmntdrv.sys
[2014.01.12 12:24:11 | 000,009,160 | ---- | C] () -- C:\Windows\System32\EuGdiDrv.sys
[2013.12.26 03:21:15 | 000,000,076 | RHS- | C] () -- C:\Windows\FFSSET.BIN
[2013.11.28 14:09:47 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2013.11.28 14:06:02 | 005,681,192 | ---- | C] () -- C:\Windows\System32\drivers\rtvienna.dat
[2013.11.28 14:05:58 | 000,681,905 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT
[2013.11.28 14:05:31 | 000,502,584 | ---- | C] () -- C:\Windows\System32\audioLibVc.dll
[2013.11.28 14:05:31 | 000,188,696 | ---- | C] () -- C:\Windows\System32\AcpiServiceVnA.dll
[2013.09.10 17:43:17 | 000,124,792 | ---- | C] () -- C:\Windows\Wiainst.exe
[2013.08.31 09:49:53 | 000,004,416 | ---- | C] () -- C:\Users\Jarmila\AppData\Roaming\CamStudio.cfg
[2013.08.31 09:49:53 | 000,000,408 | ---- | C] () -- C:\Users\Jarmila\AppData\Roaming\CamShapes.ini
[2013.08.31 09:49:53 | 000,000,408 | ---- | C] () -- C:\Users\Jarmila\AppData\Roaming\CamLayout.ini
[2013.08.31 09:49:53 | 000,000,120 | ---- | C] () -- C:\Users\Jarmila\AppData\Roaming\Camdata.ini
[2013.08.22 13:09:15 | 000,000,270 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2013.08.22 11:46:57 | 000,013,464 | ---- | C] () -- C:\Windows\System32\drivers\SWDUMon.sys
[2013.07.27 09:51:13 | 000,000,014 | ---- | C] () -- C:\Windows\System32\systeminfo.dll
[2013.07.23 08:17:05 | 000,112,640 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2013.07.15 10:19:42 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2013.07.08 15:30:39 | 000,034,308 | ---- | C] () -- C:\Windows\System32\BASSMOD.dll
[2013.07.01 01:15:38 | 000,982,240 | ---- | C] () -- C:\Windows\System32\igkrng500.bin
[2013.07.01 01:15:37 | 000,092,356 | ---- | C] () -- C:\Windows\System32\igfcg500m.bin
[2013.07.01 01:15:37 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll
[2013.07.01 01:15:36 | 000,439,308 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin
[2013.07.01 01:15:35 | 000,000,259 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config
[2013.03.24 17:56:22 | 002,317,848 | ---- | C] () -- C:\Windows\System32\ssins.exe
[2012.06.26 07:10:06 | 003,668,480 | ---- | C] () -- C:\Windows\System32\CosmoRenderer.dll
[2011.09.27 08:15:57 | 000,000,000 | ---- | C] () -- C:\Users\Jarmila\AppData\Roaming\wklnhst.dat
[2011.08.29 18:51:07 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt
[2011.02.05 22:16:51 | 000,024,206 | ---- | C] () -- C:\Users\Jarmila\AppData\Roaming\UserTile.png
[2009.11.25 20:57:38 | 000,000,000 | ---- | C] () -- C:\Users\Jarmila\AppData\Roaming\AVSDVDPlayer.m3u
[2009.04.19 11:08:26 | 000,194,048 | ---- | C] () -- C:\Users\Jarmila\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.03.31 06:11:08 | 000,069,632 | ---- | C] () -- C:\Program Files\wstreamripper.exe
[2009.03.31 06:10:48 | 000,200,704 | ---- | C] () -- C:\Program Files\streamripper.dll
[2009.03.16 15:19:38 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2008.11.26 23:28:54 | 000,059,904 | ---- | C] () -- C:\Program Files\zlib1.dll
[2008.09.15 02:12:38 | 000,490,650 | ---- | C] () -- C:\Program Files\libintl-8.dll
[2008.09.15 02:12:10 | 001,465,925 | ---- | C] () -- C:\Program Files\libiconv-2.dll
[2005.12.31 18:18:56 | 000,040,960 | ---- | C] () -- C:\Program Files\ogg.dll
[2005.12.31 18:15:38 | 001,150,976 | ---- | C] () -- C:\Program Files\vorbis.dll

========== ZeroAccess Check ==========

[2006.11.02 14:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014.03.25 15:26:04 | 011,587,584 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 08:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 08:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2014.02.25 13:48:03 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\ainishare
[2013.12.29 11:17:48 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\Ambient Design
[2013.09.11 01:43:17 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\AMPSoft
[2013.11.20 18:37:27 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\Ashampoo
[2014.05.24 22:38:47 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\Ashampoo Slideshow Studio HD 3
[2014.05.13 13:02:22 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\Audacity
[2014.02.25 21:01:39 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\AVAST Software
[2014.05.23 16:31:01 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\avidemux
[2013.09.16 10:25:46 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\Balabolka
[2009.11.17 15:05:19 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\Canneverbe_Limited
[2014.01.20 00:06:18 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\czech
[2014.04.12 20:05:07 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\Dropbox
[2014.04.10 00:09:13 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\DropboxMaster
[2013.08.20 10:53:52 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\EMCO
[2013.12.19 15:52:10 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\GetWare
[2014.05.03 21:02:13 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\GHISLER
[2009.11.18 21:04:31 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\gtc
[2013.03.24 19:19:39 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\ICQ
[2013.05.03 16:38:37 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\ICQ Search
[2014.03.01 01:33:21 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\IrfanView
[2013.09.18 08:27:35 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\IsolatedStorage
[2013.06.24 01:42:31 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\Jpeg Resampler
[2010.03.02 20:45:17 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\Kingston
[2014.05.04 16:02:10 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\LangSoft
[2014.03.31 11:32:54 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\Leadertech
[2013.10.31 15:22:37 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\ML
[2014.04.16 18:59:47 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\MPC-HC
[2013.07.15 14:46:51 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\MyPhoneExplorer
[2014.04.30 07:49:05 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\Nokia
[2014.04.30 07:49:07 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\Nokia Suite
[2009.03.15 16:34:33 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\Opera
[2014.01.01 17:43:42 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\Opera Software
[2014.04.30 07:22:14 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\PC Suite
[2014.03.24 17:05:35 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\PeerNetworking
[2014.03.01 01:33:22 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\PhotoFiltre 7
[2014.05.06 22:56:35 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\Process Liquidator
[2012.12.17 14:27:14 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\Samsung
[2010.03.02 20:45:17 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\SecureTraveler
[2011.01.30 15:36:55 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\Security_File
[2014.02.25 19:51:54 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\Seznam.cz
[2013.08.16 06:46:00 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\Smart PC Solutions
[2013.03.13 18:02:22 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\Softland
[2014.06.06 09:32:11 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\Software Informer
[2013.09.15 22:49:10 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\Sonarca Sound Recorder Free
[2014.01.11 18:40:34 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\streamripper
[2014.05.16 22:55:46 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\TeamViewer
[2014.02.26 01:35:05 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\TechSmith
[2011.09.27 08:15:58 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\Template
[2014.03.01 01:33:22 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\TeraCopy
[2012.10.03 19:43:22 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\Thunderbird
[2014.04.17 11:15:12 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\tiger-k
[2011.02.25 09:54:53 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\Toshiba
[2014.01.11 17:27:12 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\USBSafelyRemove
[2014.06.06 16:02:16 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\uTorrent
[2014.05.31 17:14:26 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\VitySoft
[2014.06.05 09:23:34 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\Vso
[2011.01.28 08:15:07 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\WinBatch
[2014.06.06 10:28:18 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\Windows Live Writer
[2014.04.13 11:57:12 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\WtmCopyProtect
[2014.06.01 08:42:28 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\XBMC
[2013.10.10 15:39:36 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\Xi
[2014.04.21 09:12:01 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\Xilisoft
[2013.10.07 12:17:13 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\XnRetro
[2013.10.07 12:18:18 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\XnSketch
[2014.06.09 14:24:28 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\XnView
[2014.04.13 15:30:26 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\XnViewMP
[2013.10.11 08:07:11 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\YouTube Downloader
[2013.10.27 10:14:45 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\Zbshareware Lab
[2013.10.28 22:30:17 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\Zoner

========== Purity Check ==========

========== Custom Scans ==========

< >
[2006.11.02 15:01:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2006.11.02 15:01:49 | 000,032,510 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2014.02.09 13:50:38 | 000,000,964 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-18Core.job
[2014.02.09 13:50:39 | 000,001,016 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-18UA.job
[2014.02.14 03:57:52 | 000,000,936 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2014.02.14 03:57:53 | 000,000,940 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

< >

< MD5 for: AGP440.SYS >
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2008.03.25 05:22:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=2D77788D0B7FE269044F58C86AE099CE -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_3e1ecd89\AGP440.sys
[2008.03.25 05:22:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=2D77788D0B7FE269044F58C86AE099CE -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.22142_none_ba734aead7ed1bb6\AGP440.sys
[2008.03.26 05:38:23 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=ED91751834103DB2A74470CD763A49FE -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_e4087235\AGP440.sys
[2008.03.26 05:38:23 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=ED91751834103DB2A74470CD763A49FE -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.20800_none_b8b64d46daa7e57a\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

< MD5 for: ATAPI.SYS >
[2008.03.12 08:38:18 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_4c9c5a00\atapi.sys
[2008.03.12 08:38:18 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18034_none_dd1bb97e219e87cb\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008.03.12 08:24:20 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=96DC4E1A9F90CCD489950A8935425C59 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.22134_none_dda556493abc2795\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009.04.11 08:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\System32\autochk.exe
[2009.04.11 08:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6002.18005_none_e3df6655bee2ee3b\autochk.exe
[2008.01.21 04:24:45 | 000,642,560 | ---- | M] (Microsoft Corporation) MD5=2FC5BE79B51714B479809358E4908FC3 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.18000_none_e1f3ed49c1c122ef\autochk.exe

< MD5 for: CDROM.SYS >
[2008.01.21 04:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys
[2008.01.21 04:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[2009.04.11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Documents and Settings\Jarmila\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20131128T102707680307\gencdrom\cdrom.sys
[2009.04.11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Documents and Settings\Jarmila\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140122T084348216603\gencdrom\cdrom.sys
[2009.04.11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Documents and Settings\Jarmila\Documents\Zálohy\Záloha ovladačů toshiba\Záloha ovladačů toshiba\JARIS-2013-Aug-22 100050.856575\gencdrom\cdrom.sys
[2009.04.11 06:39:18 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Documents and Settings\Jarmila\Documents\ZPS15\ZPS15\Archiv médií\OneNoteOfflineCache_Files\Záloha ovladačů toshiba\JARIS-2013-Aug-22 100050.856575\gencdrom\cdrom.sys
[2009.04.11 06:39:18 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Documents and Settings\Jarmila\Documents\ZPS15\ZPS15\Archiv médií\Záložní kopie\JARIS-2013-Aug-22 100050.856575\gencdrom\cdrom.sys
[2009.04.11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Documents and Settings\Jarmila\Local Settings\SlimWare Utilities Inc\SlimDrivers\Backups\20131128T102707680307\gencdrom\cdrom.sys
[2009.04.11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Documents and Settings\Jarmila\Local Settings\SlimWare Utilities Inc\SlimDrivers\Backups\20140122T084348216603\gencdrom\cdrom.sys
[2009.04.11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Users\Jarmila\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20131128T102707680307\gencdrom\cdrom.sys
[2009.04.11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Users\Jarmila\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140122T084348216603\gencdrom\cdrom.sys
[2009.04.11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Users\Jarmila\Documents\Zálohy\Záloha ovladačů toshiba\Záloha ovladačů toshiba\JARIS-2013-Aug-22 100050.856575\gencdrom\cdrom.sys
[2009.04.11 06:39:18 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Users\Jarmila\Documents\ZPS15\ZPS15\Archiv médií\OneNoteOfflineCache_Files\Záloha ovladačů toshiba\JARIS-2013-Aug-22 100050.856575\gencdrom\cdrom.sys
[2009.04.11 06:39:18 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Users\Jarmila\Documents\ZPS15\ZPS15\Archiv médií\Záložní kopie\JARIS-2013-Aug-22 100050.856575\gencdrom\cdrom.sys
[2009.04.11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Users\Jarmila\Local Settings\SlimWare Utilities Inc\SlimDrivers\Backups\20131128T102707680307\gencdrom\cdrom.sys
[2009.04.11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Users\Jarmila\Local Settings\SlimWare Utilities Inc\SlimDrivers\Backups\20140122T084348216603\gencdrom\cdrom.sys
[2009.04.11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\drivers\cdrom.sys
[2009.04.11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys
[2009.04.11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys
[2006.11.02 10:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2013.10.03 15:16:48 | 000,135,168 | ---- | M] (Microsoft Corporation) MD5=165E9D93A84A7F55EBEEB1B554110680 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.23235_none_78542a95b127239a\cryptsvc.dll
[2013.04.24 06:00:30 | 000,133,120 | ---- | M] (Microsoft Corporation) MD5=3EDE4C1F9672C972479201544969ADCB -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18831_none_77c6b0b4980cf0e4\cryptsvc.dll
[2013.04.17 14:30:06 | 000,133,120 | ---- | M] (Microsoft Corporation) MD5=58CEF2D243575512657452B9E89A2E1F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18827_none_77d7825c97ff6cfd\cryptsvc.dll
[2013.07.08 06:16:55 | 000,133,120 | ---- | M] (Microsoft Corporation) MD5=684C130BBC6DB681BAD4920A4C944AA5 -- C:\Windows\System32\cryptsvc.dll
[2013.07.08 06:16:55 | 000,133,120 | ---- | M] (Microsoft Corporation) MD5=684C130BBC6DB681BAD4920A4C944AA5 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18881_none_7790a11898357c99\cryptsvc.dll
[2008.01.21 04:24:35 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=6DE363F9F99334514C46AEC02D3E3678 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_75ff99649acf4de9\cryptsvc.dll
[2012.04.23 18:00:53 | 000,133,120 | ---- | M] (Microsoft Corporation) MD5=75C6A297E364014840B48ECCD7525E30 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18618_none_77e34ec697f67015\cryptsvc.dll
[2013.07.08 04:50:53 | 000,135,168 | ---- | M] (Microsoft Corporation) MD5=828805E2E7F529B24849AD52740288DA -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.23154_none_783d888db13844fe\cryptsvc.dll
[2012.04.23 16:48:06 | 000,135,168 | ---- | M] (Microsoft Corporation) MD5=C979AEA8C4D8F875CD25507D08980006 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.22840_none_78447b63b1339621\cryptsvc.dll
[2013.04.17 13:28:51 | 000,135,168 | ---- | M] (Microsoft Corporation) MD5=CC8E2C87016A07892B5448D764BF8A30 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.23097_none_781547d5b15603a0\cryptsvc.dll
[2012.06.02 13:09:26 | 000,135,168 | ---- | M] (Microsoft Corporation) MD5=DD9CCF40ED80DD0D62F1B607A1EA4449 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.22869_none_7837de25b13bb212\cryptsvc.dll
[2012.06.02 02:02:32 | 000,133,120 | ---- | M] (Microsoft Corporation) MD5=F1E8C34892336D33EDDCDFE44E474F64 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18643_none_77bddd9098134535\cryptsvc.dll
[2009.04.11 08:28:18 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_77eb127097f11935\cryptsvc.dll
[2013.04.24 05:46:45 | 000,135,168 | ---- | M] (Microsoft Corporation) MD5=FBE051C07C3D2B9011ECB1C7A73120C1 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.23101_none_7870974bb1126d44\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2008.10.29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008.10.29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008.10.30 05:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008.10.28 04:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008.01.21 04:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

< MD5 for: HAL.DLL >
[2009.04.11 08:32:46 | 000,177,128 | ---- | M] (Microsoft Corporation) MD5=B8D52005181A15D7D1470CBF2AF214DD -- C:\Documents and Settings\Jarmila\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20131128T102707680307\acpiapic\hal.dll
[2009.04.11 08:32:46 | 000,177,128 | ---- | M] (Microsoft Corporation) MD5=B8D52005181A15D7D1470CBF2AF214DD -- C:\Documents and Settings\Jarmila\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140122T084348216603\acpiapic\hal.dll
[2009.04.11 08:32:46 | 000,177,128 | ---- | M] (Microsoft Corporation) MD5=B8D52005181A15D7D1470CBF2AF214DD -- C:\Documents and Settings\Jarmila\Documents\Zálohy\Záloha ovladačů toshiba\Záloha ovladačů toshiba\JARIS-2013-Aug-22 100050.856575\acpiapic\hal.dll
[2009.04.11 08:32:48 | 000,177,128 | ---- | M] (Microsoft Corporation) MD5=B8D52005181A15D7D1470CBF2AF214DD -- C:\Documents and Settings\Jarmila\Documents\ZPS15\ZPS15\Archiv médií\OneNoteOfflineCache_Files\Záloha ovladačů toshiba\JARIS-2013-Aug-22 100050.856575\acpiapic\hal.dll
[2009.04.11 08:32:48 | 000,177,128 | ---- | M] (Microsoft Corporation) MD5=B8D52005181A15D7D1470CBF2AF214DD -- C:\Documents and Settings\Jarmila\Documents\ZPS15\ZPS15\Archiv médií\OneNoteOfflineCache_Files\Záloha ovladačů toshiba\Osobní poznámkový blok\hal.dll
[2009.04.11 08:32:48 | 000,177,128 | ---- | M] (Microsoft Corporation) MD5=B8D52005181A15D7D1470CBF2AF214DD -- C:\Documents and Settings\Jarmila\Documents\ZPS15\ZPS15\Archiv médií\Záložní kopie\JARIS-2013-Aug-22 100050.856575\acpiapic\hal.dll
[2009.04.11 08:32:48 | 000,177,128 | ---- | M] (Microsoft Corporation) MD5=B8D52005181A15D7D1470CBF2AF214DD -- C:\Documents and Settings\Jarmila\Documents\ZPS15\ZPS15\Archiv médií\Záložní kopie\Osobní poznámkový blok\hal.dll
[2009.04.11 08:32:46 | 000,177,128 | ---- | M] (Microsoft Corporation) MD5=B8D52005181A15D7D1470CBF2AF214DD -- C:\Documents and Settings\Jarmila\Local Settings\SlimWare Utilities Inc\SlimDrivers\Backups\20131128T102707680307\acpiapic\hal.dll
[2009.04.11 08:32:46 | 000,177,128 | ---- | M] (Microsoft Corporation) MD5=B8D52005181A15D7D1470CBF2AF214DD -- C:\Documents and Settings\Jarmila\Local Settings\SlimWare Utilities Inc\SlimDrivers\Backups\20140122T084348216603\acpiapic\hal.dll
[2009.04.11 08:32:46 | 000,177,128 | ---- | M] (Microsoft Corporation) MD5=B8D52005181A15D7D1470CBF2AF214DD -- C:\Users\Jarmila\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20131128T102707680307\acpiapic\hal.dll
[2009.04.11 08:32:46 | 000,177,128 | ---- | M] (Microsoft Corporation) MD5=B8D52005181A15D7D1470CBF2AF214DD -- C:\Users\Jarmila\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140122T084348216603\acpiapic\hal.dll
[2009.04.11 08:32:46 | 000,177,128 | ---- | M] (Microsoft Corporation) MD5=B8D52005181A15D7D1470CBF2AF214DD -- C:\Users\Jarmila\Documents\Zálohy\Záloha ovladačů toshiba\Záloha ovladačů toshiba\JARIS-2013-Aug-22 100050.856575\acpiapic\hal.dll
[2009.04.11 08:32:48 | 000,177,128 | ---- | M] (Microsoft Corporation) MD5=B8D52005181A15D7D1470CBF2AF214DD -- C:\Users\Jarmila\Documents\ZPS15\ZPS15\Archiv médií\OneNoteOfflineCache_Files\Záloha ovladačů toshiba\JARIS-2013-Aug-22 100050.856575\acpiapic\hal.dll
[2009.04.11 08:32:48 | 000,177,128 | ---- | M] (Microsoft Corporation) MD5=B8D52005181A15D7D1470CBF2AF214DD -- C:\Users\Jarmila\Documents\ZPS15\ZPS15\Archiv médií\OneNoteOfflineCache_Files\Záloha ovladačů toshiba\Osobní poznámkový blok\hal.dll
[2009.04.11 08:32:48 | 000,177,128 | ---- | M] (Microsoft Corporation) MD5=B8D52005181A15D7D1470CBF2AF214DD -- C:\Users\Jarmila\Documents\ZPS15\ZPS15\Archiv médií\Záložní kopie\JARIS-2013-Aug-22 100050.856575\acpiapic\hal.dll
[2009.04.11 08:32:48 | 000,177,128 | ---- | M] (Microsoft Corporation) MD5=B8D52005181A15D7D1470CBF2AF214DD -- C:\Users\Jarmila\Documents\ZPS15\ZPS15\Archiv médií\Záložní kopie\Osobní poznámkový blok\hal.dll
[2009.04.11 08:32:46 | 000,177,128 | ---- | M] (Microsoft Corporation) MD5=B8D52005181A15D7D1470CBF2AF214DD -- C:\Users\Jarmila\Local Settings\SlimWare Utilities Inc\SlimDrivers\Backups\20131128T102707680307\acpiapic\hal.dll
[2009.04.11 08:32:46 | 000,177,128 | ---- | M] (Microsoft Corporation) MD5=B8D52005181A15D7D1470CBF2AF214DD -- C:\Users\Jarmila\Local Settings\SlimWare Utilities Inc\SlimDrivers\Backups\20140122T084348216603\acpiapic\hal.dll
[2009.04.11 08:32:46 | 000,177,128 | ---- | M] (Microsoft Corporation) MD5=B8D52005181A15D7D1470CBF2AF214DD -- C:\Windows\System32\hal.dll

< MD5 for: IASTOR.SYS >
[2008.04.15 18:54:16 | 000,388,120 | ---- | M] (Intel Corporation) MD5=8D58627FEF3F8767665D9F4DC91CBD97 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys
[2008.04.15 18:53:44 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\Documents and Settings\Jarmila\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20131128T102707680307\pci\ven_8086&dev_2929&cc_0106\iaStor.sys
[2008.04.15 18:53:44 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\Documents and Settings\Jarmila\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140122T084348216603\pci\ven_8086&dev_2929&cc_0106\iaStor.sys
[2008.04.15 18:53:44 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\Documents and Settings\Jarmila\Documents\Zálohy\Záloha ovladačů toshiba\Záloha ovladačů toshiba\JARIS-2013-Aug-22 100050.856575\pci\ven_8086&dev_2929&cc_0106\iaStor.sys
[2008.04.15 18:53:44 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\Documents and Settings\Jarmila\Documents\ZPS15\ZPS15\Archiv médií\OneNoteOfflineCache_Files\Záloha ovladačů toshiba\JARIS-2013-Aug-22 100050.856575\pci\ven_8086&dev_2929&cc_0106\iaStor.sys
[2008.04.15 18:53:44 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\Documents and Settings\Jarmila\Documents\ZPS15\ZPS15\Archiv médií\Záložní kopie\JARIS-2013-Aug-22 100050.856575\pci\ven_8086&dev_2929&cc_0106\iaStor.sys
[2008.04.15 18:53:44 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\Documents and Settings\Jarmila\Local Settings\SlimWare Utilities Inc\SlimDrivers\Backups\20131128T102707680307\pci\ven_8086&dev_2929&cc_0106\iaStor.sys
[2008.04.15 18:53:44 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\Documents and Settings\Jarmila\Local Settings\SlimWare Utilities Inc\SlimDrivers\Backups\20140122T084348216603\pci\ven_8086&dev_2929&cc_0106\iaStor.sys
[2008.04.15 18:53:44 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver\IaStor.sys
[2008.04.15 18:53:44 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\Users\Jarmila\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20131128T102707680307\pci\ven_8086&dev_2929&cc_0106\iaStor.sys
[2008.04.15 18:53:44 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\Users\Jarmila\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140122T084348216603\pci\ven_8086&dev_2929&cc_0106\iaStor.sys
[2008.04.15 18:53:44 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\Users\Jarmila\Documents\Zálohy\Záloha ovladačů toshiba\Záloha ovladačů toshiba\JARIS-2013-Aug-22 100050.856575\pci\ven_8086&dev_2929&cc_0106\iaStor.sys
[2008.04.15 18:53:44 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\Users\Jarmila\Documents\ZPS15\ZPS15\Archiv médií\OneNoteOfflineCache_Files\Záloha ovladačů toshiba\JARIS-2013-Aug-22 100050.856575\pci\ven_8086&dev_2929&cc_0106\iaStor.sys
[2008.04.15 18:53:44 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\Users\Jarmila\Documents\ZPS15\ZPS15\Archiv médií\Záložní kopie\JARIS-2013-Aug-22 100050.856575\pci\ven_8086&dev_2929&cc_0106\iaStor.sys
[2008.04.15 18:53:44 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\Users\Jarmila\Local Settings\SlimWare Utilities Inc\SlimDrivers\Backups\20131128T102707680307\pci\ven_8086&dev_2929&cc_0106\iaStor.sys
[2008.04.15 18:53:44 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\Users\Jarmila\Local Settings\SlimWare Utilities Inc\SlimDrivers\Backups\20140122T084348216603\pci\ven_8086&dev_2929&cc_0106\iaStor.sys
[2008.04.15 18:53:44 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\Windows\System32\drivers\iaStor.sys
[2008.04.15 18:53:44 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_77c04a30\iaStor.sys

< MD5 for: IASTORV.SYS >
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2008.03.25 05:22:15 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=30BD88A7DDE75BCA8F2A736D5D62A69D -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_3e1ecd89\isapnp.sys
[2008.03.25 05:22:15 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=30BD88A7DDE75BCA8F2A736D5D62A69D -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.22142_none_ba734aead7ed1bb6\isapnp.sys
[2006.11.02 11:50:24 | 000,047,208 | ---- | M] (Microsoft Corporation) MD5=350FCA7E73CF65BCEF43FAE1E4E91293 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\isapnp.sys
[2008.03.26 05:38:16 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=5BEDC05E83DB80AAC89CC14225B0BADD -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_e4087235\isapnp.sys
[2008.03.26 05:38:16 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=5BEDC05E83DB80AAC89CC14225B0BADD -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.20800_none_b8b64d46daa7e57a\isapnp.sys
[2008.01.21 04:23:01 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\drivers\isapnp.sys
[2008.01.21 04:23:01 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\isapnp.sys
[2008.01.21 04:23:01 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\isapnp.sys
[2008.01.21 04:23:01 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\isapnp.sys
[2008.01.21 04:23:01 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\isapnp.sys

< MD5 for: LSASS.EXE >
[2009.06.15 14:51:56 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=203D86EBD6D8E4C8501B222421E81506 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_a886901f7335e2fc\lsass.exe
[2009.09.10 16:44:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=2D3AC5E7AC01E905F3ABD2D745FE3A9B -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_a8a80213731ca5a7\lsass.exe
[2009.06.15 14:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_a7fbf30a5a1929db\lsass.exe
[2009.02.13 09:26:04 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=59DE082968FDD257FFF0D209B9A5B460 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_a44eb0105fb4d975\lsass.exe
[2012.06.02 00:37:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=613DEB66A91820F0A41915B40BB8833F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22869_none_a882cf8373379c5f\lsass.exe
[2009.06.15 15:03:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=6F1F23D3599EAE17734451936B7F17C6 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_a69e1da376115b2a\lsass.exe
[2011.11.16 16:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A3E186B4B935905B829219502557314E -- C:\Windows\System32\lsass.exe
[2011.11.16 16:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A3E186B4B935905B829219502557314E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18541_none_a806cc745a10ffad\lsass.exe
[2011.11.16 16:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A3E186B4B935905B829219502557314E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18643_none_a808ceee5a0f2f82\lsass.exe
[2009.06.15 14:57:59 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A911ECAC81F94ADEAFBE8E3F7873EDB0 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_a600dfae5d0228c9\lsass.exe
[2009.02.13 06:58:37 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=AFF8A58280863629CA4FFA9E0B259F1E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_a4e2f4e978ca9090\lsass.exe
[2009.06.15 14:59:08 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=BA9A67672E025078C77967731BCFC560 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_a4b3e75378eccda6\lsass.exe
[2009.06.15 15:10:12 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=C731B1FE449D4E9CEA358C9D55B69BE9 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_a418a0745fdd652a\lsass.exe
[2009.09.09 13:09:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=CB7E838C140B4087B2DA323F2D4523C5 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_a6d1618975e9b345\lsass.exe
[2009.09.10 16:47:51 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=D09A5DA84B7C9CA9B02EBCD7FAE41C8D -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_a4dd285578ce285b\lsass.exe
[2008.01.21 04:24:15 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_a64a8ac25ccb3836\lsass.exe
[2008.01.21 04:24:15 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_a644c0145ccecd28\lsass.exe
[2008.01.21 04:24:15 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_none_a83603ce59ed0382\lsass.exe
[2011.11.16 15:57:04 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=EBFAEB786C46B407930811F94F08877D -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22742_none_a8916b6f732db5f5\lsass.exe
[2009.02.13 10:20:29 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=F4C62B07E5BF96F1FDCA9DB393ECED22 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_a68e7da1761c2def\lsass.exe

< MD5 for: NDIS.SYS >
[2009.04.11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\System32\drivers\ndis.sys
[2009.04.11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys
[2008.01.21 04:23:50 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.21 04:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

< MD5 for: NVRAID.SYS >
[2008.01.21 04:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\System32\drivers\nvraid.sys
[2008.01.21 04:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvraid.sys
[2008.01.21 04:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvraid.sys
[2006.11.02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) MD5=E69E946F80C1C31C53003BFBF50CBB7C -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

< MD5 for: SCECLI.DLL >
[2008.01.21 04:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

< MD5 for: SMSS.EXE >
[2013.07.08 03:18:50 | 000,064,512 | ---- | M] (Microsoft Corporation) MD5=18CE0D0DCB7AF0D3E67ECF12BDE1382D -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.23154_none_ae7897262f9a96cf\smss.exe
[2013.03.09 03:16:53 | 000,064,512 | ---- | M] (Microsoft Corporation) MD5=44A40B18D9F6315D35F4539A41ECDE0D -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.23076_none_ae64f5fc2fa90438\smss.exe
[2008.01.21 04:23:50 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=6701DDAF68BEDE6BBEEA9D514D73A35B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6001.18000_none_ac3aa7fd19319fba\smss.exe
[2009.04.11 08:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=98AF15A94CD6AC37248E72E5FE789B35 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.18005_none_ae26210916536b06\smss.exe
[2013.05.02 03:27:42 | 000,064,512 | ---- | M] (Microsoft Corporation) MD5=AF2F8F104F119DD10AFA8B54A006F1B6 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.23103_none_aeada6782f72f1c3\smss.exe
[2013.03.09 03:28:08 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=BE7480C91E89EB82FC080F772C220AE4 -- C:\Windows\System32\smss.exe
[2013.03.09 03:28:08 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=BE7480C91E89EB82FC080F772C220AE4 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.18805_none_ae2630391653543e\smss.exe

< MD5 for: SVCHOST.EXE >
[2008.01.21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008.01.21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
[2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.04.26 10:08:16 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=01EC1E92595F839BEE70D439C46796E3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys
[2013.05.08 05:40:36 | 000,914,792 | ---- | M] (Microsoft Corporation) MD5=078218D74C4EFC2CE7E4C6DF22A94F2F -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.23106_none_b59411ab7ca4df04\tcpip.sys
[2009.04.11 08:33:02 | 000,897,000 | ---- | M] (Microsoft Corporation) MD5=0E6B0885C3D5E4643ED2D043DE3433D8 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_b5098b5e63880c42\tcpip.sys
[2011.09.20 23:02:55 | 000,913,280 | ---- | M] (Microsoft Corporation) MD5=16731B631F28F63CD9F4CB60940E7DDD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22719_none_b58c64c97caa1c43\tcpip.sys
[2009.12.08 22:52:30 | 000,897,624 | ---- | M] (Microsoft Corporation) MD5=1ACBB7A47E78F4CC82D2EFFB72901528 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18377_none_b2d96a966698ad63\tcpip.sys
[2009.08.15 23:30:53 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=2512B4D1353370D6688B1AF1F5AFA1CF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys
[2009.08.14 19:01:55 | 000,900,168 | ---- | M] (Microsoft Corporation) MD5=2608E71AAD54564647D4BB984E1925AA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys
[2011.06.17 22:13:55 | 000,905,104 | ---- | M] (Microsoft Corporation) MD5=2756186E287139310997090797E0182B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18484_none_b4b2134c63c9c70f\tcpip.sys
[2012.03.30 14:39:11 | 000,905,600 | ---- | M] (Microsoft Corporation) MD5=27D470DABC77BC60D0A3B0E4DEB6CB91 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18604_none_b50896786388e1d5\tcpip.sys
[2010.02.18 13:51:51 | 000,818,688 | ---- | M] (Microsoft Corporation) MD5=2C1F7005AA3B62721BFDB307BD5F5010 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\tcpip.sys
[2010.02.18 16:49:38 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=2EAE4500984C2F8DACFB977060300A15 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys
[2009.08.14 16:24:47 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=300208927321066EA53761FDC98747C6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys
[2013.01.04 13:28:19 | 000,914,792 | ---- | M] (Microsoft Corporation) MD5=3535CD93F944C00F098E73E12EE7FEB6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.23013_none_b5863efb7cafb1c9\tcpip.sys
[2009.12.08 22:15:00 | 000,907,832 | ---- | M] (Microsoft Corporation) MD5=46E6685F3E92AEC743773ADD4CD54F57 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22283_none_b53aaa1b7ce8560d\tcpip.sys
[2010.02.18 16:07:16 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_b50d905263846bec\tcpip.sys
[2010.02.18 14:05:37 | 000,815,104 | ---- | M] (Microsoft Corporation) MD5=4A82FA8F0DF67AA354580C3FAAF8BDE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\tcpip.sys
[2013.05.08 06:37:21 | 000,905,576 | ---- | M] (Microsoft Corporation) MD5=548E198BAE21EFC21F8B5F0C1728AD27 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18835_none_b4e92aca63a0494d\tcpip.sys
[2009.12.08 22:37:09 | 000,900,696 | ---- | M] (Microsoft Corporation) MD5=5653230D480A9C54D169E1B080B72CF5 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_b36309477fb64a54\tcpip.sys
[2010.06.16 17:55:58 | 000,902,032 | ---- | M] (Microsoft Corporation) MD5=6216A954ED7045B62880A92D6C9B9FC7 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys
[2009.08.14 18:27:34 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=65877AA1B6A7CB797488E831698973E9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys
[2011.06.17 22:13:55 | 000,913,296 | ---- | M] (Microsoft Corporation) MD5=6647FCE6FC4970DAAFE5C64C794513D3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22662_none_b54f51417cd8f970\tcpip.sys
[2010.06.16 18:39:32 | 000,912,776 | ---- | M] (Microsoft Corporation) MD5=6A10AFCE0B38371064BE41C1FBFD3C6B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_b57d8e037cb5db63\tcpip.sys
[2013.07.05 05:20:37 | 000,914,880 | ---- | M] (Microsoft Corporation) MD5=6D0D344F643E28B31262AC2682109A3C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.23152_none_b55a00e77cd1055d\tcpip.sys
[2013.01.04 13:28:18 | 000,905,576 | ---- | M] (Microsoft Corporation) MD5=74E2D020C47BB2B2FCCBA29A518A7EB4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18764_none_b4c7b8d663b986a2\tcpip.sys
[2010.06.16 17:59:54 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=782568AB6A43160A159B6215B70BCCE9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_b2bfcb7c66ac7d10\tcpip.sys
[2011.09.20 23:02:55 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=814A1C66FBD4E1B310A517221F1456BF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18519_none_b502c618638c7f52\tcpip.sys
[2008.04.26 10:26:49 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=82E266BEE5F0167E41C6ECFDD2A79C02 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys
[2009.12.08 19:58:13 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=8734BD051FFDCBF8425CF222141C3741 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16973_none_5f56ae52926920d8\tcpip.sys
[2009.08.14 19:07:56 | 000,897,608 | ---- | M] (Microsoft Corporation) MD5=8A7AD2A214233F684242F289ED83EBC3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys
[2010.02.18 19:36:50 | 000,902,024 | ---- | M] (Microsoft Corporation) MD5=93A5655CD9CD2F080EF1CB71A3666215 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys
[2010.06.16 18:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=A474879AFA4A596B3A531F3E69730DBF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_b4baded863c37e22\tcpip.sys
[2009.12.08 19:45:32 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=CA3A5756672013A66BB9D547A5A62DCA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21175_none_5fe223d3ab852692\tcpip.sys
[2013.07.05 06:53:33 | 000,905,664 | ---- | M] (Microsoft Corporation) MD5=D18D53974FD715D50FC76F9FFE1C830D -- C:\Windows\System32\drivers\tcpip.sys
[2013.07.05 06:53:33 | 000,905,664 | ---- | M] (Microsoft Corporation) MD5=D18D53974FD715D50FC76F9FFE1C830D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18880_none_b4ae19bc63cd564f\tcpip.sys
[2010.02.18 16:22:11 | 000,910,216 | ---- | M] (Microsoft Corporation) MD5=D9F5DD5BBC8348E8F8220CCBF14C022E -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_b563eb1d7cc9b0c2\tcpip.sys
[2009.12.08 22:01:08 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=DA467E7619AE5F4588E6262C13C8940A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18160_none_b4c3ac4a63bd325c\tcpip.sys
[2012.03.30 14:39:11 | 000,914,304 | ---- | M] (Microsoft Corporation) MD5=EE7E10BED85C312C1D5D30C435BDDA9F -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22828_none_b58096797cb31c04\tcpip.sys
[2008.01.21 04:25:03 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=FC6E2835D667774D409C7C7021EAF9C4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys
[2009.08.14 18:33:50 | 000,905,784 | ---- | M] (Microsoft Corporation) MD5=FF71856BD4CD6D4367F9FD84BE79A874 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008.01.21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< MD5 for: WS2_32.DLL >
[2008.01.21 04:24:48 | 000,179,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\ws2_32.dll
[2008.01.21 04:24:48 | 000,179,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_f2b7b0c2ce5605c4\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[11 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[4 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2013.09.06 04:43:32 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\Adobe
[2014.02.25 13:48:03 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\ainishare
[2013.12.29 11:17:48 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\Ambient Design
[2013.09.11 01:43:17 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\AMPSoft
[2011.12.27 16:06:52 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\Apple Computer
[2013.11.20 18:37:27 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\Ashampoo
[2014.05.24 22:38:47 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\Ashampoo Slideshow Studio HD 3
[2014.05.13 13:02:22 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\Audacity
[2014.02.25 21:01:39 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\AVAST Software
[2014.05.23 16:31:01 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\avidemux
[2013.09.16 10:25:46 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\Balabolka
[2009.11.17 15:05:19 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\Canneverbe_Limited
[2014.01.20 00:06:18 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\czech
[2013.07.02 17:05:30 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\DivX
[2014.04.12 20:05:07 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\Dropbox
[2014.04.10 00:09:13 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\DropboxMaster
[2013.08.20 10:53:52 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\EMCO
[2013.12.19 15:52:10 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\GetWare
[2014.05.03 21:02:13 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\GHISLER
[2009.11.27 20:47:09 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\Google
[2009.11.18 21:04:31 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\gtc
[2013.03.24 19:19:39 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\ICQ
[2013.05.03 16:38:37 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\ICQ Search
[2009.03.15 14:52:59 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\Identities
[2009.03.15 14:50:30 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\InstallShield
[2014.03.01 01:33:21 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\IrfanView
[2013.09.18 08:27:35 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\IsolatedStorage
[2013.06.24 01:42:31 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\Jpeg Resampler
[2010.03.02 20:45:17 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\Kingston
[2014.05.04 16:02:10 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\LangSoft
[2014.03.31 11:32:54 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\Leadertech
[2011.02.20 14:59:01 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\Macromedia
[2013.10.07 10:22:53 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\Malwarebytes
[2006.11.02 14:37:34 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\Media Center Programs
[2013.10.17 20:23:40 | 000,000,000 | --SD | M] -- C:\Users\Jarmila\AppData\Roaming\Microsoft
[2013.10.31 15:22:37 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\ML
[2012.03.27 21:58:04 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\Mozilla
[2014.04.16 18:59:47 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\MPC-HC
[2013.07.15 14:46:51 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\MyPhoneExplorer
[2014.04.30 07:49:05 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\Nokia
[2014.04.30 07:49:07 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\Nokia Suite
[2009.03.15 16:34:33 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\Opera
[2014.01.01 17:43:42 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\Opera Software
[2014.04.30 07:22:14 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\PC Suite
[2014.03.24 17:05:35 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\PeerNetworking
[2014.03.01 01:33:22 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\PhotoFiltre 7
[2014.05.06 22:56:35 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\Process Liquidator
[2013.12.26 03:21:30 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\Reallusion
[2012.12.17 14:27:14 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\Samsung
[2010.03.02 20:45:17 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\SecureTraveler
[2011.01.30 15:36:55 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\Security_File
[2014.02.25 19:51:54 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\Seznam.cz
[2014.06.10 09:40:24 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\Skype
[2012.01.10 12:23:37 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\skypePM
[2013.08.16 06:46:00 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\Smart PC Solutions
[2013.03.13 18:02:22 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\Softland
[2014.06.06 09:32:11 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\Software Informer
[2013.09.15 22:49:10 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\Sonarca Sound Recorder Free
[2014.01.11 18:40:34 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\streamripper
[2014.05.16 22:55:46 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\TeamViewer
[2014.02.26 01:35:05 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\TechSmith
[2011.09.27 08:15:58 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\Template
[2014.03.01 01:33:22 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\TeraCopy
[2012.10.03 19:43:22 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\Thunderbird
[2014.04.17 11:15:12 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\tiger-k
[2011.02.25 09:54:53 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\Toshiba
[2014.01.11 17:27:12 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\USBSafelyRemove
[2014.06.06 16:02:16 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\uTorrent
[2014.05.31 17:14:26 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\VitySoft
[2014.06.05 09:23:34 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\Vso
[2011.01.28 08:15:07 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\WinBatch
[2014.06.06 10:28:18 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\Windows Live Writer
[2009.11.17 15:00:45 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\WinRAR
[2014.04.13 11:57:12 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\WtmCopyProtect
[2014.06.01 08:42:28 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\XBMC
[2013.10.10 15:39:36 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\Xi
[2014.04.21 09:12:01 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\Xilisoft
[2013.10.07 12:17:13 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\XnRetro
[2013.10.07 12:18:18 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\XnSketch
[2014.06.09 14:24:28 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\XnView
[2014.04.13 15:30:26 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\XnViewMP
[2013.10.11 08:07:11 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\YouTube Downloader
[2013.10.27 10:14:45 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\Zbshareware Lab
[2013.10.28 22:30:17 | 000,000,000 | ---D | M] -- C:\Users\Jarmila\AppData\Roaming\Zoner

< %APPDATA%\*.exe /s >
[2014.04.17 10:13:30 | 000,087,608 | ---- | M] () -- C:\Users\Jarmila\AppData\Roaming\inst.exe
[2014.03.19 14:17:02 | 032,667,896 | ---- | M] (Dropbox, Inc.) -- C:\Users\Jarmila\AppData\Roaming\Dropbox\bin\Dropbox.exe
[2014.03.19 14:18:14 | 000,244,648 | ---- | M] (Dropbox, Inc.) -- C:\Users\Jarmila\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe
[2014.03.19 14:17:06 | 000,143,616 | ---- | M] (Dropbox, Inc.) -- C:\Users\Jarmila\AppData\Roaming\Dropbox\bin\DropboxUpdateHelper.exe
[2009.09.07 12:06:00 | 001,519,616 | ---- | M] () -- C:\Users\Jarmila\AppData\Roaming\Kingston\SecureTraveler.exe
[2014.01.18 17:01:18 | 000,054,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\Jarmila\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2013.08.29 12:47:22 | 000,411,024 | R--- | M] (Acresso Software Inc.) -- C:\Users\Jarmila\AppData\Roaming\Microsoft\Installer\{05181A78-3BA6-4B63-BCE8-888A4BCAACFA}\ARPPRODUCTICON.exe
[2013.07.02 16:27:57 | 000,029,926 | R--- | M] () -- C:\Users\Jarmila\AppData\Roaming\Microsoft\Installer\{6DE721A5-5E89-4D74-994C-652BB3C0672E}\ARPPRODUCTICON.exe
[2013.08.29 12:23:48 | 000,405,504 | R--- | M] (Flexera Software, Inc.) -- C:\Users\Jarmila\AppData\Roaming\Microsoft\Installer\{7D0F4ACC-698A-41B9-B1E2-17594988FBEF}\ARPPRODUCTICON.exe
[2014.05.06 15:53:39 | 002,023,936 | ---- | M] (CamStudio Group) -- C:\Users\Jarmila\AppData\Roaming\Mozilla\Firefox\Profiles\9r7lebi0.default\extensions\{d91a2be6-3b56-4dfb-97f5-5e48fe3ed473}\local\Recorder.exe
[2011.01.30 15:36:55 | 001,568,768 | ---- | M] () -- C:\Users\Jarmila\AppData\Roaming\SecureTraveler\AP\SecureTraveler.exe
[2011.01.30 15:36:55 | 001,568,768 | ---- | M] () -- C:\Users\Jarmila\AppData\Roaming\Security_File\SecureTraveler.exe
[2009.09.07 12:06:00 | 001,519,616 | ---- | M] () -- C:\Users\Jarmila\AppData\Roaming\Security_File\AP\SecureTraveler.exe
[2013.06.19 21:28:46 | 000,884,056 | ---- | M] (BitTorrent Inc.) -- C:\Users\Jarmila\AppData\Roaming\uTorrent\utorrent.exe
[2013.06.19 21:28:46 | 000,884,056 | ---- | M] (BitTorrent Inc.) -- C:\Users\Jarmila\AppData\Roaming\uTorrent\updates\3.3.1_29812.exe
[2013.08.13 13:25:27 | 000,888,152 | ---- | M] (BitTorrent Inc.) -- C:\Users\Jarmila\AppData\Roaming\uTorrent\updates\3.3.1_30003.exe
[2013.08.14 07:21:36 | 000,888,152 | ---- | M] (BitTorrent Inc.) -- C:\Users\Jarmila\AppData\Roaming\uTorrent\updates\3.3.1_30017.exe
[2014.06.01 10:03:36 | 001,272,400 | ---- | M] (BitTorrent Inc.) -- C:\Users\Jarmila\AppData\Roaming\uTorrent\updates\3.4.1_31139.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2011.05.05 17:38:57 | 000,118,784 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\iepeers.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2008.01.21 05:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008.01.21 05:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008.01.21 05:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

< %systemroot%\system32\*.dll /lockedfiles >
[2011.05.05 17:38:57 | 000,118,784 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\iepeers.dll

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2014.06.10 08:46:56 | 000,003,216 | ---- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2014.06.10 08:46:56 | 000,003,216 | ---- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2014.06.07 15:07:02 | 000,692,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerApp.exe
[2014.06.07 15:07:02 | 000,070,832 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerCPLApp.cpl
[2014.06.07 17:44:24 | 000,137,958 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2014.06.07 17:44:24 | 000,120,050 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2014.06.07 17:44:24 | 000,645,320 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2014.06.07 17:44:24 | 000,634,484 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2014.06.07 17:44:24 | 001,532,794 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"WEBTRAN" =
"" =
"NokiaSuite.exe" = C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe -tray -- [2013.10.02 20:28:54 | 001,090,912 | ---- | M] (Nokia)
"Process Liquidator" =
"WMPNSCFG" = C:\Program Files\Windows Media Player\WMPNSCFG.exe -- [2008.01.21 04:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation)

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014.06.10 07:55:10 | 000,000,512 | ---- | M] () MD5=B2D46667EFDDA7FED90C6BB6FB64C46F -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2014.05.31 17:14:33 | 000,005,592 | ---- | M] () -- \Documents and Settings\Jarmila\AppData\Roaming\VitySoft\FRD\plugins\crackle.frp
[2013.12.13 14:57:48 | 000,017,512 | ---- | M] () -- \Documents and Settings\Jarmila\Documents\Xilisoft Corporation\HD Video Converter\crack.js
[2014.01.09 11:29:50 | 000,085,297 | ---- | M] () -- \Program Files\Ashampoo\Ashampoo Slideshow Studio HD 3\musiceffects\firework_whistles_and_small_explosions_crackle.ashaudio
[2014.01.13 14:36:52 | 000,000,286 | ---- | M] () -- \Program Files\Ashampoo\Ashampoo Slideshow Studio HD 3\musiceffects\firework_whistles_and_small_explosions_crackle.xml
[2014.05.31 17:14:33 | 000,005,592 | ---- | M] () -- \Users\Jarmila\AppData\Roaming\VitySoft\FRD\plugins\crackle.frp

< *keygen* /s >
[2014.06.08 07:34:17 | 000,000,832 | ---- | M] () -- \Documents and Settings\Jarmila\AppData\Roaming\Microsoft\Windows\Recent\Keygen.rar.lnk
[2014.06.08 07:34:17 | 000,000,832 | ---- | M] () -- \Users\Jarmila\AppData\Roaming\Microsoft\Windows\Recent\Keygen.rar.lnk

< *AntiWPA* /s >

< *loader* /s >
[2014.02.25 12:28:42 | 000,004,486 | ---- | M] () -- \AdwCleaner\Quarantine\C\Windows\System32\Tasks\Plus-HD-7.6-codedownloader.vir
[2013.11.23 15:35:22 | 000,001,108 | ---- | M] () -- \Documents and Settings\All Users\Microsoft\Windows\Start Menu\Programs\Freemake\Freemake Video Downloader.lnk
[2013.11.08 18:38:54 | 000,000,883 | ---- | M] () -- \Documents and Settings\All Users\Microsoft\Windows\Start Menu\Programs\Rajče Downloader\Rajče Downloader.lnk
[2014.06.05 12:05:54 | 000,017,912 | ---- | M] () -- \Documents and Settings\Jarmila\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ACAYPKUW\AdLoader-3b8e790904fffcf74f96367cd382e261.min[1].js
[3 \Documents and Settings\Jarmila\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ACAYPKUW\*.tmp files -> \Documents and Settings\Jarmila\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ACAYPKUW\*.tmp -> ]
[2014.06.05 12:05:54 | 000,001,980 | ---- | M] () -- \Documents and Settings\Jarmila\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W23RS7N2\AdLoader[1].htm
[2014.06.05 12:05:57 | 000,001,980 | ---- | M] () -- \Documents and Settings\Jarmila\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W23RS7N2\AdLoader[2].htm
[9 \Documents and Settings\Jarmila\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W23RS7N2\*.tmp files -> \Documents and Settings\Jarmila\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W23RS7N2\*.tmp -> ]
[2014.01.28 19:35:56 | 000,072,638 | ---- | M] () -- \Documents and Settings\Jarmila\AppData\Local\Skype\Apps\login\images\loader.gif
[2014.01.28 19:35:56 | 000,003,032 | ---- | M] () -- \Documents and Settings\Jarmila\AppData\Local\Skype\Apps\login\images\loader.png
[2014.01.28 19:35:56 | 000,006,012 | ---- | M] () -- \Documents and Settings\Jarmila\AppData\Local\Skype\Apps\login\images\normal\loader_15fps.gif
[2014.01.28 19:35:56 | 000,021,956 | ---- | M] () -- \Documents and Settings\Jarmila\AppData\Local\Skype\Apps\login\images\normal\loader_30fps.gif
[2014.01.28 19:35:56 | 000,009,772 | ---- | M] () -- \Documents and Settings\Jarmila\AppData\Local\Skype\Apps\login\images\retina\loader@2x.png
[2013.11.08 18:38:54 | 000,000,889 | ---- | M] () -- \Documents and Settings\Jarmila\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Rajče Downloader.lnk
[2013.11.23 15:35:24 | 000,001,191 | ---- | M] () -- \Documents and Settings\Jarmila\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake\Uninstall\Uninstall Freemake Video Downloader.lnk
[2014.06.01 09:09:07 | 000,014,777 | ---- | M] () -- \Documents and Settings\Jarmila\AppData\Roaming\XBMC\addons\plugin.video.xbmb3c\resources\lib\BackgroundLoader.py
[2014.06.01 09:20:50 | 000,011,328 | ---- | M] () -- \Documents and Settings\Jarmila\AppData\Roaming\XBMC\addons\plugin.video.xbmb3c\resources\lib\BackgroundLoader.pyo
[2013.11.23 15:35:23 | 000,001,090 | ---- | M] () -- \Documents and Settings\Jarmila\Desktop\VIDEO\Freemake Video Downloader.lnk
[2014.05.31 06:52:20 | 000,096,307 | ---- | M] () -- \Documents and Settings\Jarmila\Documents\Freemake\FreemakeVideoDownloader\Persistent\DownloaderPersistentList.xml
[2013.12.18 18:19:08 | 000,000,702 | ---- | M] () -- \Documents and Settings\Jarmila\Documents\ZPS15\ZPS15\Archiv médií\OneNoteOfflineCache_Files\Záloha ovladačů toshiba\JARIS-2013-Aug-22 100050.856575\root\volmgr\runtime\gpuploader_advoptions.fen
[2013.12.18 18:19:08 | 000,000,634 | ---- | M] () -- \Documents and Settings\Jarmila\Documents\ZPS15\ZPS15\Archiv médií\OneNoteOfflineCache_Files\Záloha ovladačů toshiba\JARIS-2013-Aug-22 100050.856575\root\volmgr\runtime\gpuploader_manage_devices.fen
[2013.12.18 18:19:08 | 000,001,139 | ---- | M] () -- \Documents and Settings\Jarmila\Documents\ZPS15\ZPS15\Archiv médií\OneNoteOfflineCache_Files\Záloha ovladačů toshiba\JARIS-2013-Aug-22 100050.856575\root\volmgr\runtime\gpuploader_quota_error_estimate.fen
[2013.12.18 18:19:08 | 000,002,181 | ---- | M] () -- \Documents and Settings\Jarmila\Documents\ZPS15\ZPS15\Archiv médií\OneNoteOfflineCache_Files\Záloha ovladačů toshiba\JARIS-2013-Aug-22 100050.856575\root\volmgr\runtime\gpuploader_welcome.fen
[2013.12.18 18:19:08 | 000,000,702 | ---- | M] () -- \Documents and Settings\Jarmila\Documents\ZPS15\ZPS15\Archiv médií\OneNoteOfflineCache_Files\Záloha ovladačů toshiba\JARIS-2013-Aug-22 100050.856575\storage\gpuploader_advoptions.fen
[2013.12.18 18:19:08 | 000,000,634 | ---- | M] () -- \Documents and Settings\Jarmila\Documents\ZPS15\ZPS15\Archiv médií\OneNoteOfflineCache_Files\Záloha ovladačů toshiba\JARIS-2013-Aug-22 100050.856575\storage\gpuploader_manage_devices.fen
[2013.12.18 18:19:08 | 000,001,139 | ---- | M] () -- \Documents and Settings\Jarmila\Documents\ZPS15\ZPS15\Archiv médií\OneNoteOfflineCache_Files\Záloha ovladačů toshiba\JARIS-2013-Aug-22 100050.856575\storage\gpuploader_quota_error_estimate.fen
[2013.12.18 18:19:08 | 000,002,181 | ---- | M] () -- \Documents and Settings\Jarmila\Documents\ZPS15\ZPS15\Archiv médií\OneNoteOfflineCache_Files\Záloha ovladačů toshiba\JARIS-2013-Aug-22 100050.856575\storage\gpuploader_welcome.fen
[2013.12.18 18:19:08 | 000,000,702 | ---- | M] () -- \Documents and Settings\Jarmila\Documents\ZPS15\ZPS15\Archiv médií\Záložní kopie\JARIS-2013-Aug-22 100050.856575\root\volmgr\runtime\gpuploader_advoptions.fen
[2013.12.18 18:19:08 | 000,000,634 | ---- | M] () -- \Documents and Settings\Jarmila\Documents\ZPS15\ZPS15\Archiv médií\Záložní kopie\JARIS-2013-Aug-22 100050.856575\root\volmgr\runtime\gpuploader_manage_devices.fen
[2013.12.18 18:19:08 | 000,001,139 | ---- | M] () -- \Documents and Settings\Jarmila\Documents\ZPS15\ZPS15\Archiv médií\Záložní kopie\JARIS-2013-Aug-22 100050.856575\root\volmgr\runtime\gpuploader_quota_error_estimate.fen
[2013.12.18 18:19:08 | 000,002,181 | ---- | M] () -- \Documents and Settings\Jarmila\Documents\ZPS15\ZPS15\Archiv médií\Záložní kopie\JARIS-2013-Aug-22 100050.856575\root\volmgr\runtime\gpuploader_welcome.fen
[2013.12.18 18:19:08 | 000,000,702 | ---- | M] () -- \Documents and Settings\Jarmila\Documents\ZPS15\ZPS15\Archiv médií\Záložní kopie\JARIS-2013-Aug-22 100050.856575\storage\gpuploader_advoptions.fen
[2013.12.18 18:19:08 | 000,000,634 | ---- | M] () -- \Documents and Settings\Jarmila\Documents\ZPS15\ZPS15\Archiv médií\Záložní kopie\JARIS-2013-Aug-22 100050.856575\storage\gpuploader_manage_devices.fen
[2013.12.18 18:19:08 | 000,001,139 | ---- | M] () -- \Documents and Settings\Jarmila\Documents\ZPS15\ZPS15\Archiv médií\Záložní kopie\JARIS-2013-Aug-22 100050.856575\storage\gpuploader_quota_error_estimate.fen
[2013.12.18 18:19:08 | 000,002,181 | ---- | M] () -- \Documents and Settings\Jarmila\Documents\ZPS15\ZPS15\Archiv médií\Záložní kopie\JARIS-2013-Aug-22 100050.856575\storage\gpuploader_welcome.fen
[2014.06.05 12:05:54 | 000,017,912 | ---- | M] () -- \Documents and Settings\Jarmila\Local Settings\Microsoft\Windows\Temporary Internet Files\Content.IE5\ACAYPKUW\AdLoader-3b8e790904fffcf74f96367cd382e261.min[1].js
[3 \Documents and Settings\Jarmila\Local Settings\Microsoft\Windows\Temporary Internet Files\Content.IE5\ACAYPKUW\*.tmp files -> \Documents and Settings\Jarmila\Local Settings\Microsoft\Windows\Temporary Internet Files\Content.IE5\ACAYPKUW\*.tmp -> ]
[2014.06.05 12:05:54 | 000,001,980 | ---- | M] () -- \Documents and Settings\Jarmila\Local Settings\Microsoft\Windows\Temporary Internet Files\Content.IE5\W23RS7N2\AdLoader[1].htm
[2014.06.05 12:05:57 | 000,001,980 | ---- | M] () -- \Documents and Settings\Jarmila\Local Settings\Microsoft\Windows\Temporary Internet Files\Content.IE5\W23RS7N2\AdLoader[2].htm
[9 \Documents and Settings\Jarmila\Local Settings\Microsoft\Windows\Temporary Internet Files\Content.IE5\W23RS7N2\*.tmp files -> \Documents and Settings\Jarmila\Local Settings\Microsoft\Windows\Temporary Internet Files\Content.IE5\W23RS7N2\*.tmp -> ]
[2014.01.28 19:35:56 | 000,072,638 | ---- | M] () -- \Documents and Settings\Jarmila\Local Settings\Skype\Apps\login\images\loader.gif
[2014.01.28 19:35:56 | 000,003,032 | ---- | M] () -- \Documents and Settings\Jarmila\Local Settings\Skype\Apps\login\images\loader.png
[2014.01.28 19:35:56 | 000,006,012 | ---- | M] () -- \Documents and Settings\Jarmila\Local Settings\Skype\Apps\login\images\normal\loader_15fps.gif
[2014.01.28 19:35:56 | 000,021,956 | ---- | M] () -- \Documents and Settings\Jarmila\Local Settings\Skype\Apps\login\images\normal\loader_30fps.gif
[2014.01.28 19:35:56 | 000,009,772 | ---- | M] () -- \Documents and Settings\Jarmila\Local Settings\Skype\Apps\login\images\retina\loader@2x.png
[2013.11.08 18:38:54 | 000,000,865 | ---- | M] () -- \Documents and Settings\Public\Desktop\Rajče Downloader.lnk
[2013.03.02 00:58:18 | 000,026,408 | ---- | M] () -- \Program Files\Ainishare\Video Editor\LoaderNonElevator.exe
[2013.03.02 00:58:20 | 000,219,432 | ---- | M] () -- \Program Files\Ainishare\Video Editor\LoaderNonElevator64.exe
[2014.05.06 23:59:45 | 000,072,480 | ---- | M] () -- \Program Files\AVAST Software\Avast\aswWrcIELoader32.exe
[2014.03.12 08:04:00 | 000,016,910 | ---- | M] () -- \Program Files\Avidemux 2.6\libADM_coreImageLoader6.dll
[2012.10.11 22:56:32 | 000,008,827 | ---- | M] () -- \Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\HeapSnapshotLoader.js
[2012.09.25 04:39:16 | 000,112,128 | ---- | M] () -- \Program Files\Common Files\Nokia\Tss\ProductApiLoader\ta_productapiloader.dll
[2013.12.09 12:25:36 | 000,054,344 | ---- | M] () -- \Program Files\EaseUS\EaseUS Partition Master 9.3.0\bin\EPMStartLoader.exe
[2013.11.21 11:09:50 | 002,089,024 | ---- | M] () -- \Program Files\Freemake\Freemake Video Downloader\FreemakeVideoDownloader.exe
[2013.11.12 14:04:02 | 000,007,379 | ---- | M] () -- \Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\chrome\content\downloader.js
[2013.11.12 14:04:02 | 000,000,402 | ---- | M] () -- \Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\chrome\content\downloader.xul
[2013.11.12 14:09:22 | 000,015,511 | ---- | M] () -- \Program Files\Freemake\Freemake Video Downloader\FMCommon\FreemakeCommon\Profiles\FmDownloaderProfiles.xml
[2013.11.12 14:09:22 | 000,064,651 | ---- | M] () -- \Program Files\Freemake\Freemake Video Downloader\FMCommon\FreemakeCommon\Resources\VideoDownloader.png
[2013.11.12 14:09:22 | 000,064,719 | ---- | M] () -- \Program Files\Freemake\Freemake Video Downloader\FMCommon\FreemakeCommon\Resources\VideoDownloaderOn.png
[2013.11.21 11:07:24 | 000,043,008 | ---- | M] () -- \Program Files\Freemake\Freemake Video Downloader\FMWeb\Downloader\DownloaderCommon.dll
[2013.11.21 11:05:02 | 000,020,992 | ---- | M] () -- \Program Files\Freemake\Freemake Video Downloader\FMWeb\Downloader\FMDownloader.Detector.dll
[2013.11.21 10:58:28 | 000,008,192 | ---- | M] () -- \Program Files\Freemake\Freemake Video Downloader\FMWeb\Downloader\FMDownloader.GlobalSettings.dll
[2013.11.21 11:05:04 | 000,014,336 | ---- | M] () -- \Program Files\Freemake\Freemake Video Downloader\FMWeb\Downloader\FMDownloader.HtmlParser.dll
[2013.11.21 11:04:56 | 000,045,568 | ---- | M] () -- \Program Files\Freemake\Freemake Video Downloader\FMWeb\Downloader\FMDownloader.Interface.dll
[2013.11.21 10:58:28 | 000,020,480 | ---- | M] () -- \Program Files\Freemake\Freemake Video Downloader\FMWeb\Downloader\FMDownloader.Miscellaneous.dll
[2013.11.21 11:04:58 | 000,066,048 | ---- | M] () -- \Program Files\Freemake\Freemake Video Downloader\FMWeb\Downloader\FMDownloader.SmartDownloader.Core.dll
[2013.11.21 11:05:00 | 000,158,720 | ---- | M] () -- \Program Files\Freemake\Freemake Video Downloader\FMWeb\Downloader\FMDownloader.SmartDownloader.Extensions.dll
[2013.11.21 11:05:02 | 000,144,896 | ---- | M] () -- \Program Files\Freemake\Freemake Video Downloader\FMWeb\Downloader\FMDownloader.SupportedSite.dll
[2013.11.21 11:04:58 | 000,019,456 | ---- | M] () -- \Program Files\Freemake\Freemake Video Downloader\FMWeb\Downloader\FMDownloader.TrackDownloaderLib.dll
[2013.11.21 11:07:42 | 000,241,664 | ---- | M] () -- \Program Files\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\VideoDownloader.Model.dll
[2013.11.21 11:05:04 | 000,018,944 | ---- | M] () -- \Program Files\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\VideoDownloader.Tools.dll
[2013.11.21 11:07:52 | 000,010,752 | ---- | M] () -- \Program Files\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\cs\FreemakeVideoDownloader.resources.dll
[2013.11.21 11:07:52 | 000,010,752 | ---- | M] () -- \Program Files\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\da\FreemakeVideoDownloader.resources.dll
[2013.11.21 11:07:52 | 000,016,384 | ---- | M] () -- \Program Files\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\de-DE\FreemakeVideoDownloader.resources.dll
[2013.11.21 11:07:52 | 000,013,312 | ---- | M] () -- \Program Files\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\el-GR\FreemakeVideoDownloader.resources.dll
[2013.11.21 11:07:52 | 000,016,384 | ---- | M] () -- \Program Files\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\es-ES\FreemakeVideoDownloader.resources.dll
[2013.11.21 11:07:52 | 000,016,384 | ---- | M] () -- \Program Files\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\fr-FR\FreemakeVideoDownloader.resources.dll
[2013.11.21 11:07:52 | 000,011,264 | ---- | M] () -- \Program Files\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\hu\FreemakeVideoDownloader.resources.dll
[2013.11.21 11:07:54 | 000,015,872 | ---- | M] () -- \Program Files\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\it\FreemakeVideoDownloader.resources.dll
[2013.11.21 11:07:54 | 000,017,920 | ---- | M] () -- \Program Files\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\ja-JP\FreemakeVideoDownloader.resources.dll
[2013.11.21 11:07:54 | 000,011,264 | ---- | M] () -- \Program Files\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\nl\FreemakeVideoDownloader.resources.dll
[2013.11.21 11:07:54 | 000,011,264 | ---- | M] () -- \Program Files\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\pl\FreemakeVideoDownloader.resources.dll
[2013.11.21 11:07:54 | 000,015,872 | ---- | M] () -- \Program Files\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\pt-BR\FreemakeVideoDownloader.resources.dll
[2013.11.21 11:07:56 | 000,019,456 | ---- | M] () -- \Program Files\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\ru-RU\FreemakeVideoDownloader.resources.dll
[2013.11.21 11:07:54 | 000,011,264 | ---- | M] () -- \Program Files\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\sk\FreemakeVideoDownloader.resources.dll
[2013.11.21 11:07:54 | 000,012,800 | ---- | M] () -- \Program Files\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\uk\FreemakeVideoDownloader.resources.dll
[2013.11.21 11:07:54 | 000,011,776 | ---- | M] () -- \Program Files\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\vi\FreemakeVideoDownloader.resources.dll
[2013.11.21 11:07:54 | 000,010,240 | ---- | M] () -- \Program Files\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\zh-CN\FreemakeVideoDownloader.resources.dll
[2013.11.21 11:07:54 | 000,010,240 | ---- | M] () -- \Program Files\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\zh-TW\FreemakeVideoDownloader.resources.dll
[2014.01.06 11:52:30 | 003,244,032 | ---- | M] () -- \Program Files\Google\Google+ Auto Backup\gpuploader_i18n.dll
[2014.01.06 11:47:04 | 000,000,702 | ---- | M] () -- \Program Files\Google\Google+ Auto Backup\runtime\gpuploader_advoptions.fen
[2014.01.06 11:47:04 | 000,000,790 | ---- | M] () -- \Program Files\Google\Google+ Auto Backup\runtime\gpuploader_debug.fen
[2014.01.06 11:47:04 | 000,000,723 | ---- | M] () -- \Program Files\Google\Google+ Auto Backup\runtime\gpuploader_download.fen
[2014.01.06 11:47:04 | 000,000,694 | ---- | M] () -- \Program Files\Google\Google+ Auto Backup\runtime\gpuploader_file_errors.fen
[2014.01.06 11:47:06 | 000,171,541 | ---- | M] () -- \Program Files\Google\Google+ Auto Backup\runtime\gpuploader_icons.psd
[2014.01.06 11:47:06 | 000,000,634 | ---- | M] () -- \Program Files\Google\Google+ Auto Backup\runtime\gpuploader_manage_devices.fen
[2014.01.06 11:47:06 | 000,002,283 | ---- | M] () -- \Program Files\Google\Google+ Auto Backup\runtime\gpuploader_onboard.fen
[2014.01.06 11:47:06 | 000,001,417 | ---- | M] () -- \Program Files\Google\Google+ Auto Backup\runtime\gpuploader_options.fen
[2014.01.06 11:47:06 | 000,002,109 | ---- | M] () -- \Program Files\Google\Google+ Auto Backup\runtime\gpuploader_prefs.fen
[2014.01.06 11:47:06 | 000,000,956 | ---- | M] () -- \Program Files\Google\Google+ Auto Backup\runtime\gpuploader_quota_error1.fen
[2014.01.06 11:47:06 | 000,001,080 | ---- | M] () -- \Program Files\Google\Google+ Auto Backup\runtime\gpuploader_quota_error2.fen
[2014.01.06 11:47:06 | 000,001,139 | ---- | M] () -- \Program Files\Google\Google+ Auto Backup\runtime\gpuploader_quota_error_estimate.fen
[2014.01.06 11:47:06 | 000,002,181 | ---- | M] () -- \Program Files\Google\Google+ Auto Backup\runtime\gpuploader_welcome.fen
[2014.01.06 20:47:02 | 000,000,702 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_advoptions.fen
[2014.01.06 20:47:02 | 000,000,790 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_debug.fen
[2014.01.06 20:47:02 | 000,000,723 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_download.fen
[2014.01.06 20:47:02 | 000,000,694 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_file_errors.fen
[2014.01.06 20:47:04 | 000,000,634 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_manage_devices.fen
[2014.01.06 20:47:04 | 000,002,283 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_onboard.fen
[2014.01.06 20:47:04 | 000,001,417 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_options.fen
[2014.01.06 20:47:04 | 000,001,330 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_pinwheel_72.png
[2014.01.06 20:47:04 | 000,002,541 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_pinwheel_72x2.png
[2014.01.06 20:47:04 | 000,002,109 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_prefs.fen
[2014.01.06 20:47:04 | 000,000,956 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_quota_error1.fen
[2014.01.06 20:47:04 | 000,001,080 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_quota_error2.fen
[2014.01.06 20:47:04 | 000,001,139 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_quota_error_estimate.fen
[2014.01.06 20:47:04 | 000,002,181 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_welcome.fen
[2011.03.17 14:44:48 | 001,009,664 | ---- | M] () -- \Program Files\IObit\IObit Unlocker\Freeware\UnLock_FreeSoftwareDownloader.exe
[2011.10.07 10:57:42 | 000,128,000 | ---- | M] () -- \Program Files\Rajče Downloader\Rajce-Downloader.exe
[2010.06.14 10:31:06 | 000,086,016 | ---- | M] () -- \Program Files\Samsung\Samsung New PC Studio\cryptoloader.dll
[2010.06.14 10:28:14 | 000,287,232 | ---- | M] () -- \Program Files\Samsung\Samsung New PC Studio\NPSACDMADownloader.dll
[2010.06.14 10:30:30 | 000,288,256 | ---- | M] () -- \Program Files\Samsung\Samsung New PC Studio\NPSAndroidDownloader.dll
[2010.06.21 11:17:44 | 000,069,632 | ---- | M] () -- \Program Files\Samsung\Samsung New PC Studio\NPSEmpLoader.dll
[2010.06.14 10:30:30 | 000,285,184 | ---- | M] () -- \Program Files\Samsung\Samsung New PC Studio\NPSLinuxMitsDownloader.dll
[2010.06.14 10:29:52 | 000,282,112 | ---- | M] () -- \Program Files\Samsung\Samsung New PC Studio\NPSLinuxMitsNpDownloader.dll
[2010.06.14 10:31:58 | 000,208,896 | ---- | M] () -- \Program Files\Samsung\Samsung New PC Studio\Symbian_Downloader_DLL.dll
[2010.06.21 11:26:48 | 000,262,144 | ---- | M] () -- \Program Files\Samsung\Samsung New PC Studio\ModelExtension\NPSBinaryLoader.dll
[2008.11.25 17:52:24 | 000,266,240 | ---- | M] () -- \Program Files\Samsung\Samsung New PC Studio\ModelExtension\NPSBinaryLoader2.dll
[2010.06.21 11:41:28 | 000,057,344 | ---- | M] () -- \Program Files\Samsung\Samsung New PC Studio\ModelExtension\NPSBinaryLoader_W7750.dll
[2013.12.28 19:40:22 | 000,008,246 | ---- | M] () -- \Program Files\Software Informer\Resources\loader-white.gif
[2013.12.28 19:40:22 | 000,008,925 | ---- | M] () -- \Program Files\Software Informer\Resources\loader.gif
[2012.04.29 09:40:30 | 001,744,896 | ---- | M] () -- \Program Files\TapinRadio\TapinRadioDownloader.exe
[2006.12.23 17:37:56 | 000,044,032 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2014.05.03 21:02:16 | 000,004,782 | ---- | M] () -- \Program Files\XBMC\addons\webinterface.default\images\ajax-loader.gif
[2011.03.08 10:43:28 | 000,013,734 | ---- | M] () -- \Program Files\XBMC\system\python\Lib\unittest\loader.py
[2011.03.08 10:43:28 | 000,050,487 | ---- | M] () -- \Program Files\XBMC\system\python\Lib\unittest\test\test_loader.py
[2014.04.01 09:03:10 | 000,202,880 | ---- | M] () -- \Program Files\Xilisoft\Video Converter Ultimate\medialoader0.dll
[2014.04.01 09:01:54 | 001,434,752 | ---- | M] () -- \Program Files\Xilisoft\Video Converter Ultimate\vcloader.exe
[2014.03.29 10:27:52 | 000,000,665 | ---- | M] () -- \Program Files\Xilisoft\Video Converter Ultimate\language\medialoader_br.qm
[2014.03.29 10:27:52 | 000,000,629 | ---- | M] () -- \Program Files\Xilisoft\Video Converter Ultimate\language\medialoader_de.qm
[2014.03.29 10:27:52 | 000,000,023 | ---- | M] () -- \Program Files\Xilisoft\Video Converter Ultimate\language\medialoader_en_US.qm
[2014.03.29 10:27:52 | 000,000,627 | ---- | M] () -- \Program Files\Xilisoft\Video Converter Ultimate\language\medialoader_es.qm
[2014.03.29 10:27:52 | 000,000,669 | ---- | M] () -- \Program Files\Xilisoft\Video Converter Ultimate\language\medialoader_fr.qm
[2014.03.29 10:27:52 | 000,000,629 | ---- | M] () -- \Program Files\Xilisoft\Video Converter Ultimate\language\medialoader_it.qm
[2014.03.29 10:27:52 | 000,000,535 | ---- | M] () -- \Program Files\Xilisoft\Video Converter Ultimate\language\medialoader_ja.qm
[2014.03.29 10:27:52 | 000,000,483 | ---- | M] () -- \Program Files\Xilisoft\Video Converter Ultimate\language\medialoader_zh_CN.qm
[2014.03.29 10:27:52 | 000,000,489 | ---- | M] () -- \Program Files\Xilisoft\Video Converter Ultimate\language\medialoader_zh_TW.qm
[2014.03.20 14:04:04 | 000,005,932 | ---- | M] () -- \Program Files\Xilisoft\Video Converter Ultimate\plugins\loader.avsi
[2013.03.05 12:11:10 | 000,432,128 | ---- | M] () -- \Program Files\Zoner\Photo Studio 16\Plugins\Facebook\ZPSFacebookUploader.exe
[2010.04.29 16:12:40 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 16\Plugins\Facebook\ZPSPluginLoader.exe
[2013.03.05 15:03:44 | 000,443,904 | ---- | M] () -- \Program Files\Zoner\Photo Studio 16\Plugins\Flickr\ZPSFlickrUploader.exe
[2010.04.29 16:12:42 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 16\Plugins\Flickr\ZPSPluginLoader.exe
[2013.03.05 14:34:20 | 000,192,512 | ---- | M] () -- \Program Files\Zoner\Photo Studio 16\Plugins\Picasa\ZPSPicasaUploader.exe
[2010.04.29 16:12:40 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 16\Plugins\Picasa\ZPSPluginLoader.exe
[2013.10.18 22:10:30 | 000,103,960 | ---- | M] () -- \Program Files\Zoner\Photo Studio 16\Program32\8bfLoader.exe
[2013.10.18 22:10:36 | 000,018,968 | ---- | M] () -- \Program Files\Zoner\Photo Studio 16\Program32\WICLoader.exe
[2013.11.23 15:35:22 | 000,001,108 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake\Freemake Video Downloader.lnk
[2013.11.08 18:38:54 | 000,000,883 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\Rajče Downloader\Rajče Downloader.lnk
[2008.02.25 08:05:22 | 000,856,064 | ---- | M] () -- \The KMPlayer\ImLoader.dll
[2013.11.23 15:35:22 | 000,001,108 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\Freemake\Freemake Video Downloader.lnk
[2013.11.08 18:38:54 | 000,000,883 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\Rajče Downloader\Rajče Downloader.lnk
[2014.06.05 12:05:54 | 000,017,912 | ---- | M] () -- \Users\Jarmila\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ACAYPKUW\AdLoader-3b8e790904fffcf74f96367cd382e261.min[1].js
[3 \Users\Jarmila\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ACAYPKUW\*.tmp files -> \Users\Jarmila\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ACAYPKUW\*.tmp -> ]
[2014.06.05 12:05:54 | 000,001,980 | ---- | M] () -- \Users\Jarmila\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W23RS7N2\AdLoader[1].htm
[2014.06.05 12:05:57 | 000,001,980 | ---- | M] () -- \Users\Jarmila\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W23RS7N2\AdLoader[2].htm
[9 \Users\Jarmila\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W23RS7N2\*.tmp files -> \Users\Jarmila\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W23RS7N2\*.tmp -> ]
[2014.01.28 19:35:56 | 000,072,638 | ---- | M] () -- \Users\Jarmila\AppData\Local\Skype\Apps\login\images\loader.gif
[2014.01.28 19:35:56 | 000,003,032 | ---- | M] () -- \Users\Jarmila\AppData\Local\Skype\Apps\login\images\loader.png
[2014.01.28 19:35:56 | 000,006,012 | ---- | M] () -- \Users\Jarmila\AppData\Local\Skype\Apps\login\images\normal\loader_15fps.gif
[2014.01.28 19:35:56 | 000,021,956 | ---- | M] () -- \Users\Jarmila\AppData\Local\Skype\Apps\login\images\normal\loader_30fps.gif
[2014.01.28 19:35:56 | 000,009,772 | ---- | M] () -- \Users\Jarmila\AppData\Local\Skype\Apps\login\images\retina\loader@2x.png
[2013.11.08 18:38:54 | 000,000,889 | ---- | M] () -- \Users\Jarmila\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Rajče Downloader.lnk
[2013.11.23 15:35:24 | 000,001,191 | ---- | M] () -- \Users\Jarmila\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake\Uninstall\Uninstall Freemake Video Downloader.lnk
[2014.06.01 09:09:07 | 000,014,777 | ---- | M] () -- \Users\Jarmila\AppData\Roaming\XBMC\addons\plugin.video.xbmb3c\resources\lib\BackgroundLoader.py
[2014.06.01 09:20:50 | 000,011,328 | ---- | M] () -- \Users\Jarmila\AppData\Roaming\XBMC\addons\plugin.video.xbmb3c\resources\lib\BackgroundLoader.pyo
[2013.11.23 15:35:23 | 000,001,090 | ---- | M] () -- \Users\Jarmila\Desktop\VIDEO\Freemake Video Downloader.lnk
[2014.05.31 06:52:20 | 000,096,307 | ---- | M] () -- \Users\Jarmila\Documents\Freemake\FreemakeVideoDownloader\Persistent\DownloaderPersistentList.xml
[2013.12.18 18:19:08 | 000,000,702 | ---- | M] () -- \Users\Jarmila\Documents\ZPS15\ZPS15\Archiv médií\OneNoteOfflineCache_Files\Záloha ovladačů toshiba\JARIS-2013-Aug-22 100050.856575\root\volmgr\runtime\gpuploader_advoptions.fen
[2013.12.18 18:19:08 | 000,000,634 | ---- | M] () -- \Users\Jarmila\Documents\ZPS15\ZPS15\Archiv médií\OneNoteOfflineCache_Files\Záloha ovladačů toshiba\JARIS-2013-Aug-22 100050.856575\root\volmgr\runtime\gpuploader_manage_devices.fen
[2013.12.18 18:19:08 | 000,001,139 | ---- | M] () -- \Users\Jarmila\Documents\ZPS15\ZPS15\Archiv médií\OneNoteOfflineCache_Files\Záloha ovladačů toshiba\JARIS-2013-Aug-22 100050.856575\root\volmgr\runtime\gpuploader_quota_error_estimate.fen
[2013.12.18 18:19:08 | 000,002,181 | ---- | M] () -- \Users\Jarmila\Documents\ZPS15\ZPS15\Archiv médií\OneNoteOfflineCache_Files\Záloha ovladačů toshiba\JARIS-2013-Aug-22 100050.856575\root\volmgr\runtime\gpuploader_welcome.fen
[2013.12.18 18:19:08 | 000,000,702 | ---- | M] () -- \Users\Jarmila\Documents\ZPS15\ZPS15\Archiv médií\OneNoteOfflineCache_Files\Záloha ovladačů toshiba\JARIS-2013-Aug-22 100050.856575\storage\gpuploader_advoptions.fen
[2013.12.18 18:19:08 | 000,000,634 | ---- | M] () -- \Users\Jarmila\Documents\ZPS15\ZPS15\Archiv médií\OneNoteOfflineCache_Files\Záloha ovladačů toshiba\JARIS-2013-Aug-22 100050.856575\storage\gpuploader_manage_devices.fen
[2013.12.18 18:19:08 | 000,001,139 | ---- | M] () -- \Users\Jarmila\Documents\ZPS15\ZPS15\Archiv médií\OneNoteOfflineCache_Files\Záloha ovladačů toshiba\JARIS-2013-Aug-22 100050.856575\storage\gpuploader_quota_error_estimate.fen
[2013.12.18 18:19:08 | 000,002,181 | ---- | M] () -- \Users\Jarmila\Documents\ZPS15\ZPS15\Archiv médií\OneNoteOfflineCache_Files\Záloha ovladačů toshiba\JARIS-2013-Aug-22 100050.856575\storage\gpuploader_welcome.fen
[2013.12.18 18:19:08 | 000,000,702 | ---- | M] () -- \Users\Jarmila\Documents\ZPS15\ZPS15\Archiv médií\Záložní kopie\JARIS-2013-Aug-22 100050.856575\root\volmgr\runtime\gpuploader_advoptions.fen
[2013.12.18 18:19:08 | 000,000,634 | ---- | M] () -- \Users\Jarmila\Documents\ZPS15\ZPS15\Archiv médií\Záložní kopie\JARIS-2013-Aug-22 100050.856575\root\volmgr\runtime\gpuploader_manage_devices.fen
[2013.12.18 18:19:08 | 000,001,139 | ---- | M] () -- \Users\Jarmila\Documents\ZPS15\ZPS15\Archiv médií\Záložní kopie\JARIS-2013-Aug-22 100050.856575\root\volmgr\runtime\gpuploader_quota_error_estimate.fen
[2013.12.18 18:19:08 | 000,002,181 | ---- | M] () -- \Users\Jarmila\Documents\ZPS15\ZPS15\Archiv médií\Záložní kopie\JARIS-2013-Aug-22 100050.856575\root\volmgr\runtime\gpuploader_welcome.fen
[2013.12.18 18:19:08 | 000,000,702 | ---- | M] () -- \Users\Jarmila\Documents\ZPS15\ZPS15\Archiv médií\Záložní kopie\JARIS-2013-Aug-22 100050.856575\storage\gpuploader_advoptions.fen
[2013.12.18 18:19:08 | 000,000,634 | ---- | M] () -- \Users\Jarmila\Documents\ZPS15\ZPS15\Archiv médií\Záložní kopie\JARIS-2013-Aug-22 100050.856575\storage\gpuploader_manage_devices.fen
[2013.12.18 18:19:08 | 000,001,139 | ---- | M] () -- \Users\Jarmila\Documents\ZPS15\ZPS15\Archiv médií\Záložní kopie\JARIS-2013-Aug-22 100050.856575\storage\gpuploader_quota_error_estimate.fen
[2013.12.18 18:19:08 | 000,002,181 | ---- | M] () -- \Users\Jarmila\Documents\ZPS15\ZPS15\Archiv médií\Záložní kopie\JARIS-2013-Aug-22 100050.856575\storage\gpuploader_welcome.fen
[2014.06.05 12:05:54 | 000,017,912 | ---- | M] () -- \Users\Jarmila\Local Settings\Microsoft\Windows\Temporary Internet Files\Content.IE5\ACAYPKUW\AdLoader-3b8e790904fffcf74f96367cd382e261.min[1].js
[3 \Users\Jarmila\Local Settings\Microsoft\Windows\Temporary Internet Files\Content.IE5\ACAYPKUW\*.tmp files -> \Users\Jarmila\Local Settings\Microsoft\Windows\Temporary Internet Files\Content.IE5\ACAYPKUW\*.tmp -> ]
[2014.06.05 12:05:54 | 000,001,980 | ---- | M] () -- \Users\Jarmila\Local Settings\Microsoft\Windows\Temporary Internet Files\Content.IE5\W23RS7N2\AdLoader[1].htm
[2014.06.05 12:05:57 | 000,001,980 | ---- | M] () -- \Users\Jarmila\Local Settings\Microsoft\Windows\Temporary Internet Files\Content.IE5\W23RS7N2\AdLoader[2].htm
[9 \Users\Jarmila\Local Settings\Microsoft\Windows\Temporary Internet Files\Content.IE5\W23RS7N2\*.tmp files -> \Users\Jarmila\Local Settings\Microsoft\Windows\Temporary Internet Files\Content.IE5\W23RS7N2\*.tmp -> ]
[2014.01.28 19:35:56 | 000,072,638 | ---- | M] () -- \Users\Jarmila\Local Settings\Skype\Apps\login\images\loader.gif
[2014.01.28 19:35:56 | 000,003,032 | ---- | M] () -- \Users\Jarmila\Local Settings\Skype\Apps\login\images\loader.png
[2014.01.28 19:35:56 | 000,006,012 | ---- | M] () -- \Users\Jarmila\Local Settings\Skype\Apps\login\images\normal\loader_15fps.gif
[2014.01.28 19:35:56 | 000,021,956 | ---- | M] () -- \Users\Jarmila\Local Settings\Skype\Apps\login\images\normal\loader_30fps.gif
[2014.01.28 19:35:56 | 000,009,772 | ---- | M] () -- \Users\Jarmila\Local Settings\Skype\Apps\login\images\retina\loader@2x.png
[2013.11.08 18:38:54 | 000,000,865 | ---- | M] () -- \Users\Public\Desktop\Rajče Downloader.lnk
[2008.08.25 16:28:13 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2014.01.19 00:55:55 | 000,071,894 | R--- | M] () -- \Windows\Installer\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}\GPUploader.exe
[2014.01.04 06:01:14 | 000,071,894 | R--- | M] () -- \Windows\Installer\{AF71B42D-3821-4376-9974-84E507F88EC0}\GPUploader.exe
[2013.12.26 12:40:14 | 000,071,894 | R--- | M] () -- \Windows\Installer\{D1D4D7EA-62B8-4665-9FF7-02A91B925CC9}\GPUploader.exe
[2008.01.21 04:23:37 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2014.02.07 00:27:50 | 003,244,032 | ---- | M] () -- \Windows\System32\config\systemprofile\AppData\Local\Programs\Google\Google+ Auto Backup\gpuploader_i18n.dll
[2014.02.07 00:25:32 | 000,000,702 | ---- | M] () -- \Windows\System32\config\systemprofile\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_advoptions.fen
[2014.02.07 00:25:32 | 000,000,790 | ---- | M] () -- \Windows\System32\config\systemprofile\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_debug.fen
[2014.02.07 00:25:32 | 000,000,723 | ---- | M] () -- \Windows\System32\config\systemprofile\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_download.fen
[2014.02.07 00:25:32 | 000,000,694 | ---- | M] () -- \Windows\System32\config\systemprofile\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_file_errors.fen
[2014.02.07 00:25:32 | 000,000,634 | ---- | M] () -- \Windows\System32\config\systemprofile\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_manage_devices.fen
[2014.02.07 00:25:32 | 000,002,283 | ---- | M] () -- \Windows\System32\config\systemprofile\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_onboard.fen
[2014.02.07 00:25:32 | 000,001,417 | ---- | M] () -- \Windows\System32\config\systemprofile\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_options.fen
[2014.02.07 00:25:32 | 000,002,109 | ---- | M] () -- \Windows\System32\config\systemprofile\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_prefs.fen
[2014.02.07 00:25:32 | 000,000,956 | ---- | M] () -- \Windows\System32\config\systemprofile\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_quota_error1.fen
[2014.02.07 00:25:32 | 000,001,080 | ---- | M] () -- \Windows\System32\config\systemprofile\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_quota_error2.fen
[2014.02.07 00:25:32 | 000,001,139 | ---- | M] () -- \Windows\System32\config\systemprofile\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_quota_error_estimate.fen
[2014.02.07 00:25:32 | 000,002,181 | ---- | M] () -- \Windows\System32\config\systemprofile\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_welcome.fen
[2008.01.21 08:45:35 | 000,003,402 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15.manifest
[2008.01.21 08:45:35 | 000,027,648 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15_winload.exe.mui_3bc5b827
[2008.01.21 08:45:35 | 000,019,968 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15_winresume.exe.mui_ff8b5358
[2010.02.07 00:49:17 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94.manifest
[2010.02.07 00:49:17 | 000,986,600 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94_winload.exe_75835076
[2010.02.07 00:49:18 | 000,926,184 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94_winresume.exe_85cd1215
[2008.01.21 04:26:48 | 000,003,885 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2.manifest
[2008.01.21 04:26:48 | 000,021,048 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2_spldr.sys_98bd87a0
[2008.02.29 09:26:23 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_de-de_cb9c6772f81a418b.manifest
[2008.02.29 09:19:08 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_en-us_748d3d6be6f84d50.manifest
[2008.02.29 12:05:29 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_es-es_74589a4fe71f3ef5.manifest
[2008.02.29 12:07:01 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_fr-fr_1710104ed9f15557.manifest
[2008.02.29 12:05:17 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_it-it_01380695b1233ad5.manifest
[2008.02.29 10:14:00 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_ja-jp_a35d85a2a43e4cb0.manifest
[2008.02.29 12:02:51 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_nl-nl_2d992eca70004957.manifest
[2008.02.29 09:19:24 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_de-de_cbf6c366115bebbd.manifest
[2008.02.29 09:21:05 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_en-us_74e7995f0039f782.manifest
[2008.02.29 11:56:53 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_es-es_74b2f6430060e927.manifest
[2008.02.29 12:12:24 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_fr-fr_176a6c41f332ff89.manifest
[2008.02.29 12:01:15 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_it-it_01926288ca64e507.manifest
[2008.02.29 09:46:06 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_ja-jp_a3b7e195bd7ff6e2.manifest
[2008.02.29 11:17:45 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_nl-nl_2df38abd8941f389.manifest
[2008.01.21 08:38:38 | 000,003,402 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15.manifest
[2008.02.29 09:17:27 | 000,004,858 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6000.16646_none_591b3d986f9b5725.manifest
[2008.02.29 09:13:09 | 000,004,858 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6000.20782_none_5975998b88dd0157.manifest
[2008.01.21 04:20:53 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18000_none_5b26ba326ca6e048.manifest
[2008.02.29 10:08:07 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18027_none_5b181c606cb0c98b.manifest
[2008.02.29 09:37:27 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.22125_none_5b9fb89785d036a7.manifest
[2009.04.11 00:12:44 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94.manifest
[2006.11.02 12:13:06 | 000,003,970 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6000.16386_none_68fc663d5430d3de.manifest
[2008.01.21 04:19:11 | 000,003,885 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2.manifest
[2008.01.21 04:23:37 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6001.18000_none_45f41bf18fa2cf5a\dmloader.dll
[2008.01.21 04:23:37 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6002.18005_none_47df94fd8cc49aa6\dmloader.dll

< *minodlogin* /s >

< *tnod* /s >
[2008.04.30 04:54:28 | 000,003,128 | ---- | M] () -- \Program Files\BlazeVideo\BlazeDTV 6.0\Skins\DTV\PlayListNode.bmp

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2014.06.09 14:31:40 | 000,000,044 | ---- | M] () -- \Documents and Settings\Jarmila\AppData\Local\Google\Picasa2\cache\cacheindex_serial.pmp
[2014.05.31 18:00:06 | 000,000,985 | ---- | M] () -- \Documents and Settings\Jarmila\AppData\Roaming\XBMC\addons\script.module.stream.resolver\lib\server\eserialresolver.py
[2014.05.31 18:01:43 | 000,001,401 | ---- | M] () -- \Documents and Settings\Jarmila\AppData\Roaming\XBMC\addons\script.module.stream.resolver\lib\server\eserialresolver.pyo
[2014.05.31 18:00:06 | 000,001,755 | ---- | M] () -- \Documents and Settings\Jarmila\AppData\Roaming\XBMC\addons\script.module.stream.resolver\lib\server\sledujuserialyresolver.py
[2014.05.31 18:01:43 | 000,001,845 | ---- | M] () -- \Documents and Settings\Jarmila\AppData\Roaming\XBMC\addons\script.module.stream.resolver\lib\server\sledujuserialyresolver.pyo
[2014.06.09 14:31:40 | 000,000,044 | ---- | M] () -- \Documents and Settings\Jarmila\Local Settings\Google\Picasa2\cache\cacheindex_serial.pmp
[2006.10.09 13:00:00 | 000,000,521 | ---- | M] () -- \Program Files\Dream Aquarium\Enter Serial Number.lnk
[2014.02.13 23:57:42 | 000,434,368 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.30214.0\System.Runtime.Serialization.dll
[2014.03.14 13:04:09 | 001,164,288 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.30214.0\System.Runtime.Serialization.ni.dll
[2012.10.08 13:01:03 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2009.02.19 03:11:23 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2008.02.21 19:19:56 | 000,051,622 | ---- | M] () -- \Toshiba\Drivers\Modem\MotorolaModem\VISTAXP2K\smserial.inf
[2008.02.21 19:37:40 | 001,197,568 | ---- | M] () -- \Toshiba\Drivers\Modem\MotorolaModem\VISTAXP2K\amd64\SmSerial.sys
[2008.02.21 19:29:00 | 001,092,608 | ---- | M] () -- \Toshiba\Drivers\Modem\MotorolaModem\VISTAXP2K\x86\SmSerial.sys
[2014.06.09 14:31:40 | 000,000,044 | ---- | M] () -- \Users\Jarmila\AppData\Local\Google\Picasa2\cache\cacheindex_serial.pmp
[2014.05.31 18:00:06 | 000,000,985 | ---- | M] () -- \Users\Jarmila\AppData\Roaming\XBMC\addons\script.module.stream.resolver\lib\server\eserialresolver.py
[2014.05.31 18:01:43 | 000,001,401 | ---- | M] () -- \Users\Jarmila\AppData\Roaming\XBMC\addons\script.module.stream.resolver\lib\server\eserialresolver.pyo
[2014.05.31 18:00:06 | 000,001,755 | ---- | M] () -- \Users\Jarmila\AppData\Roaming\XBMC\addons\script.module.stream.resolver\lib\server\sledujuserialyresolver.py
[2014.05.31 18:01:43 | 000,001,845 | ---- | M] () -- \Users\Jarmila\AppData\Roaming\XBMC\addons\script.module.stream.resolver\lib\server\sledujuserialyresolver.pyo
[2014.06.09 14:31:40 | 000,000,044 | ---- | M] () -- \Users\Jarmila\Local Settings\Google\Picasa2\cache\cacheindex_serial.pmp
[2009.03.31 20:04:50 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.03.30 06:42:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2009.02.19 03:11:23 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2012.10.08 13:01:03 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2014.02.13 13:30:17 | 002,346,496 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\032ab8e56366d48dc3f04b6eb7bc8c9f\System.Runtime.Serialization.ni.dll
[2014.02.13 13:28:36 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\71d3236a23facafbbb7c81924df6ba0f\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.02.13 10:00:43 | 000,309,760 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\abb3fbf787b74b7d2513a8c409b5ef74\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.02.13 10:00:43 | 000,000,580 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\abb3fbf787b74b7d2513a8c409b5ef74\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2014.02.13 10:02:09 | 002,825,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f6d7bb59f318c130d68816a89335d05e\System.Runtime.Serialization.ni.dll
[2014.02.13 10:02:09 | 000,001,308 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f6d7bb59f318c130d68816a89335d05e\System.Runtime.Serialization.ni.dll.aux
[2014.02.13 11:36:02 | 000,026,624 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\94ce7a3b39b335283a0087f9964e9099\System.Xml.Serialization.ni.dll
[2014.02.13 11:36:02 | 000,000,376 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\94ce7a3b39b335283a0087f9964e9099\System.Xml.Serialization.ni.dll.aux
[2013.09.11 23:33:38 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.09.11 23:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.09.11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Json\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Json.dll
[2013.09.11 22:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Primitives\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Primitives.dll
[2013.09.11 23:33:38 | 000,113,864 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2013.09.11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Xml\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Xml.dll
[2013.09.11 23:33:38 | 001,052,320 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.09.11 22:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2013.09.11 22:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.XmlSerializer\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Xml.XmlSerializer.dll
[2009.03.30 06:42:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2009.03.31 20:04:50 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.10.08 13:01:09 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013.09.11 23:33:38 | 001,052,320 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2013.09.11 23:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2013.09.11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Json.dll
[2013.09.11 22:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2013.09.11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2013.09.11 22:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2013.09.11 22:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.XmlSerializer.dll
[2013.09.11 23:33:38 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.09.11 23:33:38 | 000,113,864 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2008.01.21 04:23:51 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2008.01.21 08:44:02 | 000,005,632 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2006.11.02 10:51:30 | 000,083,456 | ---- | M] () -- \Windows\System32\drivers\serial.sys
[2008.01.21 08:42:01 | 000,004,096 | ---- | M] () -- \Windows\System32\drivers\cs-CZ\grserial.sys.mui
[2008.01.21 08:42:02 | 000,010,240 | ---- | M] () -- \Windows\System32\drivers\cs-CZ\serial.sys.mui
[2008.01.21 04:23:26 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\hiddigi.inf_33048ac2\serial.sys
[2006.11.02 10:51:30 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\hiddigi.inf_9d4661e2\serial.sys
[2006.11.02 09:41:49 | 001,010,560 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\mdmmotsm.inf_91bbdacd\smserial.sys
[2008.01.21 04:23:01 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_44880ea7\serial.sys
[2006.11.02 10:51:30 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_ac874de4\serial.sys
[2006.11.02 10:51:28 | 000,031,232 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_a24cc104\grserial.sys
[2008.01.21 04:23:22 | 000,031,232 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_bec36faa\grserial.sys
[2010.02.07 00:49:21 | 000,003,462 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.0.6002.18005_none_13a1062aa9ccba61.manifest
[2010.02.07 00:49:21 | 000,017,384 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.0.6002.18005_none_13a1062aa9ccba61_kdcom.dll_db5e7744
[2008.01.21 08:45:31 | 000,005,632 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_4e6ae191e3aac47c_serialui.dll.mui_7d29d2a3
[2010.02.07 00:49:33 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.0.6002.18005_none_f6ed1a9a1bcc8805_serialui.dll_bea29328
[2006.11.02 14:33:50 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6000.16386_none_d24e4473b7df83f3.manifest
[2008.06.23 04:05:53 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6000.16708_none_d2461403b7e6edc1.manifest
[2008.06.23 04:02:26 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6000.20864_none_bb7eca1fd1887f4d.manifest
[2008.01.21 04:21:15 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.18000_none_d222c62fb8372cbf.manifest
[2008.06.23 04:40:19 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.18096_none_d22b4019b82faa94.manifest
[2008.06.23 03:58:46 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.22208_none_bb54690bd1df5a1e.manifest
[2009.04.11 00:16:00 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.18005_none_d1fe4b6bb888c0d3.manifest
[2010.04.12 20:29:50 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.18239_none_d200f0e1b88673fe.manifest
[2012.10.08 18:24:13 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.18707_none_d1fe1cdfb888f64c.manifest
[2010.04.12 21:40:05 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.22380_none_bb39189bd2286c0e.manifest
[2012.10.08 17:03:48 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.22945_none_bb34a4b3d22c88bd.manifest
[2008.01.21 08:38:00 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16386_cs-cz_5ff98b2cc72ba40d.manifest
[2006.11.02 14:39:55 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16386_en-us_bb16054302d6ef1f.manifest
[2008.06.23 04:30:17 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16708_en-us_bb0dd4d302de58ed.manifest
[2008.08.14 07:39:56 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16730_cs-cz_5ff511dac72f8cd8.manifest
[2008.06.23 04:23:53 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.20864_en-us_a4468aef1c7fea79.manifest
[2008.08.14 07:23:06 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.20895_cs-cz_492cfaeee0d2050d.manifest
[2008.01.21 08:38:23 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.18000_cs-cz_5fce0ce8c7834cd9.manifest
[2008.06.23 04:32:13 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.18096_en-us_baf300e9032715c0.manifest
[2008.08.14 10:36:16 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.18121_cs-cz_5fcff690c7819979.manifest
[2008.06.23 04:09:44 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.22208_en-us_a41c29db1cd6c54a.manifest
[2008.08.14 09:03:05 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.22243_cs-cz_490422d4e1275f6f.manifest
[2009.04.11 11:04:50 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18005_cs-cz_5fa99224c7d4e0ed.manifest
[2010.04.13 00:15:50 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18239_cs-cz_5fac379ac7d29418.manifest
[2010.04.12 19:44:55 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18239_en-us_bac8b1b1037ddf2a.manifest
[2012.10.08 21:37:20 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18707_cs-cz_5fa96398c7d51666.manifest
[2012.10.08 18:20:22 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18707_en-us_bac5ddaf03806178.manifest
[2010.04.13 00:51:48 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.22380_cs-cz_48e45f54e1748c28.manifest
[2010.04.12 20:41:31 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.22380_en-us_a400d96b1d1fd73a.manifest
[2012.10.08 18:22:39 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.22945_cs-cz_48dfeb6ce178a8d7.manifest
[2012.10.08 17:00:20 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.22945_en-us_a3fc65831d23f3e9.manifest
[2006.11.02 14:33:50 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6000.16386_none_02917a0ddf868526.manifest
[2008.06.23 04:05:31 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6000.16708_none_0289499ddf8deef4.manifest
[2008.06.23 04:02:01 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6000.20864_none_ebc1ffb9f92f8080.manifest
[2008.01.21 04:21:15 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.18000_none_0265fbc9dfde2df2.manifest
[2008.06.23 04:39:55 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.18096_none_026e75b3dfd6abc7.manifest
[2008.06.23 03:58:14 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.22208_none_eb979ea5f9865b51.manifest
[2009.04.11 00:15:32 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.18005_none_02418105e02fc206.manifest
[2010.04.12 20:29:29 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.18239_none_0244267be02d7531.manifest
[2012.10.08 18:23:59 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.18707_none_02415279e02ff77f.manifest
[2010.04.12 21:39:45 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.22380_none_eb7c4e35f9cf6d41.manifest
[2012.10.08 17:03:34 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.22945_none_eb77da4df9d389f0.manifest
[2006.11.02 12:18:20 | 000,003,462 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.0.6000.16386_none_0f7ecb22afbfde41.manifest
[2008.01.21 04:20:08 | 000,003,462 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.0.6001.18000_none_11b58d1eacaaef15.manifest
[2009.04.11 00:13:32 | 000,003,462 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.0.6002.18005_none_13a1062aa9ccba61.manifest
[2006.11.02 12:02:09 | 000,001,406 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.0.6000.16386_none_2a8610ec098ae6c4.manifest
[2006.11.02 14:33:50 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6000.16386_none_076c25db205d1f68.manifest
[2008.06.23 04:08:38 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6000.16708_none_0763f56b20648936.manifest
[2008.06.23 04:05:46 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6000.20864_none_f09cab873a061ac2.manifest
[2008.01.21 04:21:11 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.18000_none_0740a79720b4c834.manifest
[2008.06.23 04:43:41 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.18096_none_0749218120ad4609.manifest
[2008.06.23 04:02:24 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.22208_none_f0724a733a5cf593.manifest
[2009.04.11 00:18:56 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.18005_none_071c2cd321065c48.manifest
[2010.04.12 20:32:33 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.18239_none_071ed24921040f73.manifest
[2012.10.08 18:26:11 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.18707_none_071bfe47210691c1.manifest
[2010.04.12 21:42:39 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.22380_none_f056fa033aa60783.manifest
[2012.10.08 17:05:32 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.22945_none_f052861b3aaa2432.manifest
[2006.10.20 03:14:53 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6000.16386_none_483e6ea12378b3a8\System.Runtime.Serialization.Formatters.Soap.dll
[2008.07.27 20:00:27 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6000.16720_none_4838f505237d831c\System.Runtime.Serialization.Formatters.Soap.dll
[2008.07.27 19:55:55 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6000.20883_none_31710ba93d1fc80f\System.Runtime.Serialization.Formatters.Soap.dll
[2008.01.21 04:23:53 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6001.18000_none_4812f05d23d05c74\System.Runtime.Serialization.Formatters.Soap.dll
[2008.07.27 20:03:15 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6001.18111_none_4813d9bb23cf8fbd\System.Runtime.Serialization.Formatters.Soap.dll
[2008.07.27 19:58:35 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6001.22230_none_31484a573d7508d0\System.Runtime.Serialization.Formatters.Soap.dll
[2009.03.30 06:42:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6002.18005_none_47ee75992421f088\System.Runtime.Serialization.Formatters.Soap.dll
[2008.01.21 08:40:03 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.0.6000.16386_cs-cz_0167850d1d10bca1\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.09.13 00:57:47 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.0.6000.16754_cs-cz_0164b12f1d133e9e\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.09.13 00:56:42 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.0.6000.20921_cs-cz_ea944dc536bd060d\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.01.21 08:43:32 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.0.6001.18000_cs-cz_013c06c91d68656d\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.09.16 00:24:37 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.0.6001.18145_cs-cz_013f95e51d654b3f\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.09.16 00:25:16 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.0.6001.22269_cs-cz_ea739499370b4477\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.03.31 20:04:50 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.0.6002.18005_cs-cz_01178c051db9f981\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2006.11.02 14:36:03 | 000,888,832 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6000.16386_none_d24e4473b7df83f3\System.Runtime.Serialization.dll
[2008.06.20 03:17:50 | 000,966,656 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6000.16708_none_d2461403b7e6edc1\System.Runtime.Serialization.dll
[2008.06.20 03:12:45 | 000,966,656 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6000.20864_none_bb7eca1fd1887f4d\System.Runtime.Serialization.dll
[2008.01.21 04:25:23 | 000,929,792 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.18000_none_d222c62fb8372cbf\System.Runtime.Serialization.dll
[2008.06.20 03:14:31 | 000,966,656 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.18096_none_d22b4019b82faa94\System.Runtime.Serialization.dll
[2008.06.20 03:13:19 | 000,966,656 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.22208_none_bb54690bd1df5a1e\System.Runtime.Serialization.dll
[2009.02.18 20:38:43 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.18005_none_d1fe4b6bb888c0d3\System.Runtime.Serialization.dll
[2010.04.12 14:21:15 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.18239_none_d200f0e1b88673fe\System.Runtime.Serialization.dll
[2012.10.08 13:01:09 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.18707_none_d1fe1cdfb888f64c\System.Runtime.Serialization.dll
[2010.04.12 14:22:49 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.22380_none_bb39189bd2286c0e\System.Runtime.Serialization.dll
[2012.10.08 12:59:43 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.22945_none_bb34a4b3d22c88bd\System.Runtime.Serialization.dll
[2008.01.21 08:42:34 | 000,081,920 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16386_cs-cz_5ff98b2cc72ba40d\System.RunTime.Serialization.Resources.dll
[2008.08.13 00:12:07 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16730_cs-cz_5ff511dac72f8cd8\System.RunTime.Serialization.Resources.dll
[2008.08.13 00:12:26 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.20895_cs-cz_492cfaeee0d2050d\System.RunTime.Serialization.Resources.dll
[2008.01.21 08:43:27 | 000,086,016 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.18000_cs-cz_5fce0ce8c7834cd9\System.RunTime.Serialization.Resources.dll
[2008.08.13 00:15:53 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.18121_cs-cz_5fcff690c7819979\System.RunTime.Serialization.Resources.dll
[2008.08.13 00:16:19 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.22243_cs-cz_490422d4e1275f6f\System.RunTime.Serialization.Resources.dll
[2009.02.19 03:11:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18005_cs-cz_5fa99224c7d4e0ed\System.RunTime.Serialization.Resources.dll
[2009.02.19 03:11:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18239_cs-cz_5fac379ac7d29418\System.RunTime.Serialization.Resources.dll
[2009.02.19 03:11:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18707_cs-cz_5fa96398c7d51666\System.RunTime.Serialization.Resources.dll
[2009.02.19 03:11:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.22380_cs-cz_48e45f54e1748c28\System.RunTime.Serialization.Resources.dll
[2009.02.19 03:11:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.22945_cs-cz_48dfeb6ce178a8d7\System.RunTime.Serialization.Resources.dll
[2006.11.02 14:36:03 | 000,888,832 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6000.16386_none_02917a0ddf868526\System.Runtime.Serialization.dll
[2008.06.20 03:17:48 | 000,966,656 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6000.16708_none_0289499ddf8deef4\System.Runtime.Serialization.dll
[2008.06.20 03:12:43 | 000,966,656 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6000.20864_none_ebc1ffb9f92f8080\System.Runtime.Serialization.dll
[2008.01.21 04:25:23 | 000,929,792 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.18000_none_0265fbc9dfde2df2\System.Runtime.Serialization.dll
[2008.06.20 03:14:29 | 000,966,656 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.18096_none_026e75b3dfd6abc7\System.Runtime.Serialization.dll
[2008.06.20 03:13:17 | 000,966,656 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.22208_none_eb979ea5f9865b51\System.Runtime.Serialization.dll
[2009.02.18 20:38:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.18005_none_02418105e02fc206\System.Runtime.Serialization.dll
[2010.04.12 14:21:01 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.18239_none_0244267be02d7531\System.Runtime.Serialization.dll
[2012.10.08 13:01:03 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.18707_none_02415279e02ff77f\System.Runtime.Serialization.dll
[2010.04.12 14:22:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.22380_none_eb7c4e35f9cf6d41\System.Runtime.Serialization.dll
[2012.10.08 12:59:29 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.22945_none_eb77da4df9d389f0\System.Runtime.Serialization.dll
[2008.01.21 08:42:02 | 000,010,240 | ---- | M] () -- \Windows\winsxs\x86_hiddigi.inf.resources_31bf3856ad364e35_6.0.6000.16386_cs-cz_f15fa7f9f28d5343\serial.sys.mui
[2008.01.21 04:23:26 | 000,083,456 | ---- | M] () -- \Windows\winsxs\x86_hiddigi.inf_31bf3856ad364e35_6.0.6001.18000_none_955c449145dbf667\serial.sys
[2008.01.21 08:41:23 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.0.6000.16386_cs-cz_bdf5a8f7ae6b024a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.09.13 00:57:47 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.0.6000.16754_cs-cz_be141fbfae547065\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.09.13 00:56:42 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.0.6000.20921_cs-cz_bebb2d56c75c6d7e\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.01.21 08:43:48 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_c02c6af3ab56131e\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.09.16 00:24:37 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.0.6001.18145_cs-cz_c0062e9bab71febc\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.09.16 00:25:16 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.0.6001.22269_cs-cz_c07e2cb6c49c3bc4\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.03.31 20:04:50 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.0.6002.18005_cs-cz_c217e3ffa877de6a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.01.21 08:41:55 | 000,005,632 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.0.6000.16386_cs-cz_4c341f95e6bfb3a8\serialui.dll.mui
[2008.01.21 08:44:02 | 000,005,632 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_4e6ae191e3aac47c\serialui.dll.mui
[2008.01.21 04:23:51 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.0.6001.18000_none_f501a18e1eaabcb9\serialui.dll
[2008.01.21 04:23:51 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.0.6002.18005_none_f6ed1a9a1bcc8805\serialui.dll
[2008.01.21 08:42:31 | 000,081,920 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6000.16386_cs-cz_5b3d50955593c887\System.RunTime.Serialization.Resources.dll
[2008.08.13 00:12:07 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6000.16730_cs-cz_5b6d660d55709964\System.RunTime.Serialization.Resources.dll
[2008.08.13 00:12:26 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6000.20895_cs-cz_5bbb24c26eba5f87\System.RunTime.Serialization.Resources.dll
[2008.01.21 08:43:24 | 000,086,016 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_5d741291527ed95b\System.RunTime.Serialization.Resources.dll
[2008.08.13 00:15:53 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6001.18121_cs-cz_5d5f74e9528e27bb\System.RunTime.Serialization.Resources.dll
[2008.08.13 00:16:19 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6001.22243_cs-cz_5dd572706bba3215\System.RunTime.Serialization.Resources.dll
[2009.02.19 03:11:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6002.18005_cs-cz_5f5f8b9d4fa0a4a7\System.RunTime.Serialization.Resources.dll
[2008.01.21 08:40:22 | 000,010,240 | ---- | M] () -- \Windows\winsxs\x86_msports.inf.resources_31bf3856ad364e35_6.0.6000.16386_cs-cz_c27f608a4f515351\serial.sys.mui
[2008.01.21 04:23:01 | 000,083,456 | ---- | M] () -- \Windows\winsxs\x86_msports.inf_31bf3856ad364e35_6.0.6001.18000_none_f897b0b1b85e4433\serial.sys
[2008.01.21 08:42:01 | 000,004,096 | ---- | M] () -- \Windows\winsxs\x86_smartcrd.inf.resources_31bf3856ad364e35_6.0.6000.16386_cs-cz_b4070b50f198e261\grserial.sys.mui
[2008.01.21 04:23:22 | 000,031,232 | ---- | M] () -- \Windows\winsxs\x86_smartcrd.inf_31bf3856ad364e35_6.0.6001.18000_none_72a9e15f343dcd03\grserial.sys
[2006.11.02 14:36:02 | 000,888,832 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6000.16386_none_076c25db205d1f68\System.Runtime.Serialization.dll
[2008.06.20 03:17:48 | 000,966,656 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6000.16708_none_0763f56b20648936\System.Runtime.Serialization.dll
[2008.06.20 03:12:43 | 000,966,656 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6000.20864_none_f09cab873a061ac2\System.Runtime.Serialization.dll
[2008.01.21 04:25:21 | 000,929,792 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.18000_none_0740a79720b4c834\System.Runtime.Serialization.dll
[2008.06.20 03:14:29 | 000,966,656 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.18096_none_0749218120ad4609\System.Runtime.Serialization.dll
[2008.06.20 03:13:17 | 000,966,656 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.22208_none_f0724a733a5cf593\System.Runtime.Serialization.dll
[2009.02.18 20:38:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.18005_none_071c2cd321065c48\System.Runtime.Serialization.dll
[2010.04.12 14:21:01 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.18239_none_071ed24921040f73\System.Runtime.Serialization.dll
[2012.10.08 13:01:03 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.18707_none_071bfe47210691c1\System.Runtime.Serialization.dll
[2010.04.12 14:22:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.22380_none_f056fa033aa60783\System.Runtime.Serialization.dll
[2012.10.08 12:59:29 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.22945_none_f052861b3aaa2432\System.Runtime.Serialization.dll

< *w7lxe* /s >

< End of report >

EXTRAS.TXT

OTL Extras logfile created on: 10.6.2014 7:51:42 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jarmila\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,87 Gb Total Physical Memory | 1,50 Gb Available Physical Memory | 52,27% Memory free
5,95 Gb Paging File | 3,88 Gb Available in Paging File | 65,30% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 116,29 Gb Total Space | 13,24 Gb Free Space | 11,39% Space Free | Partition Type: NTFS
Drive D: | 931,29 Gb Total Space | 425,92 Gb Free Space | 45,73% Space Free | Partition Type: FAT32
Drive E: | 115,13 Gb Total Space | 85,22 Gb Free Space | 74,02% Space Free | Partition Type: NTFS
Drive H: | 127,99 Gb Total Space | 83,33 Gb Free Space | 65,11% Space Free | Partition Type: NTFS
Drive J: | 104,89 Gb Total Space | 51,77 Gb Free Space | 49,35% Space Free | Partition Type: NTFS

Computer Name: JARIS | User Name: Jarmila | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)
.js [@ = SubtitleWorkshop] -- C:\Program Files\URUSoft\Subtitle Workshop\SubtitleWorkshop.exe ()

[HKEY_USERS\.DEFAULT\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-18\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-21-1455131556-454660493-2243824727-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with &IrfanView] -- "C:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Print_Directory_Listing] -- Printdir.bat "%1" ()
Directory [Prozkoumat v XnView] -- "C:\Program Files\XnView\xnview.exe" "%1" (XnView, http://www.xnview.com)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-1455131556-454660493-2243824727-1000]
"EnableNotifications" = 0
"EnableNotificationsRef" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0294BB2F-6178-459D-8C46-8D1C40D6AD6B}" = rport=445 | protocol=6 | dir=out | app=system |
"{057550CC-1C7E-4C7B-A2F8-3A8DDC978C8C}" = lport=138 | protocol=17 | dir=in | app=system |
"{1128918D-213E-400A-9215-CD7FFAB3DDA6}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{20410807-B05A-4FB2-8BB8-BC3E5ECABE9E}" = lport=137 | protocol=17 | dir=in | app=system |
"{295EF879-34FC-4A05-A484-51AA1443280E}" = lport=445 | protocol=6 | dir=in | app=system |
"{2A292A40-1901-40D1-AC63-A9446C0F771A}" = rport=138 | protocol=17 | dir=out | app=system |
"{4084E937-EAAA-47EE-9520-7BE7CE434C09}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{411C2628-F1BE-47FC-B64A-5FF6510203D1}" = rport=445 | protocol=6 | dir=out | app=system |
"{4453D486-46FE-4076-B8BB-10A72CD70977}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{463C8A82-BF09-44D7-82B8-40670AAB5731}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{4BF5EB07-06A2-40E2-B5B6-244EF5C49A0F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{5135B3D2-6DA5-47A7-9ADC-C30C4ABB1930}" = lport=2869 | protocol=6 | dir=in | app=system |
"{5456EA1E-AF45-48BD-9C96-AB99A6CCF1D9}" = lport=139 | protocol=6 | dir=in | app=system |
"{6364B77A-8796-4078-B3CC-5963A3E70B4F}" = rport=139 | protocol=6 | dir=out | app=system |
"{6EFD3216-D4DB-448C-81DA-E8838C66FFD2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{792BF164-C1FE-41AC-AB96-184AC0D49FD2}" = rport=137 | protocol=17 | dir=out | app=system |
"{7C7BD74E-D59D-40F9-8481-A74C4729E9DD}" = rport=138 | protocol=17 | dir=out | app=system |
"{86444BB3-291D-4D31-A046-BB4AA3243C28}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9849298A-D859-4E6F-B146-70F7652F7573}" = lport=445 | protocol=6 | dir=in | app=system |
"{A6C60B7C-44A1-4364-8FC2-1A19F0D81473}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{C232D951-55E7-4D04-9346-F88A07FC0B22}" = lport=137 | protocol=17 | dir=in | app=system |
"{DED79D37-ADFB-4630-A215-210E180C6F33}" = rport=139 | protocol=6 | dir=out | app=system |
"{ED28E68D-B103-45E6-A53E-580459CE8B6E}" = lport=139 | protocol=6 | dir=in | app=system |
"{EF88AF7F-0FB8-4894-AED6-A6C01A5F4EFD}" = lport=138 | protocol=17 | dir=in | app=system |
"{F534D21D-02A4-4E48-A237-A3745ED5E6D3}" = rport=137 | protocol=17 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{003C7A18-60D9-4C89-94D8-DE42C1AA1D76}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{11A57950-6730-4461-AD83-48A20A218EEA}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmplayer.exe |
"{12268A0B-DC8C-4656-A33D-7B5CB1D5CE0B}" = protocol=17 | dir=in | app=c:\users\jarmila\appdata\roaming\utorrent\updates\3.4.1_31139.exe |
"{1319721F-D47E-4EC9-A806-6F801EAFEB33}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{13A3AF5E-E2F3-45E6-A4CC-46E2E101FB4B}" = protocol=6 | dir=in | app=c:\program files\pinnacle\studio 16\programs\rm.exe |
"{21DC911F-2BAF-4B1E-A7E8-BDE52BBAC726}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
"{23C4B2B4-B78F-48D7-BB0A-750B421CD0E8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2AEC2AB1-4666-4E1C-B4EB-37DD9541474C}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version9\teamviewer_service.exe |
"{32A2DE54-88F8-44D3-81B3-A55F17851EBC}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version9\teamviewer.exe |
"{39FA39F2-794E-4B84-AFAC-33C1C445C112}" = protocol=6 | dir=in | app=c:\users\jarmila\appdata\roaming\utorrent\utorrent.exe |
"{3BAFE9E3-ADE7-42AD-B09E-1805069BE8DC}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{3ECA8B66-F0BC-452E-BC48-B8C022C5DB86}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
"{3F5075FA-5D7B-440A-B308-B74904A1A482}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{44478173-7FDE-4CB6-8F27-AC9833200F5B}" = protocol=17 | dir=in | app=c:\users\jarmila\appdata\roaming\utorrent\utorrent.exe |
"{44DB4584-36DE-4CD7-818E-2A9EBEDB3954}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmplayer.exe |
"{4849799C-D8E9-4360-8F9A-6B5F2BCC7EA4}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{4D974BFA-B127-4353-80C6-72978D26CC55}" = protocol=6 | dir=in | app=c:\users\jarmila\appdata\roaming\utorrent\updates\3.4.1_31139.exe |
"{543C6F19-75D0-4941-A2A9-37749B575D65}" = protocol=17 | dir=in | app=c:\users\jarmila\appdata\roaming\dropbox\bin\dropbox.exe |
"{56E808A1-BFD0-4B79-B567-B9FA848D697F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{5A2FDE5E-7270-4EC7-8708-83B97F9ECBA2}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{5AE4E66B-3B92-40C5-BF36-E5DDEEA0456F}" = protocol=6 | dir=in | app=c:\program files\logitech\logitech vid\vid.exe |
"{6044E037-A21F-4415-BEE7-7A8B4B53A322}" = protocol=6 | dir=in | app=c:\users\jarmila\appdata\roaming\dropbox\bin\dropbox.exe |
"{61FB8AD2-C831-45AB-9DFB-D685C3A8300D}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmplayer.exe |
"{6BB3DC58-DC33-43BA-9041-3AFBAD5331E7}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
"{6DEBFCF3-2AAE-44A1-84A1-77A3432A6B55}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung universal scan driver\iccupdater.exe |
"{7980DD17-79A6-49CC-80AF-D786C7043A37}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{8548CA5A-E825-4B7F-8FBA-755582840340}" = protocol=17 | dir=in | app=c:\program files\pinnacle\studio 16\programs\rm.exe |
"{98491228-2524-4DD1-A636-019139C64013}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{99C22DFE-FA39-44D5-932E-86C7BBD53C8A}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung universal scan driver\usdagent.exe |
"{9C55125F-7E5C-4D1C-8BBD-BD873CEC5624}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{A381FCA0-9FB8-431C-89F8-C84BAD23F842}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{A5589677-56C4-46C1-A86B-1F0B5425786F}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
"{AB3FBA72-52C3-4476-9A38-230DBE05659B}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B186381F-8C21-493E-BE7C-B7032FF9F440}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
"{B9F6E1E8-7FE9-4893-AC68-1C178BA2CD9C}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
"{BCC1A45A-FB27-4784-8A68-4C91968DDB1C}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{CE504808-152F-4073-8BB9-0F8E7C4D30C6}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D3648D1D-2BA3-4973-9B7E-EDC907B6E342}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
"{D38594DE-6B5A-4217-93FF-BDA6DA3E3576}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung universal scan driver\iccupdater.exe |
"{E3D846C0-3C5F-47EA-96A0-732DB9C18264}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version9\teamviewer.exe |
"{E49B083C-64F3-4CFB-91E8-7EE22C6EC0B0}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe |
"{E8715BB0-E132-4617-B344-62E03BFE2C1C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{E87EE840-A479-4161-B7F2-153EB9271715}" = protocol=6 | dir=out | app=system |
"{E88F1FBE-554B-4823-80B2-0C5A5DCB7127}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
"{E926E57D-011D-4F63-BCC5-FFCFDC28D091}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E937A046-1278-4A3A-B439-B8F4876C1736}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
"{EC4C5789-70A4-40F5-A4E8-29D7C8E593E8}" = protocol=17 | dir=in | app=c:\program files\logitech\logitech vid\vid.exe |
"{EFAC30A3-BC4B-448C-BB9B-84449C677C26}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung universal scan driver\usdagent.exe |
"{F15F206F-E6DC-4435-845B-71D3C0FA48AB}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version9\teamviewer_service.exe |
"{FA70D15C-F966-478A-8FFC-54143B6D42FB}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
"TCP Query User{0A1632AE-26CE-4A1A-9B05-089613DF6494}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{1A8F91E0-1DBD-4A2F-A00B-35E56E7DDA05}C:\program files\xbmc\xbmc.exe" = protocol=6 | dir=in | app=c:\program files\xbmc\xbmc.exe |
"TCP Query User{274BE385-60B5-4EC0-B242-5BE5D3C69AFE}C:\users\jarmila\appdata\roaming\utorrent\updates\3.3.1_29812.exe" = protocol=6 | dir=in | app=c:\users\jarmila\appdata\roaming\utorrent\updates\3.3.1_29812.exe |
"TCP Query User{47C76852-DDFC-492B-BD7C-0C01447EA453}C:\program files\java\jre7\launch4j-tmp\frd.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\launch4j-tmp\frd.exe |
"TCP Query User{48848A20-7E7A-46D8-84FE-9963355BB5E6}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{9D23AB13-D0F3-4E26-9444-AF601BF8AC77}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{BA87483B-6762-4803-A993-885BC8F36BC9}C:\Program Files\foxit software\pdf editor\PDFEdit.exe" = protocol=6 | dir=in | app=c:\program files\foxit software\pdf editor\pdfedit.exe |
"TCP Query User{F806CB6B-3003-4C2D-8D53-1D184F5A0D9E}C:\program files\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe |
"UDP Query User{02083C63-A18D-406D-B430-4592763DFC0C}C:\program files\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe |
"UDP Query User{2C2CD8C3-DD4B-4651-A1F6-93B601C4F8FA}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{39C29C8D-8D7E-4B61-9853-44022E424515}C:\program files\xbmc\xbmc.exe" = protocol=17 | dir=in | app=c:\program files\xbmc\xbmc.exe |
"UDP Query User{5B7E1622-7999-45B9-8341-D22A8B809A1A}C:\users\jarmila\appdata\roaming\utorrent\updates\3.3.1_29812.exe" = protocol=17 | dir=in | app=c:\users\jarmila\appdata\roaming\utorrent\updates\3.3.1_29812.exe |
"UDP Query User{751613E4-2CEA-413E-AC40-3EF60A71BED8}C:\program files\java\jre7\launch4j-tmp\frd.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\launch4j-tmp\frd.exe |
"UDP Query User{76FC9930-614C-4A6A-9E57-830B99CE9E1F}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{8895E579-1369-4D66-93CA-1C3D0C3BFFE5}C:\Program Files\foxit software\pdf editor\PDFEdit.exe" = protocol=17 | dir=in | app=c:\program files\foxit software\pdf editor\pdfedit.exe |
"UDP Query User{AF4CC768-88E3-4B0F-9B49-0AA5D16EC00F}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02CA24DD-C8B0-4280-BE53-7862869C2EB1}" = Realtek WiFi Protected Setup Library
"{05181A78-3BA6-4B63-BCE8-888A4BCAACFA}" = Creative Pack Volume 1
"{09B57FFE-E6AA-11DF-8A43-3DDFDFD72085}" = Snagit Stamps Map
"{09E69001-06F9-4767-A7C5-414985CD44CA}" = Snagit Stamps GeneratedStamps
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D8E81A5-B61C-4360-910C-A738FD1B220A}" = Toshiba TEMPRO
"{0FB630AB-7BD8-40AE-B223-60397D57C3C9}" = Realtek WLAN Driver
"{0FDA9ECA-6DA3-480E-B7A9-76F353AF6B6C}" = ScoreFitter Volumes 1-2
"{123F4E9B-80E6-3A84-BDD4-3CB3AC59ABF0}" = Microsoft .NET Framework 4.5.1 (CSY)
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
"{17528CE4-C333-48FB-A9E4-D841E795CDCE}" = Renesas Electronics USB 3.0 Host Controller Driver
"{178D71F4-DFB1-40EC-9D95-326FD8A3E7A0}" = Motion Graphics Toolkit for Studio
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2290A680-4083-410A-ADCC-7092C67FC052}" = Toshiba Online Product Information
"{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1" = MPC-HC 1.7.3
"{26A24AE4-039D-4CA4-87B4-2F03217060FF}" = Java 7 Update 60
"{26A24AE4-039D-4CA4-87B4-2F83216034FF}" = Java(TM) 6 Update 34
"{26A24AE4-039D-4CA4-87B4-2F83217013F0}" = Java 7 Update 13
"{26B0419F-123C-44C7-8FB0-1A30CAE4E2DF}" = Snagit Stamps GeneratedStamps
"{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2
"{284BFDBC-DAC6-43EC-85A8-E1CEC0D3A114}" = Pinnacle Studio 16
"{29373274-977E-413C-A4DE-DC0F8E80C429}" = Nokia Connectivity Cable Driver
"{2A9E8F56-C31B-4DBB-BFE2-0F4EC8192355}" = OLYMPUS Digital Camera Updater
"{300A2961-B2B5-4889-9CB9-5C2A570D08AD}" = Debugging Tools for Windows (x86)
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160060}" = Java(TM) 6 Update 6
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{37C866E4-AA67-4725-9E95-A39968DD7960}" = Camera Assistant Software for Toshiba
"{3AA7960E-DEAE-4D21-93BE-7B0E8EE4D0FA}_is1" = Rajče Downloader verze 1.0.0.0
"{3CF3DEF4-ED15-4F7B-9320-C3E1081EA4DA}" = SlimDrivers
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{4903D172-DCCB-392F-93A3-34CA9D47FE3D}" = Microsoft .NET Framework 4.5.1
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}" = Google Earth Plug-in
"{4B95ED9D-BF9E-496a-8394-AEA8E6A4E11B}_is1" = Ainishare Free Video Editor 2.9.0
"{4CF172C5-F121-41FA-B0B0-0D49840BF003}" = Filmmaker's Toolkit for Studio
"{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth
"{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}" = Photo Story 3 pro Windows
"{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}" = Logitech Vid
"{52C32940-C538-40CF-8DE9-B91090F49938}" = Infovox Desktop 2.2
"{55BD137D-5AC1-4BC4-9C08-DDCDC88A1B47}" = GIGABYTE Sim Series7
"{5CFC8740-4124-11E1-B134-42D54724019B}" = Snagit Stamps Business
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{5D347690-E6A9-11DF-A61A-85DEDFD72085}" = Snagit Stamps Callouts-SnagIt81
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{5EAF9FAA-C4B6-4741-81B4-74CD81759EAA}" = Snagit 11
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{61BABBEC-F190-11DF-89D4-2E3AE0D72085}" = Snagit Stamps Numbers-large
"{631141AD-79AA-447F-B403-21C704D39B8C}" = UPC Fiber Power Optimizer
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{65406A75-3FC2-4CA4-A139-35D2ED14B9B9}" = Snagit Stamps GeneratedStamps
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 3.0.5
"{67A594B2-EB60-4C6C-9F21-20F76EDB8F4F}" = Návody TOSHIBA
"{67DCF096-4124-11E1-A0F2-47D54724019B}" = Snagit Stamps Hand-Drawn
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER
"{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}" = PC Connectivity Solution
"{6D115435-0CD8-4D0D-AFF7-38FDA8FB04B9}" = Snagit Stamps 3DAlphabet
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6DE721A5-5E89-4D74-994C-652BB3C0672E}" = Ovladače videa společnosti Pinnacle
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TRDCReminder
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.14
"{7ABB4A2D-73AD-4758-B4A8-79D1B90C474D}" = Snagit Stamps GeneratedStamps
"{7D0F4ACC-698A-41B9-B1E2-17594988FBEF}" = Pinnacle Studio 16 - Standard Content Pack
"{7F3BF5FA-6BD7-4E26-8FEA-C87DD9F7F723}_is1" = Process Liquidator
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{8563C444-E6AA-11DF-8DBC-22E0DFD72085}" = Snagit Stamps Shapes
"{881D807E-D4B8-4C38-9FB5-E3DB78B77825}" = Snagit Stamps GeneratedStamps
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{88C4D8A6-9954-46A0-965D-92E55DAB8734}" = Premium Pack Volumes 1-2
"{895722FE-25FE-4854-95AC-B0C42F9DBEDA}" = REALTEK RTL8187B Wireless LAN Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E919001-99F2-441D-9DFD-47DDCB4D9D1F}" = Snagit Stamps GeneratedStamps
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_HOMESTUDENTR_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_HOMESTUDENTR_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0405-0000-0000000FF1CE}" = Sada Compatibility Pack pro systém Office 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_HOMESTUDENTR_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00B2-0405-0000-0000000FF1CE}" = Doplněk Microsoft Save as PDF or XPS pro aplikace sady Microsoft Office 2007
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91B33C97-16DF-4A79-3990-449F9E068D76}_is1" = Ashampoo Slideshow Studio HD 3 v.3.0.1
"{91B33C97-93EB-244C-F687-71D85E45A206}_is1" = Ashampoo Burning Studio 12 v.12.0.5
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.5.1 (čeština)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{9442353B-D459-4B4F-8A42-A6EE44CA8F29}" = Snagit Stamps GeneratedStamps
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BD5D492-E6AA-11DF-8CDB-35E0DFD72085}" = Snagit Stamps Smiley
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A50DE037-B5C0-4C8A-8049-B0C576B313D1}" = Google+ Auto Backup
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB366BFE-E6AA-11DF-8F77-39E0DFD72085}" = Snagit Stamps Smiley 2
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Disc Creator
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7CE836A-E6AA-11DF-8699-3BE0DFD72085}" = Snagit Stamps Spring
"{B92C2C6C-F70E-497B-88A7-1FEF9888272B}" = Adobe AIR
"{B945D6E6-6659-4041-97AB-A4A8E1D8E983}" = RealSpeak Solo 4.0 SAPI5 Czech
"{BE14995C-790A-4531-BBF2-2E1AAAC0EDB9}" = Snagit Stamps GeneratedStamps
"{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}" = Logitech Webcam Software
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}" = System Requirements Lab for Intel
"{CC86C6C4-7E7D-8447-BA9D-2FD7823E5754}_is1" = Ainishare Free Center
"{CDA95D40-E6AA-11DF-A20F-55E0DFD72085}" = Snagit Stamps StrangeHolidays
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D3E29D5A-B772-4578-9075-4272569504E2}" = Delete FXP Files Classic
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DA6DC4C2-E6A9-11DF-AC26-11DFDFD72085}" = Snagit Stamps FunNumbers
"{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1" = ConvertXtoDVD 4.0.10.324
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E0A34714-4142-11E1-AE8D-6AFD4724019B}" = Snagit Stamps Powered-By-Snagit
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E3D181F8-246B-497F-945E-6DB98CBA6677}" = Hollywood FX Volumes 1-3
"{E61CAE2E-6D6E-43C1-941B-17A69BC144C5}" = 602XML Filler
"{E653220E-E6AA-11DF-BD88-6AE0DFD72085}" = Snagit Stamps Time
"{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORDCLauncher
"{E87022D3-C8C9-4C76-8E27-BC7F18F9B8FB}" = Google Drive
"{E9DDC9D1-2D27-4BB2-9CBB-7B93D91B7B26}" = WebCam Live
"{EDB188F5-D8E8-42EE-89E0-F212DA48CB81}" = Nokia Suite
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.206
"{F0A386D2-6E15-4A8F-A04E-87CE9BED0D48}" = TOSHIBA ConfigFree
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1886CD7-9F73-417A-92E9-7E0AB0F0E099}" = Pinnacle Studio 16 - Install Manager
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F7214014-27EE-4237-9978-2F9D1551559B}" = Title Extreme
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382" = Balíček ovladače systému Windows - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0)
"655B116F-5CF5-4376-9A36-9FB163ED609F_is1" = Sonarca Sound Recorder Free 3.0.7
"Abrosoft FantaMorph 5_is1" = Abrosoft FantaMorph 5.3.5
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 13 Plugin
"Ainishare Video Editor_is1" = Ainishare Video Editor
"Aleo Flash Intro Banner Maker_is1" = Aleo Flash Intro Banner Maker 3.6
"AMP Font Viewer" = AMP Font Viewer
"Audacity_is1" = Audacity 2.0.3
"Avast" = avast! Free Antivirus
"Avidemux 2.6" = Avidemux 2.6 (32-bit)
"Balabolka" = Balabolka
"BlazeDTV 6.0_is1" = BlazeDTV 6.0
"CCleaner" = CCleaner
"Dáma 2_is1" = Dáma 2
"DIR2HTML" = DIR2HTML (remove only)
"Dir2Mht_is1" = Dir2Mht 2.1
"Dream Aquarium_is1" = Dream Aquarium
"E77704EF5E71F4F18CADFBFA68595AFE036D5D97" = Balíček ovladače systému Windows - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0)
"EaseUS Partition Master_is1" = EaseUS Partition Master 9.3.0
"EPSON Scanner" = EPSON Scan
"EPSON SX110 Series" = EPSON SX110 Series Printer Uninstall
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.50
"ffdshow_is1" = ffdshow v1.3.4513 [2013-05-25]
"FileMenu Tools_is1" = FileMenu Tools
"FormatFactory" = FormatFactory 3.3.4.0
"Foxit PDF Editor" = Foxit PDF Editor
"Freemake Video Downloader_is1" = Freemake Video Downloader
"Google Chrome" = Google Chrome
"Green Screen Wizard Pro 7.4_is1" = GreenScreenWizard 7.4
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{17528CE4-C333-48FB-A9E4-D841E795CDCE}" = Renesas Electronics USB 3.0 Host Controller Driver
"InstallShield_{178D71F4-DFB1-40EC-9D95-326FD8A3E7A0}" = Motion Graphics Toolkit for Studio
"InstallShield_{4CF172C5-F121-41FA-B0B0-0D49840BF003}" = Filmmaker's Toolkit for Studio
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TRDCReminder
"InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORDCLauncher
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"IObit Unlocker_is1" = IObit Unlocker
"IrfanView" = IrfanView (remove only)
"jKiwi" = jKiwi
"JPEG Resampler_is1" = JPEG Resampler Vs 5.99.99
"LAME_is1" = LAME v3.99.3 (for Windows)
"lvdrivers_12.10" = Logitech Webcam Software Driver Package
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.75.0.1300
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 29.0.1 (x86 cs)" = Mozilla Firefox 29.0.1 (x86 cs)
"MP3Resizer_is1" = MP3Resizer 1.8.3
"MP4/M4A Plugin (Free/GPL), install for Mind WorkStation_is1" = MP4/M4A Plugin (Free/GPL), install for Mind WorkStation 1.3.4
"MPE" = MyPhoneExplorer
"Nokia Suite" = Nokia Suite
"Opera 12.12.1707" = Opera 12.12
"Pc Translator 2012 1.20" = Pc Translator 2012 1.20
"Picasa 3" = Picasa 3
"PowerArchiver" = PowerArchiver
"PowerISO" = PowerISO
"rajče.net_is1" = rajče verze 58 sestavení 212
"Recuva" = Recuva
"Samsung ML-1640 Series" = Samsung ML-1640 Series
"Samsung Universal Scan Driver" = Samsung Universal Scan Driver
"Software Informer_is1" = Software Informer 1.3.1092.0
"SpeedFan" = SpeedFan (remove only)
"SubtitleWorkshop" = Subtitle Workshop 2.51
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TapinRadio_is1" = TapinRadio 1.58.2
"TeamViewer 9" = TeamViewer 9
"TechPowerUp GPU-Z" = TechPowerUp GPU-Z
"TeraCopy_is1" = TeraCopy 2.3
"The KMPlayer" = The KMPlayer (remove only)
"TuxGuitar_0" = TuxGuitar 1.2
"Tweaking.com - Windows Repair (All in One)" = Tweaking.com - Windows Repair (All in One)
"Unlocker" = Unlocker 1.9.1
"UPC Fiber Power Optimizer" = UPC Fiber Power Optimizer
"virtualPhotographer_is1" = virtualPhotographer 1.5.6
"VobSub" = VobSub v2.23 (Remove Only)
"WhoCrashed_is1" = WhoCrashed 5.01
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinLiveSuite" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.2
"WinRAR archiver" = WinRAR archiver
"Wondershare PPT to Video_is1" = Wondershare PPT to Video 6.0.0.4
"Xilisoft Video Converter Ultimate" = Xilisoft Video Converter Ultimate
"XnView_is1" = XnView 2.03
"XnViewMP_is1" = XnViewMP 0.61
"XviD MPEG4 Video Codec" = XviD MPEG4 Video Codec (remove only)
"ZonerPhotoStudio16_CZ_is1" = Zoner Photo Studio 16
"ZonerPhotoStudio16_Templates_CZ_is1" = Zoner Photo Studio 16 - Obálky a šablony

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1455131556-454660493-2243824727-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"uTorrent" = µTorrent
"XBMC" = XBMC

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 28.9.2012 2:53:28 | Computer Name = Jarmila-NBK | Source = Windows Search Service | ID = 3013
Description =

Error - 28.9.2012 2:53:28 | Computer Name = Jarmila-NBK | Source = Windows Search Service | ID = 3013
Description =

Error - 28.9.2012 2:53:28 | Computer Name = Jarmila-NBK | Source = Windows Search Service | ID = 3013
Description =

Error - 28.9.2012 2:53:28 | Computer Name = Jarmila-NBK | Source = Windows Search Service | ID = 3013
Description =

Error - 28.9.2012 2:53:29 | Computer Name = Jarmila-NBK | Source = Windows Search Service | ID = 3013
Description =

Error - 28.9.2012 2:53:29 | Computer Name = Jarmila-NBK | Source = Windows Search Service | ID = 3013
Description =

Error - 28.9.2012 2:53:29 | Computer Name = Jarmila-NBK | Source = Windows Search Service | ID = 3013
Description =

Error - 28.9.2012 2:53:29 | Computer Name = Jarmila-NBK | Source = Windows Search Service | ID = 3013
Description =

Error - 28.9.2012 2:53:29 | Computer Name = Jarmila-NBK | Source = Windows Search Service | ID = 3013
Description =

Error - 28.9.2012 2:53:29 | Computer Name = Jarmila-NBK | Source = Windows Search Service | ID = 3013
Description =

[ OSession Events ]
Error - 16.2.2010 10:12:32 | Computer Name = Jarmila-NBK | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session
lasted 510 seconds with 480 seconds of active time. This session ended with a crash.

Error - 15.2.2012 11:36:21 | Computer Name = Jarmila-NBK | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 717
seconds with 540 seconds of active time. This session ended with a crash.

Error - 13.3.2013 11:34:11 | Computer Name = Jarmila-NBK | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 15
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 8.6.2014 0:28:02 | Computer Name = Jaris | Source = Microsoft-Windows-TaskScheduler | ID = 412
Description =

Error - 8.6.2014 0:29:12 | Computer Name = Jaris | Source = Service Control Manager | ID = 7000
Description =

Error - 8.6.2014 0:31:22 | Computer Name = Jaris | Source = Service Control Manager | ID = 7034
Description =

Error - 8.6.2014 16:46:29 | Computer Name = Jaris | Source = Microsoft-Windows-TaskScheduler | ID = 412
Description =

Error - 8.6.2014 16:47:55 | Computer Name = Jaris | Source = Service Control Manager | ID = 7000
Description =

Error - 8.6.2014 16:50:39 | Computer Name = Jaris | Source = Service Control Manager | ID = 7034
Description =

< End of report >

VIRY.CZ

prosím o kontrolu run32.dll 100% prostředků

prosím o kontrolu run32.dll 100% prostředků

Re: prosím o kontrolu run32.dll 100% prostředků

Re: prosím o kontrolu run32.dll 100% prostředků

Re: prosím o kontrolu run32.dll 100% prostředků

Re: prosím o kontrolu run32.dll 100% prostředků

Re: prosím o kontrolu run32.dll 100% prostředků

Re: prosím o kontrolu run32.dll 100% prostředků

Re: prosím o kontrolu run32.dll 100% prostředků

Re: prosím o kontrolu run32.dll 100% prostředků

Re: prosím o kontrolu run32.dll 100% prostředků

Re: prosím o kontrolu run32.dll 100% prostředků

Re: prosím o kontrolu run32.dll 100% prostředků

Re: prosím o kontrolu run32.dll 100% prostředků

Re: prosím o kontrolu run32.dll 100% prostředků

Re: prosím o kontrolu run32.dll 100% prostředků