Stránka 1 z 2

Vir ve WIN7?

Napsal: 15 črc 2014 20:08
od 7omino
Ahoj, prosím o kontrolu logu...včera se mi možná stáhl nějakej šmejd, dneska po zapnutí NB je nesmyslný datum a čas, chrome se odmítá připojit na spoustu stránke, mizejí ikony, atd...
Projel jsem jej combofixem, avšak problémy přetrvávají, díky !

Logfile of random's system information tool 1.10 (written by random/random)
Run by Tomas at 2009-12-07 01:29:53
Microsoft Windows 7 Ultimate
System drive C: has 11 GB (7%) free of 150 GB
Total RAM: 2815 MB (47% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:29:58, on 7.12.2009
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
C:\Program Files (x86)\Windows Sidebar\sidebar.exe
C:\Users\Tomas\AppData\Local\Akamai\netsession_win.exe
C:\Users\Tomas\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
C:\Users\Tomas\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Users\Tomas\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Users\Tomas\AppData\Local\Akamai\netsession_win.exe
C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTShellHlp.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Tomas.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hp& ... XX5SX2QEK8
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hp& ... XX5SX2QEK8
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type ... earchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hp& ... XX5SX2QEK8
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll
O2 - BHO: Linkey - {4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} - C:\PROGRA~2\Linkey\IEEXTE~1\iedll.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [Sweetpacks Communicator] C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Tomas\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Tomas\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Tomas\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [SkyDrive] "C:\Users\Tomas\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
O4 - Startup: Dropbox.lnk = Tomas\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: Odeslat do OneNote.lnk = C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O20 - AppInit_DLLs: C:\PROGRA~2\SupTab\SearchProtect32.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: globalUpdate Update Service (globalUpdatem) (globalUpdatem) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: IePlugin Services (IePluginServices) - Cherished Technololgy LIMITED - C:\ProgramData\IePluginServices\PluginService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10299 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\ProgramData\IePluginServices\PluginService.exe -service
"C:\Windows\system32\Dwm.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"taskhost.exe"
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe"
"C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\Version9\TeamViewer9_Logfile.log
"C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\Version9\TeamViewer9_Logfile.log
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files (x86)\Windows Sidebar\sidebar.exe" /autoRun
"C:\Users\Tomas\AppData\Local\Akamai\netsession_win.exe"
"C:\Windows\System32\StikyNot.exe"
"C:\Users\Tomas\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
"C:\Users\Tomas\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
szndesktop.exe default start
"C:/Users/Tomas/AppData/Local/Akamai/netsession_win.exe" --client
"C:\Users\Tomas\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\Windows\system32\conhost.exe
"C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE" /tsr
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe"
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\iPod\bin\iPodService.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\DAEMON Tools Lite\DTShellHlp.exe"
C:\Windows\explorer.exe
taskhost.exe "C:\Program Files\Microsoft Security Client\MpCmdRun.exe" -IdleTask -TaskName MpIdleTask

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" http://isearch.omiga-plus.com/?type=sc& ... XX5SX2QEK8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2536.0.1295704646\361959445" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,15 --disable-accelerated-video-decode --gpu-vendor-id=0x1002 --gpu-device-id=0x9612 --gpu-driver-vendor="ATI Technologies Inc." --gpu-driver-version=8.56.1.15 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_72/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --extension-process --disable-client-side-phishing-detection --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --disable-accelerated-video-decode --enable-software-compositing --channel="2536.2.1058401591\1212586785" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_72/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --disable-client-side-phishing-detection --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --disable-accelerated-video-decode --enable-software-compositing --channel="2536.7.1121942699\1530833893" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_72/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --disable-client-side-phishing-detection --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --disable-accelerated-video-decode --enable-software-compositing --channel="2536.9.1011840689\237580504" /prefetch:673131151
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe7_ Global\UsGthrCtrlFltPipeMssGthrPipe7 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520
"C:\Users\Tomas\Downloads\RSITx64.exe"
taskeng.exe {B394974A-805F-4D20-A18D-0E23AE8C3C0B}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /c
C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2014-07-08 218784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2014-07-08 885976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2014-07-08 2335960]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
IETabPage Class - C:\Program Files (x86)\SupTab\SupTab.dll [2014-07-14 515464]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}]
Linkey - C:\PROGRA~2\Linkey\IEEXTE~1\iedll.dll [2014-04-08 182800]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-26 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2014-07-08 710360]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetPacks Browser Helper - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-07-04 1310040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetPacks Toolbar for Internet Explorer - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-07-04 1310040]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2014-03-11 1271072]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-07-03 3673184]
"Sidebar"=C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2009-07-14 1173504]
"cz.seznam.software.autoupdate"=C:\Users\Tomas\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Tomas\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]
"Akamai NetSession Interface"=C:\Users\Tomas\AppData\Local\Akamai\netsession_win.exe [2014-04-17 4672920]
"SkyDrive"=C:\Users\Tomas\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [2014-07-02 251048]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-26 31016]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"Sweetpacks Communicator"=C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe [2012-08-15 231768]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2013-11-02 152392]

C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Tomas\AppData\Roaming\Dropbox\bin\Dropbox.exe
Odeslat do OneNote.lnk - C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~2\SupTab\SearchProtect64.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-26 2210608]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2014-07-14 21:36:52 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-07-14 21:36:47 ----D---- C:\Windows\system32\Macromed
2014-07-14 21:30:27 ----A---- C:\Windows\system32\drivers\{ed7eb956-75ed-460d-8f69-29a93b07afd1}w64.sys
2014-07-14 20:27:10 ----D---- C:\ProgramData\IePluginServices
2014-07-14 20:27:02 ----D---- C:\Program Files (x86)\SupTab
2014-07-14 20:26:52 ----D---- C:\ProgramData\WindowsMangerProtect
2014-07-14 20:23:51 ----D---- C:\Program Files (x86)\globalUpdate
2014-07-10 20:22:41 ----D---- C:\ProgramData\systemk
2014-07-08 21:16:25 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2014-07-08 21:12:24 ----D---- C:\Program Files\Microsoft Office 15
2014-07-02 20:35:19 ----D---- C:\OneDriveTemp
2014-05-26 19:17:59 ----D---- C:\Users\Tomas\AppData\Roaming\systweak
2014-05-26 19:17:19 ----D---- C:\Program Files (x86)\Linkey
2014-05-26 19:17:02 ----D---- C:\Program Files (x86)\Settings Manager
2014-05-26 19:16:41 ----D---- C:\Program Files (x86)\pazera-software
2014-05-26 19:12:07 ----D---- C:\Program Files (x86)\MP4 Converter
2014-05-26 18:59:02 ----D---- C:\ProgramData\Ashampoo
2014-05-26 18:58:58 ----D---- C:\Program Files (x86)\Ashampoo
2014-05-07 21:23:49 ----D---- C:\Program Files (x86)\Microsoft OneDrive
2014-05-07 21:23:25 ----D---- C:\ProgramData\Microsoft OneDrive
2014-05-07 06:27:41 ----D---- C:\Users\Tomas\AppData\Roaming\dvdcss
2014-05-03 13:54:02 ----D---- C:\Users\Tomas\AppData\Roaming\DropboxMaster
2014-05-01 17:13:13 ----D---- C:\ProgramData\Orbit
2014-04-23 02:19:34 ----D---- C:\Windows\Minidump
2014-04-09 20:26:24 ----D---- C:\Users\Tomas\AppData\Roaming\TeamViewer
2014-04-09 20:26:16 ----D---- C:\Program Files (x86)\TeamViewer
2014-03-11 21:55:22 ----D---- C:\Users\Tomas\AppData\Roaming\IMSIDesign
2014-03-11 21:55:22 ----D---- C:\ProgramData\IMSIDesign
2014-03-11 21:55:22 ----D---- C:\Program Files\IMSIDesign
2014-03-11 21:41:17 ----A---- C:\Windows\SYSWOW64\PresentationHostProxy.dll
2014-03-11 21:41:17 ----A---- C:\Windows\SYSWOW64\PresentationHost.exe
2014-03-11 21:41:17 ----A---- C:\Windows\SYSWOW64\netfxperf.dll
2014-03-11 21:41:17 ----A---- C:\Windows\SYSWOW64\mscoree.dll
2014-03-11 21:41:17 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2014-03-11 21:41:17 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2014-03-11 21:41:17 ----A---- C:\Windows\system32\PresentationHost.exe
2014-03-11 21:41:17 ----A---- C:\Windows\system32\netfxperf.dll
2014-03-11 21:41:17 ----A---- C:\Windows\system32\mscoree.dll
2014-03-11 21:41:17 ----A---- C:\Windows\system32\dfshim.dll
2014-03-11 21:37:19 ----D---- C:\Program Files (x86)\TurboCAD 20 Professional 64-bit Setup
2014-03-11 09:52:30 ----A---- C:\Windows\system32\drivers\NisDrvWFP.sys
2014-01-26 17:10:27 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2014-01-25 01:19:42 ----A---- C:\Windows\system32\drivers\MpFilter.sys
2013-12-25 02:36:29 ----D---- C:\Program Files (x86)\vanBasco's Karaoke Player
2013-12-21 13:59:13 ----D---- C:\Users\Tomas\AppData\Roaming\Apple Computer
2013-12-21 13:58:50 ----DC---- C:\Windows\system32\DRVSTORE
2013-12-21 13:58:50 ----A---- C:\Windows\system32\drivers\GEARAspiWDM.sys
2013-12-21 13:58:08 ----D---- C:\Program Files\iPod
2013-12-21 13:58:07 ----D---- C:\ProgramData\Apple Computer
2013-12-21 13:58:07 ----D---- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-12-21 13:58:07 ----D---- C:\Program Files\iTunes
2013-12-21 13:58:07 ----D---- C:\Program Files (x86)\iTunes
2013-12-21 13:56:55 ----D---- C:\Program Files (x86)\Apple Software Update
2013-12-21 13:56:31 ----D---- C:\Program Files\Common Files\Apple
2013-12-21 13:56:11 ----D---- C:\Program Files\Bonjour
2013-12-21 13:56:11 ----D---- C:\Program Files (x86)\Bonjour
2013-12-21 13:55:51 ----D---- C:\ProgramData\Apple
2013-12-18 19:06:34 ----A---- C:\Windows\system32\mdm.exe
2013-12-02 21:51:57 ----D---- C:\Users\Tomas\AppData\Roaming\vlc
2013-12-02 21:21:59 ----D---- C:\Windows\system32\appmgmt
2013-12-02 21:17:56 ----D---- C:\Program Files (x86)\VideoLAN
2013-11-19 19:51:46 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2013-11-19 19:41:36 ----D---- C:\Program Files\Adobe
2013-11-19 19:40:17 ----D---- C:\Program Files\Common Files\Adobe
2013-11-19 19:38:51 ----D---- C:\Program Files (x86)\Adobe Media Player
2013-11-19 19:36:02 ----D---- C:\Windows\SYSWOW64\Macromed
2013-11-19 19:35:47 ----D---- C:\Program Files (x86)\Adobe
2013-11-19 19:34:14 ----D---- C:\ProgramData\Adobe
2013-11-19 19:30:38 ----D---- C:\Users\Tomas\AppData\Roaming\Macromedia
2013-11-19 19:30:29 ----D---- C:\Users\Tomas\AppData\Roaming\Adobe
2013-11-19 19:28:44 ----D---- C:\Program Files (x86)\7-Zip
2013-10-17 19:42:11 ----A---- C:\Windows\SYSWOW64\steam_api.dll
2013-10-17 19:41:51 ----D---- C:\ProgramData\Logs
2013-10-17 19:41:49 ----A---- C:\Windows\system32\roboot64.exe
2013-10-17 19:01:42 ----D---- C:\ProgramData\SweetIM
2013-10-17 19:01:42 ----D---- C:\Program Files (x86)\SweetIM
2013-10-17 19:01:30 ----D---- C:\Program Files (x86)\Rocksmith Crack Only-TiNYiSO
2013-10-17 19:00:23 ----D---- C:\Program Files (x86)\ASIO4ALL v2
2013-10-17 18:42:24 ----A---- C:\Windows\SYSWOW64\XAudio2_7.dll
2013-10-17 18:42:24 ----A---- C:\Windows\SYSWOW64\XAPOFX1_5.dll
2013-10-17 18:42:24 ----A---- C:\Windows\SYSWOW64\xactengine3_7.dll
2013-10-17 18:42:24 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll
2013-10-17 18:42:24 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll
2013-10-17 18:42:24 ----A---- C:\Windows\system32\XAudio2_7.dll
2013-10-17 18:42:24 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2013-10-17 18:42:24 ----A---- C:\Windows\system32\xactengine3_7.dll
2013-10-17 18:42:24 ----A---- C:\Windows\system32\d3dcsx_43.dll
2013-10-17 18:42:24 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2013-10-17 18:42:23 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2013-10-17 18:42:23 ----A---- C:\Windows\SYSWOW64\d3dx11_43.dll
2013-10-17 18:42:23 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll
2013-10-17 18:42:23 ----A---- C:\Windows\system32\D3DX9_43.dll
2013-10-17 18:42:23 ----A---- C:\Windows\system32\d3dx11_43.dll
2013-10-17 18:42:23 ----A---- C:\Windows\system32\d3dx10_43.dll
2013-10-17 18:42:22 ----A---- C:\Windows\SYSWOW64\XAudio2_6.dll
2013-10-17 18:42:22 ----A---- C:\Windows\SYSWOW64\XAudio2_5.dll
2013-10-17 18:42:22 ----A---- C:\Windows\SYSWOW64\XAPOFX1_4.dll
2013-10-17 18:42:22 ----A---- C:\Windows\SYSWOW64\xactengine3_6.dll
2013-10-17 18:42:22 ----A---- C:\Windows\SYSWOW64\X3DAudio1_7.dll
2013-10-17 18:42:22 ----A---- C:\Windows\system32\XAudio2_6.dll
2013-10-17 18:42:22 ----A---- C:\Windows\system32\XAudio2_5.dll
2013-10-17 18:42:22 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2013-10-17 18:42:22 ----A---- C:\Windows\system32\xactengine3_6.dll
2013-10-17 18:42:22 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2013-10-17 18:42:21 ----A---- C:\Windows\SYSWOW64\xactengine3_5.dll
2013-10-17 18:42:21 ----A---- C:\Windows\SYSWOW64\D3DCompiler_42.dll
2013-10-17 18:42:21 ----A---- C:\Windows\system32\xactengine3_5.dll
2013-10-17 18:42:21 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2013-10-17 18:42:20 ----A---- C:\Windows\SYSWOW64\d3dcsx_42.dll
2013-10-17 18:42:20 ----A---- C:\Windows\system32\d3dcsx_42.dll
2013-10-17 18:42:19 ----A---- C:\Windows\SYSWOW64\D3DX9_42.dll
2013-10-17 18:42:19 ----A---- C:\Windows\SYSWOW64\d3dx11_42.dll
2013-10-17 18:42:19 ----A---- C:\Windows\SYSWOW64\d3dx10_42.dll
2013-10-17 18:42:19 ----A---- C:\Windows\SYSWOW64\d3dx10_41.dll
2013-10-17 18:42:19 ----A---- C:\Windows\SYSWOW64\D3DCompiler_41.dll
2013-10-17 18:42:19 ----A---- C:\Windows\system32\D3DX9_42.dll
2013-10-17 18:42:19 ----A---- C:\Windows\system32\d3dx11_42.dll
2013-10-17 18:42:19 ----A---- C:\Windows\system32\d3dx10_42.dll
2013-10-17 18:42:19 ----A---- C:\Windows\system32\d3dx10_41.dll
2013-10-17 18:42:19 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2013-10-17 18:42:18 ----A---- C:\Windows\SYSWOW64\XAudio2_4.dll
2013-10-17 18:42:18 ----A---- C:\Windows\SYSWOW64\XAPOFX1_3.dll
2013-10-17 18:42:18 ----A---- C:\Windows\SYSWOW64\xactengine3_4.dll
2013-10-17 18:42:18 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll
2013-10-17 18:42:18 ----A---- C:\Windows\system32\XAudio2_4.dll
2013-10-17 18:42:18 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2013-10-17 18:42:18 ----A---- C:\Windows\system32\xactengine3_4.dll
2013-10-17 18:42:18 ----A---- C:\Windows\system32\D3DX9_41.dll
2013-10-17 18:42:17 ----A---- C:\Windows\SYSWOW64\X3DAudio1_6.dll
2013-10-17 18:42:17 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2013-10-17 18:42:16 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll
2013-10-17 18:42:16 ----A---- C:\Windows\SYSWOW64\d3dx10_40.dll
2013-10-17 18:42:16 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll
2013-10-17 18:42:16 ----A---- C:\Windows\system32\D3DX9_40.dll
2013-10-17 18:42:16 ----A---- C:\Windows\system32\d3dx10_40.dll
2013-10-17 18:42:16 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2013-10-17 18:42:15 ----A---- C:\Windows\SYSWOW64\XAudio2_3.dll
2013-10-17 18:42:15 ----A---- C:\Windows\SYSWOW64\XAPOFX1_2.dll
2013-10-17 18:42:15 ----A---- C:\Windows\SYSWOW64\xactengine3_3.dll
2013-10-17 18:42:15 ----A---- C:\Windows\system32\XAudio2_3.dll
2013-10-17 18:42:15 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2013-10-17 18:42:15 ----A---- C:\Windows\system32\xactengine3_3.dll
2013-10-17 18:42:14 ----A---- C:\Windows\SYSWOW64\XAudio2_2.dll
2013-10-17 18:42:14 ----A---- C:\Windows\SYSWOW64\XAPOFX1_1.dll
2013-10-17 18:42:14 ----A---- C:\Windows\SYSWOW64\xactengine3_2.dll
2013-10-17 18:42:14 ----A---- C:\Windows\SYSWOW64\X3DAudio1_5.dll
2013-10-17 18:42:14 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2013-10-17 18:42:14 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2013-10-17 18:42:14 ----A---- C:\Windows\system32\XAudio2_2.dll
2013-10-17 18:42:14 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2013-10-17 18:42:14 ----A---- C:\Windows\system32\xactengine3_2.dll
2013-10-17 18:42:14 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2013-10-17 18:42:14 ----A---- C:\Windows\system32\d3dx10_39.dll
2013-10-17 18:42:14 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2013-10-17 18:42:13 ----A---- C:\Windows\SYSWOW64\XAudio2_1.dll
2013-10-17 18:42:13 ----A---- C:\Windows\SYSWOW64\XAPOFX1_0.dll
2013-10-17 18:42:13 ----A---- C:\Windows\SYSWOW64\xactengine3_1.dll
2013-10-17 18:42:13 ----A---- C:\Windows\SYSWOW64\X3DAudio1_4.dll
2013-10-17 18:42:13 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2013-10-17 18:42:13 ----A---- C:\Windows\system32\XAudio2_1.dll
2013-10-17 18:42:13 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2013-10-17 18:42:13 ----A---- C:\Windows\system32\xactengine3_1.dll
2013-10-17 18:42:13 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2013-10-17 18:42:13 ----A---- C:\Windows\system32\D3DX9_39.dll
2013-10-17 18:42:12 ----A---- C:\Windows\SYSWOW64\XAudio2_0.dll
2013-10-17 18:42:12 ----A---- C:\Windows\SYSWOW64\xactengine3_0.dll
2013-10-17 18:42:12 ----A---- C:\Windows\SYSWOW64\X3DAudio1_3.dll
2013-10-17 18:42:12 ----A---- C:\Windows\SYSWOW64\D3DX9_38.dll
2013-10-17 18:42:12 ----A---- C:\Windows\SYSWOW64\d3dx10_38.dll
2013-10-17 18:42:12 ----A---- C:\Windows\SYSWOW64\D3DCompiler_38.dll
2013-10-17 18:42:12 ----A---- C:\Windows\system32\XAudio2_0.dll
2013-10-17 18:42:12 ----A---- C:\Windows\system32\xactengine3_0.dll
2013-10-17 18:42:12 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2013-10-17 18:42:12 ----A---- C:\Windows\system32\D3DX9_38.dll
2013-10-17 18:42:12 ----A---- C:\Windows\system32\d3dx10_38.dll
2013-10-17 18:42:12 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2013-10-17 18:42:11 ----A---- C:\Windows\SYSWOW64\xactengine2_10.dll
2013-10-17 18:42:11 ----A---- C:\Windows\SYSWOW64\D3DX9_37.dll
2013-10-17 18:42:11 ----A---- C:\Windows\SYSWOW64\d3dx10_37.dll
2013-10-17 18:42:11 ----A---- C:\Windows\SYSWOW64\D3DCompiler_37.dll
2013-10-17 18:42:11 ----A---- C:\Windows\system32\xactengine2_10.dll
2013-10-17 18:42:11 ----A---- C:\Windows\system32\D3DX9_37.dll
2013-10-17 18:42:11 ----A---- C:\Windows\system32\d3dx10_37.dll
2013-10-17 18:42:11 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2013-10-17 18:42:10 ----A---- C:\Windows\SYSWOW64\d3dx9_36.dll
2013-10-17 18:42:10 ----A---- C:\Windows\SYSWOW64\d3dx10_36.dll
2013-10-17 18:42:10 ----A---- C:\Windows\SYSWOW64\D3DCompiler_36.dll
2013-10-17 18:42:10 ----A---- C:\Windows\system32\d3dx9_36.dll
2013-10-17 18:42:10 ----A---- C:\Windows\system32\d3dx10_36.dll
2013-10-17 18:42:10 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2013-10-17 18:42:09 ----A---- C:\Windows\SYSWOW64\xactengine2_9.dll
2013-10-17 18:42:09 ----A---- C:\Windows\SYSWOW64\d3dx10_35.dll
2013-10-17 18:42:09 ----A---- C:\Windows\SYSWOW64\D3DCompiler_35.dll
2013-10-17 18:42:09 ----A---- C:\Windows\system32\xactengine2_9.dll
2013-10-17 18:42:09 ----A---- C:\Windows\system32\d3dx10_35.dll
2013-10-17 18:42:09 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2013-10-17 18:42:08 ----A---- C:\Windows\SYSWOW64\xactengine2_8.dll
2013-10-17 18:42:08 ----A---- C:\Windows\SYSWOW64\X3DAudio1_2.dll
2013-10-17 18:42:08 ----A---- C:\Windows\SYSWOW64\d3dx9_35.dll
2013-10-17 18:42:08 ----A---- C:\Windows\SYSWOW64\d3dx10_34.dll
2013-10-17 18:42:08 ----A---- C:\Windows\SYSWOW64\D3DCompiler_34.dll
2013-10-17 18:42:08 ----A---- C:\Windows\system32\xactengine2_8.dll
2013-10-17 18:42:08 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2013-10-17 18:42:08 ----A---- C:\Windows\system32\d3dx9_35.dll
2013-10-17 18:42:08 ----A---- C:\Windows\system32\d3dx10_34.dll
2013-10-17 18:42:08 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2013-10-17 18:42:07 ----A---- C:\Windows\SYSWOW64\xinput1_3.dll
2013-10-17 18:42:07 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll
2013-10-17 18:42:07 ----A---- C:\Windows\system32\xinput1_3.dll
2013-10-17 18:42:07 ----A---- C:\Windows\system32\d3dx9_34.dll
2013-10-17 18:42:06 ----A---- C:\Windows\SYSWOW64\xactengine2_7.dll
2013-10-17 18:42:06 ----A---- C:\Windows\SYSWOW64\d3dx9_33.dll
2013-10-17 18:42:06 ----A---- C:\Windows\SYSWOW64\d3dx10_33.dll
2013-10-17 18:42:06 ----A---- C:\Windows\SYSWOW64\D3DCompiler_33.dll
2013-10-17 18:42:06 ----A---- C:\Windows\system32\xactengine2_7.dll
2013-10-17 18:42:06 ----A---- C:\Windows\system32\d3dx9_33.dll
2013-10-17 18:42:06 ----A---- C:\Windows\system32\d3dx10_33.dll
2013-10-17 18:42:06 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2013-10-17 18:42:05 ----A---- C:\Windows\SYSWOW64\xactengine2_6.dll
2013-10-17 18:42:05 ----A---- C:\Windows\SYSWOW64\xactengine2_5.dll
2013-10-17 18:42:05 ----A---- C:\Windows\SYSWOW64\d3dx10.dll
2013-10-17 18:42:05 ----A---- C:\Windows\system32\xactengine2_6.dll
2013-10-17 18:42:05 ----A---- C:\Windows\system32\xactengine2_5.dll
2013-10-17 18:42:05 ----A---- C:\Windows\system32\d3dx10.dll
2013-10-17 18:42:04 ----A---- C:\Windows\SYSWOW64\xactengine2_4.dll
2013-10-17 18:42:04 ----A---- C:\Windows\SYSWOW64\x3daudio1_1.dll
2013-10-17 18:42:04 ----A---- C:\Windows\SYSWOW64\d3dx9_32.dll
2013-10-17 18:42:04 ----A---- C:\Windows\SYSWOW64\d3dx9_31.dll
2013-10-17 18:42:04 ----A---- C:\Windows\system32\xactengine2_4.dll
2013-10-17 18:42:04 ----A---- C:\Windows\system32\x3daudio1_1.dll
2013-10-17 18:42:04 ----A---- C:\Windows\system32\d3dx9_32.dll
2013-10-17 18:42:04 ----A---- C:\Windows\system32\d3dx9_31.dll
2013-10-17 18:42:03 ----A---- C:\Windows\SYSWOW64\xinput1_2.dll
2013-10-17 18:42:03 ----A---- C:\Windows\SYSWOW64\xinput1_1.dll
2013-10-17 18:42:03 ----A---- C:\Windows\SYSWOW64\xactengine2_3.dll
2013-10-17 18:42:03 ----A---- C:\Windows\SYSWOW64\xactengine2_2.dll
2013-10-17 18:42:03 ----A---- C:\Windows\system32\xinput1_2.dll
2013-10-17 18:42:03 ----A---- C:\Windows\system32\xinput1_1.dll
2013-10-17 18:42:03 ----A---- C:\Windows\system32\xactengine2_3.dll
2013-10-17 18:42:03 ----A---- C:\Windows\system32\xactengine2_2.dll
2013-10-17 18:42:02 ----A---- C:\Windows\SYSWOW64\xactengine2_1.dll
2013-10-17 18:42:02 ----A---- C:\Windows\system32\xactengine2_1.dll
2013-10-17 18:41:59 ----A---- C:\Windows\SYSWOW64\xactengine2_0.dll
2013-10-17 18:41:59 ----A---- C:\Windows\SYSWOW64\x3daudio1_0.dll
2013-10-17 18:41:59 ----A---- C:\Windows\SYSWOW64\d3dx9_30.dll
2013-10-17 18:41:59 ----A---- C:\Windows\system32\xactengine2_0.dll
2013-10-17 18:41:59 ----A---- C:\Windows\system32\x3daudio1_0.dll
2013-10-17 18:41:59 ----A---- C:\Windows\system32\d3dx9_30.dll
2013-10-17 18:41:58 ----A---- C:\Windows\SYSWOW64\d3dx9_29.dll
2013-10-17 18:41:58 ----A---- C:\Windows\SYSWOW64\d3dx9_28.dll
2013-10-17 18:41:58 ----A---- C:\Windows\system32\d3dx9_29.dll
2013-10-17 18:41:58 ----A---- C:\Windows\system32\d3dx9_28.dll
2013-10-17 18:41:57 ----A---- C:\Windows\SYSWOW64\d3dx9_27.dll
2013-10-17 18:41:57 ----A---- C:\Windows\SYSWOW64\d3dx9_26.dll
2013-10-17 18:41:57 ----A---- C:\Windows\system32\d3dx9_27.dll
2013-10-17 18:41:57 ----A---- C:\Windows\system32\d3dx9_26.dll
2013-10-17 18:41:56 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2013-10-17 18:41:56 ----A---- C:\Windows\system32\d3dx9_25.dll
2013-10-17 18:41:55 ----A---- C:\Windows\SYSWOW64\d3dx9_24.dll
2013-10-17 18:41:55 ----A---- C:\Windows\system32\d3dx9_24.dll
2013-10-17 18:33:19 ----D---- C:\Users\Tomas\AppData\Roaming\ParetoLogic
2013-10-17 18:33:19 ----D---- C:\Users\Tomas\AppData\Roaming\DriverCure
2013-10-17 18:33:08 ----D---- C:\ProgramData\ParetoLogic
2013-10-17 17:35:30 ----AD---- C:\ProgramData\TEMP
2013-10-17 17:30:47 ----D---- C:\Program Files (x86)\Ubisoft
2013-10-17 17:30:23 ----A---- C:\Users\Tomas\AppData\Roaming\regsvr32.exe_log.txt
2013-10-17 17:30:23 ----A---- C:\Users\Tomas\AppData\Roaming\LiveSupport.exe_log.txt
2013-10-17 17:29:58 ----D---- C:\Program Files (x86)\Seznam.cz
2013-10-17 17:29:35 ----D---- C:\Users\Tomas\AppData\Roaming\Seznam.cz
2013-10-17 17:26:44 ----A---- C:\Windows\system32\drivers\dtsoftbus01.sys
2013-10-17 17:26:41 ----D---- C:\Users\Tomas\AppData\Roaming\DAEMON Tools Lite
2013-10-17 17:26:38 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2013-10-17 17:23:36 ----D---- C:\ProgramData\DAEMON Tools Lite
2013-10-09 20:17:40 ----D---- C:\Users\Tomas\AppData\Roaming\Dropbox
2013-10-08 19:43:53 ----D---- C:\Program Files (x86)\Microsoft Works
2013-10-08 19:41:55 ----D---- C:\Program Files (x86)\Microsoft Visual Studio
2013-10-08 19:39:53 ----D---- C:\Windows\PCHEALTH
2013-10-08 19:39:52 ----D---- C:\Program Files (x86)\Microsoft.NET
2013-10-08 19:31:38 ----D---- C:\Program Files\Microsoft Office
2013-10-08 19:31:23 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2013-10-08 19:29:18 ----D---- C:\Program Files (x86)\Microsoft Office
2013-10-08 19:29:17 ----D---- C:\ProgramData\Microsoft Help
2013-10-08 19:25:42 ----RD---- C:\MSOCache
2013-10-08 19:24:12 ----D---- C:\Program Files\7-Zip
2013-10-08 18:30:56 ----A---- C:\Windows\system32\wups2.dll
2013-10-08 18:30:56 ----A---- C:\Windows\system32\wucltux.dll
2013-10-08 18:30:56 ----A---- C:\Windows\system32\wuaueng.dll
2013-10-08 18:30:56 ----A---- C:\Windows\system32\wuauclt.exe
2013-10-08 18:30:38 ----A---- C:\Windows\system32\wups.dll
2013-10-08 18:30:38 ----A---- C:\Windows\system32\wudriver.dll
2013-10-08 18:30:38 ----A---- C:\Windows\system32\wuapi.dll
2013-10-08 18:30:19 ----A---- C:\Windows\system32\wuwebv.dll
2013-10-08 18:30:19 ----A---- C:\Windows\system32\wuapp.exe
2013-10-07 20:36:52 ----D---- C:\Windows\Panther
2013-10-07 20:36:21 ----D---- C:\Windows\system32\oem
2013-10-07 20:11:02 ----SHD---- C:\Windows\Installer
2013-10-07 20:06:44 ----D---- C:\Program Files (x86)\Google
2013-10-07 20:06:19 ----N---- C:\Windows\system32\MpSigStub.exe
2013-10-07 19:50:50 ----D---- C:\Users\Tomas\AppData\Roaming\Identities
2013-10-07 19:50:39 ----SD---- C:\Users\Tomas\AppData\Roaming\Microsoft
2013-10-07 19:50:39 ----D---- C:\Users\Tomas\AppData\Roaming\Media Center Programs
2013-10-07 19:50:25 ----SHD---- C:\ProgramData\Šablony
2013-10-07 19:50:25 ----SHD---- C:\ProgramData\Plocha
2013-10-07 19:50:25 ----SHD---- C:\ProgramData\Oblíbené položky
2013-10-07 19:50:25 ----SHD---- C:\ProgramData\Nabídka Start
2013-10-07 19:50:25 ----SHD---- C:\ProgramData\Dokumenty
2013-10-07 19:50:25 ----SHD---- C:\ProgramData\Data aplikací
2013-10-07 19:50:25 ----D---- C:\Recovery
2013-10-07 19:41:07 ----D---- C:\Windows\SoftwareDistribution
2013-10-07 19:40:55 ----A---- C:\Windows\system32\atiicdxx.dat
2013-10-07 19:38:22 ----D---- C:\Windows\Prefetch
2013-10-07 19:38:04 ----ASH---- C:\pagefile.sys
2013-10-07 19:38:01 ----SHD---- C:\System Volume Information
2013-10-07 19:38:01 ----ASH---- C:\hiberfil.sys
2012-12-13 14:50:38 ----A---- C:\Windows\system32\usbaaplrc.dll
2012-12-13 14:50:36 ----A---- C:\Windows\system32\drivers\usbaapl64.sys
2012-08-21 13:01:20 ----A---- C:\Windows\SYSWOW64\GEARAspi.dll
2012-08-21 13:01:20 ----A---- C:\Windows\system32\GEARAspi64.dll
2011-08-30 23:05:32 ----A---- C:\Windows\system32\jdns_sd.dll
2011-08-30 23:05:32 ----A---- C:\Windows\system32\dnssdX.dll
2011-08-30 23:05:32 ----A---- C:\Windows\system32\dns-sd.exe
2011-08-30 23:05:32 ----A---- C:\Windows\system32\dnssd.dll
2011-08-30 23:05:04 ----A---- C:\Windows\SYSWOW64\jdns_sd.dll
2011-08-30 23:05:04 ----A---- C:\Windows\SYSWOW64\dnssdX.dll
2011-08-30 23:05:04 ----A---- C:\Windows\SYSWOW64\dns-sd.exe
2011-08-30 23:05:04 ----A---- C:\Windows\SYSWOW64\dnssd.dll
2011-02-19 23:03:12 ----A---- C:\Windows\SYSWOW64\vcomp100.dll
2011-02-19 23:03:12 ----A---- C:\Windows\SYSWOW64\msvcp100.dll
2011-02-19 23:03:12 ----A---- C:\Windows\SYSWOW64\mfcm100u.dll
2011-02-19 23:03:12 ----A---- C:\Windows\SYSWOW64\mfcm100.dll
2011-02-19 23:03:12 ----A---- C:\Windows\SYSWOW64\mfc100u.dll
2011-02-19 23:03:12 ----A---- C:\Windows\SYSWOW64\mfc100.dll
2011-02-19 23:03:12 ----A---- C:\Windows\SYSWOW64\atl100.dll
2011-02-19 22:51:56 ----A---- C:\Windows\system32\vcomp100.dll
2011-02-19 22:51:56 ----A---- C:\Windows\system32\msvcp100.dll
2011-02-19 22:51:56 ----A---- C:\Windows\system32\mfcm100u.dll
2011-02-19 22:51:56 ----A---- C:\Windows\system32\mfcm100.dll
2011-02-19 22:51:56 ----A---- C:\Windows\system32\mfc100u.dll
2011-02-19 22:51:56 ----A---- C:\Windows\system32\mfc100.dll
2011-02-19 22:51:56 ----A---- C:\Windows\system32\atl100.dll
2011-02-19 00:52:32 ----A---- C:\Windows\system32\msvcr100.dll
2011-02-19 00:40:50 ----A---- C:\Windows\SYSWOW64\msvcr100.dll
2010-03-18 17:23:04 ----A---- C:\Windows\system32\aspnet_counters.dll
2010-03-18 16:47:22 ----A---- C:\Windows\SYSWOW64\aspnet_counters.dll
2010-03-18 14:27:14 ----A---- C:\Windows\system32\msvcr100_clr0400.dll
2010-03-18 13:16:28 ----A---- C:\Windows\SYSWOW64\msvcr100_clr0400.dll
2010-03-05 10:13:40 ----A---- C:\Windows\SYSWOW64\msjava.dll
2009-12-07 01:29:53 ----D---- C:\rsit
2009-12-07 01:29:53 ----D---- C:\Program Files\trend micro
2009-12-07 00:51:38 ----A---- C:\ComboFix.txt
2009-12-07 00:45:45 ----SHD---- C:\$RECYCLE.BIN
2009-12-06 23:49:18 ----A---- C:\Windows\zip.exe
2009-12-06 23:49:18 ----A---- C:\Windows\SWSC.exe
2009-12-06 23:49:18 ----A---- C:\Windows\SWREG.exe
2009-12-06 23:49:18 ----A---- C:\Windows\sed.exe
2009-12-06 23:49:18 ----A---- C:\Windows\PEV.exe
2009-12-06 23:49:18 ----A---- C:\Windows\NIRCMD.exe
2009-12-06 23:49:18 ----A---- C:\Windows\MBR.exe
2009-12-06 23:49:18 ----A---- C:\Windows\grep.exe
2009-12-06 23:46:18 ----D---- C:\Qoobox
2009-12-06 23:45:41 ----D---- C:\Windows\erdnt
2009-12-06 23:15:33 ----D---- C:\Program Files (x86)\Microsoft Security Client
2009-12-06 23:15:25 ----D---- C:\Program Files\Microsoft Security Client
2009-12-06 23:15:10 ----A---- C:\Windows\system32\drivers\tcpip.sys
2009-12-06 23:15:10 ----A---- C:\Windows\system32\drivers\netio.sys

======List of files/folders modified in the last 1 month======

2014-07-14 21:37:00 ----D---- C:\Windows\Downloaded Program Files
2014-07-14 20:27:10 ----D---- C:\ProgramData
2014-07-10 20:13:34 ----D---- C:\Windows\Microsoft.NET
2014-07-10 20:13:02 ----RSD---- C:\Windows\assembly
2014-07-09 20:21:25 ----RSD---- C:\Windows\Fonts
2014-07-08 21:19:01 ----D---- C:\Windows\system32\DriverStore
2014-07-08 21:16:24 ----D---- C:\Program Files\Common Files\Microsoft Shared
2014-06-01 15:21:41 ----D---- C:\Windows\system32\wdi
2014-04-16 21:38:10 ----D---- C:\Windows\system32\NDF
2014-03-11 21:42:45 ----D---- C:\Windows\SYSWOW64\en-US
2014-03-11 21:42:45 ----D---- C:\Windows\system32\en-US
2014-03-11 21:40:33 ----D---- C:\Windows\Logs
2014-02-14 17:19:35 ----D---- C:\Windows\rescache
2013-12-21 13:56:31 ----D---- C:\Program Files\Common Files
2013-12-21 11:33:44 ----D---- C:\Windows\system32\drivers\UMDF
2013-10-17 18:21:36 ----D---- C:\Windows\system32\cs-CZ
2013-10-08 19:43:12 ----D---- C:\Program Files (x86)\MSBuild
2013-10-08 19:41:40 ----D---- C:\Windows\ShellNew
2013-10-08 19:18:15 ----D---- C:\Windows\system32\LogFiles
2013-10-07 20:36:22 ----D---- C:\Windows\system32\oobe
2013-10-07 20:36:21 ----D---- C:\Windows\Setup
2013-10-07 20:05:35 ----D---- C:\Windows\system32\restore
2013-10-07 19:53:02 ----D---- C:\Windows\system32\CodeIntegrity
2013-10-07 19:50:36 ----RD---- C:\Users
2013-10-07 19:50:25 ----D---- C:\Windows\system32\Recovery
2013-10-07 19:50:25 ----D---- C:\Program Files\Windows NT
2013-10-07 19:47:56 ----D---- C:\Windows\debug
2013-10-07 19:41:31 ----D---- C:\Windows\system32\sysprep
2013-10-07 19:38:51 ----D---- C:\Windows\CSC
2009-12-07 01:29:53 ----RD---- C:\Program Files
2009-12-07 01:29:45 ----D---- C:\Windows\Temp
2009-12-07 01:27:21 ----D---- C:\Windows\system32\config
2009-12-07 00:51:41 ----D---- C:\Windows\system32\drivers
2009-12-07 00:50:13 ----D---- C:\Windows\Tasks
2009-12-07 00:50:13 ----D---- C:\Windows\system32\Tasks
2009-12-07 00:49:59 ----D---- C:\Windows\System32
2009-12-07 00:49:59 ----D---- C:\Windows\inf
2009-12-07 00:49:59 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-12-07 00:45:00 ----D---- C:\Windows
2009-12-07 00:45:00 ----A---- C:\Windows\system.ini
2009-12-07 00:44:56 ----D---- C:\Windows\system32\drivers\etc
2009-12-07 00:38:22 ----D---- C:\Windows\SYSWOW64\drivers
2009-12-07 00:38:22 ----D---- C:\Windows\SysWOW64
2009-12-07 00:38:22 ----D---- C:\Windows\AppPatch
2009-12-07 00:38:20 ----D---- C:\Program Files (x86)\Common Files
2009-12-06 23:17:40 ----D---- C:\Windows\winsxs
2009-12-06 23:15:35 ----D---- C:\Windows\system32\catroot
2009-12-06 23:15:33 ----SD---- C:\ProgramData\Microsoft
2009-12-06 23:15:33 ----RD---- C:\Program Files (x86)
2009-12-06 23:15:19 ----D---- C:\Windows\system32\catroot2
2009-12-06 23:04:09 ----A---- C:\Windows\win.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-01-25 268512]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R1 {ed7eb956-75ed-460d-8f69-29a93b07afd1}w64;{ed7eb956-75ed-460d-8f69-29a93b07afd1}w64; C:\Windows\system32\drivers\{ed7eb956-75ed-460d-8f69-29a93b07afd1}w64.sys [2014-07-13 61120]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-10-17 283064]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 athr;Atheros – ovladač pro zařízení pro rozšiřitelnou bezdrátovou síť LAN; C:\Windows\system32\DRIVERS\athrx.sys [2009-06-20 1394688]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-13 5020672]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 RTL8167;Ovladač Realtek 8167 NT; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-03-11 133928]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]
S4 F06DEFF2-5B9C-490D-910F-35D3A9119622;F06DEFF2-5B9C-490D-910F-35D3A9119622; \??\C:\Program Files (x86)\Settings Manager\systemk\x64\systemkmgrc2.cfg [2014-07-09 41872]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2013-09-07 55624]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2014-06-19 2356408]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 IePluginServices;IePlugin Services; C:\ProgramData\IePluginServices\PluginService.exe [2014-07-14 759688]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-03-11 23808]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-07-02 5037888]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2013-11-02 641352]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-07 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-14 262320]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 globalUpdatem;globalUpdate Update Service (globalUpdatem); C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-07-14 68608]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-07 116648]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-26 65824]
S3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-03-11 347872]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-06-26 150600]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2014-06-26 5132888]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 SystemkService;Systemk Service; C:\Program Files (x86)\Settings Manager\systemk\SystemkService.exe [2014-07-09 3572240]

-----------------EOF-----------------

Re: Vir ve WIN7?

Napsal: 15 črc 2014 20:11
od Rudy
Zdravím!
Jak je na tom váš OS s legalitou?

Re: Vir ve WIN7?

Napsal: 15 črc 2014 20:21
od 7omino
Mělo by to být v pořádku, nechal jsem to tenkrát reinstalovat v servisu...proč, něco je špatně? :?:

Re: Vir ve WIN7?

Napsal: 15 črc 2014 20:53
od Rudy
Zkuste tento postup:

Stáhněte a spusťte OTL: http://oldtimer.geekstogo.com/OTL.exe . Spusťte, zaškrněte "Pro všechny uživatele", Kontrola na havěť LOP" a Kontrola na hvěť PURITY" a do dolního bílého okna zkopírujte:
CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*loader* /s
a klikněte na >Prohledat<. Dejte oba logy.

Re: Vir ve WIN7?

Napsal: 15 črc 2014 21:22
od 7omino
OTL Extras logfile created on: 7.12.2009 2:20:36 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Tomas\Downloads
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,75 Gb Total Physical Memory | 1,15 Gb Available Physical Memory | 41,67% Memory free
5,50 Gb Paging File | 3,52 Gb Available in Paging File | 63,95% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 146,39 Gb Total Space | 10,56 Gb Free Space | 7,22% Space Free | Partition Type: NTFS
Drive D: | 122,31 Gb Total Space | 64,18 Gb Free Space | 52,48% Space Free | Partition Type: NTFS
Drive G: | 7,07 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: TOMAS-NB | User Name: Tomas | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1819978469-3826792217-4274378430-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02E65ABF-2EF7-4FF8-A8E2-01E7BE6008B9}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{1B1BE3DA-549D-47AC-B547-976C89C2F296}" = rport=139 | protocol=6 | dir=out | app=system |
"{26EE296D-439C-4229-BC77-EE35821E9D14}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{43F1FD65-D447-493C-BB40-7C6101EFA3A4}" = rport=137 | protocol=17 | dir=out | app=system |
"{7F39D162-D30D-4611-B887-65C6F70D2661}" = lport=137 | protocol=17 | dir=in | app=system |
"{8794F98B-59A1-4C0C-95A0-FD11423A8AFF}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{A16C62F1-1972-43BF-858F-F41CCE3062CE}" = lport=138 | protocol=17 | dir=in | app=system |
"{BD3D3878-25F0-4194-B470-F4DC7D5746D9}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{BE24B5C3-8216-4DC3-B1A5-DB15172A81A3}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{CBC351AE-D7F3-4E3B-A23E-EDE452B3E363}" = rport=445 | protocol=6 | dir=out | app=system |
"{D879C5B4-6BB2-41EE-BAEE-278C5503638D}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{D8B3EFE9-B815-4368-827E-F9BAA155BCF2}" = lport=139 | protocol=6 | dir=in | app=system |
"{DF47B938-3A2E-4FF1-A0D6-5CA2F31ADDBD}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E66FBAA2-D34B-47AE-8B20-C56B158398E3}" = rport=138 | protocol=17 | dir=out | app=system |
"{F59356A4-9AB2-4C9C-A194-ADAD84C87DDD}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{F6726555-08D9-426C-B492-B1A442DFE851}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FDE0C23E-1D70-44E2-A0DE-64201598AB62}" = lport=445 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0D531767-00E2-439F-AA84-4A84933B1CDD}" = protocol=6 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe |
"{153AB741-089D-4766-B538-0667F40CF195}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{201F1859-6E09-4A2C-99FE-02D3575D4266}" = protocol=17 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe |
"{2EE7962D-94CD-473D-88AE-49487924AF58}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe |
"{43286739-2EC8-4059-97C8-71120220A44E}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{4723D8E6-B283-463F-A719-C4880BE0473F}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{4E508FC9-28A4-4384-9CB6-32CF716926F8}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe |
"{5704D13E-4557-4036-A410-8FCB17456B33}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe |
"{5A7F2E8B-1101-4BD7-9BE5-E3D89679AD88}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{5C60B42A-4AEB-46E3-B801-1F29DAFEC358}" = protocol=6 | dir=in | app=c:\users\tomas\appdata\roaming\dropbox\bin\dropbox.exe |
"{664AD47F-6F89-4E4D-8611-1611E0E30636}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{6B5C2F89-B79C-4E02-B361-F2C0F1AC7CC2}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe |
"{77A3B1AD-6C36-4053-A876-90E3D11B6456}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{8BB4EEF1-2CEF-45E8-BC16-D95BE54ADBCE}" = protocol=17 | dir=in | app=c:\users\tomas\appdata\roaming\utorrent\utorrent.exe |
"{954C264D-BEEA-4734-9E26-DD957348E11A}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe |
"{95E9933F-25DD-4729-90FC-C7741B47A335}" = protocol=17 | dir=in | app=c:\users\tomas\appdata\roaming\dropbox\bin\dropbox.exe |
"{A99213EC-CC6C-41E8-AF9E-F150FBF76498}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{AD021360-2F09-41F7-B50B-CAAFE9BB7EA8}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{AE6D38E9-AC30-41D1-956F-1835CAFFDFC6}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{B9C67DD5-812D-4C6F-A832-E4B09415ADF5}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{B9DBC016-B1CE-4476-A355-A2B270E0D3F6}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{C44C5091-8144-46BD-8420-11AC511B41BB}" = protocol=6 | dir=in | app=c:\users\tomas\appdata\roaming\utorrent\utorrent.exe |
"{CCB2AE24-95CC-4C11-AFF0-57136C40C64F}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{D66B5F25-C172-468B-966A-37F9A1F8F534}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe |
"{DB640618-7084-416F-A627-540DCFC8377D}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{E6B0CCB7-482E-4D4C-9F24-3FB95AE672CD}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{E7D0D352-F3A5-46C9-8F0C-BA1DE23CE977}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe |
"{EF056080-CE30-4541-9ADE-BD1CF01B0C07}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{EF09B74B-69D1-4273-9D85-017035F526F9}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe |
"{F4EA4145-46E2-413E-91C5-378242C71407}" = dir=in | app=c:\users\tomas\appdata\local\microsoft\skydrive\skydrive.exe |
"{F51EF321-8960-494A-8ADE-E8F32647F554}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"TCP Query User{070B2A15-901D-410D-B6C2-1333CA3BC2E3}C:\users\tomas\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\tomas\appdata\local\akamai\netsession_win.exe |
"TCP Query User{41E2A0D5-626F-4CAD-8FBC-9FB5D063D87F}C:\users\tomas\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\tomas\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{BC384CFB-B3AE-47E6-AFFC-215A4BE8EB48}C:\program files (x86)\torntv.com\torntv downloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\torntv.com\torntv downloader.exe |
"TCP Query User{F7F56634-FB46-4947-A563-FE5A7CA17738}C:\users\tomas\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\tomas\appdata\local\akamai\netsession_win.exe |
"UDP Query User{612136E0-C0E3-4E1C-B4A2-1365C695A371}C:\users\tomas\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\tomas\appdata\local\akamai\netsession_win.exe |
"UDP Query User{ADCD5FA2-6C02-4E39-87CB-0644149ED748}C:\users\tomas\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\tomas\appdata\local\akamai\netsession_win.exe |
"UDP Query User{B2FB1573-6CC2-4F67-919E-8624895DA34C}C:\users\tomas\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\tomas\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{B88BCCAD-AA14-4E9C-A304-A0BD0544EED9}C:\program files (x86)\torntv.com\torntv downloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\torntv.com\torntv downloader.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}" = Apple Mobile Device Support
"{3B2615FB-85C7-4AE3-81E0-99F4964B6C7C}" = TurboCAD Professional 20 64-bit
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{90150000-008F-0000-1000-0000000FF1CE}" = Office 15 Click-to-Run Licensing Component
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{BFAE8D5B-F918-486F-B74E-90762DF11C5C}" = Microsoft Security Client
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}" = iTunes
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Security Essentials
"OneNoteFreeRetail - cs-cz" = Microsoft OneNote 2013 - cs-cz

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{42442BC6-5A92-4BC2-9E0C-3D359D548A21}_is1" = Pazera Free MP4 to AVI Converter 1.8
"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90150000-008C-0000-0000-0000000FF1CE}" = Office 15 Click-to-Run Extensibility Component
"{90150000-008C-0405-0000-0000000FF1CE}" = Office 15 Click-to-Run Localization Component
"{91B33C97-54B3-9CEB-E911-246EDA9BDC9A}_is1" = Ashampoo Movie Studio v.1.0.13
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.07) - Czech
"{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}" = Internet Explorer Toolbar 4.6 by SweetPacks
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}" = Update Manager for SweetPacks 1.1
"7-Zip" = 7-Zip 9.20
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 14 ActiveX
"ASIO4ALL" = ASIO4ALL
"bi_uninstaller" = Bundled software uninstaller
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"DAEMON Tools Lite" = DAEMON Tools Lite
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Google Chrome" = Google Chrome
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"MP4 Converter_is1" = MP4 Converter 2.02
"Rocksmith_is1" = Rocksmith
"Settings Manager" = Settings Manager
"TeamViewer 9" = TeamViewer 9
"VLC media player" = VLC media player 2.1.1
"VMidi" = vanBasco's Karaoke Player

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1819978469-3826792217-4274378430-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"Dropbox" = Dropbox
"Linkey" = Linkey
"OneDriveSetup.exe" = Microsoft OneDrive
"SeznamInstall" = Seznam Software

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 6.12.2009 20:25:39 | Computer Name = Tomas-NB | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného
souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti. .

Error - 6.12.2009 20:25:39 | Computer Name = Tomas-NB | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného
souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti. .

Error - 6.12.2009 20:25:39 | Computer Name = Tomas-NB | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného
souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti. .

Error - 6.12.2009 20:25:39 | Computer Name = Tomas-NB | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného
souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti. .

Error - 6.12.2009 20:25:45 | Computer Name = Tomas-NB | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného
souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti. .

Error - 6.12.2009 20:25:47 | Computer Name = Tomas-NB | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného
souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti. .

Error - 6.12.2009 20:28:14 | Computer Name = Tomas-NB | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného
souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti. .

Error - 6.12.2009 20:29:45 | Computer Name = Tomas-NB | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného
souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti. .

Error - 6.12.2009 20:59:45 | Computer Name = Tomas-NB | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného
souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti. .

Error - 6.12.2009 21:12:54 | Computer Name = Tomas-NB | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného
souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti. .

[ System Events ]
Error - 6.12.2009 18:21:12 | Computer Name = Tomas-NB | Source = Microsoft Antimalware | ID = 2001
Description = %%860 zjistil chybu při pokusu o aktualizaci podpisů. Nová verze podpisu:
Předchozí verze podpisu: 0.0.0.0 Zdroj aktualizace: %%851 Fáze aktualizace: %%854

Zdrojová
cesta: http://go.microsoft.com/fwlink/?LinkID= ... 752CCA7094

Typ
podpisu: %%800 Typ aktualizace: %%803 Uživatel: Tomas-NB\Tomas Aktuální verze modulu:
Předchozí verze modulu: 0.0.0.0 Kód chyby: 0x80070652 Popis chyby: Momentálně je
spuštěna jiná instalace. Před spuštěním nové instalace nejdříve dokončete spuštěnou
instalaci.

Error - 6.12.2009 18:21:12 | Computer Name = Tomas-NB | Source = Microsoft Antimalware | ID = 2001
Description = %%860 zjistil chybu při pokusu o aktualizaci podpisů. Nová verze podpisu:
Předchozí verze podpisu: 0.0.0.0 Zdroj aktualizace: %%851 Fáze aktualizace: %%854

Zdrojová
cesta: http://go.microsoft.com/fwlink/?LinkID= ... 752CCA7094

Typ
podpisu: %%801 Typ aktualizace: %%803 Uživatel: Tomas-NB\Tomas Aktuální verze modulu:
Předchozí verze modulu: 0.0.0.0 Kód chyby: 0x80070652 Popis chyby: Momentálně je
spuštěna jiná instalace. Před spuštěním nové instalace nejdříve dokončete spuštěnou
instalaci.

Error - 6.12.2009 18:21:21 | Computer Name = Tomas-NB | Source = Microsoft Antimalware | ID = 2001
Description = %%860 zjistil chybu při pokusu o aktualizaci podpisů. Nová verze podpisu:
Předchozí verze podpisu: Zdroj aktualizace: %%815 Fáze aktualizace: %%854 Zdrojová
cesta: Typ podpisu: Typ aktualizace: Uživatel: Tomas-NB\Tomas Aktuální verze modulu:
Předchozí verze modulu: Kód chyby: 0x80070652 Popis chyby: Momentálně je spuštěna
jiná instalace. Před spuštěním nové instalace nejdříve dokončete spuštěnou instalaci.


Error - 6.12.2009 18:46:03 | Computer Name = Tomas-NB | Source = Service Control Manager | ID = 7034
Description = Služba IePlugin Services byla neočekávaně ukončena. Tento stav nastal
již 1krát.

Error - 6.12.2009 19:36:07 | Computer Name = Tomas-NB | Source = DCOM | ID = 10010
Description =

Error - 6.12.2009 19:38:06 | Computer Name = Tomas-NB | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 6.12.2009 19:42:56 | Computer Name = Tomas-NB | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 6.12.2009 19:43:05 | Computer Name = Tomas-NB | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 6.12.2009 19:45:08 | Computer Name = Tomas-NB | Source = Service Control Manager | ID = 7034
Description = Služba Systemk Service byla neočekávaně ukončena. Tento stav nastal
již 1krát.

Error - 6.12.2009 20:11:15 | Computer Name = Tomas-NB | Source = volsnap | ID = 393252
Description = Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného
uživatelem se nepodařilo zvětšit úložiště stínové kopie.


< End of report >

Re: Vir ve WIN7?

Napsal: 15 črc 2014 21:24
od 7omino
OTL logfile created on: 7.12.2009 2:20:36 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Tomas\Downloads
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,75 Gb Total Physical Memory | 1,15 Gb Available Physical Memory | 41,67% Memory free
5,50 Gb Paging File | 3,52 Gb Available in Paging File | 63,95% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 146,39 Gb Total Space | 10,56 Gb Free Space | 7,22% Space Free | Partition Type: NTFS
Drive D: | 122,31 Gb Total Space | 64,18 Gb Free Space | 52,48% Space Free | Partition Type: NTFS
Drive G: | 7,07 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: TOMAS-NB | User Name: Tomas | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014.07.14 20:27:06 | 000,759,688 | ---- | M] (Cherished Technololgy LIMITED) -- C:\ProgramData\IePluginServices\PluginService.exe
PRC - [2014.07.08 21:13:53 | 000,195,248 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
PRC - [2014.07.02 20:29:11 | 000,251,048 | ---- | M] (Microsoft Corporation) -- C:\Users\Tomas\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
PRC - [2014.07.02 10:45:03 | 013,115,712 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
PRC - [2014.07.02 10:45:03 | 005,037,888 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
PRC - [2014.07.02 10:30:03 | 000,229,696 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
PRC - [2014.06.05 14:58:39 | 000,860,488 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014.05.20 01:45:22 | 033,322,312 | ---- | M] (Dropbox, Inc.) -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2014.04.17 20:07:28 | 004,672,920 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\Tomas\AppData\Local\Akamai\netsession_win.exe
PRC - [2013.12.21 07:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.07.03 14:16:38 | 002,612,320 | ---- | M] (Disc Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTShellHlp.exe
PRC - [2013.04.12 09:13:24 | 000,457,208 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
PRC - [2012.08.15 18:08:34 | 000,231,768 | ---- | M] (SweetIM Technologies Ltd.) -- C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
PRC - [2009.12.07 02:19:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Tomas\Downloads\OTL.exe
PRC - [2009.07.14 02:14:38 | 001,173,504 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Sidebar\sidebar.exe


========== Modules (No Company Name) ==========

MOD - [2014.07.08 21:12:53 | 000,316,584 | ---- | M] () -- C:\Program Files\Microsoft Office 15\root\office15\appvisvstream32.dll
MOD - [2014.06.05 14:58:38 | 000,414,536 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppgooglenaclpluginchrome.dll
MOD - [2014.06.05 14:58:36 | 004,217,672 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll
MOD - [2014.06.05 14:58:32 | 000,716,616 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libglesv2.dll
MOD - [2014.06.05 14:58:31 | 000,126,280 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libegl.dll
MOD - [2014.06.05 14:58:30 | 001,732,424 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll
MOD - [2014.01.03 02:09:26 | 003,610,624 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2013.09.13 19:51:44 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2013.09.13 19:51:20 | 001,242,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2013.08.23 20:01:44 | 025,100,288 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\libcef.dll
MOD - [2013.04.12 09:13:24 | 000,457,208 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
MOD - [2013.03.29 12:37:34 | 000,059,384 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Seznam.cz\bin\16110libfoxloader.dll
MOD - [2013.03.25 15:39:52 | 000,894,968 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Seznam.cz\bin\lightspeed.dll
MOD - [2009.12.07 00:46:07 | 000,043,008 | ---- | M] () -- c:\Users\Tomas\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp0_z5lg.dll


========== Services (SafeList) ==========

SRV:64bit: - [2014.06.19 02:56:34 | 002,356,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe -- (ClickToRunSvc)
SRV:64bit: - [2014.03.11 12:34:10 | 000,347,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2014.03.11 12:34:10 | 000,023,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2014.07.14 21:36:54 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014.07.14 20:27:06 | 000,759,688 | ---- | M] (Cherished Technololgy LIMITED) [Auto | Running] -- C:\ProgramData\IePluginServices\PluginService.exe -- (IePluginServices)
SRV - [2014.07.14 20:23:49 | 000,068,608 | ---- | M] (globalUpdate) [On_Demand | Stopped] -- C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe -- (globalUpdatem)
SRV - [2014.07.09 16:03:58 | 003,572,240 | ---- | M] (Aztec Media Inc) [Disabled | Stopped] -- C:\Program Files (x86)\Settings Manager\systemk\SystemkService.exe -- (SystemkService)
SRV - [2014.07.02 10:45:03 | 005,037,888 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe -- (TeamViewer9)
SRV - [2013.12.21 07:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2014.07.13 08:08:48 | 000,061,120 | ---- | M] (StdLib) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\{ed7eb956-75ed-460d-8f69-29a93b07afd1}w64.sys -- ({ed7eb956-75ed-460d-8f69-29a93b07afd1}w64)
DRV:64bit: - [2014.03.11 09:52:30 | 000,133,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2013.10.17 17:26:44 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012.12.13 14:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012.08.21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009.07.14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.07.14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 02:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.13 22:59:33 | 005,020,672 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009.06.20 03:09:57 | 001,394,688 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009.06.10 21:35:42 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2014.07.09 16:04:00 | 000,041,872 | ---- | M] (Aztec Media Inc) [Kernel | Disabled | Stopped] -- C:\Program Files (x86)\Settings Manager\systemk\x64\systemkmgrc2.cfg -- (F06DEFF2-5B9C-490D-910F-35D3A9119622)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hp& ... XX5SX2QEK8
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://isearch.omiga-plus.com/web/?type ... earchTerms}
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2498}: "URL" = http://www.default-search.net/search?si ... earchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hp& ... XX5SX2QEK8
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type ... earchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type ... earchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hp& ... XX5SX2QEK8
IE - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://isearch.omiga-plus.com/web/?type ... earchTerms}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2498}: "URL" = http://www.default-search.net/search?si ... earchTerms}
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?sr ... 26186DD50F}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1819978469-3826792217-4274378430-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hp& ... XX5SX2QEK8
IE - HKU\S-1-5-21-1819978469-3826792217-4274378430-1000\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE - HKU\S-1-5-21-1819978469-3826792217-4274378430-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-1819978469-3826792217-4274378430-1000\..\SearchScopes\{1ABBEACB-8F39-4CBE-9B1A-90089473191A}: "URL" = http://www.firmy.cz/?q={searchTerms}&so ... arch_13415
IE - HKU\S-1-5-21-1819978469-3826792217-4274378430-1000\..\SearchScopes\{30AB3D52-7DD7-4B9C-90BD-F6CA3A0B1811}: "URL" = http://search.seznam.cz/?q={searchTerms ... arch_13415
IE - HKU\S-1-5-21-1819978469-3826792217-4274378430-1000\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://isearch.omiga-plus.com/web/?type ... earchTerms}
IE - HKU\S-1-5-21-1819978469-3826792217-4274378430-1000\..\SearchScopes\{610E75F9-E16B-4059-B2DE-5C0B0B52FD5B}: "URL" = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_13415
IE - HKU\S-1-5-21-1819978469-3826792217-4274378430-1000\..\SearchScopes\{6ED3F40F-7ABD-4E4F-80FC-73163110F569}: "URL" = http://www.novinky.cz/hledej?w={searchT ... arch_13415
IE - HKU\S-1-5-21-1819978469-3826792217-4274378430-1000\..\SearchScopes\{7A4C6ED6-1681-457A-BD0F-2A6ED764B958}: "URL" = http://slovnik.seznam.cz/?q={searchTerm ... arch_13415
IE - HKU\S-1-5-21-1819978469-3826792217-4274378430-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2498}: "URL" = http://www.default-search.net/search?si ... earchTerms}
IE - HKU\S-1-5-21-1819978469-3826792217-4274378430-1000\..\SearchScopes\{A8809073-95B2-4FF1-B026-78B8185C65B0}: "URL" = http://tv.seznam.cz/hledej?w={searchTer ... arch_13415
IE - HKU\S-1-5-21-1819978469-3826792217-4274378430-1000\..\SearchScopes\{E95BC9D8-5399-4577-8638-BA300635E4A2}: "URL" = http://www.mapy.cz/?query={searchTerms} ... arch_13415
IE - HKU\S-1-5-21-1819978469-3826792217-4274378430-1000\..\SearchScopes\{EB5ABBC5-3F7A-4F56-BEC7-C2A65F8D7B71}: "URL" = http://encyklopedie.seznam.cz/search?q= ... arch_13415
IE - HKU\S-1-5-21-1819978469-3826792217-4274378430-1000\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?sr ... 26186DD50F}
IE - HKU\S-1-5-21-1819978469-3826792217-4274378430-1000\..\SearchScopes\{FBC1F2C1-C626-4032-BBE3-2BDAAC9B89BC}: "URL" = http://slovnik.seznam.cz/?q={searchTerm ... arch_13415
IE - HKU\S-1-5-21-1819978469-3826792217-4274378430-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1819978469-3826792217-4274378430-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF - HKLM\Software\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)



========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.seznam.cz/?clid=13415
CHR - plugin: Error reading preferences file
CHR - Extension: Dokumenty Google = C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: Disk Google = C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Vyhledávání Google = C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Screen Capture (by Google) = C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.1.4_0\
CHR - Extension: AdBlock = C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.7.7_0\
CHR - Extension: SweetIM for Facebook = C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.2.0.0_0\
CHR - Extension: Peněženka Google = C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: SweetPacks Chrome Extension = C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.3.0.2_0\
CHR - Extension: Gmail = C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
CHR - Extension: Dokumenty Google = C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: Disk Google = C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Vyhledávání Google = C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Screen Capture (by Google) = C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.1.4_0\
CHR - Extension: AdBlock = C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.7.7_0\
CHR - Extension: SweetIM for Facebook = C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.2.0.0_0\
CHR - Extension: Peněženka Google = C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: SweetPacks Chrome Extension = C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.3.0.2_0\
CHR - Extension: Gmail = C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2009.12.07 00:44:56 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (IETabPage Class) - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
O2 - BHO: (Linkey) - {4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} - C:\Program Files (x86)\Linkey\IEExtension\iedll.dll (Aztec Media Inc)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [seznam-listicka-distribuce] C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe ()
O4 - HKLM..\Run: [Sweetpacks Communicator] C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-21-1819978469-3826792217-4274378430-1000..\Run: [Akamai NetSession Interface] C:\Users\Tomas\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKU\S-1-5-21-1819978469-3826792217-4274378430-1000..\Run: [cz.seznam.software.autoupdate] C:\Users\Tomas\AppData\Roaming\Seznam.cz\szninstall.exe ()
O4 - HKU\S-1-5-21-1819978469-3826792217-4274378430-1000..\Run: [cz.seznam.software.szndesktop] C:\Users\Tomas\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe ()
O4 - HKU\S-1-5-21-1819978469-3826792217-4274378430-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKU\S-1-5-21-1819978469-3826792217-4274378430-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1819978469-3826792217-4274378430-1000..\Run: [SkyDrive] C:\Users\Tomas\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Tomas\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Odeslat do OneNote.lnk = C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1819978469-3826792217-4274378430-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1819978469-3826792217-4274378430-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-1819978469-3826792217-4274378430-1000\..Trusted Domains: localhost ([]http in Internet)
O16:64bit: - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.37 213.46.172.36
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DFBEEB11-9037-4DE9-BE4B-E7F8F8F556DB}: DhcpNameServer = 213.46.172.37 213.46.172.36
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\osf - No CLSID value found
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SupTab\SearchProtect64.dll) - C:\Program Files (x86)\SupTab\SearchProtect64.dll (Skytech Co., Ltd.)
O20 - AppInit_DLLs: (C:\PROGRA~2\SupTab\SearchProtect32.dll) - C:\Program Files (x86)\SupTab\SearchProtect32.dll (Skytech Co., Ltd.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012.10.21 15:56:36 | 000,000,062 | R--- | M] () - G:\Autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2014.07.14 21:36:52 | 000,699,056 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014.07.14 21:36:52 | 000,071,344 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014.07.14 21:36:47 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2014.07.14 21:30:27 | 000,061,120 | ---- | C] (StdLib) -- C:\Windows\SysNative\drivers\{ed7eb956-75ed-460d-8f69-29a93b07afd1}w64.sys
[2014.07.14 20:27:10 | 000,000,000 | ---D | C] -- C:\ProgramData\IePluginServices
[2014.07.14 20:27:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SupTab
[2014.07.14 20:26:52 | 000,000,000 | ---D | C] -- C:\ProgramData\WindowsMangerProtect
[2014.07.14 20:24:01 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
[2014.07.14 20:23:51 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Local\globalUpdate
[2014.07.14 20:23:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\globalUpdate
[2014.07.10 20:22:41 | 000,000,000 | ---D | C] -- C:\ProgramData\systemk
[2014.07.08 21:16:25 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1991-06.com.microsoft
[2014.07.08 21:14:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
[2014.07.08 21:12:24 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office 15
[2014.07.08 21:07:57 | 000,000,000 | ---D | C] -- C:\Users\Tomas\Documents\Poznámkové bloky aplikace OneNote
[2014.07.02 20:35:19 | 000,000,000 | ---D | C] -- C:\OneDriveTemp
[2014.07.01 22:00:51 | 000,000,000 | ---D | C] -- C:\Users\Tomas\Desktop\wav
[2014.05.26 19:17:59 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Roaming\systweak
[2014.05.26 19:17:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Linkey
[2014.05.26 19:17:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Settings Manager
[2014.05.26 19:16:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pazera Free MP4 to AVI Converter
[2014.05.26 19:16:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\pazera-software
[2014.05.26 19:12:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MP4 Converter
[2014.05.26 19:12:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MP4 Converter
[2014.05.26 19:00:35 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Local\Ashampoo Movie Studio
[2014.05.26 18:59:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
[2014.05.26 18:59:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Ashampoo
[2014.05.26 18:58:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ashampoo
[2014.05.07 21:23:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft OneDrive
[2014.05.07 21:23:47 | 000,000,000 | R--D | C] -- C:\Users\Tomas\OneDrive
[2014.05.07 21:23:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft OneDrive
[2014.05.07 06:27:41 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Roaming\dvdcss
[2014.05.06 22:08:02 | 000,000,000 | ---D | C] -- C:\Users\Tomas\Desktop\poslední foto iPhone
[2014.05.06 21:52:16 | 000,000,000 | ---D | C] -- C:\Users\Tomas\Desktop\kontakty iP
[2014.05.03 13:54:02 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Roaming\DropboxMaster
[2014.05.01 17:13:15 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Local\SKIDROW
[2014.05.01 17:13:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Orbit
[2014.04.23 02:19:34 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2014.04.09 20:26:24 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Roaming\TeamViewer
[2014.04.09 20:26:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamViewer
[2014.03.11 22:03:53 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Local\CrashRpt
[2014.03.11 21:57:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IMSIDesign TurboCAD Professional 20 - x64
[2014.03.11 21:55:22 | 000,000,000 | ---D | C] -- C:\Users\Tomas\Documents\TurboCAD Professional 20 CZ
[2014.03.11 21:55:22 | 000,000,000 | ---D | C] -- C:\Users\Tomas\Documents\IMSIDesign
[2014.03.11 21:55:22 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Roaming\IMSIDesign
[2014.03.11 21:55:22 | 000,000,000 | ---D | C] -- C:\ProgramData\IMSIDesign
[2014.03.11 21:55:22 | 000,000,000 | ---D | C] -- C:\Program Files\IMSIDesign
[2014.03.11 21:41:17 | 001,942,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll
[2014.03.11 21:41:17 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll
[2014.03.11 21:41:17 | 000,320,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHost.exe
[2014.03.11 21:41:17 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHost.exe
[2014.03.11 21:41:17 | 000,109,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHostProxy.dll
[2014.03.11 21:41:17 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHostProxy.dll
[2014.03.11 21:41:17 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netfxperf.dll
[2014.03.11 21:41:17 | 000,048,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netfxperf.dll
[2014.03.11 21:37:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TurboCAD 20 Professional 64-bit Setup
[2014.03.11 09:52:30 | 000,133,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys
[2014.03.04 20:18:40 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Local\ElevatedDiagnostics
[2014.01.15 18:59:21 | 000,000,000 | ---D | C] -- C:\Users\Tomas\Desktop\temp
[2013.12.25 02:36:30 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\vanBasco's Karaoke Player
[2013.12.25 02:36:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\vanBasco's Karaoke Player
[2013.12.21 13:59:13 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Roaming\Apple Computer
[2013.12.21 13:59:13 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Local\Apple Computer
[2013.12.21 13:59:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013.12.21 13:58:50 | 000,033,240 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2013.12.21 13:58:50 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2013.12.21 13:58:08 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013.12.21 13:58:07 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013.12.21 13:58:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2013.12.21 13:58:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2013.12.21 13:58:07 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2013.12.21 13:56:58 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Local\Apple
[2013.12.21 13:56:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2013.12.21 13:56:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2013.12.21 13:56:11 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2013.12.21 13:56:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2013.12.21 13:55:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2013.12.21 13:55:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2013.12.18 19:06:34 | 000,130,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mdm.exe
[2013.12.02 21:51:57 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Roaming\vlc
[2013.12.02 21:21:59 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2013.12.02 21:18:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2013.12.02 21:17:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2013.12.02 19:51:52 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Local\Akamai
[2013.11.19 19:51:46 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
[2013.11.19 19:41:36 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2013.11.19 19:40:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2013.11.19 19:38:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
[2013.11.19 19:38:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe Media Player
[2013.11.19 19:36:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2013.11.19 19:35:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2013.11.19 19:35:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2013.11.19 19:34:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2013.11.19 19:31:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2013.11.19 19:30:38 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Roaming\Macromedia
[2013.11.19 19:30:29 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Roaming\Adobe
[2013.11.19 19:29:44 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Local\Adobe
[2013.11.19 19:28:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\7-Zip
[2013.10.17 19:42:11 | 000,105,808 | ---- | C] (Valve Corporation) -- C:\Windows\SysWow64\steam_api.dll
[2013.10.17 19:41:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Logs
[2013.10.17 19:41:49 | 000,018,816 | ---- | C] (Systweak Inc., (www.systweak.com)) -- C:\Windows\SysNative\roboot64.exe
[2013.10.17 19:01:42 | 000,000,000 | ---D | C] -- C:\ProgramData\SweetIM
[2013.10.17 19:01:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SweetIM
[2013.10.17 19:01:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Rocksmith Crack Only-TiNYiSO
[2013.10.17 19:00:23 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
[2013.10.17 19:00:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASIO4ALL v2
[2013.10.17 18:42:24 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll
[2013.10.17 18:42:24 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll
[2013.10.17 18:42:24 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll
[2013.10.17 18:42:24 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll
[2013.10.17 18:42:24 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll
[2013.10.17 18:42:24 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll
[2013.10.17 18:42:24 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll
[2013.10.17 18:42:24 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll
[2013.10.17 18:42:24 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll
[2013.10.17 18:42:24 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll
[2013.10.17 18:42:23 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll
[2013.10.17 18:42:23 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll
[2013.10.17 18:42:23 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll
[2013.10.17 18:42:23 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll
[2013.10.17 18:42:23 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll
[2013.10.17 18:42:23 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll
[2013.10.17 18:42:22 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll
[2013.10.17 18:42:22 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll
[2013.10.17 18:42:22 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll
[2013.10.17 18:42:22 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2013.10.17 18:42:22 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll
[2013.10.17 18:42:22 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll
[2013.10.17 18:42:22 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll
[2013.10.17 18:42:22 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll
[2013.10.17 18:42:22 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll
[2013.10.17 18:42:22 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll
[2013.10.17 18:42:21 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll
[2013.10.17 18:42:21 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll
[2013.10.17 18:42:21 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll
[2013.10.17 18:42:21 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll
[2013.10.17 18:42:20 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll
[2013.10.17 18:42:20 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll
[2013.10.17 18:42:19 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll
[2013.10.17 18:42:19 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll
[2013.10.17 18:42:19 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2013.10.17 18:42:19 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll
[2013.10.17 18:42:19 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2013.10.17 18:42:19 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll
[2013.10.17 18:42:19 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2013.10.17 18:42:19 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll
[2013.10.17 18:42:19 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll
[2013.10.17 18:42:19 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll
[2013.10.17 18:42:18 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll
[2013.10.17 18:42:18 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll
[2013.10.17 18:42:18 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll
[2013.10.17 18:42:18 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll
[2013.10.17 18:42:18 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll
[2013.10.17 18:42:18 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll
[2013.10.17 18:42:18 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll
[2013.10.17 18:42:18 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2013.10.17 18:42:17 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll
[2013.10.17 18:42:17 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll
[2013.10.17 18:42:16 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll
[2013.10.17 18:42:16 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2013.10.17 18:42:16 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll
[2013.10.17 18:42:16 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2013.10.17 18:42:16 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll
[2013.10.17 18:42:16 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2013.10.17 18:42:15 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll
[2013.10.17 18:42:15 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll
[2013.10.17 18:42:15 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll
[2013.10.17 18:42:15 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll
[2013.10.17 18:42:15 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll
[2013.10.17 18:42:15 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll
[2013.10.17 18:42:14 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll
[2013.10.17 18:42:14 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll
[2013.10.17 18:42:14 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll
[2013.10.17 18:42:14 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll
[2013.10.17 18:42:14 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll
[2013.10.17 18:42:14 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll
[2013.10.17 18:42:14 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll
[2013.10.17 18:42:14 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll
[2013.10.17 18:42:14 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll
[2013.10.17 18:42:14 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll
[2013.10.17 18:42:14 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll
[2013.10.17 18:42:14 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll
[2013.10.17 18:42:13 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll
[2013.10.17 18:42:13 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll
[2013.10.17 18:42:13 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll
[2013.10.17 18:42:13 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll
[2013.10.17 18:42:13 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll
[2013.10.17 18:42:13 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll
[2013.10.17 18:42:13 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll
[2013.10.17 18:42:13 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll
[2013.10.17 18:42:13 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll
[2013.10.17 18:42:13 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll
[2013.10.17 18:42:12 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll
[2013.10.17 18:42:12 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll
[2013.10.17 18:42:12 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll
[2013.10.17 18:42:12 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll
[2013.10.17 18:42:12 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll
[2013.10.17 18:42:12 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll
[2013.10.17 18:42:12 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll
[2013.10.17 18:42:12 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll
[2013.10.17 18:42:12 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll
[2013.10.17 18:42:12 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll
[2013.10.17 18:42:12 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll
[2013.10.17 18:42:12 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll
[2013.10.17 18:42:11 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll
[2013.10.17 18:42:11 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll
[2013.10.17 18:42:11 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll
[2013.10.17 18:42:11 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll
[2013.10.17 18:42:11 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll
[2013.10.17 18:42:11 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll
[2013.10.17 18:42:11 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll
[2013.10.17 18:42:11 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll
[2013.10.17 18:42:10 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll
[2013.10.17 18:42:10 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll
[2013.10.17 18:42:10 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll
[2013.10.17 18:42:10 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll
[2013.10.17 18:42:10 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll
[2013.10.17 18:42:10 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll
[2013.10.17 18:42:09 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll
[2013.10.17 18:42:09 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll
[2013.10.17 18:42:09 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll
[2013.10.17 18:42:09 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll
[2013.10.17 18:42:09 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll
[2013.10.17 18:42:09 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll
[2013.10.17 18:42:08 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2013.10.17 18:42:08 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2013.10.17 18:42:08 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll
[2013.10.17 18:42:08 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll
[2013.10.17 18:42:08 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll
[2013.10.17 18:42:08 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll
[2013.10.17 18:42:08 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll
[2013.10.17 18:42:08 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll
[2013.10.17 18:42:08 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll
[2013.10.17 18:42:08 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll
[2013.10.17 18:42:07 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll
[2013.10.17 18:42:07 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2013.10.17 18:42:07 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll
[2013.10.17 18:42:07 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2013.10.17 18:42:06 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll
[2013.10.17 18:42:06 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll
[2013.10.17 18:42:06 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll
[2013.10.17 18:42:06 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll
[2013.10.17 18:42:06 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll
[2013.10.17 18:42:06 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll
[2013.10.17 18:42:06 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll
[2013.10.17 18:42:06 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll
[2013.10.17 18:42:05 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll
[2013.10.17 18:42:05 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll
[2013.10.17 18:42:05 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll
[2013.10.17 18:42:05 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll
[2013.10.17 18:42:05 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll
[2013.10.17 18:42:05 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll
[2013.10.17 18:42:04 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2013.10.17 18:42:04 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll
[2013.10.17 18:42:04 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2013.10.17 18:42:04 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2013.10.17 18:42:04 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll
[2013.10.17 18:42:04 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll
[2013.10.17 18:42:04 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll
[2013.10.17 18:42:04 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll
[2013.10.17 18:42:03 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll
[2013.10.17 18:42:03 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll
[2013.10.17 18:42:03 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll
[2013.10.17 18:42:03 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll
[2013.10.17 18:42:03 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll
[2013.10.17 18:42:03 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll
[2013.10.17 18:42:03 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll
[2013.10.17 18:42:03 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll
[2013.10.17 18:42:02 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll
[2013.10.17 18:42:02 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll
[2013.10.17 18:41:59 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
[2013.10.17 18:41:59 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2013.10.17 18:41:59 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll
[2013.10.17 18:41:59 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll
[2013.10.17 18:41:59 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll
[2013.10.17 18:41:59 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll
[2013.10.17 18:41:58 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll
[2013.10.17 18:41:58 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll
[2013.10.17 18:41:58 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
[2013.10.17 18:41:58 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll
[2013.10.17 18:41:57 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll
[2013.10.17 18:41:57 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll
[2013.10.17 18:41:57 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll
[2013.10.17 18:41:57 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll
[2013.10.17 18:41:56 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll
[2013.10.17 18:41:56 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll
[2013.10.17 18:41:55 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll
[2013.10.17 18:41:55 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll
[2013.10.17 18:33:19 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Roaming\ParetoLogic
[2013.10.17 18:33:19 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Roaming\DriverCure
[2013.10.17 18:33:08 | 000,000,000 | ---D | C] -- C:\ProgramData\ParetoLogic
[2013.10.17 17:49:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft
[2013.10.17 17:35:32 | 000,000,000 | ---D | C] -- C:\Users\Tomas\Documents\Optimizer Pro
[2013.10.17 17:35:30 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2013.10.17 17:30:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ubisoft
[2013.10.17 17:30:16 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Local\Application Data
[2013.10.17 17:30:06 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Local\Programs
[2013.10.17 17:29:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Seznam.cz
[2013.10.17 17:29:35 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Roaming\Seznam.cz
[2013.10.17 17:27:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2013.10.17 17:26:44 | 000,283,064 | ---- | C] (Disc Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2013.10.17 17:26:41 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Roaming\DAEMON Tools Lite
[2013.10.17 17:26:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2013.10.17 17:23:36 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2013.10.16 17:40:25 | 000,000,000 | ---D | C] -- C:\Users\Tomas\Desktop\Rocksmith
[2013.10.09 20:20:47 | 000,000,000 | R--D | C] -- C:\Users\Tomas\Dropbox
[2013.10.09 20:18:59 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
[2013.10.09 20:17:40 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Roaming\Dropbox
[2013.10.08 19:50:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2013.10.08 19:43:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works
[2013.10.08 19:41:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio
[2013.10.08 19:41:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2013.10.08 19:39:53 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2013.10.08 19:39:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2013.10.08 19:31:38 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2013.10.08 19:31:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2013.10.08 19:29:26 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Local\Microsoft Help
[2013.10.08 19:29:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2013.10.08 19:29:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2013.10.08 19:25:42 | 000,000,000 | R--D | C] -- C:\MSOCache
[2013.10.08 19:24:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2013.10.08 19:24:12 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2013.10.08 18:30:56 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2013.10.08 18:30:56 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2013.10.08 18:30:56 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2013.10.08 18:30:38 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2013.10.08 18:30:38 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2013.10.08 18:30:38 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2013.10.08 18:30:19 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2013.10.08 18:30:19 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2013.10.08 17:59:18 | 000,000,000 | ---D | C] -- C:\Users\Tomas\Desktop\MIO záloha
[2013.10.07 20:36:52 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2013.10.07 20:36:21 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\oem
[2013.10.07 20:22:06 | 000,000,000 | ---D | C] -- C:\Users\Tomas\Desktop\Dokumenty
[2013.10.07 20:11:02 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2013.10.07 20:08:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013.10.07 20:06:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2013.10.07 20:06:40 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Local\Google
[2013.10.07 20:06:24 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Local\Deployment
[2013.10.07 20:06:24 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Local\Apps
[2013.10.07 19:51:02 | 000,000,000 | R--D | C] -- C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2013.10.07 19:51:02 | 000,000,000 | R--D | C] -- C:\Users\Tomas\Searches
[2013.10.07 19:51:02 | 000,000,000 | R--D | C] -- C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2013.10.07 19:50:50 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Roaming\Identities
[2013.10.07 19:50:47 | 000,000,000 | R--D | C] -- C:\Users\Tomas\Contacts
[2013.10.07 19:50:45 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Local\VirtualStore
[2013.10.07 19:50:39 | 000,000,000 | --SD | C] -- C:\Users\Tomas\AppData\Roaming\Microsoft
[2013.10.07 19:50:39 | 000,000,000 | R--D | C] -- C:\Users\Tomas\Videos
[2013.10.07 19:50:39 | 000,000,000 | R--D | C] -- C:\Users\Tomas\Saved Games
[2013.10.07 19:50:39 | 000,000,000 | R--D | C] -- C:\Users\Tomas\Pictures
[2013.10.07 19:50:39 | 000,000,000 | R--D | C] -- C:\Users\Tomas\Music
[2013.10.07 19:50:39 | 000,000,000 | R--D | C] -- C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2013.10.07 19:50:39 | 000,000,000 | R--D | C] -- C:\Users\Tomas\Links
[2013.10.07 19:50:39 | 000,000,000 | R--D | C] -- C:\Users\Tomas\Favorites
[2013.10.07 19:50:39 | 000,000,000 | R--D | C] -- C:\Users\Tomas\Downloads
[2013.10.07 19:50:39 | 000,000,000 | R--D | C] -- C:\Users\Tomas\Documents
[2013.10.07 19:50:39 | 000,000,000 | R--D | C] -- C:\Users\Tomas\Desktop
[2013.10.07 19:50:39 | 000,000,000 | R--D | C] -- C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013.10.07 19:50:39 | 000,000,000 | -HSD | C] -- C:\Users\Tomas\AppData\Local\Temporary Internet Files
[2013.10.07 19:50:39 | 000,000,000 | -HSD | C] -- C:\Users\Tomas\Šablony
[2013.10.07 19:50:39 | 000,000,000 | -HSD | C] -- C:\Users\Tomas\Soubory cookie
[2013.10.07 19:50:39 | 000,000,000 | -HSD | C] -- C:\Users\Tomas\SendTo
[2013.10.07 19:50:39 | 000,000,000 | -HSD | C] -- C:\Users\Tomas\Poslední
[2013.10.07 19:50:39 | 000,000,000 | -HSD | C] -- C:\Users\Tomas\Okolní tiskárny
[2013.10.07 19:50:39 | 000,000,000 | -HSD | C] -- C:\Users\Tomas\Okolní síť
[2013.10.07 19:50:39 | 000,000,000 | -HSD | C] -- C:\Users\Tomas\Documents\Obrázky
[2013.10.07 19:50:39 | 000,000,000 | -HSD | C] -- C:\Users\Tomas\Nabídka Start
[2013.10.07 19:50:39 | 000,000,000 | -HSD | C] -- C:\Users\Tomas\Local Settings
[2013.10.07 19:50:39 | 000,000,000 | -HSD | C] -- C:\Users\Tomas\Documents\Hudba
[2013.10.07 19:50:39 | 000,000,000 | -HSD | C] -- C:\Users\Tomas\AppData\Local\History
[2013.10.07 19:50:39 | 000,000,000 | -HSD | C] -- C:\Users\Tomas\Documents\Filmy
[2013.10.07 19:50:39 | 000,000,000 | -HSD | C] -- C:\Users\Tomas\Dokumenty
[2013.10.07 19:50:39 | 000,000,000 | -HSD | C] -- C:\Users\Tomas\Data aplikací
[2013.10.07 19:50:39 | 000,000,000 | -HSD | C] -- C:\Users\Tomas\AppData\Local\Data aplikací
[2013.10.07 19:50:39 | 000,000,000 | -H-D | C] -- C:\Users\Tomas\AppData
[2013.10.07 19:50:39 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Local\Temp
[2013.10.07 19:50:39 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Local\Microsoft
[2013.10.07 19:50:39 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Roaming\Media Center Programs
[2013.10.07 19:50:25 | 000,000,000 | -HSD | C] -- C:\ProgramData\Šablony
[2013.10.07 19:50:25 | 000,000,000 | -HSD | C] -- C:\ProgramData\Plocha
[2013.10.07 19:50:25 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Obrázky
[2013.10.07 19:50:25 | 000,000,000 | -HSD | C] -- C:\ProgramData\Oblíbené položky
[2013.10.07 19:50:25 | 000,000,000 | -HSD | C] -- C:\ProgramData\Nabídka Start
[2013.10.07 19:50:25 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Hudba
[2013.10.07 19:50:25 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Filmy
[2013.10.07 19:50:25 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenty
[2013.10.07 19:50:25 | 000,000,000 | -HSD | C] -- C:\ProgramData\Data aplikací
[2013.10.07 19:50:25 | 000,000,000 | ---D | C] -- C:\Recovery
[2013.10.07 19:41:07 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2013.10.07 19:38:22 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2013.10.07 19:38:01 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012.12.13 14:50:38 | 006,112,864 | ---- | C] (Apple, Inc.) -- C:\Windows\SysNative\usbaaplrc.dll
[2012.12.13 14:50:36 | 000,054,784 | ---- | C] (Apple, Inc.) -- C:\Windows\SysNative\drivers\usbaapl64.sys
[2012.08.21 13:01:20 | 000,125,872 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\GEARAspi64.dll
[2012.08.21 13:01:20 | 000,106,928 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysWow64\GEARAspi.dll
[2011.08.30 23:05:32 | 000,212,840 | ---- | C] (Apple Inc.) -- C:\Windows\SysNative\dnssdX.dll
[2011.08.30 23:05:32 | 000,096,104 | ---- | C] (Apple Inc.) -- C:\Windows\SysNative\dns-sd.exe
[2011.08.30 23:05:32 | 000,085,864 | ---- | C] (Apple Inc.) -- C:\Windows\SysNative\dnssd.dll
[2011.08.30 23:05:32 | 000,061,288 | ---- | C] (Apple Inc.) -- C:\Windows\SysNative\jdns_sd.dll
[2011.08.30 23:05:04 | 000,178,536 | ---- | C] (Apple Inc.) -- C:\Windows\SysWow64\dnssdX.dll
[2011.08.30 23:05:04 | 000,083,816 | ---- | C] (Apple Inc.) -- C:\Windows\SysWow64\dns-sd.exe
[2011.08.30 23:05:04 | 000,073,064 | ---- | C] (Apple Inc.) -- C:\Windows\SysWow64\dnssd.dll
[2011.08.30 23:05:04 | 000,050,536 | ---- | C] (Apple Inc.) -- C:\Windows\SysWow64\jdns_sd.dll
[2011.02.19 23:03:12 | 004,422,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc100u.dll
[2011.02.19 23:03:12 | 004,397,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc100.dll
[2011.02.19 23:03:12 | 000,421,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp100.dll
[2011.02.19 23:03:12 | 000,138,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\atl100.dll
[2011.02.19 23:03:12 | 000,081,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfcm100u.dll
[2011.02.19 23:03:12 | 000,081,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfcm100.dll
[2011.02.19 23:03:12 | 000,051,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vcomp100.dll
[2011.02.19 22:51:56 | 005,601,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc100u.dll
[2011.02.19 22:51:56 | 005,574,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc100.dll
[2011.02.19 22:51:56 | 000,608,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcp100.dll
[2011.02.19 22:51:56 | 000,158,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\atl100.dll
[2011.02.19 22:51:56 | 000,093,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfcm100u.dll
[2011.02.19 22:51:56 | 000,093,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfcm100.dll
[2011.02.19 22:51:56 | 000,057,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vcomp100.dll
[2011.02.19 00:52:32 | 000,829,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcr100.dll
[2011.02.19 00:40:50 | 000,773,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr100.dll
[2010.03.18 17:23:04 | 000,020,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aspnet_counters.dll
[2010.03.18 16:47:22 | 000,017,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aspnet_counters.dll
[2010.03.18 14:27:14 | 000,827,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcr100_clr0400.dll
[2010.03.18 13:16:28 | 000,771,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr100_clr0400.dll
[2010.03.05 10:13:40 | 000,947,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msjava.dll
[2009.12.07 01:29:53 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2009.12.07 01:29:53 | 000,000,000 | ---D | C] -- C:\rsit
[2009.12.07 00:45:45 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2009.12.06 23:49:18 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2009.12.06 23:49:18 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2009.12.06 23:49:18 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2009.12.06 23:46:18 | 000,000,000 | ---D | C] -- C:\Qoobox
[2009.12.06 23:45:41 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2009.12.06 23:42:56 | 005,220,942 | R--- | C] (Swearware) -- C:\Users\Tomas\Desktop\ComboFix.exe
[2009.12.06 23:15:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2009.12.06 23:15:25 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2009.12.06 23:15:10 | 000,374,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys

========== Files - Modified Within 30 Days ==========

[2014.07.14 22:40:00 | 000,000,950 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014.07.14 21:36:52 | 000,699,056 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014.07.14 21:36:52 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014.07.14 20:29:19 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job
[2014.07.14 20:26:02 | 000,002,381 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014.07.14 20:24:02 | 000,000,931 | ---- | M] () -- C:\Users\Tomas\Desktop\µTorrent.lnk
[2014.07.13 08:08:48 | 000,061,120 | ---- | M] (StdLib) -- C:\Windows\SysNative\drivers\{ed7eb956-75ed-460d-8f69-29a93b07afd1}w64.sys
[2014.07.09 20:22:00 | 005,004,112 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014.07.08 22:03:02 | 000,001,101 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Odeslat do OneNote.lnk
[2014.07.08 21:07:56 | 000,001,318 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
[2014.07.03 20:40:03 | 000,001,090 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 9.lnk
[2014.06.16 21:15:25 | 000,010,532 | ---- | M] () -- C:\Users\Tomas\Desktop\10446470_10203197844981215_8004975766375367488_n.jpg
[2014.06.09 21:13:38 | 000,048,709 | ---- | M] () -- C:\Users\Tomas\Desktop\10405884_332022650283614_132055189_n.jpg
[2014.06.01 15:35:18 | 000,001,049 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2014.06.01 15:34:26 | 000,001,017 | ---- | M] () -- C:\Users\Tomas\Desktop\Dropbox.lnk
[2014.06.01 15:31:09 | 000,132,712 | ---- | M] () -- C:\Users\Tomas\Desktop\ivet.png
[2014.05.26 19:53:09 | 219,486,996 | ---- | M] () -- C:\Users\Tomas\Desktop\GOPR9013.avi
[2014.05.26 19:16:42 | 000,001,275 | ---- | M] () -- C:\Users\Public\Desktop\Pazera Free MP4 to AVI Converter.lnk
[2014.05.26 19:12:08 | 000,000,965 | ---- | M] () -- C:\Users\Tomas\Desktop\MP4 Converter.lnk
[2014.05.26 18:59:57 | 000,001,256 | ---- | M] () -- C:\Users\Public\Desktop\Ashampoo UnInstaller 5.lnk
[2014.05.26 18:59:52 | 000,001,248 | ---- | M] () -- C:\Users\Public\Desktop\Ashampoo Movie Studio.lnk
[2014.05.26 18:59:52 | 000,000,213 | ---- | M] () -- C:\Users\Public\Desktop\Your Software Deals.url
[2014.03.18 21:59:11 | 000,054,619 | ---- | M] () -- C:\Users\Tomas\Desktop\kkk.JPG
[2014.03.16 23:04:18 | 000,675,984 | ---- | M] () -- C:\Users\Tomas\Desktop\stick_warning_finish.tif
[2014.03.16 22:59:13 | 000,000,132 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
[2014.03.11 22:26:48 | 000,149,882 | ---- | M] () -- C:\Users\Tomas\Desktop\ML.JPG
[2014.03.11 21:57:45 | 000,002,139 | ---- | M] () -- C:\Users\Public\Desktop\TurboCAD Professional 20 - x64.lnk
[2014.03.11 21:46:51 | 001,563,104 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014.03.11 09:52:30 | 000,133,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys
[2014.01.15 19:00:00 | 000,001,480 | ---- | M] () -- C:\Users\Tomas\AppData\Local\Adobe Uložit pro web 12.0 Prefs
[2014.01.09 20:06:38 | 000,194,287 | ---- | M] () -- C:\Users\Tomas\Desktop\Výstřižek.PNG
[2013.12.25 02:36:30 | 000,001,065 | ---- | M] () -- C:\Users\Tomas\Desktop\vanBasco's Karaoke Player.lnk
[2013.12.21 13:59:03 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013.12.21 11:33:49 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013.12.18 19:06:34 | 000,130,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mdm.exe
[2013.12.10 21:11:50 | 000,002,019 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2013.12.02 21:18:06 | 000,001,070 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013.10.17 19:42:12 | 000,105,808 | ---- | M] (Valve Corporation) -- C:\Windows\SysWow64\steam_api.dll
[2013.10.17 19:01:31 | 000,000,236 | ---- | M] () -- C:\Users\Tomas\Desktop\Search the Web.url
[2013.10.17 19:01:31 | 000,000,230 | ---- | M] () -- C:\Users\Tomas\Desktop\SweetPcFix.url
[2013.10.17 19:00:23 | 000,001,142 | ---- | M] () -- C:\Users\Tomas\Desktop\ASIO4ALL v2 Instruction Manual.lnk
[2013.10.17 17:49:01 | 000,002,043 | ---- | M] () -- C:\Users\Public\Desktop\Rocksmith.lnk
[2013.10.17 17:29:19 | 000,001,954 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2013.10.17 17:26:44 | 000,283,064 | ---- | M] (Disc Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2013.10.07 21:09:43 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2013.10.07 20:15:32 | 000,000,119 | ---- | M] () -- C:\Users\Tomas\Desktop\R1.m3u
[2013.10.07 19:42:18 | 000,068,220 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2013.10.07 19:42:18 | 000,068,220 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2013.10.07 19:40:55 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2013.10.07 19:40:55 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\atiicdxx.dat
[2013.10.07 19:03:18 | 000,056,450 | ---- | M] () -- C:\Users\Tomas\Desktop\zalozky.html
[2013.10.07 19:02:52 | 000,063,117 | ---- | M] () -- C:\Users\Tomas\Desktop\zalozky.adr
[2012.12.13 14:50:38 | 006,112,864 | ---- | M] (Apple, Inc.) -- C:\Windows\SysNative\usbaaplrc.dll
[2012.12.13 14:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) -- C:\Windows\SysNative\drivers\usbaapl64.sys
[2012.10.28 19:48:09 | 010,275,840 | ---- | M] () -- C:\Users\Tomas\Desktop\Rocksmith_.exe
[2012.08.21 13:01:20 | 000,125,872 | ---- | M] (GEAR Software Inc.) -- C:\Windows\SysNative\GEARAspi64.dll
[2012.08.21 13:01:20 | 000,106,928 | ---- | M] (GEAR Software Inc.) -- C:\Windows\SysWow64\GEARAspi.dll
[2012.08.21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2012.06.02 23:19:46 | 000,038,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012.06.02 23:19:42 | 000,057,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012.06.02 23:19:42 | 000,044,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012.06.02 23:19:23 | 000,701,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012.06.02 23:15:31 | 002,622,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012.06.02 23:15:08 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012.06.02 14:19:42 | 000,186,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012.06.02 14:15:12 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2012.01.20 13:14:30 | 000,018,816 | ---- | M] (Systweak Inc., (www.systweak.com)) -- C:\Windows\SysNative\roboot64.exe
[2011.08.30 23:05:32 | 000,212,840 | ---- | M] (Apple Inc.) -- C:\Windows\SysNative\dnssdX.dll
[2011.08.30 23:05:32 | 000,096,104 | ---- | M] (Apple Inc.) -- C:\Windows\SysNative\dns-sd.exe
[2011.08.30 23:05:32 | 000,085,864 | ---- | M] (Apple Inc.) -- C:\Windows\SysNative\dnssd.dll
[2011.08.30 23:05:32 | 000,061,288 | ---- | M] (Apple Inc.) -- C:\Windows\SysNative\jdns_sd.dll
[2011.08.30 23:05:04 | 000,178,536 | ---- | M] (Apple Inc.) -- C:\Windows\SysWow64\dnssdX.dll
[2011.08.30 23:05:04 | 000,083,816 | ---- | M] (Apple Inc.) -- C:\Windows\SysWow64\dns-sd.exe
[2011.08.30 23:05:04 | 000,073,064 | ---- | M] (Apple Inc.) -- C:\Windows\SysWow64\dnssd.dll
[2011.08.30 23:05:04 | 000,050,536 | ---- | M] (Apple Inc.) -- C:\Windows\SysWow64\jdns_sd.dll
[2011.06.26 07:45:56 | 000,256,000 | ---- | M] () -- C:\Windows\PEV.exe
[2011.02.19 23:03:12 | 004,422,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc100u.dll
[2011.02.19 23:03:12 | 004,397,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc100.dll
[2011.02.19 23:03:12 | 000,421,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp100.dll
[2011.02.19 23:03:12 | 000,138,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\atl100.dll
[2011.02.19 23:03:12 | 000,081,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfcm100u.dll
[2011.02.19 23:03:12 | 000,081,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfcm100.dll
[2011.02.19 23:03:12 | 000,051,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\vcomp100.dll
[2011.02.19 22:51:56 | 005,601,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfc100u.dll
[2011.02.19 22:51:56 | 005,574,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfc100.dll
[2011.02.19 22:51:56 | 000,608,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msvcp100.dll
[2011.02.19 22:51:56 | 000,158,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\atl100.dll
[2011.02.19 22:51:56 | 000,093,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfcm100u.dll
[2011.02.19 22:51:56 | 000,093,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfcm100.dll
[2011.02.19 22:51:56 | 000,057,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vcomp100.dll
[2011.02.19 00:52:32 | 000,829,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msvcr100.dll
[2011.02.19 00:40:50 | 000,773,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr100.dll
[2010.11.07 18:20:24 | 000,208,896 | ---- | M] () -- C:\Windows\MBR.exe
[2010.06.02 03:55:30 | 000,527,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll
[2010.06.02 03:55:30 | 000,518,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll
[2010.06.02 03:55:30 | 000,239,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll
[2010.06.02 03:55:30 | 000,176,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll
[2010.06.02 03:55:30 | 000,077,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll
[2010.06.02 03:55:30 | 000,074,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll
[2010.05.26 10:41:02 | 002,526,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll
[2010.05.26 10:41:02 | 002,106,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll
[2010.05.26 10:41:02 | 001,998,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll
[2010.05.26 10:41:02 | 001,907,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll
[2010.05.26 10:41:02 | 001,868,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll
[2010.05.26 10:41:02 | 000,511,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll
[2010.05.26 10:41:02 | 000,470,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll
[2010.05.26 10:41:02 | 000,276,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll
[2010.05.26 10:41:02 | 000,248,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll
[2010.05.26 10:41:00 | 002,401,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll
[2010.04.09 12:06:09 | 000,374,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2010.03.18 17:23:04 | 000,020,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aspnet_counters.dll
[2010.03.18 16:47:22 | 000,017,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\aspnet_counters.dll
[2010.03.18 14:27:14 | 000,827,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msvcr100_clr0400.dll
[2010.03.18 13:16:28 | 000,771,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr100_clr0400.dll
[2010.03.05 10:13:40 | 000,947,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msjava.dll
[2010.02.04 09:01:14 | 000,530,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll
[2010.02.04 09:01:14 | 000,528,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll
[2010.02.04 09:01:14 | 000,238,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll
[2010.02.04 09:01:14 | 000,176,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll
[2010.02.04 09:01:14 | 000,078,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll
[2010.02.04 09:01:14 | 000,074,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll
[2010.02.04 09:01:14 | 000,024,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll
[2010.02.04 09:01:14 | 000,022,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll
[2009.12.07 02:23:22 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2009.12.07 01:55:17 | 000,016,624 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2009.12.07 01:55:17 | 000,016,624 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2009.12.07 01:32:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2009.12.07 00:49:59 | 001,583,754 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2009.12.07 00:49:59 | 000,669,198 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2009.12.07 00:49:59 | 000,654,552 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2009.12.07 00:49:59 | 000,140,798 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2009.12.07 00:49:59 | 000,121,424 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2009.12.07 00:44:56 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2009.12.07 00:44:48 | 000,000,946 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2009.12.07 00:44:47 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job
[2009.12.07 00:44:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009.12.07 00:44:12 | 2213,896,192 | -HS- | M] () -- C:\hiberfil.sys
[2009.12.06 23:43:48 | 005,220,942 | R--- | M] (Swearware) -- C:\Users\Tomas\Desktop\ComboFix.exe
[2009.12.06 23:16:00 | 000,002,154 | ---- | M] () -- C:\Windows\epplauncher.mif
[2009.11.25 12:47:34 | 001,130,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll
[2009.11.25 12:47:34 | 000,295,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHost.exe
[2009.11.25 12:47:34 | 000,109,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHostProxy.dll
[2009.11.25 12:47:34 | 000,099,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHostProxy.dll
[2009.11.25 12:47:34 | 000,049,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\netfxperf.dll
[2009.11.25 12:47:34 | 000,048,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\netfxperf.dll
[2009.11.25 12:47:32 | 001,942,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll
[2009.11.25 12:47:32 | 000,320,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHost.exe

Re: Vir ve WIN7?

Napsal: 15 črc 2014 21:24
od 7omino
========== Files Created - No Company Name ==========

[2014.07.14 21:36:55 | 000,000,914 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014.07.14 20:24:03 | 000,000,890 | ---- | C] () -- C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job
[2014.07.14 20:24:02 | 000,000,931 | ---- | C] () -- C:\Users\Tomas\Desktop\µTorrent.lnk
[2014.07.14 20:23:59 | 000,000,886 | ---- | C] () -- C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job
[2014.07.08 22:00:28 | 000,001,101 | ---- | C] () -- C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Odeslat do OneNote.lnk
[2014.07.08 21:07:56 | 000,001,318 | ---- | C] () -- C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
[2014.06.16 21:15:15 | 000,010,532 | ---- | C] () -- C:\Users\Tomas\Desktop\10446470_10203197844981215_8004975766375367488_n.jpg
[2014.06.09 21:13:35 | 000,048,709 | ---- | C] () -- C:\Users\Tomas\Desktop\10405884_332022650283614_132055189_n.jpg
[2014.06.01 15:35:18 | 000,001,049 | ---- | C] () -- C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2014.06.01 15:31:06 | 000,132,712 | ---- | C] () -- C:\Users\Tomas\Desktop\ivet.png
[2014.05.26 19:21:53 | 219,486,996 | ---- | C] () -- C:\Users\Tomas\Desktop\GOPR9013.avi
[2014.05.26 19:16:42 | 000,001,275 | ---- | C] () -- C:\Users\Public\Desktop\Pazera Free MP4 to AVI Converter.lnk
[2014.05.26 19:12:08 | 000,000,965 | ---- | C] () -- C:\Users\Tomas\Desktop\MP4 Converter.lnk
[2014.05.26 18:59:57 | 000,001,256 | ---- | C] () -- C:\Users\Public\Desktop\Ashampoo UnInstaller 5.lnk
[2014.05.26 18:59:52 | 000,001,248 | ---- | C] () -- C:\Users\Public\Desktop\Ashampoo Movie Studio.lnk
[2014.05.26 18:59:52 | 000,000,213 | ---- | C] () -- C:\Users\Public\Desktop\Your Software Deals.url
[2014.05.26 18:49:54 | 252,935,197 | ---- | C] () -- C:\Users\Tomas\Desktop\GOPR9013.MP4
[2014.05.07 21:23:47 | 000,002,202 | ---- | C] () -- C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
[2014.04.09 20:26:20 | 000,001,102 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
[2014.04.09 20:26:20 | 000,001,090 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 9.lnk
[2014.03.18 21:59:10 | 000,054,619 | ---- | C] () -- C:\Users\Tomas\Desktop\kkk.JPG
[2014.03.16 23:04:49 | 000,675,984 | ---- | C] () -- C:\Users\Tomas\Desktop\stick_warning_finish.tif
[2014.03.16 22:59:13 | 000,000,132 | ---- | C] () -- C:\Users\Tomas\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
[2014.03.11 22:26:47 | 000,149,882 | ---- | C] () -- C:\Users\Tomas\Desktop\ML.JPG
[2014.03.11 21:57:45 | 000,002,139 | ---- | C] () -- C:\Users\Public\Desktop\TurboCAD Professional 20 - x64.lnk
[2014.01.26 17:10:27 | 001,563,104 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014.01.15 19:00:00 | 000,001,480 | ---- | C] () -- C:\Users\Tomas\AppData\Local\Adobe Uložit pro web 12.0 Prefs
[2014.01.09 20:06:38 | 000,194,287 | ---- | C] () -- C:\Users\Tomas\Desktop\Výstřižek.PNG
[2013.12.25 02:36:30 | 000,001,065 | ---- | C] () -- C:\Users\Tomas\Desktop\vanBasco's Karaoke Player.lnk
[2013.12.21 13:59:03 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013.12.21 13:56:55 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2013.12.21 11:33:49 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013.12.10 21:11:50 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2013.12.10 21:11:50 | 000,002,019 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2013.12.02 21:18:06 | 000,001,070 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013.11.19 19:41:55 | 000,001,232 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5 (64 Bit).lnk
[2013.11.19 19:40:13 | 000,001,173 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS5.lnk
[2013.11.19 19:39:51 | 000,001,266 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS5.lnk
[2013.11.19 19:36:32 | 000,001,357 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS5.lnk
[2013.11.19 19:36:23 | 000,001,523 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.lnk
[2013.11.19 19:35:54 | 000,000,997 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
[2013.10.17 19:01:31 | 000,000,236 | ---- | C] () -- C:\Users\Tomas\Desktop\Search the Web.url
[2013.10.17 19:01:31 | 000,000,230 | ---- | C] () -- C:\Users\Tomas\Desktop\SweetPcFix.url
[2013.10.17 19:00:23 | 000,001,142 | ---- | C] () -- C:\Users\Tomas\Desktop\ASIO4ALL v2 Instruction Manual.lnk
[2013.10.17 17:49:01 | 000,002,043 | ---- | C] () -- C:\Users\Public\Desktop\Rocksmith.lnk
[2013.10.17 17:48:59 | 010,275,840 | ---- | C] () -- C:\Users\Tomas\Desktop\Rocksmith_.exe
[2013.10.17 17:29:19 | 000,001,954 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2013.10.09 20:20:47 | 000,001,017 | ---- | C] () -- C:\Users\Tomas\Desktop\Dropbox.lnk
[2013.10.07 21:09:43 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2013.10.07 20:15:27 | 000,000,119 | ---- | C] () -- C:\Users\Tomas\Desktop\R1.m3u
[2013.10.07 20:08:01 | 000,002,381 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.10.07 20:06:55 | 000,000,950 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.10.07 20:06:51 | 000,000,946 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.10.07 19:52:05 | 000,001,623 | ---- | C] () -- C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2013.10.07 19:51:59 | 000,001,645 | ---- | C] () -- C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013.10.07 19:42:06 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2013.10.07 19:41:58 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2013.10.07 19:40:55 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2013.10.07 19:40:55 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\atiicdxx.dat
[2013.10.07 19:38:01 | 2213,896,192 | -HS- | C] () -- C:\hiberfil.sys
[2013.10.07 19:03:16 | 000,056,450 | ---- | C] () -- C:\Users\Tomas\Desktop\zalozky.html
[2013.10.07 19:02:50 | 000,063,117 | ---- | C] () -- C:\Users\Tomas\Desktop\zalozky.adr
[2009.12.07 02:23:21 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2009.12.06 23:49:18 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2009.12.06 23:49:18 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2009.12.06 23:49:18 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2009.12.06 23:49:18 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2009.12.06 23:49:18 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2009.12.06 23:16:00 | 000,002,154 | ---- | C] () -- C:\Windows\epplauncher.mif
[2009.12.06 23:15:48 | 000,002,117 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

========== ZeroAccess Check ==========

[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2009.07.14 02:41:54 | 014,161,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2009.07.14 02:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.07.14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013.10.17 17:30:01 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\DAEMON Tools Lite
[2013.10.17 18:33:19 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\DriverCure
[2014.07.10 22:04:31 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Dropbox
[2014.07.10 22:04:07 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\DropboxMaster
[2014.03.11 21:55:22 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\IMSIDesign
[2013.10.17 18:33:19 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\ParetoLogic
[2009.12.07 00:50:49 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Seznam.cz
[2014.06.01 13:53:25 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\systweak
[2014.05.06 21:27:13 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\TeamViewer

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009.07.14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 06:08:49 | 000,008,650 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2013.10.07 20:06:51 | 000,000,946 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.10.07 20:06:55 | 000,000,950 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2014.07.14 20:23:59 | 000,000,886 | ---- | C] () -- C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
[2014.07.14 20:24:03 | 000,000,890 | ---- | C] () -- C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
[2014.07.14 21:36:55 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\erdnt\cache64\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\SysWOW64\autochk.exe
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 02:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\SysNative\autochk.exe
[2009.07.14 02:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\drivers\cdrom.sys
[2009.07.14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys
[2009.07.14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\SysWOW64\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2009.07.14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\erdnt\cache86\explorer.exe
[2009.07.14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\explorer.exe
[2009.07.14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe

< MD5 for: HAL.DLL >
[2009.07.14 02:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\SysNative\hal.dll
[2009.07.14 02:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll

< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\erdnt\cache86\scecli.dll
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\erdnt\cache64\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\SysNative\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.07.14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\erdnt\cache64\services.exe
[2009.07.14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009.07.14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\erdnt\cache86\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\erdnt\cache64\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2010.04.09 12:06:28 | 001,898,376 | ---- | M] (Microsoft Corporation) MD5=7FC877A25796D8ADF539E64703FCA7E1 -- C:\Windows\erdnt\cache64\tcpip.sys
[2010.04.09 12:06:28 | 001,898,376 | ---- | M] (Microsoft Corporation) MD5=7FC877A25796D8ADF539E64703FCA7E1 -- C:\Windows\SysNative\drivers\tcpip.sys
[2010.04.09 12:06:28 | 001,898,376 | ---- | M] (Microsoft Corporation) MD5=7FC877A25796D8ADF539E64703FCA7E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16569_none_0f2ca8c580036f65\tcpip.sys
[2009.07.14 02:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2010.04.09 08:56:29 | 001,892,232 | ---- | M] (Microsoft Corporation) MD5=A9C0F786AC1F736891D05CE0A1D29DEB -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20687_none_0f9ea52499331463\tcpip.sys

< MD5 for: USERINIT.EXE >
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\erdnt\cache86\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\erdnt\cache64\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\erdnt\cache64\winlogon.exe
[2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\SysNative\winlogon.exe
[2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe

< >

< %systemroot%*.* /U /s >
[1 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[2 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2014.01.15 18:59:32 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Adobe
[2013.12.21 14:01:29 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Apple Computer
[2013.10.17 17:30:01 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\DAEMON Tools Lite
[2013.10.17 18:33:19 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\DriverCure
[2014.07.10 22:04:31 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Dropbox
[2014.07.10 22:04:07 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\DropboxMaster
[2014.05.07 06:27:41 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\dvdcss
[2013.10.07 19:50:50 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Identities
[2014.03.11 21:55:22 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\IMSIDesign
[2013.11.19 19:30:38 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Macromedia
[2009.07.14 16:36:38 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Media Center Programs
[2014.07.08 22:00:17 | 000,000,000 | --SD | M] -- C:\Users\Tomas\AppData\Roaming\Microsoft
[2013.10.17 18:33:19 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\ParetoLogic
[2009.12.07 00:50:49 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Seznam.cz
[2014.06.01 13:53:25 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\systweak
[2014.05.06 21:27:13 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\TeamViewer
[2014.05.07 06:29:05 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\vlc

< %APPDATA%\*.exe /s >
[2014.05.20 01:45:22 | 033,322,312 | ---- | M] (Dropbox, Inc.) -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\Dropbox.exe
[2014.05.20 01:47:16 | 000,244,368 | ---- | M] (Dropbox, Inc.) -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe
[2014.05.20 01:45:26 | 000,143,648 | ---- | M] (Dropbox, Inc.) -- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\DropboxUpdateHelper.exe
[2013.05.16 14:25:04 | 001,062,472 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Seznam.cz\szninstall.exe
[2013.05.16 14:26:24 | 002,589,256 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Seznam.cz\sznsetup.exe
[2013.04.29 11:53:34 | 000,045,560 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
[2013.04.12 09:13:24 | 000,457,208 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
[2013.04.12 09:10:22 | 000,092,664 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe
[2013.04.16 12:52:34 | 000,055,808 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Seznam.cz\data\ffinstall\ffkill.exe
[2011.12.19 10:04:28 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Users\Tomas\AppData\Roaming\Seznam.cz\data\ffinstall\reg.exe
[2013.04.16 12:52:36 | 000,077,824 | ---- | M] () -- C:\Users\Tomas\AppData\Roaming\Seznam.cz\data\ffinstall\regctrl.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2009.12.07 02:32:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2009.12.07 00:44:47 | 000,000,886 | ---- | M] () -- C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
[2014.07.14 20:29:19 | 000,000,890 | ---- | M] () -- C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
[2009.12.07 00:44:48 | 000,000,946 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2014.07.14 22:40:00 | 000,000,950 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2010.03.18 16:47:22 | 000,017,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\aspnet_counters.dll
[2011.02.19 23:03:12 | 000,138,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\atl100.dll
[2010.05.26 10:41:02 | 002,106,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\D3DCompiler_43.dll
[2010.05.26 10:41:02 | 001,868,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\d3dcsx_43.dll
[2010.05.26 10:41:02 | 000,470,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\d3dx10_43.dll
[2010.05.26 10:41:02 | 000,248,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\d3dx11_43.dll
[2010.05.26 10:41:02 | 001,998,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\D3DX9_43.dll
[2011.08.30 23:05:04 | 000,083,816 | ---- | M] (Apple Inc.) -- C:\Windows\system32\dns-sd.exe
[2011.08.30 23:05:04 | 000,073,064 | ---- | M] (Apple Inc.) -- C:\Windows\system32\dnssd.dll
[2011.08.30 23:05:04 | 000,178,536 | ---- | M] (Apple Inc.) -- C:\Windows\system32\dnssdX.dll
[2014.07.14 21:36:52 | 000,699,056 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerApp.exe
[2014.07.14 21:36:52 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerCPLApp.cpl
[2012.08.21 13:01:20 | 000,106,928 | ---- | M] (GEAR Software Inc.) -- C:\Windows\system32\GEARAspi.dll
[2011.08.30 23:05:04 | 000,050,536 | ---- | M] (Apple Inc.) -- C:\Windows\system32\jdns_sd.dll
[2013.10.07 19:42:18 | 000,068,220 | ---- | M] () -- C:\Windows\system32\license.rtf
[2011.02.19 23:03:12 | 004,397,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mfc100.dll
[2011.02.19 23:03:12 | 004,422,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mfc100u.dll
[2011.02.19 23:03:12 | 000,081,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mfcm100.dll
[2011.02.19 23:03:12 | 000,081,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mfcm100u.dll
[2010.03.05 10:13:40 | 000,947,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msjava.dll
[2011.02.19 23:03:12 | 000,421,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msvcp100.dll
[2011.02.19 00:40:50 | 000,773,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msvcr100.dll
[2010.03.18 13:16:28 | 000,771,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msvcr100_clr0400.dll
[2014.03.11 21:46:51 | 001,563,104 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI
[2013.10.17 19:42:12 | 000,105,808 | ---- | M] (Valve Corporation) -- C:\Windows\system32\steam_api.dll
[2011.02.19 23:03:12 | 000,051,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\vcomp100.dll
[2010.02.04 09:01:14 | 000,022,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\X3DAudio1_7.dll
[2010.02.04 09:01:14 | 000,238,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\xactengine3_6.dll
[2010.06.02 03:55:30 | 000,239,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\xactengine3_7.dll
[2010.02.04 09:01:14 | 000,074,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\XAPOFX1_4.dll
[2010.06.02 03:55:30 | 000,074,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\XAPOFX1_5.dll
[2010.02.04 09:01:14 | 000,528,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\XAudio2_6.dll
[2010.06.02 03:55:30 | 000,527,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\XAudio2_7.dll

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"DAEMON Tools Lite" = "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun -- [2013.07.03 14:16:46 | 003,673,184 | ---- | M] (Disc Soft Ltd)
"Sidebar" = C:\Program Files (x86)\Windows Sidebar\sidebar.exe /autoRun -- [2009.07.14 02:14:38 | 001,173,504 | ---- | M] (Microsoft Corporation)
"cz.seznam.software.autoupdate" = "C:\Users\Tomas\AppData\Roaming\Seznam.cz\szninstall.exe" -c -- [2013.05.16 14:25:04 | 001,062,472 | ---- | M] ()
"cz.seznam.software.szndesktop" = "C:\Users\Tomas\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q -- [2013.04.12 09:10:22 | 000,092,664 | ---- | M] ()
"Akamai NetSession Interface" = "C:\Users\Tomas\AppData\Local\Akamai\netsession_win.exe" -- [2014.04.17 20:07:28 | 004,672,920 | ---- | M] (Akamai Technologies, Inc.)
"SkyDrive" = "C:\Users\Tomas\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background -- [2014.07.02 20:29:11 | 000,251,048 | ---- | M] (Microsoft Corporation)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2009.07.14 02:17:29 | 000,673,048 | ---- | M] (Microsoft Corporation) MD5=2C32E3E596CFE660353753EABEFB0540 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2014.06.05 14:58:39 | 000,860,488 | ---- | M] (Google Inc.) MD5=A5FCD42334CCC682DA1882A54338686C -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2009.12.07 02:23:22 | 000,000,512 | ---- | M] () MD5=51BA562569EA97B8062CD0EF877967FD -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2013.10.17 18:59:37 | 001,121,882 | ---- | M] () -- \Users\Tomas\Downloads\rocksmith-crack-only-tinyiso.exe

< *keygen* /s >

< *loader* /s >
[2010.03.09 04:28:40 | 005,297,608 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\Photodownloader.exe
[2010.03.09 01:38:58 | 000,011,161 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2010.03.09 01:38:58 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\de_de\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\en_us\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\es_es\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\it_it\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\no_no\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,308 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2013.09.13 19:51:30 | 000,008,827 | ---- | M] () -- \Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\HeapSnapshotLoader.js
[2006.10.26 12:40:34 | 000,057,344 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 12:40:34 | 000,005,120 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2014.06.26 23:52:54 | 000,268,440 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2014.06.26 23:52:54 | 000,019,080 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2014.06.26 08:46:50 | 000,009,418 | ---- | M] () -- \Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.7.7_0\img\gifloader.gif
[2013.10.17 17:29:18 | 000,057,728 | ---- | M] () -- \Users\Tomas\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\img\dt_dadget_loader.png
[2013.10.17 17:29:18 | 000,057,728 | ---- | M] () -- \Users\Tomas\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin1\dt_dadget_loader.png
[2013.10.17 17:29:18 | 000,057,728 | ---- | M] () -- \Users\Tomas\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin2\dt_dadget_loader.png
[2013.10.17 17:29:18 | 000,057,728 | ---- | M] () -- \Users\Tomas\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin3\dt_dadget_loader.png
[2013.10.17 17:29:18 | 000,057,728 | ---- | M] () -- \Users\Tomas\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin4\dt_dadget_loader.png
[2013.10.17 17:29:18 | 000,061,770 | ---- | M] () -- \Users\Tomas\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin5\dt_dadget_loader.png
[2013.10.17 17:29:19 | 000,061,770 | ---- | M] () -- \Users\Tomas\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin6\dt_dadget_loader.png
[2013.04.15 12:32:10 | 000,060,416 | ---- | M] () -- \Users\Tomas\AppData\Roaming\Seznam.cz\bin\16110libfoxloader-x64.dll
[2013.03.29 12:37:34 | 000,059,384 | ---- | M] () -- \Users\Tomas\AppData\Roaming\Seznam.cz\bin\16110libfoxloader.dll
[2013.10.17 17:29:54 | 000,000,165 | ---- | M] () -- \Users\Tomas\AppData\Roaming\Seznam.cz\conf\szndesktop.d\libfoxloader.conf
[2013.03.25 15:27:20 | 000,000,665 | ---- | M] () -- \Users\Tomas\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_1_2.install.bat
[2013.03.25 15:27:26 | 000,000,117 | ---- | M] () -- \Users\Tomas\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_1_2.uninstall.bat
[2013.08.24 17:45:14 | 000,061,952 | ---- | M] () -- \Users\Tomas\Downloads\Rocksmith-2014-Cracked (1)\Rocksmith2014\uplay_r1_loader.dll
[2013.10.08 19:43:42 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2014.07.14 20:23:48 | 000,040,400 | ---- | M] () -- \Windows\Prefetch\TORNTV DOWNLOADER.EXE-F89BD567.pf
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 02:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 02:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 16:17:49 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 16:17:49 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2009.07.14 16:17:49 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2009.07.14 16:17:49 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2009.07.14 16:17:49 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2009.07.14 03:58:45 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2009.07.14 03:58:45 | 000,641,088 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef_winload.efi_75834aa0
[2009.07.14 03:58:45 | 000,604,192 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef_winload.exe_75835076
[2009.07.14 03:58:45 | 000,557,136 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef_winresume.efi_85cd069f
[2009.07.14 03:58:45 | 000,518,352 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef_winresume.exe_85cd1215
[2009.07.14 03:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009.07.14 16:15:51 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 03:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2009.07.14 03:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 170 bytes -> C:\ProgramData\TEMP:BC039AC3
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:373E1720

< End of report >

Re: Vir ve WIN7?

Napsal: 15 črc 2014 22:01
od Rudy
Znovu spustte OTL jako spravce
Do spodniho okna vlozte nasledujici text:
:OTL
PRC - [2014.04.17 20:07:28 | 004,672,920 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\Tomas\AppData\Local\Akamai\netsession_win.exe
SRV - [2014.07.09 16:03:58 | 003,572,240 | ---- | M] (Aztec Media Inc) [Disabled | Stopped] -- C:\Program Files (x86)\Settings Manager\systemk\SystemkService.exe -- (SystemkService)
E:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hp& ... XX5SX2QEK8
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://isearch.omiga-plus.com/web/?type ... SX2QEK8&q={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2498}: "URL" = http://www.default-search.net/search?si ... &src=ds&p={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hp& ... XX5SX2QEK8
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type ... SX2QEK8&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type ... SX2QEK8&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hp& ... XX5SX2QEK8
IE - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://isearch.omiga-plus.com/web/?type ... SX2QEK8&q={searchTerms}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2498}: "URL" = http://www.default-search.net/search?si ... &src=ds&p={searchTerms}
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?sr ... 26186DD50F}
IE - HKU\S-1-5-21-1819978469-3826792217-4274378430-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hp& ... XX5SX2QEK8
IE - HKU\S-1-5-21-1819978469-3826792217-4274378430-1000\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE - HKU\S-1-5-21-1819978469-3826792217-4274378430-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-1819978469-3826792217-4274378430-1000\..\SearchScopes\{1ABBEACB-8F39-4CBE-9B1A-90089473191A}: "URL" = http://www.firmy.cz/?q={searchTerms}&so ... arch_13415
IE - HKU\S-1-5-21-1819978469-3826792217-4274378430-1000\..\SearchScopes\{30AB3D52-7DD7-4B9C-90BD-F6CA3A0B1811}: "URL" = http://search.seznam.cz/?q={searchTerms ... arch_13415
IE - HKU\S-1-5-21-1819978469-3826792217-4274378430-1000\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://isearch.omiga-plus.com/web/?type ... SX2QEK8&q={searchTerms}
IE - HKU\S-1-5-21-1819978469-3826792217-4274378430-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2498}: "URL" = http://www.default-search.net/search?si ... &src=ds&p={searchTerms}
IE - HKU\S-1-5-21-1819978469-3826792217-4274378430-1000\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?sr ... 26186DD50F}
CHR - Extension: SweetIM for Facebook = C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.2.0.0_0\
CHR - Extension: SweetPacks Chrome Extension = C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.3.0.2_0\
CHR - Extension: SweetIM for Facebook = C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.2.0.0_0\
CHR - Extension: SweetPacks Chrome Extension = C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.3.0.2_0\
O2 - BHO: (IETabPage Class) - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
O2 - BHO: (Linkey) - {4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} - C:\Program Files (x86)\Linkey\IEExtension\iedll.dll (Aztec Media Inc)
O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4 - HKLM..\Run: [Sweetpacks Communicator] C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.)
O13 - gopher Prefix: missing
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\osf - No CLSID value found
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SupTab\SearchProtect64.dll) - C:\Program Files (x86)\SupTab\SearchProtect64.dll (Skytech Co., Ltd.)
O20 - AppInit_DLLs: (C:\PROGRA~2\SupTab\SearchProtect32.dll) - C:\Program Files (x86)\SupTab\SearchProtect32.dll (Skytech Co., Ltd.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
@Alternate Data Stream - 170 bytes -> C:\ProgramData\TEMP:BC039AC3
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:373E1720

:files
C:\Users\Tomas\AppData\Local\Akamai
C:\Program Files (x86)\SweetIM
C:\Windows\SysNative\roboot64.exe
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job
C:\Users\Tomas\Desktop\SweetPcFix.url
C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[Purity]
[CreateRestorePoint]
Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

Re: Vir ve WIN7?

Napsal: 16 črc 2014 05:55
od 7omino
Zde log. FYI zatím se nejspíše na funkčnosti nic nezměnilo.

All processes killed
========== OTL ==========
No active process named netsession_win.exe was found!
Service SystemkService stopped successfully!
Service SystemkService deleted successfully!
C:\Program Files (x86)\Settings Manager\systemk\SystemkService.exe moved successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2498}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2498}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2498}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2498}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C360-6118-11DC-9C72-001320C79847}\ not found.
HKU\S-1-5-21-1819978469-3826792217-4274378430-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_USERS\S-1-5-21-1819978469-3826792217-4274378430-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-1819978469-3826792217-4274378430-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-1819978469-3826792217-4274378430-1000\Software\Microsoft\Internet Explorer\SearchScopes\{1ABBEACB-8F39-4CBE-9B1A-90089473191A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1ABBEACB-8F39-4CBE-9B1A-90089473191A}\ not found.
Registry key HKEY_USERS\S-1-5-21-1819978469-3826792217-4274378430-1000\Software\Microsoft\Internet Explorer\SearchScopes\{30AB3D52-7DD7-4B9C-90BD-F6CA3A0B1811}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30AB3D52-7DD7-4B9C-90BD-F6CA3A0B1811}\ not found.
Registry key HKEY_USERS\S-1-5-21-1819978469-3826792217-4274378430-1000\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ not found.
Registry key HKEY_USERS\S-1-5-21-1819978469-3826792217-4274378430-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2498}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2498}\ not found.
Registry key HKEY_USERS\S-1-5-21-1819978469-3826792217-4274378430-1000\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C360-6118-11DC-9C72-001320C79847}\ not found.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.2.0.0_0 folder moved successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.3.0.2_0 folder moved successfully.
File C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.2.0.0_0 not found.
File C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.3.0.2_0 not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}\ deleted successfully.
C:\Program Files (x86)\SupTab\SupTab.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}\ deleted successfully.
C:\Program Files (x86)\Linkey\IEExtension\iedll.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}\ deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}\ deleted successfully.
File C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Sweetpacks Communicator deleted successfully.
C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe moved successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\grooveLocalGWS\ deleted successfully.
File Protocol\Handler\grooveLocalGWS - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
File Protocol\Handler\ms-help - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\osf\ deleted successfully.
File Protocol\Handler\osf - No CLSID value found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:C:\PROGRA~2\SupTab\SearchProtect64.dll deleted successfully.
C:\Program Files (x86)\SupTab\SearchProtect64.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:C:\PROGRA~2\SupTab\SearchProtect32.dll deleted successfully.
C:\Program Files (x86)\SupTab\SearchProtect32.dll moved successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
ADS C:\ProgramData\TEMP:BC039AC3 deleted successfully.
ADS C:\ProgramData\TEMP:373E1720 deleted successfully.
========== FILES ==========
C:\Users\Tomas\AppData\Local\Akamai\Logs\dump folder moved successfully.
C:\Users\Tomas\AppData\Local\Akamai\Logs folder moved successfully.
C:\Users\Tomas\AppData\Local\Akamai\Languages folder moved successfully.
C:\Users\Tomas\AppData\Local\Akamai\Cache folder moved successfully.
C:\Users\Tomas\AppData\Local\Akamai folder moved successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange folder moved successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green folder moved successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue folder moved successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources folder moved successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT folder moved successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\conf folder moved successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer folder moved successfully.
C:\Program Files (x86)\SweetIM\Toolbars folder moved successfully.
C:\Program Files (x86)\SweetIM\Communicator\resources\sqlite folder moved successfully.
C:\Program Files (x86)\SweetIM\Communicator\resources folder moved successfully.
C:\Program Files (x86)\SweetIM\Communicator\Microsoft.VC90.CRT folder moved successfully.
C:\Program Files (x86)\SweetIM\Communicator folder moved successfully.
C:\Program Files (x86)\SweetIM folder moved successfully.
C:\Windows\SysNative\roboot64.exe moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job moved successfully.
C:\Users\Tomas\Desktop\SweetPcFix.url moved successfully.
C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 41620 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

User: Tomas
->Temp folder emptied: 1067557 bytes
->Temporary Internet Files folder emptied: 5107081 bytes
->Google Chrome cache emptied: 139936637 bytes
->Flash cache emptied: 660 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 135091 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50507 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 140,00 mb


[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Public

User: Tomas
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.69.0 log created on 12072009_111517

Files\Folders moved on Reboot...
C:\Users\Tomas\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File\Folder C:\Windows\temp\officeclicktorun.exe_c2ruidll(20091207004438700).log not found!
File\Folder C:\Windows\temp\officeclicktorun.exe_streamserver(20091207004441700).log not found!
C:\Windows\temp\TOMAS-NB-20091207-0044.log moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Re: Vir ve WIN7?

Napsal: 16 črc 2014 08:21
od Rudy
OK. Dejte log ComboFix:
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware.

Re: Vir ve WIN7?

Napsal: 16 črc 2014 17:46
od 7omino

Kód: Vybrat vše

ComboFix 14-07-15.04 - Tomas 07.12.2009  14:18:03.2.2 - x64
Microsoft Windows 7 Ultimate   6.1.7600.0.1250.420.1029.18.2815.1528 [GMT 1:00]
Spuštěný z: c:\users\Tomas\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((   Soubory vytvořené od 2009-11-07 do 2009-12-07  )))))))))))))))))))))))))))))))
.
.
2014-07-14 20:36 . 2014-07-14 20:36	71344	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-14 20:36 . 2014-07-14 20:36	699056	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-07-14 20:36 . 2014-07-14 20:36	--------	d-----w-	c:\windows\system32\Macromed
2014-07-14 20:30 . 2014-07-13 07:08	61120	----a-w-	c:\windows\system32\drivers\{ed7eb956-75ed-460d-8f69-29a93b07afd1}w64.sys
2014-07-14 19:27 . 2014-07-14 19:27	--------	d-----w-	c:\programdata\IePluginServices
2014-07-14 19:27 . 2009-12-07 10:15	--------	d-----w-	c:\program files (x86)\SupTab
2014-07-14 19:26 . 2014-07-14 19:26	--------	d-----w-	c:\programdata\WindowsMangerProtect
2014-07-14 19:23 . 2009-12-07 10:18	--------	d-----w-	c:\program files (x86)\globalUpdate
2014-07-10 19:22 . 2009-12-06 23:45	--------	d-----w-	c:\programdata\systemk
2014-07-08 20:16 . 2014-07-08 20:20	--------	d-----w-	c:\programdata\regid.1991-06.com.microsoft
2014-07-08 20:15 . 2014-07-08 20:15	589008	----a-w-	c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2014-07-08 20:12 . 2014-07-08 20:12	--------	d-----w-	c:\program files\Microsoft Office 15
2014-07-03 22:17 . 2014-07-03 22:17	76232	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{809A2788-4957-4D2B-8092-6DF8BD880123}\offreg.dll
2014-07-02 19:35 . 2014-07-02 19:35	--------	d-----w-	C:\OneDriveTemp
2014-05-26 18:17 . 2014-05-26 18:17	--------	d-----w-	c:\program files (x86)\Linkey
2014-05-26 18:17 . 2014-05-26 18:17	--------	d-----w-	c:\program files (x86)\Settings Manager
2014-05-26 18:16 . 2014-05-26 18:16	--------	d-----w-	c:\program files (x86)\pazera-software
2014-05-26 18:12 . 2014-05-26 18:13	--------	d-----w-	c:\program files (x86)\MP4 Converter
2014-05-26 17:59 . 2014-05-26 17:59	--------	d-----w-	c:\programdata\Ashampoo
2014-05-26 17:58 . 2014-05-26 17:58	--------	d-----w-	c:\program files (x86)\Ashampoo
2014-05-07 20:23 . 2014-05-07 20:23	--------	d-----w-	c:\program files (x86)\Microsoft OneDrive
2014-05-07 20:23 . 2014-05-07 20:23	--------	d-----w-	c:\programdata\Microsoft OneDrive
2014-05-01 16:13 . 2014-05-01 16:13	--------	d-----w-	c:\programdata\Orbit
2014-04-09 19:26 . 2014-04-09 19:26	--------	d-----w-	c:\program files (x86)\TeamViewer
2014-03-11 20:55 . 2014-03-11 21:05	--------	d-----w-	c:\programdata\IMSIDesign
2014-03-11 20:55 . 2014-03-11 20:55	--------	d-----w-	c:\program files\IMSIDesign
2014-03-11 20:41 . 2009-11-25 11:47	99176	----a-w-	c:\windows\SysWow64\PresentationHostProxy.dll
2014-03-11 20:41 . 2009-11-25 11:47	49472	----a-w-	c:\windows\SysWow64\netfxperf.dll
2014-03-11 20:41 . 2009-11-25 11:47	48960	----a-w-	c:\windows\system32\netfxperf.dll
2014-03-11 20:41 . 2009-11-25 11:47	297808	----a-w-	c:\windows\SysWow64\mscoree.dll
2014-03-11 20:41 . 2009-11-25 11:47	295264	----a-w-	c:\windows\SysWow64\PresentationHost.exe
2014-03-11 20:41 . 2009-11-25 11:47	1130824	----a-w-	c:\windows\SysWow64\dfshim.dll
2014-03-11 20:41 . 2009-11-25 11:47	109912	----a-w-	c:\windows\system32\PresentationHostProxy.dll
2014-03-11 20:41 . 2009-11-25 11:47	444752	----a-w-	c:\windows\system32\mscoree.dll
2014-03-11 20:41 . 2009-11-25 11:47	320352	----a-w-	c:\windows\system32\PresentationHost.exe
2014-03-11 20:41 . 2009-11-25 11:47	1942856	----a-w-	c:\windows\system32\dfshim.dll
2014-03-11 20:37 . 2014-03-11 20:39	--------	d-----w-	c:\program files (x86)\TurboCAD 20 Professional 64-bit Setup
2014-03-11 08:52 . 2014-03-11 08:52	133928	----a-w-	c:\windows\system32\drivers\NisDrvWFP.sys
2014-01-25 00:19 . 2014-01-25 00:19	268512	----a-w-	c:\windows\system32\drivers\MpFilter.sys
2013-12-25 01:36 . 2013-12-25 02:11	--------	d-----w-	c:\program files (x86)\vanBasco's Karaoke Player
2013-12-21 12:58 . 2013-12-21 12:58	--------	dc----w-	c:\windows\system32\DRVSTORE
2013-12-21 12:58 . 2012-08-21 12:01	33240	----a-w-	c:\windows\system32\drivers\GEARAspiWDM.sys
2013-12-21 12:58 . 2013-12-21 12:58	--------	d-----w-	c:\program files\iPod
2013-12-21 12:58 . 2013-12-21 12:58	--------	d-----w-	c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-12-21 12:58 . 2013-12-21 12:58	--------	d-----w-	c:\program files\iTunes
2013-12-21 12:58 . 2013-12-21 12:58	--------	d-----w-	c:\program files (x86)\iTunes
2013-12-21 12:58 . 2013-12-21 12:58	--------	d-----w-	c:\programdata\Apple Computer
2013-12-21 12:56 . 2013-12-21 12:56	--------	d-----w-	c:\program files (x86)\Apple Software Update
2013-12-21 12:56 . 2013-12-21 12:56	--------	d-----w-	c:\program files\Common Files\Apple
2013-12-21 12:56 . 2013-12-21 12:56	--------	d-----w-	c:\program files\Bonjour
2013-12-21 12:56 . 2013-12-21 12:56	--------	d-----w-	c:\program files (x86)\Bonjour
2013-12-21 12:55 . 2013-12-21 12:58	--------	d-----w-	c:\program files (x86)\Common Files\Apple
2013-12-21 12:55 . 2013-12-21 12:56	--------	d-----w-	c:\programdata\Apple
2013-12-18 18:06 . 2013-12-18 18:06	130704	----a-w-	c:\windows\system32\mdm.exe
2013-12-02 20:21 . 2013-12-02 20:21	--------	d-----w-	c:\windows\system32\appmgmt
2013-12-02 20:17 . 2013-12-02 20:17	--------	d-----w-	c:\program files (x86)\VideoLAN
2013-11-19 18:51 . 2014-01-26 13:33	--------	d-----w-	c:\programdata\regid.1986-12.com.adobe
2013-11-19 18:41 . 2013-11-19 18:41	--------	d-----w-	c:\program files\Adobe
2013-11-19 18:40 . 2013-11-19 18:41	--------	d-----w-	c:\program files\Common Files\Adobe
2013-11-19 18:38 . 2013-11-19 18:38	--------	d-----w-	c:\program files (x86)\Adobe Media Player
2013-11-19 18:36 . 2013-11-19 18:36	--------	d-----w-	c:\windows\SysWow64\Macromed
2013-11-19 18:35 . 2013-11-19 18:35	--------	d-----w-	c:\program files (x86)\Common Files\Adobe AIR
2013-11-19 18:31 . 2013-12-10 20:11	--------	d-----w-	c:\program files (x86)\Common Files\Adobe
2013-11-19 18:28 . 2013-11-19 18:28	--------	d-----w-	c:\program files (x86)\7-Zip
2013-10-17 18:42 . 2013-10-17 18:42	105808	----a-w-	c:\windows\SysWow64\steam_api.dll
2013-10-17 18:41 . 2013-10-17 18:41	--------	d-----w-	c:\programdata\Logs
2013-10-17 18:01 . 2013-12-02 20:21	--------	d-----w-	c:\programdata\SweetIM
2013-10-17 18:01 . 2013-10-17 18:01	--------	d-----w-	c:\program files (x86)\Rocksmith Crack Only-TiNYiSO
2013-10-17 18:00 . 2013-10-17 18:00	--------	d-----w-	c:\program files (x86)\ASIO4ALL v2
2013-10-17 17:41 . 2006-03-31 10:41	3927248	----a-w-	c:\windows\system32\d3dx9_30.dll
2013-10-17 17:33 . 2014-06-01 12:45	--------	d-----w-	c:\programdata\ParetoLogic
2013-10-17 16:30 . 2013-10-17 16:30	--------	d-----w-	c:\program files (x86)\Ubisoft
2013-10-17 16:29 . 2013-10-17 16:29	--------	d-----w-	c:\program files (x86)\Seznam.cz
2013-10-17 16:26 . 2013-10-17 16:26	283064	----a-w-	c:\windows\system32\drivers\dtsoftbus01.sys
2013-10-17 16:26 . 2013-10-17 16:26	--------	d-----w-	c:\program files (x86)\DAEMON Tools Lite
2013-10-17 16:23 . 2013-10-17 16:30	--------	d-----w-	c:\programdata\DAEMON Tools Lite
2013-10-08 18:43 . 2013-10-08 18:43	--------	d-----w-	c:\program files (x86)\Microsoft Works
2013-10-08 18:39 . 2013-10-08 18:39	--------	d-----w-	c:\windows\PCHEALTH
2013-10-08 18:39 . 2014-03-11 20:42	--------	d-----w-	c:\program files (x86)\Microsoft.NET
2013-10-08 18:31 . 2013-10-08 18:31	--------	d-----w-	c:\program files\Microsoft Office
2013-10-08 18:31 . 2013-10-08 18:31	--------	d-----w-	c:\program files (x86)\Microsoft Visual Studio 8
2013-10-08 18:29 . 2013-10-08 18:50	--------	d-----w-	c:\programdata\Microsoft Help
2013-10-08 18:25 . 2013-10-08 18:25	--------	d-----r-	C:\MSOCache
2013-10-08 18:24 . 2013-10-08 18:24	--------	d-----w-	c:\program files\7-Zip
2013-10-08 17:30 . 2012-06-02 22:19	2428952	----a-w-	c:\windows\system32\wuaueng.dll
2013-10-08 17:30 . 2012-06-02 22:19	57880	----a-w-	c:\windows\system32\wuauclt.exe
2013-10-08 17:30 . 2012-06-02 22:19	44056	----a-w-	c:\windows\system32\wups2.dll
2013-10-08 17:30 . 2012-06-02 22:15	2622464	----a-w-	c:\windows\system32\wucltux.dll
2013-10-08 17:30 . 2012-06-02 22:19	38424	----a-w-	c:\windows\system32\wups.dll
2013-10-08 17:30 . 2012-06-02 22:19	701976	----a-w-	c:\windows\system32\wuapi.dll
2013-10-08 17:30 . 2012-06-02 22:15	99840	----a-w-	c:\windows\system32\wudriver.dll
2013-10-08 17:30 . 2012-06-02 13:19	186752	----a-w-	c:\windows\system32\wuwebv.dll
2013-10-08 17:30 . 2012-06-02 13:15	36864	----a-w-	c:\windows\system32\wuapp.exe
2013-10-07 19:36 . 2013-10-07 18:50	--------	d-----w-	c:\windows\Panther
2013-10-07 19:36 . 2013-10-07 19:36	--------	d-----w-	c:\windows\system32\oem
2013-10-07 19:11 . 2009-12-07 10:18	--------	d-sh--w-	c:\windows\Installer
2013-10-07 19:06 . 2013-10-07 19:07	--------	d-----w-	c:\program files (x86)\Google
2013-10-07 19:06 . 2014-01-20 04:00	270496	------w-	c:\windows\system32\MpSigStub.exe
2013-10-07 19:06 . 2013-09-15 22:50	9694160	------w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{809A2788-4957-4D2B-8092-6DF8BD880123}\mpengine.dll
2013-10-07 18:40 . 2013-10-07 18:40	0	----a-w-	c:\windows\ativpsrm.bin
2012-12-13 13:50 . 2012-12-13 13:50	6112864	----a-w-	c:\windows\system32\usbaaplrc.dll
2012-12-13 13:50 . 2012-12-13 13:50	54784	----a-w-	c:\windows\system32\drivers\usbaapl64.sys
2012-08-21 12:01 . 2012-08-21 12:01	125872	----a-w-	c:\windows\system32\GEARAspi64.dll
2012-08-21 12:01 . 2012-08-21 12:01	106928	----a-w-	c:\windows\SysWow64\GEARAspi.dll
2011-08-30 22:05 . 2011-08-30 22:05	96104	----a-w-	c:\windows\system32\dns-sd.exe
2011-08-30 22:05 . 2011-08-30 22:05	85864	----a-w-	c:\windows\system32\dnssd.dll
2011-08-30 22:05 . 2011-08-30 22:05	61288	----a-w-	c:\windows\system32\jdns_sd.dll
2011-08-30 22:05 . 2011-08-30 22:05	212840	----a-w-	c:\windows\system32\dnssdX.dll
2011-08-30 22:05 . 2011-08-30 22:05	83816	----a-w-	c:\windows\SysWow64\dns-sd.exe
2011-08-30 22:05 . 2011-08-30 22:05	73064	----a-w-	c:\windows\SysWow64\dnssd.dll
2011-08-30 22:05 . 2011-08-30 22:05	50536	----a-w-	c:\windows\SysWow64\jdns_sd.dll
2011-08-30 22:05 . 2011-08-30 22:05	178536	----a-w-	c:\windows\SysWow64\dnssdX.dll
2011-02-19 22:03 . 2011-02-19 22:03	81744	----a-w-	c:\windows\SysWow64\mfcm100u.dll
2011-02-19 22:03 . 2011-02-19 22:03	81744	----a-w-	c:\windows\SysWow64\mfcm100.dll
2011-02-19 22:03 . 2011-02-19 22:03	51024	----a-w-	c:\windows\SysWow64\vcomp100.dll
2011-02-19 22:03 . 2011-02-19 22:03	4422992	----a-w-	c:\windows\SysWow64\mfc100u.dll
2011-02-19 22:03 . 2011-02-19 22:03	4397384	----a-w-	c:\windows\SysWow64\mfc100.dll
2011-02-19 22:03 . 2011-02-19 22:03	421200	----a-w-	c:\windows\SysWow64\msvcp100.dll
2011-02-19 22:03 . 2011-02-19 22:03	138056	----a-w-	c:\windows\SysWow64\atl100.dll
2011-02-19 21:51 . 2011-02-19 21:51	93008	----a-w-	c:\windows\system32\mfcm100u.dll
2011-02-19 21:51 . 2011-02-19 21:51	93008	----a-w-	c:\windows\system32\mfcm100.dll
2011-02-19 21:51 . 2011-02-19 21:51	608080	----a-w-	c:\windows\system32\msvcp100.dll
2011-02-19 21:51 . 2011-02-19 21:51	57168	----a-w-	c:\windows\system32\vcomp100.dll
2011-02-19 21:51 . 2011-02-19 21:51	5601616	----a-w-	c:\windows\system32\mfc100u.dll
2011-02-19 21:51 . 2011-02-19 21:51	5574472	----a-w-	c:\windows\system32\mfc100.dll
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M výpis   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((   Spouštěcí body v registru   )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-07-02 19:29	233120	----a-w-	c:\users\Tomas\AppData\Local\Microsoft\SkyDrive\17.3.1166.0618\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-07-02 19:29	233120	----a-w-	c:\users\Tomas\AppData\Local\Microsoft\SkyDrive\17.3.1166.0618\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-07-02 19:29	233120	----a-w-	c:\users\Tomas\AppData\Local\Microsoft\SkyDrive\17.3.1166.0618\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	131248	----a-w-	c:\users\Tomas\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	131248	----a-w-	c:\users\Tomas\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	131248	----a-w-	c:\users\Tomas\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-07-03 3673184]
"Sidebar"="c:\program files (x86)\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
"cz.seznam.software.autoupdate"="c:\users\Tomas\AppData\Roaming\Seznam.cz\szninstall.exe" [2013-05-16 1062472]
"cz.seznam.software.szndesktop"="c:\users\Tomas\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" [2013-04-12 92664]
"SkyDrive"="c:\users\Tomas\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" [2014-07-02 251048]
"RESTART_STICKY_NOTES"="c:\windows\system32\StikyNot.exe" [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"seznam-listicka-distribuce"="c:\program files (x86)\Seznam.cz\distribution\szninstall.exe" [2013-05-16 1062472]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-09-13 59720]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-11-01 152392]
.
c:\users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Tomas\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-5-20 33322312]
Odeslat do OneNote.lnk - c:\program files\Microsoft Office 15\root\office15\ONENOTEM.EXE /tsr [2014-7-8 195248]
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE /tsr [2006-10-26 98632]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 IePluginServices;IePlugin Services;c:\programdata\IePluginServices\PluginService.exe;c:\programdata\IePluginServices\PluginService.exe [x]
R3 globalUpdatem;globalUpdate Update Service (globalUpdatem);c:\program files (x86)\globalUpdate\Update\GoogleUpdate.exe;c:\program files (x86)\globalUpdate\Update\GoogleUpdate.exe [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R4 F06DEFF2-5B9C-490D-910F-35D3A9119622;F06DEFF2-5B9C-490D-910F-35D3A9119622;c:\program files (x86)\Settings Manager\systemk\x64\systemkmgrc2.cfg;c:\program files (x86)\Settings Manager\systemk\x64\systemkmgrc2.cfg [x]
S1 {ed7eb956-75ed-460d-8f69-29a93b07afd1}w64;{ed7eb956-75ed-460d-8f69-29a93b07afd1}w64;c:\windows\system32\drivers\{ed7eb956-75ed-460d-8f69-29a93b07afd1}w64.sys;c:\windows\SYSNATIVE\drivers\{ed7eb956-75ed-460d-8f69-29a93b07afd1}w64.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 ClickToRunSvc;Služba Microsoft Office ClickToRun;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [x]
S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S3 RTL8167;Ovladač Realtek 8167 NT;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-06-16 19:36	1091912	----a-w-	c:\program files (x86)\Google\Chrome\Application\35.0.1916.153\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2009-12-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-14 20:36]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-07-02 19:29	260768	----a-w-	c:\users\Tomas\AppData\Local\Microsoft\SkyDrive\17.3.1166.0618\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-07-02 19:29	260768	----a-w-	c:\users\Tomas\AppData\Local\Microsoft\SkyDrive\17.3.1166.0618\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-07-02 19:29	260768	----a-w-	c:\users\Tomas\AppData\Local\Microsoft\SkyDrive\17.3.1166.0618\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-07-08 20:16	2335960	----a-w-	c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-07-08 20:16	2335960	----a-w-	c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-07-08 20:16	2335960	----a-w-	c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	164016	----a-w-	c:\users\Tomas\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	164016	----a-w-	c:\users\Tomas\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	164016	----a-w-	c:\users\Tomas\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	164016	----a-w-	c:\users\Tomas\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2014-03-11 1271072]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = 
mDefault_Search_URL = 
mDefault_Page_URL = 
mStart Page = 
mLocal Page = 
mSearch Page = 
uInternet Settings,ProxyOverride = <local>;*.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\program files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
TCP: DhcpNameServer = 213.46.172.37 213.46.172.36
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKCU-Run-Akamai NetSession Interface - c:\users\Tomas\AppData\Local\Akamai\netsession_win.exe
AddRemove-Akamai - c:\users\Tomas\AppData\Local\Akamai\uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\F06DEFF2-5B9C-490D-910F-35D3A9119622]
"ImagePath"="\??\c:\program files (x86)\Settings Manager\systemk\x64\systemkmgrc2.cfg"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.14"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2009-12-07  14:28:48
ComboFix-quarantined-files.txt  2009-12-07 13:28
ComboFix2.txt  2009-12-06 23:51
.
Před spuštěním: Volných bajtů: 10 921 615 360
Po spuštění: Volných bajtů: 10 919 190 528
.
- - End Of File - - 5D9FD2869BE914F75E5B20ABA151E1AA
A36C5E4F47E84449FF07ED3517B43A31

Re: Vir ve WIN7?

Napsal: 16 črc 2014 18:46
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

Reboot::
Uložte na ploch jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

Obrázek

Re: Vir ve WIN7?

Napsal: 16 črc 2014 19:16
od 7omino
Díky, nový log tu:

Kód: Vybrat vše

ComboFix 14-07-16.02 - Tomas 08.12.2009   0:23.3.2 - x64
Microsoft Windows 7 Ultimate   6.1.7600.0.1250.420.1029.18.2815.894 [GMT 1:00]
Spuštěný z: c:\users\Tomas\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Tomas\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((   Soubory vytvořené od 2009-11-07 do 2009-12-07  )))))))))))))))))))))))))))))))
.
.
2014-07-14 20:36 . 2014-07-14 20:36	71344	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-14 20:36 . 2014-07-14 20:36	699056	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-07-14 20:36 . 2014-07-14 20:36	--------	d-----w-	c:\windows\system32\Macromed
2014-07-14 20:30 . 2014-07-13 07:08	61120	----a-w-	c:\windows\system32\drivers\{ed7eb956-75ed-460d-8f69-29a93b07afd1}w64.sys
2014-07-14 19:27 . 2014-07-14 19:27	--------	d-----w-	c:\programdata\IePluginServices
2014-07-14 19:27 . 2009-12-07 10:15	--------	d-----w-	c:\program files (x86)\SupTab
2014-07-14 19:26 . 2014-07-14 19:26	--------	d-----w-	c:\programdata\WindowsMangerProtect
2014-07-14 19:23 . 2009-12-07 10:18	--------	d-----w-	c:\program files (x86)\globalUpdate
2014-07-10 19:22 . 2009-12-06 23:45	--------	d-----w-	c:\programdata\systemk
2014-07-08 20:16 . 2014-07-08 20:20	--------	d-----w-	c:\programdata\regid.1991-06.com.microsoft
2014-07-08 20:15 . 2014-07-08 20:15	589008	----a-w-	c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2014-07-08 20:12 . 2014-07-08 20:12	--------	d-----w-	c:\program files\Microsoft Office 15
2014-07-03 22:17 . 2014-07-03 22:17	76232	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{809A2788-4957-4D2B-8092-6DF8BD880123}\offreg.dll
2014-07-02 19:35 . 2014-07-02 19:35	--------	d-----w-	C:\OneDriveTemp
2014-05-26 18:17 . 2014-05-26 18:17	--------	d-----w-	c:\program files (x86)\Linkey
2014-05-26 18:17 . 2014-05-26 18:17	--------	d-----w-	c:\program files (x86)\Settings Manager
2014-05-26 18:16 . 2014-05-26 18:16	--------	d-----w-	c:\program files (x86)\pazera-software
2014-05-26 18:12 . 2014-05-26 18:13	--------	d-----w-	c:\program files (x86)\MP4 Converter
2014-05-26 17:59 . 2014-05-26 17:59	--------	d-----w-	c:\programdata\Ashampoo
2014-05-26 17:58 . 2014-05-26 17:58	--------	d-----w-	c:\program files (x86)\Ashampoo
2014-05-07 20:23 . 2014-05-07 20:23	--------	d-----w-	c:\program files (x86)\Microsoft OneDrive
2014-05-07 20:23 . 2014-05-07 20:23	--------	d-----w-	c:\programdata\Microsoft OneDrive
2014-05-01 16:13 . 2014-05-01 16:13	--------	d-----w-	c:\programdata\Orbit
2014-04-09 19:26 . 2014-04-09 19:26	--------	d-----w-	c:\program files (x86)\TeamViewer
2014-03-11 20:55 . 2014-03-11 21:05	--------	d-----w-	c:\programdata\IMSIDesign
2014-03-11 20:55 . 2014-03-11 20:55	--------	d-----w-	c:\program files\IMSIDesign
2014-03-11 20:41 . 2009-11-25 11:47	99176	----a-w-	c:\windows\SysWow64\PresentationHostProxy.dll
2014-03-11 20:41 . 2009-11-25 11:47	49472	----a-w-	c:\windows\SysWow64\netfxperf.dll
2014-03-11 20:41 . 2009-11-25 11:47	48960	----a-w-	c:\windows\system32\netfxperf.dll
2014-03-11 20:41 . 2009-11-25 11:47	297808	----a-w-	c:\windows\SysWow64\mscoree.dll
2014-03-11 20:41 . 2009-11-25 11:47	295264	----a-w-	c:\windows\SysWow64\PresentationHost.exe
2014-03-11 20:41 . 2009-11-25 11:47	1130824	----a-w-	c:\windows\SysWow64\dfshim.dll
2014-03-11 20:41 . 2009-11-25 11:47	109912	----a-w-	c:\windows\system32\PresentationHostProxy.dll
2014-03-11 20:41 . 2009-11-25 11:47	444752	----a-w-	c:\windows\system32\mscoree.dll
2014-03-11 20:41 . 2009-11-25 11:47	320352	----a-w-	c:\windows\system32\PresentationHost.exe
2014-03-11 20:41 . 2009-11-25 11:47	1942856	----a-w-	c:\windows\system32\dfshim.dll
2014-03-11 20:37 . 2014-03-11 20:39	--------	d-----w-	c:\program files (x86)\TurboCAD 20 Professional 64-bit Setup
2014-03-11 08:52 . 2014-03-11 08:52	133928	----a-w-	c:\windows\system32\drivers\NisDrvWFP.sys
2014-01-25 00:19 . 2014-01-25 00:19	268512	----a-w-	c:\windows\system32\drivers\MpFilter.sys
2013-12-25 01:36 . 2013-12-25 02:11	--------	d-----w-	c:\program files (x86)\vanBasco's Karaoke Player
2013-12-21 12:58 . 2013-12-21 12:58	--------	dc----w-	c:\windows\system32\DRVSTORE
2013-12-21 12:58 . 2012-08-21 12:01	33240	----a-w-	c:\windows\system32\drivers\GEARAspiWDM.sys
2013-12-21 12:58 . 2013-12-21 12:58	--------	d-----w-	c:\program files\iPod
2013-12-21 12:58 . 2013-12-21 12:58	--------	d-----w-	c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-12-21 12:58 . 2013-12-21 12:58	--------	d-----w-	c:\program files\iTunes
2013-12-21 12:58 . 2013-12-21 12:58	--------	d-----w-	c:\program files (x86)\iTunes
2013-12-21 12:58 . 2013-12-21 12:58	--------	d-----w-	c:\programdata\Apple Computer
2013-12-21 12:56 . 2013-12-21 12:56	--------	d-----w-	c:\program files (x86)\Apple Software Update
2013-12-21 12:56 . 2013-12-21 12:56	--------	d-----w-	c:\program files\Common Files\Apple
2013-12-21 12:56 . 2013-12-21 12:56	--------	d-----w-	c:\program files\Bonjour
2013-12-21 12:56 . 2013-12-21 12:56	--------	d-----w-	c:\program files (x86)\Bonjour
2013-12-21 12:55 . 2013-12-21 12:58	--------	d-----w-	c:\program files (x86)\Common Files\Apple
2013-12-21 12:55 . 2013-12-21 12:56	--------	d-----w-	c:\programdata\Apple
2013-12-18 18:06 . 2013-12-18 18:06	130704	----a-w-	c:\windows\system32\mdm.exe
2013-12-02 20:21 . 2013-12-02 20:21	--------	d-----w-	c:\windows\system32\appmgmt
2013-12-02 20:17 . 2013-12-02 20:17	--------	d-----w-	c:\program files (x86)\VideoLAN
2013-11-19 18:51 . 2014-01-26 13:33	--------	d-----w-	c:\programdata\regid.1986-12.com.adobe
2013-11-19 18:41 . 2013-11-19 18:41	--------	d-----w-	c:\program files\Adobe
2013-11-19 18:40 . 2013-11-19 18:41	--------	d-----w-	c:\program files\Common Files\Adobe
2013-11-19 18:38 . 2013-11-19 18:38	--------	d-----w-	c:\program files (x86)\Adobe Media Player
2013-11-19 18:36 . 2013-11-19 18:36	--------	d-----w-	c:\windows\SysWow64\Macromed
2013-11-19 18:35 . 2013-11-19 18:35	--------	d-----w-	c:\program files (x86)\Common Files\Adobe AIR
2013-11-19 18:31 . 2013-12-10 20:11	--------	d-----w-	c:\program files (x86)\Common Files\Adobe
2013-11-19 18:28 . 2013-11-19 18:28	--------	d-----w-	c:\program files (x86)\7-Zip
2013-10-17 18:42 . 2013-10-17 18:42	105808	----a-w-	c:\windows\SysWow64\steam_api.dll
2013-10-17 18:41 . 2013-10-17 18:41	--------	d-----w-	c:\programdata\Logs
2013-10-17 18:01 . 2013-12-02 20:21	--------	d-----w-	c:\programdata\SweetIM
2013-10-17 18:01 . 2013-10-17 18:01	--------	d-----w-	c:\program files (x86)\Rocksmith Crack Only-TiNYiSO
2013-10-17 18:00 . 2013-10-17 18:00	--------	d-----w-	c:\program files (x86)\ASIO4ALL v2
2013-10-17 17:41 . 2006-03-31 10:41	3927248	----a-w-	c:\windows\system32\d3dx9_30.dll
2013-10-17 17:33 . 2014-06-01 12:45	--------	d-----w-	c:\programdata\ParetoLogic
2013-10-17 16:30 . 2013-10-17 16:30	--------	d-----w-	c:\program files (x86)\Ubisoft
2013-10-17 16:29 . 2013-10-17 16:29	--------	d-----w-	c:\program files (x86)\Seznam.cz
2013-10-17 16:26 . 2013-10-17 16:26	283064	----a-w-	c:\windows\system32\drivers\dtsoftbus01.sys
2013-10-17 16:26 . 2013-10-17 16:26	--------	d-----w-	c:\program files (x86)\DAEMON Tools Lite
2013-10-17 16:23 . 2013-10-17 16:30	--------	d-----w-	c:\programdata\DAEMON Tools Lite
2013-10-08 18:43 . 2013-10-08 18:43	--------	d-----w-	c:\program files (x86)\Microsoft Works
2013-10-08 18:39 . 2013-10-08 18:39	--------	d-----w-	c:\windows\PCHEALTH
2013-10-08 18:39 . 2014-03-11 20:42	--------	d-----w-	c:\program files (x86)\Microsoft.NET
2013-10-08 18:31 . 2013-10-08 18:31	--------	d-----w-	c:\program files\Microsoft Office
2013-10-08 18:31 . 2013-10-08 18:31	--------	d-----w-	c:\program files (x86)\Microsoft Visual Studio 8
2013-10-08 18:29 . 2013-10-08 18:50	--------	d-----w-	c:\programdata\Microsoft Help
2013-10-08 18:25 . 2013-10-08 18:25	--------	d-----r-	C:\MSOCache
2013-10-08 18:24 . 2013-10-08 18:24	--------	d-----w-	c:\program files\7-Zip
2013-10-08 17:30 . 2012-06-02 22:19	2428952	----a-w-	c:\windows\system32\wuaueng.dll
2013-10-08 17:30 . 2012-06-02 22:19	57880	----a-w-	c:\windows\system32\wuauclt.exe
2013-10-08 17:30 . 2012-06-02 22:19	44056	----a-w-	c:\windows\system32\wups2.dll
2013-10-08 17:30 . 2012-06-02 22:15	2622464	----a-w-	c:\windows\system32\wucltux.dll
2013-10-08 17:30 . 2012-06-02 22:19	38424	----a-w-	c:\windows\system32\wups.dll
2013-10-08 17:30 . 2012-06-02 22:19	701976	----a-w-	c:\windows\system32\wuapi.dll
2013-10-08 17:30 . 2012-06-02 22:15	99840	----a-w-	c:\windows\system32\wudriver.dll
2013-10-08 17:30 . 2012-06-02 13:19	186752	----a-w-	c:\windows\system32\wuwebv.dll
2013-10-08 17:30 . 2012-06-02 13:15	36864	----a-w-	c:\windows\system32\wuapp.exe
2013-10-07 19:36 . 2013-10-07 18:50	--------	d-----w-	c:\windows\Panther
2013-10-07 19:36 . 2013-10-07 19:36	--------	d-----w-	c:\windows\system32\oem
2013-10-07 19:11 . 2009-12-07 10:18	--------	d-sh--w-	c:\windows\Installer
2013-10-07 19:06 . 2013-10-07 19:07	--------	d-----w-	c:\program files (x86)\Google
2013-10-07 19:06 . 2014-01-20 04:00	270496	------w-	c:\windows\system32\MpSigStub.exe
2013-10-07 19:06 . 2013-09-15 22:50	9694160	------w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{809A2788-4957-4D2B-8092-6DF8BD880123}\mpengine.dll
2013-10-07 18:40 . 2013-10-07 18:40	0	----a-w-	c:\windows\ativpsrm.bin
2012-12-13 13:50 . 2012-12-13 13:50	6112864	----a-w-	c:\windows\system32\usbaaplrc.dll
2012-12-13 13:50 . 2012-12-13 13:50	54784	----a-w-	c:\windows\system32\drivers\usbaapl64.sys
2012-08-21 12:01 . 2012-08-21 12:01	125872	----a-w-	c:\windows\system32\GEARAspi64.dll
2012-08-21 12:01 . 2012-08-21 12:01	106928	----a-w-	c:\windows\SysWow64\GEARAspi.dll
2011-08-30 22:05 . 2011-08-30 22:05	96104	----a-w-	c:\windows\system32\dns-sd.exe
2011-08-30 22:05 . 2011-08-30 22:05	85864	----a-w-	c:\windows\system32\dnssd.dll
2011-08-30 22:05 . 2011-08-30 22:05	61288	----a-w-	c:\windows\system32\jdns_sd.dll
2011-08-30 22:05 . 2011-08-30 22:05	212840	----a-w-	c:\windows\system32\dnssdX.dll
2011-08-30 22:05 . 2011-08-30 22:05	83816	----a-w-	c:\windows\SysWow64\dns-sd.exe
2011-08-30 22:05 . 2011-08-30 22:05	73064	----a-w-	c:\windows\SysWow64\dnssd.dll
2011-08-30 22:05 . 2011-08-30 22:05	50536	----a-w-	c:\windows\SysWow64\jdns_sd.dll
2011-08-30 22:05 . 2011-08-30 22:05	178536	----a-w-	c:\windows\SysWow64\dnssdX.dll
2011-02-19 22:03 . 2011-02-19 22:03	81744	----a-w-	c:\windows\SysWow64\mfcm100u.dll
2011-02-19 22:03 . 2011-02-19 22:03	81744	----a-w-	c:\windows\SysWow64\mfcm100.dll
2011-02-19 22:03 . 2011-02-19 22:03	51024	----a-w-	c:\windows\SysWow64\vcomp100.dll
2011-02-19 22:03 . 2011-02-19 22:03	4422992	----a-w-	c:\windows\SysWow64\mfc100u.dll
2011-02-19 22:03 . 2011-02-19 22:03	4397384	----a-w-	c:\windows\SysWow64\mfc100.dll
2011-02-19 22:03 . 2011-02-19 22:03	421200	----a-w-	c:\windows\SysWow64\msvcp100.dll
2011-02-19 22:03 . 2011-02-19 22:03	138056	----a-w-	c:\windows\SysWow64\atl100.dll
2011-02-19 21:51 . 2011-02-19 21:51	93008	----a-w-	c:\windows\system32\mfcm100u.dll
2011-02-19 21:51 . 2011-02-19 21:51	93008	----a-w-	c:\windows\system32\mfcm100.dll
2011-02-19 21:51 . 2011-02-19 21:51	608080	----a-w-	c:\windows\system32\msvcp100.dll
2011-02-19 21:51 . 2011-02-19 21:51	57168	----a-w-	c:\windows\system32\vcomp100.dll
2011-02-19 21:51 . 2011-02-19 21:51	5601616	----a-w-	c:\windows\system32\mfc100u.dll
2011-02-19 21:51 . 2011-02-19 21:51	5574472	----a-w-	c:\windows\system32\mfc100.dll
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M výpis   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((   Spouštěcí body v registru   )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-07-02 19:29	233120	----a-w-	c:\users\Tomas\AppData\Local\Microsoft\SkyDrive\17.3.1166.0618\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-07-02 19:29	233120	----a-w-	c:\users\Tomas\AppData\Local\Microsoft\SkyDrive\17.3.1166.0618\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-07-02 19:29	233120	----a-w-	c:\users\Tomas\AppData\Local\Microsoft\SkyDrive\17.3.1166.0618\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	131248	----a-w-	c:\users\Tomas\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	131248	----a-w-	c:\users\Tomas\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	131248	----a-w-	c:\users\Tomas\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-07-03 3673184]
"Sidebar"="c:\program files (x86)\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
"cz.seznam.software.autoupdate"="c:\users\Tomas\AppData\Roaming\Seznam.cz\szninstall.exe" [2013-05-16 1062472]
"cz.seznam.software.szndesktop"="c:\users\Tomas\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" [2013-04-12 92664]
"SkyDrive"="c:\users\Tomas\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" [2014-07-02 251048]
"RESTART_STICKY_NOTES"="c:\windows\System32\StikyNot.exe" [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"seznam-listicka-distribuce"="c:\program files (x86)\Seznam.cz\distribution\szninstall.exe" [2013-05-16 1062472]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-09-13 59720]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-11-01 152392]
.
c:\users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Tomas\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-5-20 33322312]
Odeslat do OneNote.lnk - c:\program files\Microsoft Office 15\root\office15\ONENOTEM.EXE /tsr [2014-7-8 195248]
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE /tsr [2006-10-26 98632]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 globalUpdatem;globalUpdate Update Service (globalUpdatem);c:\program files (x86)\globalUpdate\Update\GoogleUpdate.exe;c:\program files (x86)\globalUpdate\Update\GoogleUpdate.exe [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R4 F06DEFF2-5B9C-490D-910F-35D3A9119622;F06DEFF2-5B9C-490D-910F-35D3A9119622;c:\program files (x86)\Settings Manager\systemk\x64\systemkmgrc2.cfg;c:\program files (x86)\Settings Manager\systemk\x64\systemkmgrc2.cfg [x]
S1 {ed7eb956-75ed-460d-8f69-29a93b07afd1}w64;{ed7eb956-75ed-460d-8f69-29a93b07afd1}w64;c:\windows\system32\drivers\{ed7eb956-75ed-460d-8f69-29a93b07afd1}w64.sys;c:\windows\SYSNATIVE\drivers\{ed7eb956-75ed-460d-8f69-29a93b07afd1}w64.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 ClickToRunSvc;Služba Microsoft Office ClickToRun;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [x]
S2 IePluginServices;IePlugin Services;c:\programdata\IePluginServices\PluginService.exe;c:\programdata\IePluginServices\PluginService.exe [x]
S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S3 RTL8167;Ovladač Realtek 8167 NT;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-06-16 19:36	1091912	----a-w-	c:\program files (x86)\Google\Chrome\Application\35.0.1916.153\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2009-12-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-14 20:36]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-07-02 19:29	260768	----a-w-	c:\users\Tomas\AppData\Local\Microsoft\SkyDrive\17.3.1166.0618\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-07-02 19:29	260768	----a-w-	c:\users\Tomas\AppData\Local\Microsoft\SkyDrive\17.3.1166.0618\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-07-02 19:29	260768	----a-w-	c:\users\Tomas\AppData\Local\Microsoft\SkyDrive\17.3.1166.0618\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-07-08 20:16	2335960	----a-w-	c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-07-08 20:16	2335960	----a-w-	c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-07-08 20:16	2335960	----a-w-	c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	164016	----a-w-	c:\users\Tomas\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	164016	----a-w-	c:\users\Tomas\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	164016	----a-w-	c:\users\Tomas\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	164016	----a-w-	c:\users\Tomas\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2014-03-11 1271072]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = 
mDefault_Search_URL = 
mDefault_Page_URL = 
mStart Page = 
mLocal Page = 
mSearch Page = 
uInternet Settings,ProxyOverride = <local>;*.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\program files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
TCP: DhcpNameServer = 213.46.172.37 213.46.172.36
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\F06DEFF2-5B9C-490D-910F-35D3A9119622]
"ImagePath"="\??\c:\program files (x86)\Settings Manager\systemk\x64\systemkmgrc2.cfg"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\TeamViewer\Version9\TeamViewer.exe
c:\program files (x86)\TeamViewer\Version9\tv_w32.exe
c:\users\Tomas\AppData\Roaming\Dropbox\bin\Dropbox.exe
c:\program files\Microsoft Office 15\root\office15\ONENOTEM.EXE
c:\users\Tomas\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
c:\program files\Microsoft Office 15\Root\Office15\MsoSync.exe
.
**************************************************************************
.
Celkový čas: 2009-12-08  00:40:32 - počítač byl restartován
ComboFix-quarantined-files.txt  2009-12-07 23:40
ComboFix2.txt  2009-12-07 13:28
ComboFix3.txt  2009-12-06 23:51
.
Před spuštěním: Volných bajtů: 10 652 024 832
Po spuštění: Volných bajtů: 10 618 068 992
.
- - End Of File - - CA531D0D0FEA3C7AA77B64D612027729
A36C5E4F47E84449FF07ED3517B43A31

Re: Vir ve WIN7?

Napsal: 16 črc 2014 20:09
od Rudy
Smazáno. CF odinstalujte pomocí T-Cleaneru: http://vyosek.tym.cz/pro_usery/T-Cleaner.exe . Nastala nějaká změna?

Re: Vir ve WIN7?

Napsal: 16 črc 2014 20:19
od 7omino
Bohužel se zdá, že ne...datum je pořád 2009, "profláklé" weby jako FB, Google,YT, apod. mi nechtějí načíst, viz hlášení níže, mám strach se kamkoli přihlašovat...

(Bezpečné připojení ke stránkám http://www.google.cz je aktuálně něčím narušeno.

Zkuste tuto stránku načíst za několik minut, nebo ji načtěte, až přepnete na jinou síť. Pokud jste se nedávno připojili k nové síti Wi-Fi, před načtením dokončete přihlášení.

Pokud byste stránky http://www.google.cz navštívili ihned, mohli byste své soukromé údaje sdílet s útočníkem. Aby Chrome ochránil vaše osobní údaje, načte stránku až ve chvíli, kdy bude moci navázat bezpečné spojení se skutečnými stránkami http://www.google.cz.)