Logfile of random's system information tool 1.09 (written by random/random)
Run by Marcelka a Pavlíček at 2014-08-01 22:03:35
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 554 GB (83%) free of 670 GB
Total RAM: 4040 MB (61% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:03:53, on 1.8.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17207)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Marcelka a Pavlíček.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tiscali.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre8\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre8\bin\jp2ssv.dll
O3 - Toolbar: PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: QIP 2005 - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - (no file) (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {26E1BEAF-C1A1-482B-8714-08844F1BCF7F} (GTileContainerCtl Class) - http://90.182.35.27/webviewer.cab
O16 - DPF: {816BE035-1450-40D0-8A3B-BA7825A83A77} (IASRunner Class) - http://support.lenovo.com/Resources/Len ... etect2.cab
O16 - DPF: {BF776FD3-69B4-4151-AC97-3A2A64753E18} (GVersionManager Class) - http://90.182.35.27/GVersionMan.cab
O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} (SysInfo Class) - http://content.systemrequirementslab.co ... .5.1.0.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: PDF Architect Helper Service - pdfforge GmbH - C:\Program Files (x86)\PDF Architect\HelperService.exe
O23 - Service: PDF Architect Service - pdfforge GmbH - C:\Program Files (x86)\PDF Architect\ConversionService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9852 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\system32\atiesrxx.exe
winlogon.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\windows\system32\WLANExt.exe 30375152
\??\C:\windows\system32\conhost.exe "-18634986811099503354-443340026-2050583168-16620900212034239053-1431930638265452528
atieclxx
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe"
"C:\Program Files (x86)\PDF Architect\HelperService.exe"
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
"C:\Program Files (x86)\PDF Architect\ConversionService.exe"
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"taskhost.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\SearchIndexer.exe /Embedding
C:\windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
taskeng.exe {BC1F7543-7C96-4525-BACC-A7BBD7F18B1E}
"C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
C:\windows\system32\wbem\wmiprvse.exe
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\utility.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 1304
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Users\Marcelka a Pavlíček\Downloads\RSITx64.exe"
======Scheduled tasks folder======
C:\windows\tasks\Adobe Flash Player Updater.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Marcelka a Pavlíček\AppData\Roaming\Mozilla\Firefox\Profiles\lbu3mxc0.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "www.seznam.cz"
prefs.js - "extensions.enabledItems" - "{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3, {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11, {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17, jqs@sun.com:1.0, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {0FED7D55-65D4-47b6-A6DE-9A4ADB55355F}:1.0.1, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0, {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:5.5, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.13"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.145 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\windows\SysWOW64\Adobe\Director\np32dsw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.11.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre8\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.11.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre8\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00]
"Description"=
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@software602.cz/602XML Filler]
"Description"=602XML Filler Plugin
"Path"=C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.145 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.4.0]
"Description"=
"Path"=C:\windows\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Users\Marcelka a Pavlíček\AppData\Roaming\Mozilla\Firefox\Profiles\lbu3mxc0.default\searchplugins\
zbocz.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-07-05 612248]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3A2D5EBA-F86D-4BD3-A177-019765996711}]
PDF Architect Helper - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll [2013-04-08 92208]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre8\bin\ssv.dll [2014-07-17 463784]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-07-05 457712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre8\bin\jp2ssv.dll [2014-07-17 172456]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{25A3A431-30BB-47C8-AD6A-E1063801134F} - PDF Architect Toolbar - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll [2013-04-08 654384]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2011-03-26 167960]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2011-03-26 391704]
"Persistence"=C:\windows\system32\igfxpers.exe [2011-03-26 418840]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-04-08 2741544]
"Lenovo EE Boot Optimizer"=C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [2011-10-08 114688]
"Energy Management"=C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [2011-10-08 9753024]
"EnergyUtility"=C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [2011-10-08 5908928]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SAIICpl.exe [2000-01-01 307768]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-05-08 21444224]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-06-16 224128]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uninstall C:]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VeriFaceManager]
C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [2011-10-08 329056]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
C:\PROGRA~1\Lenovo\BLUETO~1\BTTray.exe [2010-12-14 1133856]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk]
C:\PROGRA~2\Secunia\PSI\psi_tray.exe []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-02-18 283160]
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-11-17 113288]
"YouCam Mirage"=C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2011-01-29 136488]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-07-31 4085896]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-06-16 224128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2011-03-25 385024]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-08-01 21:53:08 ----D---- C:\rsit
2014-07-30 08:37:04 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-07-17 20:52:08 ----A---- C:\windows\SYSWOW64\javaws.exe
2014-07-17 20:52:02 ----A---- C:\windows\SYSWOW64\WindowsAccessBridge-32.dll
2014-07-17 20:52:02 ----A---- C:\windows\SYSWOW64\javaw.exe
2014-07-17 20:52:02 ----A---- C:\windows\SYSWOW64\java.exe
2014-07-16 22:08:15 ----A---- C:\windows\SYSWOW64\REN5BD8.tmp
2014-07-16 22:08:15 ----A---- C:\windows\SYSWOW64\REN5BD7.tmp
2014-07-09 08:52:18 ----A---- C:\windows\system32\aepdu.dll
2014-07-09 08:52:17 ----A---- C:\windows\system32\aeinv.dll
2014-07-09 08:52:13 ----A---- C:\windows\system32\win32k.sys
2014-07-09 08:52:12 ----A---- C:\windows\SYSWOW64\osk.exe
2014-07-09 08:52:12 ----A---- C:\windows\system32\osk.exe
2014-07-09 08:52:11 ----A---- C:\windows\SYSWOW64\qedit.dll
2014-07-09 08:52:11 ----A---- C:\windows\system32\qedit.dll
2014-07-09 08:52:11 ----A---- C:\windows\system32\drivers\afd.sys
2014-07-09 08:52:09 ----A---- C:\windows\SYSWOW64\schannel.dll
2014-07-09 08:52:09 ----A---- C:\windows\SYSWOW64\msv1_0.dll
2014-07-09 08:52:09 ----A---- C:\windows\SYSWOW64\kerberos.dll
2014-07-09 08:52:09 ----A---- C:\windows\system32\schannel.dll
2014-07-09 08:52:09 ----A---- C:\windows\system32\kerberos.dll
2014-07-09 08:52:08 ----A---- C:\windows\SYSWOW64\wdigest.dll
2014-07-09 08:52:08 ----A---- C:\windows\SYSWOW64\TSpkg.dll
2014-07-09 08:52:08 ----A---- C:\windows\SYSWOW64\ncrypt.dll
2014-07-09 08:52:08 ----A---- C:\windows\SYSWOW64\credssp.dll
2014-07-09 08:52:08 ----A---- C:\windows\system32\wdigest.dll
2014-07-09 08:52:08 ----A---- C:\windows\system32\TSpkg.dll
2014-07-09 08:52:08 ----A---- C:\windows\system32\ncrypt.dll
2014-07-09 08:52:08 ----A---- C:\windows\system32\msv1_0.dll
2014-07-09 08:52:08 ----A---- C:\windows\system32\credssp.dll
2014-07-09 08:52:05 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2014-07-09 08:52:05 ----A---- C:\windows\SYSWOW64\jscript9diag.dll
2014-07-09 08:52:05 ----A---- C:\windows\SYSWOW64\ieetwproxystub.dll
2014-07-09 08:52:05 ----A---- C:\windows\system32\iernonce.dll
2014-07-09 08:52:04 ----A---- C:\windows\SYSWOW64\urlmon.dll
2014-07-09 08:52:04 ----A---- C:\windows\SYSWOW64\mshtml.dll
2014-07-09 08:52:04 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2014-07-09 08:52:04 ----A---- C:\windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-07-09 08:52:04 ----A---- C:\windows\SYSWOW64\iernonce.dll
2014-07-09 08:52:04 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2014-07-09 08:52:04 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2014-07-09 08:52:04 ----A---- C:\windows\system32\ieetwproxystub.dll
2014-07-09 08:52:04 ----A---- C:\windows\system32\iedkcs32.dll
2014-07-09 08:52:03 ----A---- C:\windows\SYSWOW64\iesetup.dll
2014-07-09 08:52:03 ----A---- C:\windows\SYSWOW64\iertutil.dll
2014-07-09 08:52:03 ----A---- C:\windows\system32\urlmon.dll
2014-07-09 08:52:02 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2014-07-09 08:52:02 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2014-07-09 08:52:02 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2014-07-09 08:52:02 ----A---- C:\windows\system32\ieetwcollectorres.dll
2014-07-09 08:52:02 ----A---- C:\windows\system32\ieetwcollector.exe
2014-07-09 08:52:02 ----A---- C:\windows\system32\dxtmsft.dll
2014-07-09 08:52:01 ----A---- C:\windows\SYSWOW64\ieui.dll
2014-07-09 08:52:01 ----A---- C:\windows\SYSWOW64\ieframe.dll
2014-07-09 08:52:01 ----A---- C:\windows\system32\msfeeds.dll
2014-07-09 08:52:01 ----A---- C:\windows\system32\iesetup.dll
2014-07-09 08:52:01 ----A---- C:\windows\system32\ie4uinit.exe
2014-07-09 08:51:59 ----A---- C:\windows\SYSWOW64\wininet.dll
2014-07-09 08:51:59 ----A---- C:\windows\SYSWOW64\vbscript.dll
2014-07-09 08:51:59 ----A---- C:\windows\SYSWOW64\mshtmlmedia.dll
2014-07-09 08:51:59 ----A---- C:\windows\SYSWOW64\jscript9.dll
2014-07-09 08:51:59 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2014-07-09 08:51:59 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2014-07-09 08:51:59 ----A---- C:\windows\system32\iertutil.dll
2014-07-09 08:51:58 ----A---- C:\windows\SYSWOW64\msrating.dll
2014-07-09 08:51:58 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll
2014-07-09 08:51:58 ----A---- C:\windows\system32\jsproxy.dll
2014-07-09 08:51:58 ----A---- C:\windows\system32\ieui.dll
2014-07-09 08:51:58 ----A---- C:\windows\system32\ieframe.dll
2014-07-09 08:51:58 ----A---- C:\windows\system32\dxtrans.dll
2014-07-09 08:51:57 ----A---- C:\windows\system32\mshtmlmedia.dll
2014-07-09 08:51:57 ----A---- C:\windows\system32\mshtmled.dll
2014-07-09 08:51:57 ----A---- C:\windows\system32\jscript9diag.dll
2014-07-09 08:51:57 ----A---- C:\windows\system32\jscript9.dll
2014-07-09 08:51:57 ----A---- C:\windows\system32\ieUnatt.exe
2014-07-09 08:51:56 ----A---- C:\windows\system32\wininet.dll
2014-07-09 08:51:56 ----A---- C:\windows\system32\vbscript.dll
2014-07-09 08:51:56 ----A---- C:\windows\system32\msrating.dll
2014-07-09 08:51:56 ----A---- C:\windows\system32\MshtmlDac.dll
2014-07-09 08:51:56 ----A---- C:\windows\system32\ieapfltr.dll
2014-07-09 08:51:55 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2014-07-09 08:51:55 ----A---- C:\windows\system32\mshtml.dll
2014-07-09 08:51:05 ----A---- C:\windows\system32\lsasrv.dll
2014-07-09 08:51:04 ----A---- C:\windows\SYSWOW64\sspicli.dll
2014-07-09 08:51:04 ----A---- C:\windows\SYSWOW64\secur32.dll
2014-07-07 19:58:47 ----A---- C:\windows\system32\drivers\MBAMSwissArmy.sys
2014-07-07 19:58:25 ----A---- C:\windows\system32\drivers\mwac.sys
2014-07-07 19:58:25 ----A---- C:\windows\system32\drivers\mbamchameleon.sys
2014-07-05 09:57:24 ----A---- C:\windows\avastSS.scr
======List of files/folders modified in the last 1 month======
2014-08-01 22:03:46 ----D---- C:\windows\Temp
2014-08-01 22:03:40 ----D---- C:\Program Files\trend micro
2014-08-01 22:02:56 ----D---- C:\windows\Prefetch
2014-08-01 22:01:51 ----D---- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Skype
2014-08-01 21:51:58 ----D---- C:\windows\System32
2014-08-01 21:51:58 ----D---- C:\windows\inf
2014-08-01 21:51:58 ----A---- C:\windows\system32\PerfStringBackup.INI
2014-08-01 21:33:12 ----D---- C:\windows\tracing
2014-08-01 08:32:29 ----D---- C:\windows\system32\config
2014-08-01 08:21:14 ----SHD---- C:\System Volume Information
2014-08-01 08:16:29 ----A---- C:\windows\SYSWOW64\log.txt
2014-07-30 17:06:59 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-30 12:09:10 ----RD---- C:\Program Files (x86)
2014-07-29 09:31:46 ----D---- C:\Users\Marcelka a Pavlíček\AppData\Roaming\vlc
2014-07-29 08:46:00 ----D---- C:\windows\Minidump
2014-07-29 08:45:58 ----D---- C:\Windows
2014-07-27 20:41:57 ----D---- C:\Program Files\CCleaner
2014-07-27 20:40:59 ----HD---- C:\ProgramData
2014-07-27 07:39:44 ----D---- C:\Program Files\Microsoft Silverlight
2014-07-27 07:39:42 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2014-07-27 07:39:37 ----D---- C:\windows\system32\drivers
2014-07-27 07:39:37 ----D---- C:\windows\ShellNew
2014-07-27 07:39:37 ----D---- C:\windows\Offline Web Pages
2014-07-26 21:11:35 ----SHD---- C:\windows\Installer
2014-07-26 20:53:50 ----D---- C:\windows\system32\Tasks
2014-07-26 19:58:17 ----D---- C:\Program Files (x86)\Opera
2014-07-17 20:52:38 ----D---- C:\Program Files (x86)\Common Files
2014-07-17 20:52:24 ----D---- C:\ProgramData\Oracle
2014-07-17 20:52:08 ----D---- C:\windows\SysWOW64
2014-07-17 20:51:49 ----D---- C:\Program Files (x86)\Java
2014-07-17 08:17:36 ----D---- C:\windows\system32\catroot2
2014-07-13 18:21:10 ----D---- C:\windows\debug
2014-07-10 20:04:03 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2014-07-10 09:37:01 ----D---- C:\windows\rescache
2014-07-09 17:20:47 ----D---- C:\windows\winsxs
2014-07-09 17:18:20 ----D---- C:\Program Files\Windows Journal
2014-07-09 17:18:19 ----SD---- C:\windows\system32\CompatTel
2014-07-09 17:18:19 ----D---- C:\windows\SYSWOW64\Dism
2014-07-09 17:18:18 ----D---- C:\windows\system32\Dism
2014-07-09 17:18:15 ----D---- C:\windows\ehome
2014-07-09 17:18:13 ----D---- C:\windows\system32\cs-CZ
2014-07-09 17:18:12 ----D---- C:\windows\SYSWOW64\en-US
2014-07-09 17:18:12 ----D---- C:\Program Files\Internet Explorer
2014-07-09 17:18:09 ----D---- C:\windows\system32\en-US
2014-07-09 17:18:07 ----D---- C:\Program Files (x86)\Internet Explorer
2014-07-09 13:14:20 ----D---- C:\windows\system32\MRT
2014-07-09 13:10:36 ----A---- C:\windows\system32\MRT.exe
2014-07-09 08:50:57 ----D---- C:\windows\system32\catroot
2014-07-08 12:33:41 ----D---- C:\windows\system32\NDF
2014-07-07 19:58:28 ----D---- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Malwarebytes
2014-07-07 19:58:27 ----D---- C:\Program Files (x86)\MALWAREBYTES ANTI-MALWARE
2014-07-07 19:58:25 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-07-07 19:58:24 ----D---- C:\ProgramData\Malwarebytes
2014-07-07 19:56:29 ----D---- C:\Program Files\Defraggler
2014-07-06 21:05:15 ----D---- C:\Users\Marcelka a Pavlíček\AppData\Roaming\dvdcss
2014-07-05 09:57:26 ----A---- C:\windows\system32\aswBoot.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\windows\system32\drivers\aswRvrt.sys [2014-07-05 65776]
R0 aswVmm;avast! VM Monitor; C:\windows\system32\drivers\aswVmm.sys [2014-07-05 224896]
R0 fbfmon;fbfmon; C:\windows\system32\drivers\fbfmon.sys [2011-10-08 57952]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2011-02-18 439320]
R0 LHDmgr;LHDmgr; C:\windows\System32\DRIVERS\LhdX64.sys [2011-10-08 39008]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr2.sys [2014-07-05 93568]
R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2014-07-05 1041168]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2014-07-05 427360]
R1 BPntDrv;BPntDrv; C:\windows\system32\drivers\BPntDrv.sys [2011-10-08 13408]
R1 ElbyCDIO;ElbyCDIO Driver; C:\windows\System32\Drivers\ElbyCDIO.sys [2010-12-17 40816]
R1 vpcnfltr;Virtual PC Network Filter Driver; C:\windows\system32\DRIVERS\vpcnfltr.sys [2010-11-20 59392]
R1 vpcvmm;@%SystemRoot%\system32\drivers\vpcvmm.sys,-100; C:\windows\system32\drivers\vpcvmm.sys [2010-11-20 360832]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\windows\system32\drivers\aswHwid.sys [2014-07-05 29208]
R2 aswMonFlt;aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [2014-07-05 79184]
R2 aswStm;aswStm; C:\windows\system32\drivers\aswStm.sys [2014-07-05 92008]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\windows\system32\DRIVERS\AcpiVpc.sys [2011-10-08 29792]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2011-03-25 8284672]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2011-03-25 296960]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\windows\system32\DRIVERS\bcmwl664.sys [2011-08-19 4746304]
R3 clwvd;CyberLink WebCam Virtual Driver; C:\windows\system32\DRIVERS\clwvd.sys [2011-01-29 31088]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\CHDRT64.sys [2000-01-01 1581184]
R3 IntcDAud;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
R3 intelkmd;intelkmd; C:\windows\system32\DRIVERS\igdpmd64.sys [2011-03-26 12262336]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\windows\system32\DRIVERS\L1C62x64.sys [2010-10-21 76912]
R3 MEIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\windows\system32\DRIVERS\nusb3hub.sys [2010-12-10 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\windows\system32\DRIVERS\nusb3xhc.sys [2010-12-10 181248]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\windows\system32\DRIVERS\seehcri.sys [2012-07-11 34032]
R3 SPUVCbv;SPUVCb Driver Service; C:\windows\System32\Drivers\usbvideo.sys [2013-07-12 185344]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2011-04-08 1430576]
R3 VClone;VClone; C:\windows\system32\DRIVERS\VClone.sys [2011-01-15 36352]
R3 vpcbus;Služba hostitelské sběrnice programu Virtual PC; C:\windows\system32\DRIVERS\vpchbus.sys [2010-11-20 194944]
R3 vpcusb;Služba konektoru virtualizace rozhraní USB; C:\windows\system32\DRIVERS\vpcusb.sys [2010-11-20 95232]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 BTWAMPFL;btwampfl; C:\windows\system32\DRIVERS\btwampfl.sys [2010-12-15 349224]
S3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2010-12-15 106536]
S3 btwavdt;Bluetooth AVDT Service; C:\windows\system32\DRIVERS\btwavdt.sys [2010-12-15 138280]
S3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2010-12-15 39464]
S3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2010-12-15 21416]
S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2011-03-25 12262336]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\windows\system32\drivers\ccdcmbx64.sys [2012-11-09 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\windows\system32\drivers\ccdcmbox64.sys [2012-11-09 27136]
S3 PcaSp60;Rawether NDIS 6.X SPR Protocol Driver; C:\windows\system32\DRIVERS\PcaSp60.sys [2010-05-19 38912]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\windows\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUVStor.sys [2010-09-30 299520]
S3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
S3 s115bus;Sony Ericsson Device 115 driver (WDM); C:\windows\system32\DRIVERS\s115bus.sys [2011-01-18 108296]
S3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter; C:\windows\system32\DRIVERS\s115mdfl.sys [2011-01-18 19720]
S3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver; C:\windows\system32\DRIVERS\s115mdm.sys [2011-01-18 144648]
S3 s115mgmt;Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM); C:\windows\system32\DRIVERS\s115mgmt.sys [2011-01-18 126216]
S3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface; C:\windows\system32\DRIVERS\s115obex.sys [2011-01-18 123656]
S3 s125bus;Sony Ericsson Device 125 driver (WDM); C:\windows\system32\DRIVERS\s125bus.sys [2011-01-18 108296]
S3 s125mdfl;Sony Ericsson Device 125 USB WMC Modem Filter; C:\windows\system32\DRIVERS\s125mdfl.sys [2011-01-18 19720]
S3 s125mdm;Sony Ericsson Device 125 USB WMC Modem Driver; C:\windows\system32\DRIVERS\s125mdm.sys [2011-01-18 144648]
S3 s125mgmt;Sony Ericsson Device 125 USB WMC Device Management Drivers (WDM); C:\windows\system32\DRIVERS\s125mgmt.sys [2011-01-18 126216]
S3 s125obex;Sony Ericsson Device 125 USB WMC OBEX Interface; C:\windows\system32\DRIVERS\s125obex.sys [2011-01-18 123656]
S3 Ser2pl;Prolific Serial port driver; C:\windows\system32\DRIVERS\ser2pl64.sys [2010-03-12 97280]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 upperdev;upperdev; C:\windows\system32\DRIVERS\usbser_lowerfltx64.sys [2012-11-09 9216]
S3 usbser;USB Modem Driver; C:\windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2012-11-09 9216]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\windows\system32\DRIVERS\VBoxNetAdp.sys [2013-11-01 140560]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\windows\system32\DRIVERS\VBoxNetFlt.sys []
S3 vpcuxd;Služba zástupné procedury virtualizace rozhraní USB; C:\windows\system32\DRIVERS\vpcuxd.sys [2010-11-20 16384]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 602XML Updater;602Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2011-03-25 203776]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-07-05 50344]
R2 btwdins;Bluetooth Service; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [2010-12-14 953632]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-02-18 13336]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-21 325656]
R2 PDF Architect Helper Service;PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [2013-04-08 1320496]
R2 PDF Architect Service;PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [2013-04-08 799280]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-07-02 5037888]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-21 2656280]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-10 262320]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2014-06-19 111616]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-07-30 119408]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-12-19 732648]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2011-11-24 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu - velké vytížený procesoru.
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o kontrolu - velké vytížený procesoru.
Zdravim 
Co nejvic zatezuje procesor?
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.
Co nejvic zatezuje procesor? Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o kontrolu - velké vytížený procesoru.
Nejvice vytezuje procesor firefox. Log dodam vecer.
Re: Prosím o kontrolu - velké vytížený procesoru.
# AdwCleaner v3.302 - Report created 02/08/2014 at 18:53:19
# Updated 30/07/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Marcelka a Pavlíček - MAPA
# Running from : C:\Users\Marcelka a Pavlíček\Desktop\adwcleaner_3.302.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\Users\Marcelka a Pavlíček\AppData\Local\Conduit
Folder Deleted : C:\Users\Marcelka a Pavlíček\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Marcelka a Pavlíček\AppData\Roaming\pdfforge
File Deleted : C:\Users\Marcelka a Pavlíček\AppData\Roaming\Mozilla\Firefox\Profiles\lbu3mxc0.default\user.js
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskPIP_FF__RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskPIP_FF__RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\OCS
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\PIP
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17207
-\\ Mozilla Firefox v31.0 (x86 cs)
[ File : C:\Users\Marcelka a Pavlíček\AppData\Roaming\Mozilla\Firefox\Profiles\lbu3mxc0.default\prefs.js ]
[ File : C:\Users\Marcelka a Pavlíček\AppData\Roaming\Mozilla\Firefox\Profiles\ldxelmum.default\prefs.js ]
*************************
AdwCleaner[R0].txt - [3031 octets] - [02/08/2014 18:49:56]
AdwCleaner[S0].txt - [2805 octets] - [02/08/2014 18:53:19]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2865 octets] ##########
# Updated 30/07/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Marcelka a Pavlíček - MAPA
# Running from : C:\Users\Marcelka a Pavlíček\Desktop\adwcleaner_3.302.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\Users\Marcelka a Pavlíček\AppData\Local\Conduit
Folder Deleted : C:\Users\Marcelka a Pavlíček\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Marcelka a Pavlíček\AppData\Roaming\pdfforge
File Deleted : C:\Users\Marcelka a Pavlíček\AppData\Roaming\Mozilla\Firefox\Profiles\lbu3mxc0.default\user.js
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskPIP_FF__RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskPIP_FF__RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\OCS
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\PIP
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17207
-\\ Mozilla Firefox v31.0 (x86 cs)
[ File : C:\Users\Marcelka a Pavlíček\AppData\Roaming\Mozilla\Firefox\Profiles\lbu3mxc0.default\prefs.js ]
[ File : C:\Users\Marcelka a Pavlíček\AppData\Roaming\Mozilla\Firefox\Profiles\ldxelmum.default\prefs.js ]
*************************
AdwCleaner[R0].txt - [3031 octets] - [02/08/2014 18:49:56]
AdwCleaner[S0].txt - [2805 octets] - [02/08/2014 18:53:19]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2865 octets] ##########
Re: Prosím o kontrolu - velké vytížený procesoru.
Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekcePokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o kontrolu - velké vytížený procesoru.
Po 3 hodkach skenu zde výsledek:
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 2.8.2014
Čas skenování: 20:41:03
Protokol: mbam.txt
Správce: Ano
Verze: 2.00.2.1012
Databáze malwaru: v2014.08.02.04
Databáze rootkitů: v2014.08.01.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Self-protection: Vypnuto
OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Marcelka a PavlAÄ?ek
Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 508908
Uplynulý čas: 3 hod, 8 min, 48 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristics: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(No malicious items detected)
Moduly: 0
(No malicious items detected)
Klíče registru: 0
(No malicious items detected)
Hodnoty registru: 0
(No malicious items detected)
Data registru: 0
(No malicious items detected)
Složky: 0
(No malicious items detected)
Soubory: 1
PUP.Optional.Multiplug, C:\Users\Marcelka a PavlAÄ?ek\AppData\Local\Temp\163b3d4a\temp\BIT30B9.tmp, , [8d3f6a577dfea78f8b692b714ab721df],
Fyzické sektory: 0
(No malicious items detected)
(end)
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 2.8.2014
Čas skenování: 20:41:03
Protokol: mbam.txt
Správce: Ano
Verze: 2.00.2.1012
Databáze malwaru: v2014.08.02.04
Databáze rootkitů: v2014.08.01.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Self-protection: Vypnuto
OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Marcelka a PavlAÄ?ek
Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 508908
Uplynulý čas: 3 hod, 8 min, 48 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristics: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(No malicious items detected)
Moduly: 0
(No malicious items detected)
Klíče registru: 0
(No malicious items detected)
Hodnoty registru: 0
(No malicious items detected)
Data registru: 0
(No malicious items detected)
Složky: 0
(No malicious items detected)
Soubory: 1
PUP.Optional.Multiplug, C:\Users\Marcelka a PavlAÄ?ek\AppData\Local\Temp\163b3d4a\temp\BIT30B9.tmp, , [8d3f6a577dfea78f8b692b714ab721df],
Fyzické sektory: 0
(No malicious items detected)
(end)
Re: Prosím o kontrolu - velké vytížený procesoru.
Nalez nechte odstranit, pak MBAM odinstalujte. Dejte novy log z RSITPokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o kontrolu - velké vytížený procesoru.
Logfile of random's system information tool 1.09 (written by random/random)
Run by Marcelka a Pavlíček at 2014-08-03 08:59:33
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 554 GB (83%) free of 670 GB
Total RAM: 4040 MB (65% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:59:44, on 3.8.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17207)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\trend micro\Marcelka a Pavlíček.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tiscali.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre8\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre8\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: QIP 2005 - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - (no file) (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {26E1BEAF-C1A1-482B-8714-08844F1BCF7F} (GTileContainerCtl Class) - http://90.182.35.27/webviewer.cab
O16 - DPF: {816BE035-1450-40D0-8A3B-BA7825A83A77} (IASRunner Class) - http://support.lenovo.com/Resources/Len ... etect2.cab
O16 - DPF: {BF776FD3-69B4-4151-AC97-3A2A64753E18} (GVersionManager Class) - http://90.182.35.27/GVersionMan.cab
O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} (SysInfo Class) - http://content.systemrequirementslab.co ... .5.1.0.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: PDF Architect Helper Service - pdfforge GmbH - C:\Program Files (x86)\PDF Architect\HelperService.exe
O23 - Service: PDF Architect Service - pdfforge GmbH - C:\Program Files (x86)\PDF Architect\ConversionService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9718 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\servicing\TrustedInstaller.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe 28650720
\??\C:\windows\system32\conhost.exe "8372151871754587513-202378605714010051601299791862-721280797-1080593213708102540
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\windows\System32\spoolsv.exe
taskeng.exe {EE9FA22A-41BA-4CAF-B5A7-3254276A635C}
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe"
"C:\Program Files (x86)\PDF Architect\HelperService.exe"
"C:\Program Files (x86)\PDF Architect\ConversionService.exe"
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
atieclxx
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"taskhost.exe"
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\utility.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\wbem\wmiprvse.exe
taskeng.exe {DBE62913-E5FE-4A8A-9727-0F481E94EC74}
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\windows\system32\sppsvc.exe
C:\windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 5004
"C:\Users\Marcelka a Pavlíček\Downloads\RSITx64.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
======Scheduled tasks folder======
C:\windows\tasks\Adobe Flash Player Updater.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Marcelka a Pavlíček\AppData\Roaming\Mozilla\Firefox\Profiles\lbu3mxc0.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "www.seznam.cz"
prefs.js - "extensions.enabledItems" - "{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3, {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11, {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17, jqs@sun.com:1.0, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {0FED7D55-65D4-47b6-A6DE-9A4ADB55355F}:1.0.1, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0, {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:5.5, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.13"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.145 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\windows\SysWOW64\Adobe\Director\np32dsw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.11.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre8\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.11.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre8\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00]
"Description"=
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@software602.cz/602XML Filler]
"Description"=602XML Filler Plugin
"Path"=C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.145 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.4.0]
"Description"=
"Path"=C:\windows\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Users\Marcelka a Pavlíček\AppData\Roaming\Mozilla\Firefox\Profiles\lbu3mxc0.default\searchplugins\
zbocz.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-07-05 612248]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3A2D5EBA-F86D-4BD3-A177-019765996711}]
PDF Architect Helper - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll [2013-04-08 92208]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre8\bin\ssv.dll [2014-07-17 463784]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-07-05 457712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre8\bin\jp2ssv.dll [2014-07-17 172456]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2011-03-26 167960]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2011-03-26 391704]
"Persistence"=C:\windows\system32\igfxpers.exe [2011-03-26 418840]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-04-08 2741544]
"Lenovo EE Boot Optimizer"=C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [2011-10-08 114688]
"Energy Management"=C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [2011-10-08 9753024]
"EnergyUtility"=C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [2011-10-08 5908928]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SAIICpl.exe [2000-01-01 307768]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-05-08 21444224]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-06-16 224128]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uninstall C:]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VeriFaceManager]
C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [2011-10-08 329056]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
C:\PROGRA~1\Lenovo\BLUETO~1\BTTray.exe [2010-12-14 1133856]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk]
C:\PROGRA~2\Secunia\PSI\psi_tray.exe []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-02-18 283160]
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-11-17 113288]
"YouCam Mirage"=C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2011-01-29 136488]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-07-31 4085896]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-06-16 224128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2011-03-25 385024]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-08-03 08:26:08 ----A---- C:\windows\system32\wups2.dll
2014-08-03 08:26:08 ----A---- C:\windows\system32\wucltux.dll
2014-08-03 08:26:08 ----A---- C:\windows\system32\wuaueng.dll
2014-08-03 08:26:08 ----A---- C:\windows\system32\wuauclt.exe
2014-08-03 08:25:56 ----A---- C:\windows\SYSWOW64\wups.dll
2014-08-03 08:25:56 ----A---- C:\windows\SYSWOW64\wudriver.dll
2014-08-03 08:25:56 ----A---- C:\windows\SYSWOW64\wuapi.dll
2014-08-03 08:25:56 ----A---- C:\windows\system32\wups.dll
2014-08-03 08:25:56 ----A---- C:\windows\system32\wudriver.dll
2014-08-03 08:25:56 ----A---- C:\windows\system32\wuapi.dll
2014-08-03 08:25:43 ----A---- C:\windows\SYSWOW64\wuwebv.dll
2014-08-03 08:25:43 ----A---- C:\windows\SYSWOW64\wuapp.exe
2014-08-03 08:25:43 ----A---- C:\windows\system32\wuwebv.dll
2014-08-03 08:25:43 ----A---- C:\windows\system32\wuapp.exe
2014-08-02 18:48:55 ----D---- C:\AdwCleaner
2014-08-01 21:53:08 ----D---- C:\rsit
2014-07-30 08:37:04 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-07-17 20:52:08 ----A---- C:\windows\SYSWOW64\javaws.exe
2014-07-17 20:52:02 ----A---- C:\windows\SYSWOW64\WindowsAccessBridge-32.dll
2014-07-17 20:52:02 ----A---- C:\windows\SYSWOW64\javaw.exe
2014-07-17 20:52:02 ----A---- C:\windows\SYSWOW64\java.exe
2014-07-16 22:08:15 ----A---- C:\windows\SYSWOW64\REN5BD8.tmp
2014-07-16 22:08:15 ----A---- C:\windows\SYSWOW64\REN5BD7.tmp
2014-07-09 08:52:18 ----A---- C:\windows\system32\aepdu.dll
2014-07-09 08:52:17 ----A---- C:\windows\system32\aeinv.dll
2014-07-09 08:52:13 ----A---- C:\windows\system32\win32k.sys
2014-07-09 08:52:12 ----A---- C:\windows\SYSWOW64\osk.exe
2014-07-09 08:52:12 ----A---- C:\windows\system32\osk.exe
2014-07-09 08:52:11 ----A---- C:\windows\SYSWOW64\qedit.dll
2014-07-09 08:52:11 ----A---- C:\windows\system32\qedit.dll
2014-07-09 08:52:11 ----A---- C:\windows\system32\drivers\afd.sys
2014-07-09 08:52:09 ----A---- C:\windows\SYSWOW64\schannel.dll
2014-07-09 08:52:09 ----A---- C:\windows\SYSWOW64\msv1_0.dll
2014-07-09 08:52:09 ----A---- C:\windows\SYSWOW64\kerberos.dll
2014-07-09 08:52:09 ----A---- C:\windows\system32\schannel.dll
2014-07-09 08:52:09 ----A---- C:\windows\system32\kerberos.dll
2014-07-09 08:52:08 ----A---- C:\windows\SYSWOW64\wdigest.dll
2014-07-09 08:52:08 ----A---- C:\windows\SYSWOW64\TSpkg.dll
2014-07-09 08:52:08 ----A---- C:\windows\SYSWOW64\ncrypt.dll
2014-07-09 08:52:08 ----A---- C:\windows\SYSWOW64\credssp.dll
2014-07-09 08:52:08 ----A---- C:\windows\system32\wdigest.dll
2014-07-09 08:52:08 ----A---- C:\windows\system32\TSpkg.dll
2014-07-09 08:52:08 ----A---- C:\windows\system32\ncrypt.dll
2014-07-09 08:52:08 ----A---- C:\windows\system32\msv1_0.dll
2014-07-09 08:52:08 ----A---- C:\windows\system32\credssp.dll
2014-07-09 08:52:05 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2014-07-09 08:52:05 ----A---- C:\windows\SYSWOW64\jscript9diag.dll
2014-07-09 08:52:05 ----A---- C:\windows\SYSWOW64\ieetwproxystub.dll
2014-07-09 08:52:05 ----A---- C:\windows\system32\iernonce.dll
2014-07-09 08:52:04 ----A---- C:\windows\SYSWOW64\urlmon.dll
2014-07-09 08:52:04 ----A---- C:\windows\SYSWOW64\mshtml.dll
2014-07-09 08:52:04 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2014-07-09 08:52:04 ----A---- C:\windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-07-09 08:52:04 ----A---- C:\windows\SYSWOW64\iernonce.dll
2014-07-09 08:52:04 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2014-07-09 08:52:04 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2014-07-09 08:52:04 ----A---- C:\windows\system32\ieetwproxystub.dll
2014-07-09 08:52:04 ----A---- C:\windows\system32\iedkcs32.dll
2014-07-09 08:52:03 ----A---- C:\windows\SYSWOW64\iesetup.dll
2014-07-09 08:52:03 ----A---- C:\windows\SYSWOW64\iertutil.dll
2014-07-09 08:52:03 ----A---- C:\windows\system32\urlmon.dll
2014-07-09 08:52:02 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2014-07-09 08:52:02 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2014-07-09 08:52:02 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2014-07-09 08:52:02 ----A---- C:\windows\system32\ieetwcollectorres.dll
2014-07-09 08:52:02 ----A---- C:\windows\system32\ieetwcollector.exe
2014-07-09 08:52:02 ----A---- C:\windows\system32\dxtmsft.dll
2014-07-09 08:52:01 ----A---- C:\windows\SYSWOW64\ieui.dll
2014-07-09 08:52:01 ----A---- C:\windows\SYSWOW64\ieframe.dll
2014-07-09 08:52:01 ----A---- C:\windows\system32\msfeeds.dll
2014-07-09 08:52:01 ----A---- C:\windows\system32\iesetup.dll
2014-07-09 08:52:01 ----A---- C:\windows\system32\ie4uinit.exe
2014-07-09 08:51:59 ----A---- C:\windows\SYSWOW64\wininet.dll
2014-07-09 08:51:59 ----A---- C:\windows\SYSWOW64\vbscript.dll
2014-07-09 08:51:59 ----A---- C:\windows\SYSWOW64\mshtmlmedia.dll
2014-07-09 08:51:59 ----A---- C:\windows\SYSWOW64\jscript9.dll
2014-07-09 08:51:59 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2014-07-09 08:51:59 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2014-07-09 08:51:59 ----A---- C:\windows\system32\iertutil.dll
2014-07-09 08:51:58 ----A---- C:\windows\SYSWOW64\msrating.dll
2014-07-09 08:51:58 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll
2014-07-09 08:51:58 ----A---- C:\windows\system32\jsproxy.dll
2014-07-09 08:51:58 ----A---- C:\windows\system32\ieui.dll
2014-07-09 08:51:58 ----A---- C:\windows\system32\ieframe.dll
2014-07-09 08:51:58 ----A---- C:\windows\system32\dxtrans.dll
2014-07-09 08:51:57 ----A---- C:\windows\system32\mshtmlmedia.dll
2014-07-09 08:51:57 ----A---- C:\windows\system32\mshtmled.dll
2014-07-09 08:51:57 ----A---- C:\windows\system32\jscript9diag.dll
2014-07-09 08:51:57 ----A---- C:\windows\system32\jscript9.dll
2014-07-09 08:51:57 ----A---- C:\windows\system32\ieUnatt.exe
2014-07-09 08:51:56 ----A---- C:\windows\system32\wininet.dll
2014-07-09 08:51:56 ----A---- C:\windows\system32\vbscript.dll
2014-07-09 08:51:56 ----A---- C:\windows\system32\msrating.dll
2014-07-09 08:51:56 ----A---- C:\windows\system32\MshtmlDac.dll
2014-07-09 08:51:56 ----A---- C:\windows\system32\ieapfltr.dll
2014-07-09 08:51:55 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2014-07-09 08:51:55 ----A---- C:\windows\system32\mshtml.dll
2014-07-09 08:51:05 ----A---- C:\windows\system32\lsasrv.dll
2014-07-09 08:51:04 ----A---- C:\windows\SYSWOW64\sspicli.dll
2014-07-09 08:51:04 ----A---- C:\windows\SYSWOW64\secur32.dll
2014-07-05 09:57:24 ----A---- C:\windows\avastSS.scr
======List of files/folders modified in the last 1 month======
2014-08-03 08:59:36 ----D---- C:\Program Files\trend micro
2014-08-03 08:59:01 ----D---- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Skype
2014-08-03 08:58:52 ----A---- C:\windows\SYSWOW64\log.txt
2014-08-03 08:58:51 ----D---- C:\windows\tracing
2014-08-03 08:56:41 ----D---- C:\windows\Temp
2014-08-03 08:56:38 ----D---- C:\windows\winsxs
2014-08-03 08:56:10 ----D---- C:\windows\system32\config
2014-08-03 08:56:03 ----D---- C:\windows\SYSWOW64\cs-CZ
2014-08-03 08:56:03 ----D---- C:\windows\SysWOW64
2014-08-03 08:56:03 ----D---- C:\windows\system32\cs-CZ
2014-08-03 08:56:03 ----D---- C:\windows\System32
2014-08-03 08:56:00 ----RD---- C:\Program Files (x86)
2014-08-03 08:54:35 ----HD---- C:\ProgramData
2014-08-03 08:54:32 ----D---- C:\windows\system32\drivers
2014-08-03 08:26:44 ----A---- C:\windows\system32\PerfStringBackup.INI
2014-08-03 08:26:43 ----D---- C:\windows\inf
2014-08-03 08:26:18 ----D---- C:\windows\system32\catroot
2014-08-03 08:26:17 ----D---- C:\windows\system32\catroot2
2014-08-03 08:25:37 ----SHD---- C:\System Volume Information
2014-08-03 00:29:52 ----D---- C:\windows\Prefetch
2014-08-03 00:29:33 ----SHD---- C:\$Recycle.Bin
2014-08-03 00:29:22 ----RD---- C:\Users
2014-08-02 23:54:52 ----D---- C:\windows\system
2014-07-30 17:06:59 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-29 09:31:46 ----D---- C:\Users\Marcelka a Pavlíček\AppData\Roaming\vlc
2014-07-29 08:46:00 ----D---- C:\windows\Minidump
2014-07-29 08:45:58 ----D---- C:\Windows
2014-07-27 20:41:57 ----D---- C:\Program Files\CCleaner
2014-07-27 07:39:44 ----D---- C:\Program Files\Microsoft Silverlight
2014-07-27 07:39:42 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2014-07-27 07:39:37 ----D---- C:\windows\ShellNew
2014-07-27 07:39:37 ----D---- C:\windows\Offline Web Pages
2014-07-26 21:11:35 ----SHD---- C:\windows\Installer
2014-07-26 20:53:50 ----D---- C:\windows\system32\Tasks
2014-07-26 19:58:17 ----D---- C:\Program Files (x86)\Opera
2014-07-17 20:52:38 ----D---- C:\Program Files (x86)\Common Files
2014-07-17 20:52:24 ----D---- C:\ProgramData\Oracle
2014-07-17 20:51:49 ----D---- C:\Program Files (x86)\Java
2014-07-13 18:21:10 ----D---- C:\windows\debug
2014-07-10 20:04:03 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2014-07-10 09:37:01 ----D---- C:\windows\rescache
2014-07-09 17:18:20 ----D---- C:\Program Files\Windows Journal
2014-07-09 17:18:19 ----SD---- C:\windows\system32\CompatTel
2014-07-09 17:18:19 ----D---- C:\windows\SYSWOW64\Dism
2014-07-09 17:18:18 ----D---- C:\windows\system32\Dism
2014-07-09 17:18:15 ----D---- C:\windows\ehome
2014-07-09 17:18:12 ----D---- C:\windows\SYSWOW64\en-US
2014-07-09 17:18:12 ----D---- C:\Program Files\Internet Explorer
2014-07-09 17:18:09 ----D---- C:\windows\system32\en-US
2014-07-09 17:18:07 ----D---- C:\Program Files (x86)\Internet Explorer
2014-07-09 13:14:20 ----D---- C:\windows\system32\MRT
2014-07-09 13:10:36 ----A---- C:\windows\system32\MRT.exe
2014-07-08 12:33:41 ----D---- C:\windows\system32\NDF
2014-07-07 19:56:29 ----D---- C:\Program Files\Defraggler
2014-07-06 21:05:15 ----D---- C:\Users\Marcelka a Pavlíček\AppData\Roaming\dvdcss
2014-07-05 09:57:26 ----A---- C:\windows\system32\aswBoot.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\windows\system32\drivers\aswRvrt.sys [2014-07-05 65776]
R0 aswVmm;avast! VM Monitor; C:\windows\system32\drivers\aswVmm.sys [2014-07-05 224896]
R0 fbfmon;fbfmon; C:\windows\system32\drivers\fbfmon.sys [2011-10-08 57952]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2011-02-18 439320]
R0 LHDmgr;LHDmgr; C:\windows\System32\DRIVERS\LhdX64.sys [2011-10-08 39008]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr2.sys [2014-07-05 93568]
R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2014-07-05 1041168]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2014-07-05 427360]
R1 BPntDrv;BPntDrv; C:\windows\system32\drivers\BPntDrv.sys [2011-10-08 13408]
R1 ElbyCDIO;ElbyCDIO Driver; C:\windows\System32\Drivers\ElbyCDIO.sys [2010-12-17 40816]
R1 vpcnfltr;Virtual PC Network Filter Driver; C:\windows\system32\DRIVERS\vpcnfltr.sys [2010-11-20 59392]
R1 vpcvmm;@%SystemRoot%\system32\drivers\vpcvmm.sys,-100; C:\windows\system32\drivers\vpcvmm.sys [2010-11-20 360832]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\windows\system32\drivers\aswHwid.sys [2014-07-05 29208]
R2 aswMonFlt;aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [2014-07-05 79184]
R2 aswStm;aswStm; C:\windows\system32\drivers\aswStm.sys [2014-07-05 92008]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\windows\system32\DRIVERS\AcpiVpc.sys [2011-10-08 29792]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2011-03-25 8284672]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2011-03-25 296960]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\windows\system32\DRIVERS\bcmwl664.sys [2011-08-19 4746304]
R3 clwvd;CyberLink WebCam Virtual Driver; C:\windows\system32\DRIVERS\clwvd.sys [2011-01-29 31088]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\CHDRT64.sys [2000-01-01 1581184]
R3 IntcDAud;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
R3 intelkmd;intelkmd; C:\windows\system32\DRIVERS\igdpmd64.sys [2011-03-26 12262336]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\windows\system32\DRIVERS\L1C62x64.sys [2010-10-21 76912]
R3 MEIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\windows\system32\DRIVERS\nusb3hub.sys [2010-12-10 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\windows\system32\DRIVERS\nusb3xhc.sys [2010-12-10 181248]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\windows\system32\DRIVERS\seehcri.sys [2012-07-11 34032]
R3 SPUVCbv;SPUVCb Driver Service; C:\windows\System32\Drivers\usbvideo.sys [2013-07-12 185344]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2011-04-08 1430576]
R3 VClone;VClone; C:\windows\system32\DRIVERS\VClone.sys [2011-01-15 36352]
R3 vpcbus;Služba hostitelské sběrnice programu Virtual PC; C:\windows\system32\DRIVERS\vpchbus.sys [2010-11-20 194944]
R3 vpcusb;Služba konektoru virtualizace rozhraní USB; C:\windows\system32\DRIVERS\vpcusb.sys [2010-11-20 95232]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 BTWAMPFL;btwampfl; C:\windows\system32\DRIVERS\btwampfl.sys [2010-12-15 349224]
S3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2010-12-15 106536]
S3 btwavdt;Bluetooth AVDT Service; C:\windows\system32\DRIVERS\btwavdt.sys [2010-12-15 138280]
S3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2010-12-15 39464]
S3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2010-12-15 21416]
S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2011-03-25 12262336]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\windows\system32\drivers\ccdcmbx64.sys [2012-11-09 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\windows\system32\drivers\ccdcmbox64.sys [2012-11-09 27136]
S3 PcaSp60;Rawether NDIS 6.X SPR Protocol Driver; C:\windows\system32\DRIVERS\PcaSp60.sys [2010-05-19 38912]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\windows\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUVStor.sys [2010-09-30 299520]
S3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
S3 s115bus;Sony Ericsson Device 115 driver (WDM); C:\windows\system32\DRIVERS\s115bus.sys [2011-01-18 108296]
S3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter; C:\windows\system32\DRIVERS\s115mdfl.sys [2011-01-18 19720]
S3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver; C:\windows\system32\DRIVERS\s115mdm.sys [2011-01-18 144648]
S3 s115mgmt;Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM); C:\windows\system32\DRIVERS\s115mgmt.sys [2011-01-18 126216]
S3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface; C:\windows\system32\DRIVERS\s115obex.sys [2011-01-18 123656]
S3 s125bus;Sony Ericsson Device 125 driver (WDM); C:\windows\system32\DRIVERS\s125bus.sys [2011-01-18 108296]
S3 s125mdfl;Sony Ericsson Device 125 USB WMC Modem Filter; C:\windows\system32\DRIVERS\s125mdfl.sys [2011-01-18 19720]
S3 s125mdm;Sony Ericsson Device 125 USB WMC Modem Driver; C:\windows\system32\DRIVERS\s125mdm.sys [2011-01-18 144648]
S3 s125mgmt;Sony Ericsson Device 125 USB WMC Device Management Drivers (WDM); C:\windows\system32\DRIVERS\s125mgmt.sys [2011-01-18 126216]
S3 s125obex;Sony Ericsson Device 125 USB WMC OBEX Interface; C:\windows\system32\DRIVERS\s125obex.sys [2011-01-18 123656]
S3 Ser2pl;Prolific Serial port driver; C:\windows\system32\DRIVERS\ser2pl64.sys [2010-03-12 97280]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 upperdev;upperdev; C:\windows\system32\DRIVERS\usbser_lowerfltx64.sys [2012-11-09 9216]
S3 usbser;USB Modem Driver; C:\windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2012-11-09 9216]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\windows\system32\DRIVERS\VBoxNetAdp.sys [2013-11-01 140560]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\windows\system32\DRIVERS\VBoxNetFlt.sys []
S3 vpcuxd;Služba zástupné procedury virtualizace rozhraní USB; C:\windows\system32\DRIVERS\vpcuxd.sys [2010-11-20 16384]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 602XML Updater;602Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2011-03-25 203776]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-07-05 50344]
R2 btwdins;Bluetooth Service; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [2010-12-14 953632]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-02-18 13336]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-21 325656]
R2 PDF Architect Helper Service;PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [2013-04-08 1320496]
R2 PDF Architect Service;PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [2013-04-08 799280]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-07-02 5037888]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-21 2656280]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-10 262320]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2014-06-19 111616]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-07-30 119408]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-12-19 732648]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2011-11-24 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
Run by Marcelka a Pavlíček at 2014-08-03 08:59:33
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 554 GB (83%) free of 670 GB
Total RAM: 4040 MB (65% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:59:44, on 3.8.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17207)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\trend micro\Marcelka a Pavlíček.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tiscali.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre8\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre8\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: QIP 2005 - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - (no file) (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {26E1BEAF-C1A1-482B-8714-08844F1BCF7F} (GTileContainerCtl Class) - http://90.182.35.27/webviewer.cab
O16 - DPF: {816BE035-1450-40D0-8A3B-BA7825A83A77} (IASRunner Class) - http://support.lenovo.com/Resources/Len ... etect2.cab
O16 - DPF: {BF776FD3-69B4-4151-AC97-3A2A64753E18} (GVersionManager Class) - http://90.182.35.27/GVersionMan.cab
O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} (SysInfo Class) - http://content.systemrequirementslab.co ... .5.1.0.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: PDF Architect Helper Service - pdfforge GmbH - C:\Program Files (x86)\PDF Architect\HelperService.exe
O23 - Service: PDF Architect Service - pdfforge GmbH - C:\Program Files (x86)\PDF Architect\ConversionService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9718 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\servicing\TrustedInstaller.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe 28650720
\??\C:\windows\system32\conhost.exe "8372151871754587513-202378605714010051601299791862-721280797-1080593213708102540
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\windows\System32\spoolsv.exe
taskeng.exe {EE9FA22A-41BA-4CAF-B5A7-3254276A635C}
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe"
"C:\Program Files (x86)\PDF Architect\HelperService.exe"
"C:\Program Files (x86)\PDF Architect\ConversionService.exe"
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
atieclxx
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"taskhost.exe"
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\utility.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\wbem\wmiprvse.exe
taskeng.exe {DBE62913-E5FE-4A8A-9727-0F481E94EC74}
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\windows\system32\sppsvc.exe
C:\windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 5004
"C:\Users\Marcelka a Pavlíček\Downloads\RSITx64.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
======Scheduled tasks folder======
C:\windows\tasks\Adobe Flash Player Updater.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Marcelka a Pavlíček\AppData\Roaming\Mozilla\Firefox\Profiles\lbu3mxc0.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "www.seznam.cz"
prefs.js - "extensions.enabledItems" - "{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3, {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11, {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17, jqs@sun.com:1.0, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {0FED7D55-65D4-47b6-A6DE-9A4ADB55355F}:1.0.1, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0, {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:5.5, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.13"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.145 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\windows\SysWOW64\Adobe\Director\np32dsw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.11.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre8\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.11.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre8\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00]
"Description"=
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@software602.cz/602XML Filler]
"Description"=602XML Filler Plugin
"Path"=C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.145 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.4.0]
"Description"=
"Path"=C:\windows\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Users\Marcelka a Pavlíček\AppData\Roaming\Mozilla\Firefox\Profiles\lbu3mxc0.default\searchplugins\
zbocz.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-07-05 612248]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3A2D5EBA-F86D-4BD3-A177-019765996711}]
PDF Architect Helper - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll [2013-04-08 92208]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre8\bin\ssv.dll [2014-07-17 463784]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-07-05 457712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre8\bin\jp2ssv.dll [2014-07-17 172456]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2011-03-26 167960]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2011-03-26 391704]
"Persistence"=C:\windows\system32\igfxpers.exe [2011-03-26 418840]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-04-08 2741544]
"Lenovo EE Boot Optimizer"=C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [2011-10-08 114688]
"Energy Management"=C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [2011-10-08 9753024]
"EnergyUtility"=C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [2011-10-08 5908928]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SAIICpl.exe [2000-01-01 307768]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-05-08 21444224]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-06-16 224128]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uninstall C:]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VeriFaceManager]
C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [2011-10-08 329056]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
C:\PROGRA~1\Lenovo\BLUETO~1\BTTray.exe [2010-12-14 1133856]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk]
C:\PROGRA~2\Secunia\PSI\psi_tray.exe []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-02-18 283160]
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-11-17 113288]
"YouCam Mirage"=C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2011-01-29 136488]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-07-31 4085896]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-06-16 224128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2011-03-25 385024]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-08-03 08:26:08 ----A---- C:\windows\system32\wups2.dll
2014-08-03 08:26:08 ----A---- C:\windows\system32\wucltux.dll
2014-08-03 08:26:08 ----A---- C:\windows\system32\wuaueng.dll
2014-08-03 08:26:08 ----A---- C:\windows\system32\wuauclt.exe
2014-08-03 08:25:56 ----A---- C:\windows\SYSWOW64\wups.dll
2014-08-03 08:25:56 ----A---- C:\windows\SYSWOW64\wudriver.dll
2014-08-03 08:25:56 ----A---- C:\windows\SYSWOW64\wuapi.dll
2014-08-03 08:25:56 ----A---- C:\windows\system32\wups.dll
2014-08-03 08:25:56 ----A---- C:\windows\system32\wudriver.dll
2014-08-03 08:25:56 ----A---- C:\windows\system32\wuapi.dll
2014-08-03 08:25:43 ----A---- C:\windows\SYSWOW64\wuwebv.dll
2014-08-03 08:25:43 ----A---- C:\windows\SYSWOW64\wuapp.exe
2014-08-03 08:25:43 ----A---- C:\windows\system32\wuwebv.dll
2014-08-03 08:25:43 ----A---- C:\windows\system32\wuapp.exe
2014-08-02 18:48:55 ----D---- C:\AdwCleaner
2014-08-01 21:53:08 ----D---- C:\rsit
2014-07-30 08:37:04 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-07-17 20:52:08 ----A---- C:\windows\SYSWOW64\javaws.exe
2014-07-17 20:52:02 ----A---- C:\windows\SYSWOW64\WindowsAccessBridge-32.dll
2014-07-17 20:52:02 ----A---- C:\windows\SYSWOW64\javaw.exe
2014-07-17 20:52:02 ----A---- C:\windows\SYSWOW64\java.exe
2014-07-16 22:08:15 ----A---- C:\windows\SYSWOW64\REN5BD8.tmp
2014-07-16 22:08:15 ----A---- C:\windows\SYSWOW64\REN5BD7.tmp
2014-07-09 08:52:18 ----A---- C:\windows\system32\aepdu.dll
2014-07-09 08:52:17 ----A---- C:\windows\system32\aeinv.dll
2014-07-09 08:52:13 ----A---- C:\windows\system32\win32k.sys
2014-07-09 08:52:12 ----A---- C:\windows\SYSWOW64\osk.exe
2014-07-09 08:52:12 ----A---- C:\windows\system32\osk.exe
2014-07-09 08:52:11 ----A---- C:\windows\SYSWOW64\qedit.dll
2014-07-09 08:52:11 ----A---- C:\windows\system32\qedit.dll
2014-07-09 08:52:11 ----A---- C:\windows\system32\drivers\afd.sys
2014-07-09 08:52:09 ----A---- C:\windows\SYSWOW64\schannel.dll
2014-07-09 08:52:09 ----A---- C:\windows\SYSWOW64\msv1_0.dll
2014-07-09 08:52:09 ----A---- C:\windows\SYSWOW64\kerberos.dll
2014-07-09 08:52:09 ----A---- C:\windows\system32\schannel.dll
2014-07-09 08:52:09 ----A---- C:\windows\system32\kerberos.dll
2014-07-09 08:52:08 ----A---- C:\windows\SYSWOW64\wdigest.dll
2014-07-09 08:52:08 ----A---- C:\windows\SYSWOW64\TSpkg.dll
2014-07-09 08:52:08 ----A---- C:\windows\SYSWOW64\ncrypt.dll
2014-07-09 08:52:08 ----A---- C:\windows\SYSWOW64\credssp.dll
2014-07-09 08:52:08 ----A---- C:\windows\system32\wdigest.dll
2014-07-09 08:52:08 ----A---- C:\windows\system32\TSpkg.dll
2014-07-09 08:52:08 ----A---- C:\windows\system32\ncrypt.dll
2014-07-09 08:52:08 ----A---- C:\windows\system32\msv1_0.dll
2014-07-09 08:52:08 ----A---- C:\windows\system32\credssp.dll
2014-07-09 08:52:05 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2014-07-09 08:52:05 ----A---- C:\windows\SYSWOW64\jscript9diag.dll
2014-07-09 08:52:05 ----A---- C:\windows\SYSWOW64\ieetwproxystub.dll
2014-07-09 08:52:05 ----A---- C:\windows\system32\iernonce.dll
2014-07-09 08:52:04 ----A---- C:\windows\SYSWOW64\urlmon.dll
2014-07-09 08:52:04 ----A---- C:\windows\SYSWOW64\mshtml.dll
2014-07-09 08:52:04 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2014-07-09 08:52:04 ----A---- C:\windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-07-09 08:52:04 ----A---- C:\windows\SYSWOW64\iernonce.dll
2014-07-09 08:52:04 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2014-07-09 08:52:04 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2014-07-09 08:52:04 ----A---- C:\windows\system32\ieetwproxystub.dll
2014-07-09 08:52:04 ----A---- C:\windows\system32\iedkcs32.dll
2014-07-09 08:52:03 ----A---- C:\windows\SYSWOW64\iesetup.dll
2014-07-09 08:52:03 ----A---- C:\windows\SYSWOW64\iertutil.dll
2014-07-09 08:52:03 ----A---- C:\windows\system32\urlmon.dll
2014-07-09 08:52:02 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2014-07-09 08:52:02 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2014-07-09 08:52:02 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2014-07-09 08:52:02 ----A---- C:\windows\system32\ieetwcollectorres.dll
2014-07-09 08:52:02 ----A---- C:\windows\system32\ieetwcollector.exe
2014-07-09 08:52:02 ----A---- C:\windows\system32\dxtmsft.dll
2014-07-09 08:52:01 ----A---- C:\windows\SYSWOW64\ieui.dll
2014-07-09 08:52:01 ----A---- C:\windows\SYSWOW64\ieframe.dll
2014-07-09 08:52:01 ----A---- C:\windows\system32\msfeeds.dll
2014-07-09 08:52:01 ----A---- C:\windows\system32\iesetup.dll
2014-07-09 08:52:01 ----A---- C:\windows\system32\ie4uinit.exe
2014-07-09 08:51:59 ----A---- C:\windows\SYSWOW64\wininet.dll
2014-07-09 08:51:59 ----A---- C:\windows\SYSWOW64\vbscript.dll
2014-07-09 08:51:59 ----A---- C:\windows\SYSWOW64\mshtmlmedia.dll
2014-07-09 08:51:59 ----A---- C:\windows\SYSWOW64\jscript9.dll
2014-07-09 08:51:59 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2014-07-09 08:51:59 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2014-07-09 08:51:59 ----A---- C:\windows\system32\iertutil.dll
2014-07-09 08:51:58 ----A---- C:\windows\SYSWOW64\msrating.dll
2014-07-09 08:51:58 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll
2014-07-09 08:51:58 ----A---- C:\windows\system32\jsproxy.dll
2014-07-09 08:51:58 ----A---- C:\windows\system32\ieui.dll
2014-07-09 08:51:58 ----A---- C:\windows\system32\ieframe.dll
2014-07-09 08:51:58 ----A---- C:\windows\system32\dxtrans.dll
2014-07-09 08:51:57 ----A---- C:\windows\system32\mshtmlmedia.dll
2014-07-09 08:51:57 ----A---- C:\windows\system32\mshtmled.dll
2014-07-09 08:51:57 ----A---- C:\windows\system32\jscript9diag.dll
2014-07-09 08:51:57 ----A---- C:\windows\system32\jscript9.dll
2014-07-09 08:51:57 ----A---- C:\windows\system32\ieUnatt.exe
2014-07-09 08:51:56 ----A---- C:\windows\system32\wininet.dll
2014-07-09 08:51:56 ----A---- C:\windows\system32\vbscript.dll
2014-07-09 08:51:56 ----A---- C:\windows\system32\msrating.dll
2014-07-09 08:51:56 ----A---- C:\windows\system32\MshtmlDac.dll
2014-07-09 08:51:56 ----A---- C:\windows\system32\ieapfltr.dll
2014-07-09 08:51:55 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2014-07-09 08:51:55 ----A---- C:\windows\system32\mshtml.dll
2014-07-09 08:51:05 ----A---- C:\windows\system32\lsasrv.dll
2014-07-09 08:51:04 ----A---- C:\windows\SYSWOW64\sspicli.dll
2014-07-09 08:51:04 ----A---- C:\windows\SYSWOW64\secur32.dll
2014-07-05 09:57:24 ----A---- C:\windows\avastSS.scr
======List of files/folders modified in the last 1 month======
2014-08-03 08:59:36 ----D---- C:\Program Files\trend micro
2014-08-03 08:59:01 ----D---- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Skype
2014-08-03 08:58:52 ----A---- C:\windows\SYSWOW64\log.txt
2014-08-03 08:58:51 ----D---- C:\windows\tracing
2014-08-03 08:56:41 ----D---- C:\windows\Temp
2014-08-03 08:56:38 ----D---- C:\windows\winsxs
2014-08-03 08:56:10 ----D---- C:\windows\system32\config
2014-08-03 08:56:03 ----D---- C:\windows\SYSWOW64\cs-CZ
2014-08-03 08:56:03 ----D---- C:\windows\SysWOW64
2014-08-03 08:56:03 ----D---- C:\windows\system32\cs-CZ
2014-08-03 08:56:03 ----D---- C:\windows\System32
2014-08-03 08:56:00 ----RD---- C:\Program Files (x86)
2014-08-03 08:54:35 ----HD---- C:\ProgramData
2014-08-03 08:54:32 ----D---- C:\windows\system32\drivers
2014-08-03 08:26:44 ----A---- C:\windows\system32\PerfStringBackup.INI
2014-08-03 08:26:43 ----D---- C:\windows\inf
2014-08-03 08:26:18 ----D---- C:\windows\system32\catroot
2014-08-03 08:26:17 ----D---- C:\windows\system32\catroot2
2014-08-03 08:25:37 ----SHD---- C:\System Volume Information
2014-08-03 00:29:52 ----D---- C:\windows\Prefetch
2014-08-03 00:29:33 ----SHD---- C:\$Recycle.Bin
2014-08-03 00:29:22 ----RD---- C:\Users
2014-08-02 23:54:52 ----D---- C:\windows\system
2014-07-30 17:06:59 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-29 09:31:46 ----D---- C:\Users\Marcelka a Pavlíček\AppData\Roaming\vlc
2014-07-29 08:46:00 ----D---- C:\windows\Minidump
2014-07-29 08:45:58 ----D---- C:\Windows
2014-07-27 20:41:57 ----D---- C:\Program Files\CCleaner
2014-07-27 07:39:44 ----D---- C:\Program Files\Microsoft Silverlight
2014-07-27 07:39:42 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2014-07-27 07:39:37 ----D---- C:\windows\ShellNew
2014-07-27 07:39:37 ----D---- C:\windows\Offline Web Pages
2014-07-26 21:11:35 ----SHD---- C:\windows\Installer
2014-07-26 20:53:50 ----D---- C:\windows\system32\Tasks
2014-07-26 19:58:17 ----D---- C:\Program Files (x86)\Opera
2014-07-17 20:52:38 ----D---- C:\Program Files (x86)\Common Files
2014-07-17 20:52:24 ----D---- C:\ProgramData\Oracle
2014-07-17 20:51:49 ----D---- C:\Program Files (x86)\Java
2014-07-13 18:21:10 ----D---- C:\windows\debug
2014-07-10 20:04:03 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2014-07-10 09:37:01 ----D---- C:\windows\rescache
2014-07-09 17:18:20 ----D---- C:\Program Files\Windows Journal
2014-07-09 17:18:19 ----SD---- C:\windows\system32\CompatTel
2014-07-09 17:18:19 ----D---- C:\windows\SYSWOW64\Dism
2014-07-09 17:18:18 ----D---- C:\windows\system32\Dism
2014-07-09 17:18:15 ----D---- C:\windows\ehome
2014-07-09 17:18:12 ----D---- C:\windows\SYSWOW64\en-US
2014-07-09 17:18:12 ----D---- C:\Program Files\Internet Explorer
2014-07-09 17:18:09 ----D---- C:\windows\system32\en-US
2014-07-09 17:18:07 ----D---- C:\Program Files (x86)\Internet Explorer
2014-07-09 13:14:20 ----D---- C:\windows\system32\MRT
2014-07-09 13:10:36 ----A---- C:\windows\system32\MRT.exe
2014-07-08 12:33:41 ----D---- C:\windows\system32\NDF
2014-07-07 19:56:29 ----D---- C:\Program Files\Defraggler
2014-07-06 21:05:15 ----D---- C:\Users\Marcelka a Pavlíček\AppData\Roaming\dvdcss
2014-07-05 09:57:26 ----A---- C:\windows\system32\aswBoot.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\windows\system32\drivers\aswRvrt.sys [2014-07-05 65776]
R0 aswVmm;avast! VM Monitor; C:\windows\system32\drivers\aswVmm.sys [2014-07-05 224896]
R0 fbfmon;fbfmon; C:\windows\system32\drivers\fbfmon.sys [2011-10-08 57952]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2011-02-18 439320]
R0 LHDmgr;LHDmgr; C:\windows\System32\DRIVERS\LhdX64.sys [2011-10-08 39008]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr2.sys [2014-07-05 93568]
R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2014-07-05 1041168]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2014-07-05 427360]
R1 BPntDrv;BPntDrv; C:\windows\system32\drivers\BPntDrv.sys [2011-10-08 13408]
R1 ElbyCDIO;ElbyCDIO Driver; C:\windows\System32\Drivers\ElbyCDIO.sys [2010-12-17 40816]
R1 vpcnfltr;Virtual PC Network Filter Driver; C:\windows\system32\DRIVERS\vpcnfltr.sys [2010-11-20 59392]
R1 vpcvmm;@%SystemRoot%\system32\drivers\vpcvmm.sys,-100; C:\windows\system32\drivers\vpcvmm.sys [2010-11-20 360832]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\windows\system32\drivers\aswHwid.sys [2014-07-05 29208]
R2 aswMonFlt;aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [2014-07-05 79184]
R2 aswStm;aswStm; C:\windows\system32\drivers\aswStm.sys [2014-07-05 92008]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\windows\system32\DRIVERS\AcpiVpc.sys [2011-10-08 29792]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2011-03-25 8284672]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2011-03-25 296960]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\windows\system32\DRIVERS\bcmwl664.sys [2011-08-19 4746304]
R3 clwvd;CyberLink WebCam Virtual Driver; C:\windows\system32\DRIVERS\clwvd.sys [2011-01-29 31088]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\CHDRT64.sys [2000-01-01 1581184]
R3 IntcDAud;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
R3 intelkmd;intelkmd; C:\windows\system32\DRIVERS\igdpmd64.sys [2011-03-26 12262336]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\windows\system32\DRIVERS\L1C62x64.sys [2010-10-21 76912]
R3 MEIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\windows\system32\DRIVERS\nusb3hub.sys [2010-12-10 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\windows\system32\DRIVERS\nusb3xhc.sys [2010-12-10 181248]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\windows\system32\DRIVERS\seehcri.sys [2012-07-11 34032]
R3 SPUVCbv;SPUVCb Driver Service; C:\windows\System32\Drivers\usbvideo.sys [2013-07-12 185344]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2011-04-08 1430576]
R3 VClone;VClone; C:\windows\system32\DRIVERS\VClone.sys [2011-01-15 36352]
R3 vpcbus;Služba hostitelské sběrnice programu Virtual PC; C:\windows\system32\DRIVERS\vpchbus.sys [2010-11-20 194944]
R3 vpcusb;Služba konektoru virtualizace rozhraní USB; C:\windows\system32\DRIVERS\vpcusb.sys [2010-11-20 95232]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 BTWAMPFL;btwampfl; C:\windows\system32\DRIVERS\btwampfl.sys [2010-12-15 349224]
S3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2010-12-15 106536]
S3 btwavdt;Bluetooth AVDT Service; C:\windows\system32\DRIVERS\btwavdt.sys [2010-12-15 138280]
S3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2010-12-15 39464]
S3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2010-12-15 21416]
S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2011-03-25 12262336]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\windows\system32\drivers\ccdcmbx64.sys [2012-11-09 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\windows\system32\drivers\ccdcmbox64.sys [2012-11-09 27136]
S3 PcaSp60;Rawether NDIS 6.X SPR Protocol Driver; C:\windows\system32\DRIVERS\PcaSp60.sys [2010-05-19 38912]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\windows\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUVStor.sys [2010-09-30 299520]
S3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
S3 s115bus;Sony Ericsson Device 115 driver (WDM); C:\windows\system32\DRIVERS\s115bus.sys [2011-01-18 108296]
S3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter; C:\windows\system32\DRIVERS\s115mdfl.sys [2011-01-18 19720]
S3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver; C:\windows\system32\DRIVERS\s115mdm.sys [2011-01-18 144648]
S3 s115mgmt;Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM); C:\windows\system32\DRIVERS\s115mgmt.sys [2011-01-18 126216]
S3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface; C:\windows\system32\DRIVERS\s115obex.sys [2011-01-18 123656]
S3 s125bus;Sony Ericsson Device 125 driver (WDM); C:\windows\system32\DRIVERS\s125bus.sys [2011-01-18 108296]
S3 s125mdfl;Sony Ericsson Device 125 USB WMC Modem Filter; C:\windows\system32\DRIVERS\s125mdfl.sys [2011-01-18 19720]
S3 s125mdm;Sony Ericsson Device 125 USB WMC Modem Driver; C:\windows\system32\DRIVERS\s125mdm.sys [2011-01-18 144648]
S3 s125mgmt;Sony Ericsson Device 125 USB WMC Device Management Drivers (WDM); C:\windows\system32\DRIVERS\s125mgmt.sys [2011-01-18 126216]
S3 s125obex;Sony Ericsson Device 125 USB WMC OBEX Interface; C:\windows\system32\DRIVERS\s125obex.sys [2011-01-18 123656]
S3 Ser2pl;Prolific Serial port driver; C:\windows\system32\DRIVERS\ser2pl64.sys [2010-03-12 97280]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 upperdev;upperdev; C:\windows\system32\DRIVERS\usbser_lowerfltx64.sys [2012-11-09 9216]
S3 usbser;USB Modem Driver; C:\windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2012-11-09 9216]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\windows\system32\DRIVERS\VBoxNetAdp.sys [2013-11-01 140560]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\windows\system32\DRIVERS\VBoxNetFlt.sys []
S3 vpcuxd;Služba zástupné procedury virtualizace rozhraní USB; C:\windows\system32\DRIVERS\vpcuxd.sys [2010-11-20 16384]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 602XML Updater;602Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2011-03-25 203776]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-07-05 50344]
R2 btwdins;Bluetooth Service; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [2010-12-14 953632]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-02-18 13336]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-21 325656]
R2 PDF Architect Helper Service;PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [2013-04-08 1320496]
R2 PDF Architect Service;PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [2013-04-08 799280]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-07-02 5037888]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-21 2656280]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-10 262320]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2014-06-19 111616]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-07-30 119408]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-12-19 732648]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2011-11-24 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
Re: Prosím o kontrolu - velké vytížený procesoru.
Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text
Kód: Vybrat vše
CREATERESTOREPOINT
netsvcs
drivers32
savembr:0
/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop
%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5
*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o kontrolu - velké vytížený procesoru.
OTL Extras logfile created on: 3.8.2014 9:35:56 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Marcelka a Pavlíček\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17207)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,95 Gb Total Physical Memory | 2,32 Gb Available Physical Memory | 58,79% Memory free
7,89 Gb Paging File | 6,09 Gb Available in Paging File | 77,19% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 654,69 Gb Total Space | 541,40 Gb Free Space | 82,70% Space Free | Partition Type: NTFS
Drive D: | 29,00 Gb Total Space | 19,30 Gb Free Space | 66,56% Space Free | Partition Type: NTFS
Computer Name: MAPA | User Name: Marcelka a Pavlíček | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-3620069392-4155492544-4229756758-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [CEWE prezentace fotografií] -- "C:\Program Files (x86)\Teta\Fotosvet TETA 3\CEWE prezentace fotografií.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Fotosvet TETA] -- "C:\Program Files (x86)\Teta\Fotosvet TETA 3\Fotosvet TETA.exe" "%1" ()
Directory [Fotosvet TETA 3] -- "C:\Program Files (x86)\Teta\Fotosvet TETA 3\Fotosvet TETA 3.exe" "%1" ()
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [CEWE prezentace fotografií] -- "C:\Program Files (x86)\Teta\Fotosvet TETA 3\CEWE prezentace fotografií.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Fotosvet TETA] -- "C:\Program Files (x86)\Teta\Fotosvet TETA 3\Fotosvet TETA.exe" "%1" ()
Directory [Fotosvet TETA 3] -- "C:\Program Files (x86)\Teta\Fotosvet TETA 3\Fotosvet TETA 3.exe" "%1" ()
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04648E2B-ED73-4D33-91E1-4E5FEC935395}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{15D3DF23-964F-4EB7-8CC3-CA58DCAAA5CB}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{1D3BEA51-32C9-4AA3-A079-2A81F3464076}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{243CA3AC-1EA6-4D6E-B658-D4EFCCFFC3F8}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3CE1AB27-3C26-4EFB-A6AA-8556CABE8D98}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{50E6FCD7-AB27-491D-82B7-76B1309E3FCC}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{56513480-1D3F-4DA1-AB40-BF16322C1D9F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5DFD5C6A-B1F2-4840-91DB-B104E98558C7}" = lport=139 | protocol=6 | dir=in | app=system |
"{64608435-E205-4925-8D36-9B000B843948}" = lport=445 | protocol=6 | dir=in | app=system |
"{6CCC28D2-280F-4CB0-BBDE-BF64F82523A5}" = rport=137 | protocol=17 | dir=out | app=system |
"{6CE2A3E3-5F11-4DB9-B2D3-0B8BC069C49F}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7CE765D0-A0A4-49B2-8FC2-D63B1CFC5168}" = lport=10243 | protocol=6 | dir=in | app=system |
"{84913CCB-71C8-4002-980A-D9E366683BF0}" = lport=2869 | protocol=6 | dir=in | app=system |
"{87D777E0-C369-4064-9E12-B56EEFFBBD7E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8B56768A-D327-47A7-B501-F28F2B1AC86F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8D3E82C0-2D31-439C-8401-46893BC16F7D}" = rport=139 | protocol=6 | dir=out | app=system |
"{8FEF6CB9-BFC4-4CA8-8FF0-5F5C0BBAE797}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{98955155-4920-41E4-B59C-64837DECCD3D}" = rport=445 | protocol=6 | dir=out | app=system |
"{AB190AB9-267A-4ECA-B233-4404363C85E6}" = rport=10243 | protocol=6 | dir=out | app=system |
"{AF2C0815-0AC1-4610-8D12-24FE3E0AB563}" = lport=138 | protocol=17 | dir=in | app=system |
"{EE10E2AC-75F7-4DBE-943D-980747EFE3A1}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{EFE8F482-4FE7-497E-A74F-A006AE78ECED}" = lport=137 | protocol=17 | dir=in | app=system |
"{F28095DA-D4F4-4536-B018-6483B4797E75}" = rport=138 | protocol=17 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{14BC4A82-FA47-4BBE-996A-D4A4BAA313D5}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{1708D8B6-4130-473F-93FC-58C78E89CAF4}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{1B2CEA21-5108-4C81-B74D-2909FB80B813}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{28B7F1B6-F1A5-4F89-B159-66AF77CD6AFD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2B020A36-48B4-42D9-8629-94177DC3D08E}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe |
"{2EF08E3B-22D4-4D77-BFB8-41FE89FE7A8A}" = protocol=17 | dir=in | app=c:\program files (x86)\asus\rt-n10 wireless router utilities\discovery.exe |
"{3445F5B9-3AF6-4F98-9FD8-23ED900CEC4A}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe |
"{3E2133BA-D631-422D-933F-64DE975F2EB4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{40574E5F-79FC-41FA-9E9F-8EA613132205}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{4D05FF78-F83A-4E3B-9D4B-8D6D6446621E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5E27599D-F544-4667-84CE-19F16310339F}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe |
"{5E9953AB-DEF6-4CAE-9C3B-1C97B5B85CA3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{6177C95F-BC16-43EB-A465-B59729E0CFEB}" = protocol=6 | dir=out | app=system |
"{654AEABB-ACFF-4C5C-98CB-A3AEDDE9CFE7}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\soft602\langserv.exe |
"{6E94AB88-63CA-46EE-A7BA-32F794E8AE9A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{703CED96-B015-4E3F-A516-A7D032B2850B}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{765ABC2A-605A-41B4-9B59-B64B3B8B7044}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{79A46067-60B8-4B7C-9D8A-32C6B8CE59BE}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{87806A3D-9C6A-4406-808B-DB6C93C1D3E2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\paolov5\source sdk base 2007\hl2.exe |
"{8987ADA2-FA6E-4935-AE41-9C9557C6CAAB}" = protocol=6 | dir=in | app=c:\program files (x86)\asus\rt-n10 wireless router utilities\rescue.exe |
"{9AECD037-7484-4DC4-8723-20D4F3C3A7C0}" = protocol=6 | dir=in | app=c:\program files (x86)\asus\rt-n10 wireless router utilities\discovery.exe |
"{A858A7A6-2CAB-4814-95A2-705325BC5FBA}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\soft602\langserv.exe |
"{BA07777E-00DB-4868-B213-20D201C7D0A7}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{BAB3BFB4-E28E-48AB-B56B-29A82C372C6B}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe |
"{BF4AF840-52D1-463C-8774-173C4F2BF103}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{BF863429-AC35-429B-9AD6-95833312473A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C2D66A05-57CA-48B4-9E19-B652CF1BA61E}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C5C108A5-226F-4C6F-9749-EEEB8AC10495}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D14D0142-F521-4952-8F1A-4F3B5530F271}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D93A7C08-EDEB-4770-BCF8-2BA49893AFA2}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{DE6EFFF5-E02A-472D-9B73-D97FE8D9E886}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe |
"{E4863F3B-0925-4691-81C4-10F5CDDCC0DF}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{E4C9D09A-B1F0-4EA0-A017-F101540D15CA}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\paolov5\source sdk base 2007\hl2.exe |
"{EAA46445-09A0-41B4-8B96-69FDA74EB62A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F62AD627-D46C-4F32-AD48-B3861AC90412}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe |
"{FD1FEB4B-B5CB-4F3E-88AA-3F9841597096}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe |
"{FE32F80A-D219-4DA8-90C9-5C8BB3740FF0}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FF158293-FF13-4B81-A00C-CD4E7F3512C8}" = protocol=17 | dir=in | app=c:\program files (x86)\asus\rt-n10 wireless router utilities\rescue.exe |
"TCP Query User{0E03ED57-892D-4437-9E86-2BA88B00E904}C:\program files\asus\rt-g32 wireless router utilities\discovery\discovery.exe" = protocol=6 | dir=in | app=c:\program files\asus\rt-g32 wireless router utilities\discovery\discovery.exe |
"TCP Query User{1704534E-0E5C-4104-B5AE-7D3019E761B7}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe |
"TCP Query User{365753C7-27D7-4A68-9360-6B6B099001D4}C:\program files (x86)\java\jre8\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre8\bin\javaw.exe |
"TCP Query User{3D181D12-DA58-4BC1-9D0D-ED079F3474D8}C:\program files (x86)\electronic arts\crytek\crysis 2\bin32\crysis2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis 2\bin32\crysis2.exe |
"TCP Query User{45123AB6-D2C9-4435-83AC-FB18B1E84301}C:\program files\asus\rt-g32 wireless router utilities\discovery\discovery.exe" = protocol=6 | dir=in | app=c:\program files\asus\rt-g32 wireless router utilities\discovery\discovery.exe |
"TCP Query User{550AEAD3-4A9F-4F40-831A-04EB42F28F08}C:\program files (x86)\asus\rt-n10 wireless router utilities\discovery.exe" = protocol=6 | dir=in | app=c:\program files (x86)\asus\rt-n10 wireless router utilities\discovery.exe |
"TCP Query User{947660C0-3C60-42AC-B6DB-00E0D9CC9BCA}C:\program files (x86)\wb games\f.e.a.r. 3\f.e.a.r. 3.exe" = protocol=6 | dir=in | app=c:\program files (x86)\wb games\f.e.a.r. 3\f.e.a.r. 3.exe |
"TCP Query User{993E5E60-5CF2-4706-B32E-2C4B4A393429}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{E2F35B0B-501B-4C29-9B9B-8DBE40783FA3}C:\program files (x86)\java\jre8\launch4j-tmp\frd.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre8\launch4j-tmp\frd.exe |
"UDP Query User{0E089E3B-0C4A-457A-A422-0166175E43F3}C:\program files (x86)\wb games\f.e.a.r. 3\f.e.a.r. 3.exe" = protocol=17 | dir=in | app=c:\program files (x86)\wb games\f.e.a.r. 3\f.e.a.r. 3.exe |
"UDP Query User{1916B735-3E32-451D-8789-A49AA6F35084}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{29F88D59-3C07-49FE-A8ED-7B651AFE95D3}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe |
"UDP Query User{2AADC7CD-8733-4617-B2C4-D8BABE063953}C:\program files (x86)\asus\rt-n10 wireless router utilities\discovery.exe" = protocol=17 | dir=in | app=c:\program files (x86)\asus\rt-n10 wireless router utilities\discovery.exe |
"UDP Query User{4D261ACF-6952-4B09-BBD6-EB7FDBD98FD7}C:\program files (x86)\java\jre8\launch4j-tmp\frd.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre8\launch4j-tmp\frd.exe |
"UDP Query User{6A2D43A6-0EDB-4448-B92E-F2D0F64501C2}C:\program files (x86)\java\jre8\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre8\bin\javaw.exe |
"UDP Query User{88B52497-A163-4933-AE96-B1E3DC8D8B8B}C:\program files\asus\rt-g32 wireless router utilities\discovery\discovery.exe" = protocol=17 | dir=in | app=c:\program files\asus\rt-g32 wireless router utilities\discovery\discovery.exe |
"UDP Query User{B2CA9413-4925-4A03-9859-E78533B18C14}C:\program files (x86)\electronic arts\crytek\crysis 2\bin32\crysis2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis 2\bin32\crysis2.exe |
"UDP Query User{FDB9066B-ED1F-47E7-BEFE-B66AEAB1C312}C:\program files\asus\rt-g32 wireless router utilities\discovery\discovery.exe" = protocol=17 | dir=in | app=c:\program files\asus\rt-g32 wireless router utilities\discovery\discovery.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{2A21DA0C-F50D-DF54-70AD-C0826158FBF2}" = ccc-utility64
"{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources
"{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources
"{3DCF00F5-04A5-4543-A088-705480811201}_is1" = Compiled Driver Disk (Sony Ericsson) 1.0
"{3DCF00F5-04A5-4543-A088-705480811205}_is1" = Compiled Driver Disk (Nokia) 1.0
"{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = Lenovo Bluetooth with Enhanced Data Rate Software
"{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{50813B8C-FCBB-3C61-8039-EAAA93029066}" = Microsoft .NET Framework 4.5.1 (CSY)
"{5141AA6E-5FAC-4473-BFFB-BEE69DDC7F2B}" = Windows Live Remote Service Resources
"{5F44A3A1-5D24-4708-8776-66B42B174C64}" = Windows Live Remote Client Resources
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6502B973-9DB9-683F-2BE3-4B83F54F78FF}" = WMV9/VC-1 Video Playback
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{680EDA59-9266-44B4-949E-0C24F65DFF82}" = Microsoft_VC100_CRT_SP1_x64
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.5.1 (čeština)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{BDDB58A5-F98E-4D3C-B554-4A4D31C6D405}_is1" = Phone Drivers Downloader 1.1
"{C3E6E2B5-DEB5-235A-4999-4D424C11788B}" = ATI Catalyst Install Manager
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F" = Balíček ovladače systému Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0)
"ATI Uninstaller" = ATI Uninstaller
"Broadcom 802.11 Network Adapter" = Broadcom 802.11 Network Adapter
"CCleaner" = CCleaner
"CNXT_AUDIO_HDA" = Conexant HD Audio
"Defraggler" = Defraggler
"EA12B1FB53CE4E387C31A85236C41EF559B5E392" = Windows Driver Package - Lenovo (ACPIVPC) System (12/02/2010 6.1.0.1)
"Lenovo EE Boot Optimizer" = Lenovo EE Boot Optimizer
"MediaInfo" = MediaInfo 0.7.64
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinRAR archiver" = WinRAR 5.01 (64-bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Lenovo YouCam
"{0389A677-241F-6EEC-54B0-2D07F620776E}" = Catalyst Control Center Localization All
"{03D98FB6-0E27-5614-864A-961248BD89E8}" = CCC Help Danish
"{064A929A-4DE8-40CF-A901-BD40C14E4D25}" = PDF Architect
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{11178BF5-D5F0-4749-ACE4-EF46ADB38D65}" = ASUS RT-N10 Wireless Router Utilities
"{11778DA1-0495-4ED9-972F-F9E0B0367CD5}" = Windows Live Writer
"{19555808-AF6B-9E99-366C-A2D8C6FB3D07}" = CCC Help English
"{19643FA2-3DDD-1C05-A474-E4FB28638F65}" = Catalyst Control Center InstallProxy
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1A834332-A9EE-440C-9505-2D07F445F05A}" = MOBILedit! Support Libraries
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F03217060FF}" = Java 7 Update 60
"{26A24AE4-039D-4CA4-87B4-2F83218011FF}" = Java 8 Update 11
"{271B24E3-1505-B13A-BF3E-282CF0C54B68}" = PX Profile Update
"{28ABE740-47F3-441B-9437-852F6A64EFF8}" = Lenovo_Wireless_Driver
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{29172463-C766-9812-F399-82380F03761A}" = CCC Help Korean
"{2E6D4F14-C94C-758B-46E4-9AD21852108F}" = CCC Help Portuguese
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34C4F5AF-D757-4E6A-ABCA-65AB5A50A1A8}" = Windows Live Messenger
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3DBFE2A1-945C-9F14-17F6-1F74CB4F82A5}" = CCC Help Japanese
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{4504861F-2770-D8F2-F0B1-B723FADF315F}" = CCC Help Polish
"{47DA7D2E-408C-4050-B75F-95F6D2E6A332}_is1" = MOBILedit! ver. 6.1.1.1806
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50210E48-FB67-0045-3853-C3FBEB470127}" = CCC Help French
"{50300123-F8FC-4B50-B449-E847D04F1BA2}" = Windows Live Messenger
"{5035C1F3-6147-3C83-3C39-37B6DBDAC163}" = CCC Help Thai
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5E627606-53B9-42D1-97E1-D03F6229E248}" = Windows Live UX Platform Language Pack
"{5F1DD61A-0C22-E924-3A81-DFFCC14A5A97}" = CCC Help Russian
"{6033673D-2530-4587-8AD0-EB059FC263F9}" = Crysis® 2
"{62BBB2F0-E220-4821-A564-730807D2C34D}" = Realtek USB 2.0 Reader Driver
"{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6B722793-E77B-41F5-BAB3-6C9832274E75}" = PC Connectivity Solution
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common
"{6FE12C01-2FBC-42E2-AEB9-4CA2238C462F}" = Nokia Connectivity Cable Driver
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71A2BF2A-E7E5-BA48-7525-02BD5B7425C7}" = CCC Help Chinese Standard
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{744C5097-94C7-DE34-5B1F-43EDFDBD5E35}" = CCC Help Dutch
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77D28FF5-242F-488A-8215-937D6A4D69E0}" = Adobe AIR
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{795062B9-1B7A-7ACA-1C7D-7B3D61F4116A}" = ccc-core-static
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.16
"{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}" = Windows Live Writer Resources
"{7D5B0DA2-9AAE-3ADF-B692-685EA3DC64C6}" = CCC Help Italian
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8CC173F3-DBEC-ED42-68EF-49BCB95FC49F}" = CCC Help Swedish
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8F84662D-9C1E-4B01-83CE-1097B8D34471}" = ASUS Wireless Router RT-G32 Utilities v1.0.12.0(EU)
"{90850405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{943A8D28-80D6-41DC-AE94-81FEB42041BF}" = System Requirements Lab CYRI
"{95120000-003F-0405-0000-0000000FF1CE}" = Microsoft Office Excel Viewer
"{95120000-00AF-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (Czech)
"{95140000-00AF-0405-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer
"{96A84750-A54D-C7C3-44AA-5C28C36C5640}" = CCC Help German
"{96B17AEC-9C54-0969-5613-4C9B33BFEAFF}" = CCC Help Chinese Traditional
"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B92B20A-6A19-428F-8BD0-52DF859B1C61}" = Adobe Shockwave Player 11.6
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9E1751DF-188D-591B-3887-1825F597007A}" = CCC Help Spanish
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A44B2324-CB46-A9F9-7FDC-7FD087AEC7FC}" = Catalyst Control Center Profiles Mobile
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.07)
"{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}" = Windows Live Mesh
"{ADE16A9D-FBDC-4ECC-B6BD-9C31E51D0333}" = Lenovo EasyCamera
"{AE7675D6-0B31-494F-ABFA-822E1A0FDF17}_is1" = Kingo Android ROOT version 1.1.8.1835
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B34E1065-711C-7B9E-C77D-9E071DAAFC31}" = CCC Help Finnish
"{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
"{BA0F92C2-2012-0AF0-A2CE-62E220A0AF06}" = CCC Help Hungarian
"{BCFC4789-7C5E-B050-CBB1-8C6CA46990A8}" = CCC Help Greek
"{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}" = Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CCB6DF61-A144-02B4-EDC7-D7478AF7B27D}" = CCC Help Norwegian
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0956C11-0F60-43FE-99AD-524E833471BB}" = Energy Management
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE3B6562-0A58-49E0-836F-B895F3985958}" = Software602 Form Filler
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3A0C45A-7EDB-48EB-AB86-2445E74FBFBB}" = Nokia Suite
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E7FC3EAE-C6D8-92D1-B065-29DECFD5A8E7}" = Catalyst Control Center Graphics Previews Common
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}" = PL-2303 USB-to-Serial
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}" = UserGuide
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Display Audio Driver
"{F8B2AA7F-956F-D943-F1C0-42843041B108}" = CCC Help Czech
"{FA6CF94F-DACF-4FE7-959D-55C421B91B17}" = Windows Live Mail
"{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FC2C6FBD-01DC-36D8-5F4B-7033B00C9963}" = CCC Help Turkish
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 14 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 14 Plugin
"avast" = avast! Free Antivirus
"CameraWindowDC" = Canon Utilities CameraWindow DC 8
"FormatFactory" = FormatFactory 3.1.1
"Fotosvet TETA" = Fotosvet TETA
"Fotosvet TETA 3" = Fotosvet TETA 3
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Lenovo YouCam
"InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}" = Energy Management
"InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}" = UserGuide
"Mozilla Firefox 31.0 (x86 cs)" = Mozilla Firefox 31.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NirSoft WirelessNetView" = NirSoft WirelessNetView
"Nokia Suite" = Nokia Suite
"NSS" = NSS (remove only)
"Pdf995" = Pdf995
"PhotoStitch" = Canon Utilities PhotoStitch
"TapinRadio_is1" = TapinRadio 1.58.2
"TeamViewer 9" = TeamViewer 9
"TechPowerUp GPU-Z" = TechPowerUp GPU-Z
"Totalcmd" = Total Commander (Remove or Repair)
"VeriFace" = VeriFace
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player
"WinLiveSuite" = Windows Live Essentials
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-3620069392-4155492544-4229756758-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"69f070f18ade444c" = SDÍLEJ.CZ Manager
"Gnumeric" = Gnumeric Spreadsheet 1.10.16-20110616
"Opera 23.0.1522.60" = Opera Stable 23.0.1522.60
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 31.7.2014 2:17:46 | Computer Name = MaPa | Source = WinMgmt | ID = 10
Description =
Error - 1.8.2014 2:15:18 | Computer Name = MaPa | Source = WinMgmt | ID = 10
Description =
Error - 1.8.2014 22:46:24 | Computer Name = MaPa | Source = WinMgmt | ID = 10
Description =
Error - 2.8.2014 2:32:41 | Computer Name = MaPa | Source = WinMgmt | ID = 10
Description =
Error - 2.8.2014 12:55:54 | Computer Name = MaPa | Source = WinMgmt | ID = 10
Description =
Error - 2.8.2014 14:15:08 | Computer Name = MaPa | Source = WinMgmt | ID = 10
Description =
Error - 2.8.2014 17:56:21 | Computer Name = MaPa | Source = WinMgmt | ID = 10
Description =
Error - 2.8.2014 18:35:46 | Computer Name = MaPa | Source = Application Hang | ID = 1002
Description = Program IEXPLORE.EXE verze 11.0.9600.17207 přestal spolupracovat se
systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID
procesu: 17e0 Čas spuštění: 01cfaea21213a3ac Čas ukončení: 15 Cesta k aplikaci: C:\Program
Files (x86)\Internet Explorer\IEXPLORE.EXE ID hlášení:
Error - 3.8.2014 2:22:05 | Computer Name = MaPa | Source = WinMgmt | ID = 10
Description =
Error - 3.8.2014 2:57:48 | Computer Name = MaPa | Source = WinMgmt | ID = 10
Description =
[ Media Center Events ]
Error - 22.3.2012 13:46:01 | Computer Name = MaPa | Source = MCUpdate | ID = 0
Description = 18:46:01 - Chyba při připojování k Internetu 18:46:01 - Nelze kontaktovat
server..
Error - 22.3.2012 13:48:25 | Computer Name = MaPa | Source = MCUpdate | ID = 0
Description = 18:48:18 - Chyba při připojování k Internetu 18:48:18 - Nelze kontaktovat
server..
Error - 2.6.2012 7:57:12 | Computer Name = MaPa | Source = MCUpdate | ID = 0
Description = 13:57:12 - Chyba při připojování k Internetu 13:57:12 - Nelze kontaktovat
server..
Error - 2.6.2012 7:57:48 | Computer Name = MaPa | Source = MCUpdate | ID = 0
Description = 13:57:41 - Chyba při připojování k Internetu 13:57:41 - Nelze kontaktovat
server..
Error - 7.7.2012 5:55:26 | Computer Name = MaPa | Source = MCUpdate | ID = 0
Description = 11:55:26 - Načtení položky Directory se nezdařilo. (Chyba: Platnost
operace vypršela.)
Error - 7.7.2012 5:56:52 | Computer Name = MaPa | Source = MCUpdate | ID = 0
Description = 11:56:52 - Načtení položky Directory se nezdařilo. (Chyba: Ke vzdálenému
serveru se nelze připojit.)
Error - 7.7.2012 5:59:21 | Computer Name = MaPa | Source = MCUpdate | ID = 0
Description = 11:59:00 - Načtení položky MCESpotlight se nezdařilo. (Chyba: Platnost
operace vypršela.)
Error - 7.7.2012 6:02:42 | Computer Name = MaPa | Source = MCUpdate | ID = 0
Description = 12:01:01 - Načtení položky MCEClientUX se nezdařilo. (Chyba: Platnost
operace vypršela.)
Error - 7.7.2012 6:03:07 | Computer Name = MaPa | Source = MCUpdate | ID = 0
Description = 12:03:03 - Načtení položky Broadband se nezdařilo. (Chyba: Ke vzdálenému
serveru se nelze připojit.)
Error - 7.7.2012 6:03:45 | Computer Name = MaPa | Source = MCUpdate | ID = 0
Description = 12:03:44 - Chyba při připojování k Internetu 12:03:44 - Nelze kontaktovat
server..
[ System Events ]
Error - 30.6.2014 3:15:40 | Computer Name = MaPa | Source = DCOM | ID = 10010
Description =
Error - 30.6.2014 6:49:45 | Computer Name = MaPa | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby IKEEXT bylo dosaženo časového
limitu (30000 ms).
Error - 7.7.2014 16:58:01 | Computer Name = MaPa | Source = DCOM | ID = 10010
Description =
Error - 13.7.2014 14:11:58 | Computer Name = MaPa | Source = DCOM | ID = 10010
Description =
Error - 17.7.2014 14:10:32 | Computer Name = MaPa | Source = Service Control Manager | ID = 7023
Description = Služba Instalační služba modulů systému Windows byla ukončena s následující
chybou: %%16405
Error - 26.7.2014 13:41:15 | Computer Name = MaPa | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk2\DR2.
Error - 29.7.2014 2:46:00 | Computer Name = MaPa | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (8:38:22, ?29.?7.?2014) bylo neočekávané.
Error - 29.7.2014 2:46:27 | Computer Name = MaPa | Source = BugCheck | ID = 1001
Description =
Error - 29.7.2014 3:17:56 | Computer Name = MaPa | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (9:15:50, ?29.?7.?2014) bylo neočekávané.
Error - 31.7.2014 16:38:58 | Computer Name = MaPa | Source = DCOM | ID = 10010
Description =
< End of report >
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Marcelka a Pavlíček\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17207)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,95 Gb Total Physical Memory | 2,32 Gb Available Physical Memory | 58,79% Memory free
7,89 Gb Paging File | 6,09 Gb Available in Paging File | 77,19% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 654,69 Gb Total Space | 541,40 Gb Free Space | 82,70% Space Free | Partition Type: NTFS
Drive D: | 29,00 Gb Total Space | 19,30 Gb Free Space | 66,56% Space Free | Partition Type: NTFS
Computer Name: MAPA | User Name: Marcelka a Pavlíček | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-3620069392-4155492544-4229756758-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [CEWE prezentace fotografií] -- "C:\Program Files (x86)\Teta\Fotosvet TETA 3\CEWE prezentace fotografií.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Fotosvet TETA] -- "C:\Program Files (x86)\Teta\Fotosvet TETA 3\Fotosvet TETA.exe" "%1" ()
Directory [Fotosvet TETA 3] -- "C:\Program Files (x86)\Teta\Fotosvet TETA 3\Fotosvet TETA 3.exe" "%1" ()
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [CEWE prezentace fotografií] -- "C:\Program Files (x86)\Teta\Fotosvet TETA 3\CEWE prezentace fotografií.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Fotosvet TETA] -- "C:\Program Files (x86)\Teta\Fotosvet TETA 3\Fotosvet TETA.exe" "%1" ()
Directory [Fotosvet TETA 3] -- "C:\Program Files (x86)\Teta\Fotosvet TETA 3\Fotosvet TETA 3.exe" "%1" ()
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04648E2B-ED73-4D33-91E1-4E5FEC935395}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{15D3DF23-964F-4EB7-8CC3-CA58DCAAA5CB}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{1D3BEA51-32C9-4AA3-A079-2A81F3464076}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{243CA3AC-1EA6-4D6E-B658-D4EFCCFFC3F8}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3CE1AB27-3C26-4EFB-A6AA-8556CABE8D98}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{50E6FCD7-AB27-491D-82B7-76B1309E3FCC}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{56513480-1D3F-4DA1-AB40-BF16322C1D9F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5DFD5C6A-B1F2-4840-91DB-B104E98558C7}" = lport=139 | protocol=6 | dir=in | app=system |
"{64608435-E205-4925-8D36-9B000B843948}" = lport=445 | protocol=6 | dir=in | app=system |
"{6CCC28D2-280F-4CB0-BBDE-BF64F82523A5}" = rport=137 | protocol=17 | dir=out | app=system |
"{6CE2A3E3-5F11-4DB9-B2D3-0B8BC069C49F}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7CE765D0-A0A4-49B2-8FC2-D63B1CFC5168}" = lport=10243 | protocol=6 | dir=in | app=system |
"{84913CCB-71C8-4002-980A-D9E366683BF0}" = lport=2869 | protocol=6 | dir=in | app=system |
"{87D777E0-C369-4064-9E12-B56EEFFBBD7E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8B56768A-D327-47A7-B501-F28F2B1AC86F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8D3E82C0-2D31-439C-8401-46893BC16F7D}" = rport=139 | protocol=6 | dir=out | app=system |
"{8FEF6CB9-BFC4-4CA8-8FF0-5F5C0BBAE797}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{98955155-4920-41E4-B59C-64837DECCD3D}" = rport=445 | protocol=6 | dir=out | app=system |
"{AB190AB9-267A-4ECA-B233-4404363C85E6}" = rport=10243 | protocol=6 | dir=out | app=system |
"{AF2C0815-0AC1-4610-8D12-24FE3E0AB563}" = lport=138 | protocol=17 | dir=in | app=system |
"{EE10E2AC-75F7-4DBE-943D-980747EFE3A1}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{EFE8F482-4FE7-497E-A74F-A006AE78ECED}" = lport=137 | protocol=17 | dir=in | app=system |
"{F28095DA-D4F4-4536-B018-6483B4797E75}" = rport=138 | protocol=17 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{14BC4A82-FA47-4BBE-996A-D4A4BAA313D5}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{1708D8B6-4130-473F-93FC-58C78E89CAF4}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{1B2CEA21-5108-4C81-B74D-2909FB80B813}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{28B7F1B6-F1A5-4F89-B159-66AF77CD6AFD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2B020A36-48B4-42D9-8629-94177DC3D08E}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe |
"{2EF08E3B-22D4-4D77-BFB8-41FE89FE7A8A}" = protocol=17 | dir=in | app=c:\program files (x86)\asus\rt-n10 wireless router utilities\discovery.exe |
"{3445F5B9-3AF6-4F98-9FD8-23ED900CEC4A}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe |
"{3E2133BA-D631-422D-933F-64DE975F2EB4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{40574E5F-79FC-41FA-9E9F-8EA613132205}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{4D05FF78-F83A-4E3B-9D4B-8D6D6446621E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5E27599D-F544-4667-84CE-19F16310339F}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe |
"{5E9953AB-DEF6-4CAE-9C3B-1C97B5B85CA3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{6177C95F-BC16-43EB-A465-B59729E0CFEB}" = protocol=6 | dir=out | app=system |
"{654AEABB-ACFF-4C5C-98CB-A3AEDDE9CFE7}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\soft602\langserv.exe |
"{6E94AB88-63CA-46EE-A7BA-32F794E8AE9A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{703CED96-B015-4E3F-A516-A7D032B2850B}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{765ABC2A-605A-41B4-9B59-B64B3B8B7044}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{79A46067-60B8-4B7C-9D8A-32C6B8CE59BE}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{87806A3D-9C6A-4406-808B-DB6C93C1D3E2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\paolov5\source sdk base 2007\hl2.exe |
"{8987ADA2-FA6E-4935-AE41-9C9557C6CAAB}" = protocol=6 | dir=in | app=c:\program files (x86)\asus\rt-n10 wireless router utilities\rescue.exe |
"{9AECD037-7484-4DC4-8723-20D4F3C3A7C0}" = protocol=6 | dir=in | app=c:\program files (x86)\asus\rt-n10 wireless router utilities\discovery.exe |
"{A858A7A6-2CAB-4814-95A2-705325BC5FBA}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\soft602\langserv.exe |
"{BA07777E-00DB-4868-B213-20D201C7D0A7}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{BAB3BFB4-E28E-48AB-B56B-29A82C372C6B}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe |
"{BF4AF840-52D1-463C-8774-173C4F2BF103}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{BF863429-AC35-429B-9AD6-95833312473A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C2D66A05-57CA-48B4-9E19-B652CF1BA61E}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C5C108A5-226F-4C6F-9749-EEEB8AC10495}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D14D0142-F521-4952-8F1A-4F3B5530F271}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D93A7C08-EDEB-4770-BCF8-2BA49893AFA2}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{DE6EFFF5-E02A-472D-9B73-D97FE8D9E886}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe |
"{E4863F3B-0925-4691-81C4-10F5CDDCC0DF}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{E4C9D09A-B1F0-4EA0-A017-F101540D15CA}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\paolov5\source sdk base 2007\hl2.exe |
"{EAA46445-09A0-41B4-8B96-69FDA74EB62A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F62AD627-D46C-4F32-AD48-B3861AC90412}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe |
"{FD1FEB4B-B5CB-4F3E-88AA-3F9841597096}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe |
"{FE32F80A-D219-4DA8-90C9-5C8BB3740FF0}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FF158293-FF13-4B81-A00C-CD4E7F3512C8}" = protocol=17 | dir=in | app=c:\program files (x86)\asus\rt-n10 wireless router utilities\rescue.exe |
"TCP Query User{0E03ED57-892D-4437-9E86-2BA88B00E904}C:\program files\asus\rt-g32 wireless router utilities\discovery\discovery.exe" = protocol=6 | dir=in | app=c:\program files\asus\rt-g32 wireless router utilities\discovery\discovery.exe |
"TCP Query User{1704534E-0E5C-4104-B5AE-7D3019E761B7}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe |
"TCP Query User{365753C7-27D7-4A68-9360-6B6B099001D4}C:\program files (x86)\java\jre8\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre8\bin\javaw.exe |
"TCP Query User{3D181D12-DA58-4BC1-9D0D-ED079F3474D8}C:\program files (x86)\electronic arts\crytek\crysis 2\bin32\crysis2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis 2\bin32\crysis2.exe |
"TCP Query User{45123AB6-D2C9-4435-83AC-FB18B1E84301}C:\program files\asus\rt-g32 wireless router utilities\discovery\discovery.exe" = protocol=6 | dir=in | app=c:\program files\asus\rt-g32 wireless router utilities\discovery\discovery.exe |
"TCP Query User{550AEAD3-4A9F-4F40-831A-04EB42F28F08}C:\program files (x86)\asus\rt-n10 wireless router utilities\discovery.exe" = protocol=6 | dir=in | app=c:\program files (x86)\asus\rt-n10 wireless router utilities\discovery.exe |
"TCP Query User{947660C0-3C60-42AC-B6DB-00E0D9CC9BCA}C:\program files (x86)\wb games\f.e.a.r. 3\f.e.a.r. 3.exe" = protocol=6 | dir=in | app=c:\program files (x86)\wb games\f.e.a.r. 3\f.e.a.r. 3.exe |
"TCP Query User{993E5E60-5CF2-4706-B32E-2C4B4A393429}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{E2F35B0B-501B-4C29-9B9B-8DBE40783FA3}C:\program files (x86)\java\jre8\launch4j-tmp\frd.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre8\launch4j-tmp\frd.exe |
"UDP Query User{0E089E3B-0C4A-457A-A422-0166175E43F3}C:\program files (x86)\wb games\f.e.a.r. 3\f.e.a.r. 3.exe" = protocol=17 | dir=in | app=c:\program files (x86)\wb games\f.e.a.r. 3\f.e.a.r. 3.exe |
"UDP Query User{1916B735-3E32-451D-8789-A49AA6F35084}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{29F88D59-3C07-49FE-A8ED-7B651AFE95D3}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe |
"UDP Query User{2AADC7CD-8733-4617-B2C4-D8BABE063953}C:\program files (x86)\asus\rt-n10 wireless router utilities\discovery.exe" = protocol=17 | dir=in | app=c:\program files (x86)\asus\rt-n10 wireless router utilities\discovery.exe |
"UDP Query User{4D261ACF-6952-4B09-BBD6-EB7FDBD98FD7}C:\program files (x86)\java\jre8\launch4j-tmp\frd.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre8\launch4j-tmp\frd.exe |
"UDP Query User{6A2D43A6-0EDB-4448-B92E-F2D0F64501C2}C:\program files (x86)\java\jre8\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre8\bin\javaw.exe |
"UDP Query User{88B52497-A163-4933-AE96-B1E3DC8D8B8B}C:\program files\asus\rt-g32 wireless router utilities\discovery\discovery.exe" = protocol=17 | dir=in | app=c:\program files\asus\rt-g32 wireless router utilities\discovery\discovery.exe |
"UDP Query User{B2CA9413-4925-4A03-9859-E78533B18C14}C:\program files (x86)\electronic arts\crytek\crysis 2\bin32\crysis2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis 2\bin32\crysis2.exe |
"UDP Query User{FDB9066B-ED1F-47E7-BEFE-B66AEAB1C312}C:\program files\asus\rt-g32 wireless router utilities\discovery\discovery.exe" = protocol=17 | dir=in | app=c:\program files\asus\rt-g32 wireless router utilities\discovery\discovery.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{2A21DA0C-F50D-DF54-70AD-C0826158FBF2}" = ccc-utility64
"{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources
"{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources
"{3DCF00F5-04A5-4543-A088-705480811201}_is1" = Compiled Driver Disk (Sony Ericsson) 1.0
"{3DCF00F5-04A5-4543-A088-705480811205}_is1" = Compiled Driver Disk (Nokia) 1.0
"{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = Lenovo Bluetooth with Enhanced Data Rate Software
"{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{50813B8C-FCBB-3C61-8039-EAAA93029066}" = Microsoft .NET Framework 4.5.1 (CSY)
"{5141AA6E-5FAC-4473-BFFB-BEE69DDC7F2B}" = Windows Live Remote Service Resources
"{5F44A3A1-5D24-4708-8776-66B42B174C64}" = Windows Live Remote Client Resources
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6502B973-9DB9-683F-2BE3-4B83F54F78FF}" = WMV9/VC-1 Video Playback
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{680EDA59-9266-44B4-949E-0C24F65DFF82}" = Microsoft_VC100_CRT_SP1_x64
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.5.1 (čeština)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{BDDB58A5-F98E-4D3C-B554-4A4D31C6D405}_is1" = Phone Drivers Downloader 1.1
"{C3E6E2B5-DEB5-235A-4999-4D424C11788B}" = ATI Catalyst Install Manager
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F" = Balíček ovladače systému Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0)
"ATI Uninstaller" = ATI Uninstaller
"Broadcom 802.11 Network Adapter" = Broadcom 802.11 Network Adapter
"CCleaner" = CCleaner
"CNXT_AUDIO_HDA" = Conexant HD Audio
"Defraggler" = Defraggler
"EA12B1FB53CE4E387C31A85236C41EF559B5E392" = Windows Driver Package - Lenovo (ACPIVPC) System (12/02/2010 6.1.0.1)
"Lenovo EE Boot Optimizer" = Lenovo EE Boot Optimizer
"MediaInfo" = MediaInfo 0.7.64
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinRAR archiver" = WinRAR 5.01 (64-bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Lenovo YouCam
"{0389A677-241F-6EEC-54B0-2D07F620776E}" = Catalyst Control Center Localization All
"{03D98FB6-0E27-5614-864A-961248BD89E8}" = CCC Help Danish
"{064A929A-4DE8-40CF-A901-BD40C14E4D25}" = PDF Architect
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{11178BF5-D5F0-4749-ACE4-EF46ADB38D65}" = ASUS RT-N10 Wireless Router Utilities
"{11778DA1-0495-4ED9-972F-F9E0B0367CD5}" = Windows Live Writer
"{19555808-AF6B-9E99-366C-A2D8C6FB3D07}" = CCC Help English
"{19643FA2-3DDD-1C05-A474-E4FB28638F65}" = Catalyst Control Center InstallProxy
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1A834332-A9EE-440C-9505-2D07F445F05A}" = MOBILedit! Support Libraries
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F03217060FF}" = Java 7 Update 60
"{26A24AE4-039D-4CA4-87B4-2F83218011FF}" = Java 8 Update 11
"{271B24E3-1505-B13A-BF3E-282CF0C54B68}" = PX Profile Update
"{28ABE740-47F3-441B-9437-852F6A64EFF8}" = Lenovo_Wireless_Driver
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{29172463-C766-9812-F399-82380F03761A}" = CCC Help Korean
"{2E6D4F14-C94C-758B-46E4-9AD21852108F}" = CCC Help Portuguese
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34C4F5AF-D757-4E6A-ABCA-65AB5A50A1A8}" = Windows Live Messenger
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3DBFE2A1-945C-9F14-17F6-1F74CB4F82A5}" = CCC Help Japanese
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{4504861F-2770-D8F2-F0B1-B723FADF315F}" = CCC Help Polish
"{47DA7D2E-408C-4050-B75F-95F6D2E6A332}_is1" = MOBILedit! ver. 6.1.1.1806
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50210E48-FB67-0045-3853-C3FBEB470127}" = CCC Help French
"{50300123-F8FC-4B50-B449-E847D04F1BA2}" = Windows Live Messenger
"{5035C1F3-6147-3C83-3C39-37B6DBDAC163}" = CCC Help Thai
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5E627606-53B9-42D1-97E1-D03F6229E248}" = Windows Live UX Platform Language Pack
"{5F1DD61A-0C22-E924-3A81-DFFCC14A5A97}" = CCC Help Russian
"{6033673D-2530-4587-8AD0-EB059FC263F9}" = Crysis® 2
"{62BBB2F0-E220-4821-A564-730807D2C34D}" = Realtek USB 2.0 Reader Driver
"{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6B722793-E77B-41F5-BAB3-6C9832274E75}" = PC Connectivity Solution
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common
"{6FE12C01-2FBC-42E2-AEB9-4CA2238C462F}" = Nokia Connectivity Cable Driver
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71A2BF2A-E7E5-BA48-7525-02BD5B7425C7}" = CCC Help Chinese Standard
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{744C5097-94C7-DE34-5B1F-43EDFDBD5E35}" = CCC Help Dutch
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77D28FF5-242F-488A-8215-937D6A4D69E0}" = Adobe AIR
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{795062B9-1B7A-7ACA-1C7D-7B3D61F4116A}" = ccc-core-static
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.16
"{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}" = Windows Live Writer Resources
"{7D5B0DA2-9AAE-3ADF-B692-685EA3DC64C6}" = CCC Help Italian
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8CC173F3-DBEC-ED42-68EF-49BCB95FC49F}" = CCC Help Swedish
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8F84662D-9C1E-4B01-83CE-1097B8D34471}" = ASUS Wireless Router RT-G32 Utilities v1.0.12.0(EU)
"{90850405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{943A8D28-80D6-41DC-AE94-81FEB42041BF}" = System Requirements Lab CYRI
"{95120000-003F-0405-0000-0000000FF1CE}" = Microsoft Office Excel Viewer
"{95120000-00AF-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (Czech)
"{95140000-00AF-0405-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer
"{96A84750-A54D-C7C3-44AA-5C28C36C5640}" = CCC Help German
"{96B17AEC-9C54-0969-5613-4C9B33BFEAFF}" = CCC Help Chinese Traditional
"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B92B20A-6A19-428F-8BD0-52DF859B1C61}" = Adobe Shockwave Player 11.6
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9E1751DF-188D-591B-3887-1825F597007A}" = CCC Help Spanish
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A44B2324-CB46-A9F9-7FDC-7FD087AEC7FC}" = Catalyst Control Center Profiles Mobile
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.07)
"{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}" = Windows Live Mesh
"{ADE16A9D-FBDC-4ECC-B6BD-9C31E51D0333}" = Lenovo EasyCamera
"{AE7675D6-0B31-494F-ABFA-822E1A0FDF17}_is1" = Kingo Android ROOT version 1.1.8.1835
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B34E1065-711C-7B9E-C77D-9E071DAAFC31}" = CCC Help Finnish
"{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
"{BA0F92C2-2012-0AF0-A2CE-62E220A0AF06}" = CCC Help Hungarian
"{BCFC4789-7C5E-B050-CBB1-8C6CA46990A8}" = CCC Help Greek
"{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}" = Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CCB6DF61-A144-02B4-EDC7-D7478AF7B27D}" = CCC Help Norwegian
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0956C11-0F60-43FE-99AD-524E833471BB}" = Energy Management
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE3B6562-0A58-49E0-836F-B895F3985958}" = Software602 Form Filler
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3A0C45A-7EDB-48EB-AB86-2445E74FBFBB}" = Nokia Suite
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E7FC3EAE-C6D8-92D1-B065-29DECFD5A8E7}" = Catalyst Control Center Graphics Previews Common
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}" = PL-2303 USB-to-Serial
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}" = UserGuide
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Display Audio Driver
"{F8B2AA7F-956F-D943-F1C0-42843041B108}" = CCC Help Czech
"{FA6CF94F-DACF-4FE7-959D-55C421B91B17}" = Windows Live Mail
"{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FC2C6FBD-01DC-36D8-5F4B-7033B00C9963}" = CCC Help Turkish
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 14 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 14 Plugin
"avast" = avast! Free Antivirus
"CameraWindowDC" = Canon Utilities CameraWindow DC 8
"FormatFactory" = FormatFactory 3.1.1
"Fotosvet TETA" = Fotosvet TETA
"Fotosvet TETA 3" = Fotosvet TETA 3
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Lenovo YouCam
"InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}" = Energy Management
"InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}" = UserGuide
"Mozilla Firefox 31.0 (x86 cs)" = Mozilla Firefox 31.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NirSoft WirelessNetView" = NirSoft WirelessNetView
"Nokia Suite" = Nokia Suite
"NSS" = NSS (remove only)
"Pdf995" = Pdf995
"PhotoStitch" = Canon Utilities PhotoStitch
"TapinRadio_is1" = TapinRadio 1.58.2
"TeamViewer 9" = TeamViewer 9
"TechPowerUp GPU-Z" = TechPowerUp GPU-Z
"Totalcmd" = Total Commander (Remove or Repair)
"VeriFace" = VeriFace
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player
"WinLiveSuite" = Windows Live Essentials
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-3620069392-4155492544-4229756758-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"69f070f18ade444c" = SDÍLEJ.CZ Manager
"Gnumeric" = Gnumeric Spreadsheet 1.10.16-20110616
"Opera 23.0.1522.60" = Opera Stable 23.0.1522.60
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 31.7.2014 2:17:46 | Computer Name = MaPa | Source = WinMgmt | ID = 10
Description =
Error - 1.8.2014 2:15:18 | Computer Name = MaPa | Source = WinMgmt | ID = 10
Description =
Error - 1.8.2014 22:46:24 | Computer Name = MaPa | Source = WinMgmt | ID = 10
Description =
Error - 2.8.2014 2:32:41 | Computer Name = MaPa | Source = WinMgmt | ID = 10
Description =
Error - 2.8.2014 12:55:54 | Computer Name = MaPa | Source = WinMgmt | ID = 10
Description =
Error - 2.8.2014 14:15:08 | Computer Name = MaPa | Source = WinMgmt | ID = 10
Description =
Error - 2.8.2014 17:56:21 | Computer Name = MaPa | Source = WinMgmt | ID = 10
Description =
Error - 2.8.2014 18:35:46 | Computer Name = MaPa | Source = Application Hang | ID = 1002
Description = Program IEXPLORE.EXE verze 11.0.9600.17207 přestal spolupracovat se
systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID
procesu: 17e0 Čas spuštění: 01cfaea21213a3ac Čas ukončení: 15 Cesta k aplikaci: C:\Program
Files (x86)\Internet Explorer\IEXPLORE.EXE ID hlášení:
Error - 3.8.2014 2:22:05 | Computer Name = MaPa | Source = WinMgmt | ID = 10
Description =
Error - 3.8.2014 2:57:48 | Computer Name = MaPa | Source = WinMgmt | ID = 10
Description =
[ Media Center Events ]
Error - 22.3.2012 13:46:01 | Computer Name = MaPa | Source = MCUpdate | ID = 0
Description = 18:46:01 - Chyba při připojování k Internetu 18:46:01 - Nelze kontaktovat
server..
Error - 22.3.2012 13:48:25 | Computer Name = MaPa | Source = MCUpdate | ID = 0
Description = 18:48:18 - Chyba při připojování k Internetu 18:48:18 - Nelze kontaktovat
server..
Error - 2.6.2012 7:57:12 | Computer Name = MaPa | Source = MCUpdate | ID = 0
Description = 13:57:12 - Chyba při připojování k Internetu 13:57:12 - Nelze kontaktovat
server..
Error - 2.6.2012 7:57:48 | Computer Name = MaPa | Source = MCUpdate | ID = 0
Description = 13:57:41 - Chyba při připojování k Internetu 13:57:41 - Nelze kontaktovat
server..
Error - 7.7.2012 5:55:26 | Computer Name = MaPa | Source = MCUpdate | ID = 0
Description = 11:55:26 - Načtení položky Directory se nezdařilo. (Chyba: Platnost
operace vypršela.)
Error - 7.7.2012 5:56:52 | Computer Name = MaPa | Source = MCUpdate | ID = 0
Description = 11:56:52 - Načtení položky Directory se nezdařilo. (Chyba: Ke vzdálenému
serveru se nelze připojit.)
Error - 7.7.2012 5:59:21 | Computer Name = MaPa | Source = MCUpdate | ID = 0
Description = 11:59:00 - Načtení položky MCESpotlight se nezdařilo. (Chyba: Platnost
operace vypršela.)
Error - 7.7.2012 6:02:42 | Computer Name = MaPa | Source = MCUpdate | ID = 0
Description = 12:01:01 - Načtení položky MCEClientUX se nezdařilo. (Chyba: Platnost
operace vypršela.)
Error - 7.7.2012 6:03:07 | Computer Name = MaPa | Source = MCUpdate | ID = 0
Description = 12:03:03 - Načtení položky Broadband se nezdařilo. (Chyba: Ke vzdálenému
serveru se nelze připojit.)
Error - 7.7.2012 6:03:45 | Computer Name = MaPa | Source = MCUpdate | ID = 0
Description = 12:03:44 - Chyba při připojování k Internetu 12:03:44 - Nelze kontaktovat
server..
[ System Events ]
Error - 30.6.2014 3:15:40 | Computer Name = MaPa | Source = DCOM | ID = 10010
Description =
Error - 30.6.2014 6:49:45 | Computer Name = MaPa | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby IKEEXT bylo dosaženo časového
limitu (30000 ms).
Error - 7.7.2014 16:58:01 | Computer Name = MaPa | Source = DCOM | ID = 10010
Description =
Error - 13.7.2014 14:11:58 | Computer Name = MaPa | Source = DCOM | ID = 10010
Description =
Error - 17.7.2014 14:10:32 | Computer Name = MaPa | Source = Service Control Manager | ID = 7023
Description = Služba Instalační služba modulů systému Windows byla ukončena s následující
chybou: %%16405
Error - 26.7.2014 13:41:15 | Computer Name = MaPa | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk2\DR2.
Error - 29.7.2014 2:46:00 | Computer Name = MaPa | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (8:38:22, ?29.?7.?2014) bylo neočekávané.
Error - 29.7.2014 2:46:27 | Computer Name = MaPa | Source = BugCheck | ID = 1001
Description =
Error - 29.7.2014 3:17:56 | Computer Name = MaPa | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (9:15:50, ?29.?7.?2014) bylo neočekávané.
Error - 31.7.2014 16:38:58 | Computer Name = MaPa | Source = DCOM | ID = 10010
Description =
< End of report >
Re: Prosím o kontrolu - velké vytížený procesoru.
OTL logfile created on: 3.8.2014 9:35:56 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Marcelka a Pavlíček\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17207)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,95 Gb Total Physical Memory | 2,32 Gb Available Physical Memory | 58,79% Memory free
7,89 Gb Paging File | 6,09 Gb Available in Paging File | 77,19% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 654,69 Gb Total Space | 541,40 Gb Free Space | 82,70% Space Free | Partition Type: NTFS
Drive D: | 29,00 Gb Total Space | 19,30 Gb Free Space | 66,56% Space Free | Partition Type: NTFS
Computer Name: MAPA | User Name: Marcelka a Pavlíček | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014.08.03 09:34:39 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Marcelka a Pavlíček\Desktop\OTL.exe
PRC - [2014.07.31 21:57:41 | 004,085,896 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\avastui.exe
PRC - [2014.07.30 08:37:20 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2014.07.10 20:04:03 | 001,869,488 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
PRC - [2014.07.05 09:57:21 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014.07.02 11:45:03 | 005,037,888 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
PRC - [2013.12.21 08:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.04.08 18:44:12 | 001,320,496 | ---- | M] (pdfforge GmbH) -- C:\Program Files (x86)\PDF Architect\HelperService.exe
PRC - [2013.04.08 18:43:36 | 000,799,280 | ---- | M] (pdfforge GmbH) -- C:\Program Files (x86)\PDF Architect\ConversionService.exe
PRC - [2011.10.10 14:55:04 | 000,085,344 | ---- | M] (Software602 a.s.) -- C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
PRC - [2011.02.18 10:20:54 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011.02.18 10:20:50 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2011.01.29 01:29:36 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
PRC - [2010.12.21 04:30:38 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010.12.21 04:30:36 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010.11.17 03:53:16 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
========== Modules (No Company Name) ==========
MOD - [2014.07.30 08:37:18 | 003,800,688 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2014.07.10 20:04:03 | 017,029,808 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll
MOD - [2014.07.05 09:57:23 | 019,329,904 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2014.07.05 09:57:22 | 000,301,152 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\aswProperty.dll
MOD - [2014.05.15 09:36:44 | 000,475,648 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\562bdd62e51e3eaac4e7c3c30fc6a200\IAStorUtil.ni.dll
MOD - [2014.05.15 09:24:00 | 000,774,144 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\98c91b8d3f1d54c41ada5f37e0935303\System.Runtime.Remoting.ni.dll
MOD - [2014.02.12 21:55:34 | 000,014,336 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\ad6e1822cef18d4543465d225d4f6cb6\IAStorCommon.ni.dll
MOD - [2014.02.12 17:57:44 | 012,436,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\8bc548587e91ecf0552a40e47bbf99cc\System.Windows.Forms.ni.dll
MOD - [2014.02.12 17:57:38 | 001,593,344 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5c24d3b0041ebf4f48a93615b9fa3de9\System.Drawing.ni.dll
MOD - [2014.02.12 17:57:27 | 003,348,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\1d696b2d3de530f7ee971070263667ff\WindowsBase.ni.dll
MOD - [2014.02.12 17:57:22 | 005,464,064 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\217ece46920546d718414291d463bb1c\System.Xml.ni.dll
MOD - [2014.02.12 17:57:19 | 000,978,432 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\5b6ddf934128d538cd5cd77bf4209b93\System.Configuration.ni.dll
MOD - [2014.02.12 17:57:18 | 007,989,760 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\b3a78269847005365001c33870cd121f\System.ni.dll
MOD - [2014.02.12 17:57:13 | 011,499,520 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ede2c6c842840e009f01bcc74fa4c457\mscorlib.ni.dll
MOD - [2013.07.08 14:43:52 | 000,032,768 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_cs_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2010.11.13 04:00:59 | 000,303,104 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
========== Services (SafeList) ==========
SRV:64bit: - [2014.07.05 09:57:21 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2014.06.19 02:24:12 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013.05.27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2011.03.25 04:53:28 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010.12.14 20:04:56 | 000,953,632 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2010.09.22 20:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2014.07.30 08:37:19 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014.07.10 20:04:03 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014.07.02 11:45:03 | 005,037,888 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe -- (TeamViewer9)
SRV - [2013.12.21 08:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.10.23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.09.11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013.04.08 18:44:12 | 001,320,496 | ---- | M] (pdfforge GmbH) [Auto | Running] -- C:\Program Files (x86)\PDF Architect\HelperService.exe -- (PDF Architect Helper Service)
SRV - [2013.04.08 18:43:36 | 000,799,280 | ---- | M] (pdfforge GmbH) [Auto | Running] -- C:\Program Files (x86)\PDF Architect\ConversionService.exe -- (PDF Architect Service)
SRV - [2012.12.19 10:49:34 | 000,732,648 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011.10.10 14:55:04 | 000,085,344 | ---- | M] (Software602 a.s.) [Auto | Running] -- C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe -- (602XML Updater)
SRV - [2011.02.18 10:20:54 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010.12.21 04:30:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010.12.21 04:30:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2014.07.05 09:57:39 | 000,427,360 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsp.sys -- (aswSP)
DRV:64bit: - [2014.07.05 09:57:26 | 001,041,168 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsnx.sys -- (aswSnx)
DRV:64bit: - [2014.07.05 09:57:26 | 000,224,896 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2014.07.05 09:57:26 | 000,092,008 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswstm.sys -- (aswStm)
DRV:64bit: - [2014.07.05 09:57:26 | 000,079,184 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2014.07.05 09:57:26 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2014.07.05 09:57:26 | 000,029,208 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:64bit: - [2014.07.05 09:57:25 | 000,093,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013.11.01 16:10:16 | 000,140,560 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV:64bit: - [2013.08.29 03:29:52 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2012.11.09 16:33:30 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2012.11.09 16:33:30 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2012.11.09 16:33:30 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2012.11.09 16:33:30 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2012.10.17 14:53:46 | 000,026,112 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2012.08.23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 16:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012.08.23 16:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.07.11 18:13:56 | 000,034,032 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\seehcri.sys -- (seehcri)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.10.08 09:30:51 | 000,039,008 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\LhdX64.sys -- (LHDmgr)
DRV:64bit: - [2011.10.08 09:30:49 | 000,029,792 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AcpiVpc.sys -- (ACPIVPC)
DRV:64bit: - [2011.10.08 09:28:16 | 000,057,952 | ---- | M] (Lenovo) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fbfmon.sys -- (fbfmon)
DRV:64bit: - [2011.10.08 09:28:16 | 000,013,408 | ---- | M] (Lenovo) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BPntDrv.sys -- (BPntDrv)
DRV:64bit: - [2011.10.08 00:33:31 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.10.08 00:33:31 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.08.19 02:38:42 | 004,746,304 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2011.04.08 03:59:58 | 001,430,576 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011.03.26 00:17:48 | 012,262,336 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd)
DRV:64bit: - [2011.03.25 12:17:48 | 012,262,336 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011.03.25 07:34:40 | 008,284,672 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011.03.25 04:17:36 | 000,296,960 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011.02.18 10:11:54 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011.01.29 01:29:58 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2011.01.18 10:24:04 | 000,144,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s125mdm.sys -- (s125mdm)
DRV:64bit: - [2011.01.18 10:24:04 | 000,144,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s115mdm.sys -- (s115mdm)
DRV:64bit: - [2011.01.18 10:24:04 | 000,108,296 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s125bus.sys -- (s125bus)
DRV:64bit: - [2011.01.18 10:24:04 | 000,108,296 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s115bus.sys -- (s115bus)
DRV:64bit: - [2011.01.18 10:24:04 | 000,019,720 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s115mdfl.sys -- (s115mdfl)
DRV:64bit: - [2011.01.18 10:24:02 | 000,126,216 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s125mgmt.sys -- (s125mgmt)
DRV:64bit: - [2011.01.18 10:24:02 | 000,126,216 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s115mgmt.sys -- (s115mgmt)
DRV:64bit: - [2011.01.18 10:24:02 | 000,123,656 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s125obex.sys -- (s125obex)
DRV:64bit: - [2011.01.18 10:24:02 | 000,123,656 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s115obex.sys -- (s115obex)
DRV:64bit: - [2011.01.18 10:24:02 | 000,019,720 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s125mdfl.sys -- (s125mdfl)
DRV:64bit: - [2011.01.15 18:21:04 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:64bit: - [2010.12.17 00:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2010.12.15 05:13:31 | 000,349,224 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (BTWAMPFL)
DRV:64bit: - [2010.12.15 05:13:09 | 000,021,416 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2010.12.15 05:13:08 | 000,039,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2010.12.15 05:13:07 | 000,138,280 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2010.12.15 05:13:06 | 000,106,536 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2010.12.10 07:50:36 | 000,181,248 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010.12.10 07:50:36 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 15:34:04 | 000,360,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
DRV:64bit: - [2010.11.20 15:34:04 | 000,194,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:64bit: - [2010.11.20 13:35:34 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:64bit: - [2010.11.20 13:35:26 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpcuxd.sys -- (vpcuxd)
DRV:64bit: - [2010.11.20 13:35:22 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV:64bit: - [2010.10.21 08:57:30 | 000,076,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2010.10.20 02:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010.10.14 19:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010.09.30 10:45:22 | 000,299,520 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rtsuvstor.sys -- (RSUSBVSTOR)
DRV:64bit: - [2010.05.19 19:00:26 | 000,038,912 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PcaSp60.sys -- (PcaSp60)
DRV:64bit: - [2010.03.12 19:21:52 | 000,097,280 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ser2pl64.sys -- (Ser2pl)
DRV:64bit: - [2009.07.21 16:20:06 | 000,121,840 | ---- | M] (CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wsvd.sys -- (wsvd)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:35:42 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2000.01.01 02:00:00 | 001,581,184 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV - [2010.05.19 19:00:26 | 000,038,912 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\PcaSp60.sys -- (PcaSp60)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages =
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages =
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3620069392-4155492544-4229756758-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
IE - HKU\S-1-5-21-3620069392-4155492544-4229756758-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.tiscali.cz/
IE - HKU\S-1-5-21-3620069392-4155492544-4229756758-1000\..\SearchScopes,DefaultScope = {64B2F7E8-7D67-42D5-B1DF-59DA9E1FB056}
IE - HKU\S-1-5-21-3620069392-4155492544-4229756758-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE11SR
IE - HKU\S-1-5-21-3620069392-4155492544-4229756758-1000\..\SearchScopes\{64B2F7E8-7D67-42D5-B1DF-59DA9E1FB056}: "URL" = http://www.google.cz/search?q={searchTe ... Page}&rlz=
IE - HKU\S-1-5-21-3620069392-4155492544-4229756758-1000\..\SearchScopes\{BD93D509-1DEC-4E52-A26D-59A89958BDCF}: "URL" = http://search.seznam.cz/searchScreen?w= ... rms}&mod=f
IE - HKU\S-1-5-21-3620069392-4155492544-4229756758-1000\..\SearchScopes\{C73D9F8C-EB89-45E8-AEA1-EEEE1CB68DB5}: "URL" = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
IE - HKU\S-1-5-21-3620069392-4155492544-4229756758-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.seznam.cz"
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:9.0.2021.112
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:31.0
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {0FED7D55-65D4-47b6-A6DE-9A4ADB55355F}:1.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:5.5
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.0: C:\windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.11.2: C:\Program Files (x86)\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.11.2: C:\Program Files (x86)\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00: File not found
FF - HKLM\Software\MozillaPlugins\@software602.cz/602XML Filler: C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll (Software602 a.s.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014.07.05 09:57:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\FFPDFArchitectConverter@pdfarchitect.com: C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013.05.21 16:08:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 31.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 31.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014.07.30 08:37:05 | 000,000,000 | ---D | M]
[2013.01.01 14:30:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Mozilla\Extensions
[2014.07.17 15:38:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Mozilla\Firefox\Profiles\lbu3mxc0.default\extensions
[2014.06.15 01:52:42 | 000,180,750 | ---- | M] () (No name found) -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Mozilla\Firefox\Profiles\lbu3mxc0.default\extensions\feca4b87-3be4-43da-a1b1-137c24220968@jetpack.xpi
[2010.12.22 20:54:36 | 000,002,214 | ---- | M] () -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Mozilla\Firefox\Profiles\lbu3mxc0.default\searchplugins\zbocz.xml
[2014.07.30 08:37:04 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014.07.30 08:37:21 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014.07.05 09:57:27 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
O1 HOSTS File: ([2012.11.23 19:13:49 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (PDF Architect Helper) - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre8\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)
O4:64bit: - HKLM..\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Lenovo EE Boot Optimizer] C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe (Lenovo)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe ()
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [YouCam Mirage] C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe (CyberLink)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3620069392-4155492544-4229756758-1000..\Run: [] File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O1364bit: - gopher Prefix: missing
O15 - HKU\S-1-5-21-3620069392-4155492544-4229756758-1000\..Trusted Domains: microsoft.com ([www.update] http in Trusted sites)
O16 - DPF: {26E1BEAF-C1A1-482B-8714-08844F1BCF7F} http://90.182.35.27/webviewer.cab (GTileContainerCtl Class)
O16 - DPF: {816BE035-1450-40D0-8A3B-BA7825A83A77} http://support.lenovo.com/Resources/Len ... etect2.cab (IASRunner Class)
O16 - DPF: {BF776FD3-69B4-4151-AC97-3A2A64753E18} http://90.182.35.27/GVersionMan.cab (GVersionManager Class)
O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} http://content.systemrequirementslab.co ... .5.1.0.cab (SysInfo Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 84.16.120.1 84.16.96.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F9379095-AC24-4005-89BC-8AD12AACB099}: DhcpNameServer = 192.168.2.1 84.16.120.1 84.16.96.2
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{1a6ff723-2426-11e1-aeab-9439e5945889}\Shell - "" = AutoRun
O33 - MountPoints2\{1a6ff723-2426-11e1-aeab-9439e5945889}\Shell\AutoRun\command - "" = E:\Setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.clmp3enc - C:\Program Files (x86)\Lenovo\Power2Go\CLMP3Enc.ACM (CyberLink Corp.)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\windows\SysWow64\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2014.08.03 09:34:38 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Marcelka a Pavlíček\Desktop\OTL.exe
[2014.08.03 08:26:08 | 002,620,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wucltux.dll
[2014.08.03 08:26:08 | 000,058,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuauclt.exe
[2014.08.03 08:26:08 | 000,044,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wups2.dll
[2014.08.03 08:25:56 | 000,700,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuapi.dll
[2014.08.03 08:25:56 | 000,581,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wuapi.dll
[2014.08.03 08:25:56 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wudriver.dll
[2014.08.03 08:25:56 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wudriver.dll
[2014.08.03 08:25:56 | 000,038,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wups.dll
[2014.08.03 08:25:56 | 000,036,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wups.dll
[2014.08.03 08:25:43 | 000,198,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuwebv.dll
[2014.08.03 08:25:43 | 000,179,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wuwebv.dll
[2014.08.03 08:25:43 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuapp.exe
[2014.08.03 08:25:43 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wuapp.exe
[2014.08.02 18:48:55 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014.08.01 21:53:08 | 000,000,000 | ---D | C] -- C:\rsit
[2014.07.30 08:37:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014.07.17 20:52:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2014.07.17 20:52:08 | 000,272,808 | ---- | C] (Oracle Corporation) -- C:\windows\SysWow64\javaws.exe
[2014.07.17 20:52:02 | 000,176,552 | ---- | C] (Oracle Corporation) -- C:\windows\SysWow64\javaw.exe
[2014.07.17 20:52:02 | 000,176,040 | ---- | C] (Oracle Corporation) -- C:\windows\SysWow64\java.exe
[2014.07.17 20:52:02 | 000,098,216 | ---- | C] (Oracle Corporation) -- C:\windows\SysWow64\WindowsAccessBridge-32.dll
[2014.07.16 22:08:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014.07.09 08:52:18 | 000,519,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aepdu.dll
[2014.07.09 08:52:17 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aeinv.dll
[2014.07.09 08:52:12 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\osk.exe
[2014.07.09 08:52:12 | 000,646,144 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\osk.exe
[2014.07.09 08:52:11 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\qedit.dll
[2014.07.09 08:52:11 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\qedit.dll
[2014.07.09 08:52:08 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ncrypt.dll
[2014.07.09 08:52:05 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript9diag.dll
[2014.07.09 08:52:05 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2014.07.09 08:52:05 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieetwproxystub.dll
[2014.07.09 08:52:05 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2014.07.09 08:52:04 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwproxystub.dll
[2014.07.09 08:52:04 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\JavaScriptCollectionAgent.dll
[2014.07.09 08:52:04 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2014.07.09 08:52:04 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\JavaScriptCollectionAgent.dll
[2014.07.09 08:52:03 | 001,964,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2014.07.09 08:52:03 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2014.07.09 08:52:02 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtmsft.dll
[2014.07.09 08:52:02 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollector.exe
[2014.07.09 08:52:02 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollectorres.dll
[2014.07.09 08:52:01 | 000,631,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2014.07.09 08:52:01 | 000,608,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2014.07.09 08:52:01 | 000,442,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2014.07.09 08:52:01 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2014.07.09 08:52:00 | 002,040,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2014.07.09 08:51:59 | 001,068,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmlmedia.dll
[2014.07.09 08:51:59 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll
[2014.07.09 08:51:59 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2014.07.09 08:51:58 | 000,598,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2014.07.09 08:51:58 | 000,292,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtrans.dll
[2014.07.09 08:51:58 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll
[2014.07.09 08:51:58 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MshtmlDac.dll
[2014.07.09 08:51:57 | 005,721,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2014.07.09 08:51:57 | 001,249,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmlmedia.dll
[2014.07.09 08:51:57 | 000,752,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9diag.dll
[2014.07.09 08:51:57 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2014.07.09 08:51:57 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2014.07.09 08:51:56 | 000,846,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dll
[2014.07.09 08:51:56 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
[2014.07.09 08:51:56 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll
[2014.07.09 08:51:56 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MshtmlDac.dll
[2014.07.09 08:51:55 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MsSpellCheckingFacility.exe
[2014.07.09 08:51:05 | 001,460,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lsasrv.dll
[2014.07.05 09:57:24 | 000,043,152 | ---- | C] (AVAST Software) -- C:\windows\avastSS.scr
[90 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ]
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014.08.03 09:38:14 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.08.03 09:34:39 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Marcelka a Pavlíček\Desktop\OTL.exe
[2014.08.03 09:04:34 | 000,021,280 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.08.03 09:04:34 | 000,021,280 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.08.03 09:03:06 | 001,584,626 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2014.08.03 09:03:06 | 000,670,924 | ---- | M] () -- C:\windows\SysNative\perfh005.dat
[2014.08.03 09:03:06 | 000,655,038 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2014.08.03 09:03:06 | 000,142,504 | ---- | M] () -- C:\windows\SysNative\perfc005.dat
[2014.08.03 09:03:06 | 000,122,910 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2014.08.03 08:58:35 | 000,304,337 | ---- | M] () -- C:\windows\SysNative\fastboot.set
[2014.08.03 08:56:30 | 000,065,536 | ---- | M] () -- C:\windows\SysNative\Ikeext.etl
[2014.08.03 08:56:08 | 000,067,584 | ---- | M] () -- C:\windows\bootstat.dat
[2014.08.03 08:56:01 | 3177,074,688 | -HS- | M] () -- C:\hiberfil.sys
[2014.08.03 08:52:05 | 000,000,914 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2014.08.02 22:29:26 | 000,001,120 | ---- | M] () -- C:\Users\Marcelka a Pavlíček\AppData\Local\MRDownloader.nast
[2014.07.30 14:12:20 | 000,000,843 | ---- | M] () -- C:\Users\Marcelka a Pavlíček\.recently-used.xbel
[2014.07.29 08:45:58 | 462,653,218 | ---- | M] () -- C:\windows\MEMORY.DMP
[2014.07.27 20:42:01 | 000,000,782 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014.07.27 20:41:25 | 000,030,076 | ---- | M] () -- C:\Users\Marcelka a Pavlíček\Documents\cc_20140422_141651.reg
[2014.07.18 12:51:48 | 260,182,779 | -H-- | M] () -- C:\Users\Marcelka a Pavlíček\Desktop\Hra_o_truny._Game_of_Thrones.S04E05_První_svého_jména_CZ_Titulky.avi.part1
[2014.07.17 23:01:23 | 003,662,786 | -H-- | M] () -- C:\Users\Marcelka a Pavlíček\Desktop\Hra_o_truny._Game_of_Thrones.S04E07_Drozd_CZ_Dabing.avi.part1
[2014.07.17 23:01:23 | 003,116,729 | -H-- | M] () -- C:\Users\Marcelka a Pavlíček\Desktop\Hra_o_trůny._Game_of_Thrones.S04E08_Hora_a_zmije_CZ_Titulky.avi.part1
[2014.07.17 23:01:23 | 003,020,361 | -H-- | M] () -- C:\Users\Marcelka a Pavlíček\Desktop\Hra_o_truny._Game_of_Thrones.S04E06_Zákony_bohů_a_lidí_CZ_Titulky.avi.part1
[2014.07.17 23:01:23 | 003,018,914 | -H-- | M] () -- C:\Users\Marcelka a Pavlíček\Desktop\Hra_o_trůny._Game_of_Thrones.S04E09_Strážci_na_Zdi_CZ_Dabing.avi.part1
[2014.07.17 23:01:23 | 002,950,866 | -H-- | M] () -- C:\Users\Marcelka a Pavlíček\Desktop\Hra_o_truny._Game_of_Thrones.S04E10_Děti_CZ_Titulky.avi.part1
[2014.07.17 20:51:56 | 000,098,216 | ---- | M] (Oracle Corporation) -- C:\windows\SysWow64\WindowsAccessBridge-32.dll
[2014.07.17 20:51:55 | 000,272,808 | ---- | M] (Oracle Corporation) -- C:\windows\SysWow64\javaws.exe
[2014.07.17 20:51:55 | 000,176,552 | ---- | M] (Oracle Corporation) -- C:\windows\SysWow64\javaw.exe
[2014.07.17 20:51:55 | 000,176,040 | ---- | M] (Oracle Corporation) -- C:\windows\SysWow64\java.exe
[2014.07.13 18:23:03 | 000,001,008 | ---- | M] () -- C:\Users\Marcelka a Pavlíček\Documents\cc_20140508_001654.reg
[2014.07.10 20:04:03 | 000,699,056 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2014.07.10 20:04:03 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2014.07.09 17:19:59 | 000,292,416 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2014.07.06 20:59:44 | 000,000,162 | ---- | M] () -- C:\Users\Marcelka a Pavlíček\Documents\cc_20140706_205942.reg
[2014.07.05 09:57:44 | 000,001,966 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014.07.05 09:57:39 | 000,427,360 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswsp.sys
[2014.07.05 09:57:26 | 001,041,168 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswsnx.sys
[2014.07.05 09:57:26 | 000,307,344 | ---- | M] (AVAST Software) -- C:\windows\SysNative\aswBoot.exe
[2014.07.05 09:57:26 | 000,224,896 | ---- | M] () -- C:\windows\SysNative\drivers\aswVmm.sys
[2014.07.05 09:57:26 | 000,092,008 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswstm.sys
[2014.07.05 09:57:26 | 000,079,184 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswMonFlt.sys
[2014.07.05 09:57:26 | 000,065,776 | ---- | M] () -- C:\windows\SysNative\drivers\aswRvrt.sys
[2014.07.05 09:57:26 | 000,029,208 | ---- | M] () -- C:\windows\SysNative\drivers\aswHwid.sys
[2014.07.05 09:57:25 | 000,093,568 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswRdr2.sys
[2014.07.05 09:57:24 | 000,043,152 | ---- | M] (AVAST Software) -- C:\windows\avastSS.scr
[90 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ]
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014.08.03 09:38:14 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.07.30 14:12:20 | 000,000,843 | ---- | C] () -- C:\Users\Marcelka a Pavlíček\.recently-used.xbel
[2014.07.29 08:45:58 | 462,653,218 | ---- | C] () -- C:\windows\MEMORY.DMP
[2014.07.17 21:36:09 | 003,020,361 | -H-- | C] () -- C:\Users\Marcelka a Pavlíček\Desktop\Hra_o_truny._Game_of_Thrones.S04E06_Zákony_bohů_a_lidí_CZ_Titulky.avi.part1
[2014.07.17 21:36:09 | 002,950,866 | -H-- | C] () -- C:\Users\Marcelka a Pavlíček\Desktop\Hra_o_truny._Game_of_Thrones.S04E10_Děti_CZ_Titulky.avi.part1
[2014.07.17 21:36:08 | 003,116,729 | -H-- | C] () -- C:\Users\Marcelka a Pavlíček\Desktop\Hra_o_trůny._Game_of_Thrones.S04E08_Hora_a_zmije_CZ_Titulky.avi.part1
[2014.07.17 21:36:07 | 003,662,786 | -H-- | C] () -- C:\Users\Marcelka a Pavlíček\Desktop\Hra_o_truny._Game_of_Thrones.S04E07_Drozd_CZ_Dabing.avi.part1
[2014.07.17 21:36:07 | 003,018,914 | -H-- | C] () -- C:\Users\Marcelka a Pavlíček\Desktop\Hra_o_trůny._Game_of_Thrones.S04E09_Strážci_na_Zdi_CZ_Dabing.avi.part1
[2014.07.17 21:36:06 | 260,182,779 | -H-- | C] () -- C:\Users\Marcelka a Pavlíček\Desktop\Hra_o_truny._Game_of_Thrones.S04E05_První_svého_jména_CZ_Titulky.avi.part1
[2014.07.06 20:59:44 | 000,000,162 | ---- | C] () -- C:\Users\Marcelka a Pavlíček\Documents\cc_20140706_205942.reg
[2014.07.05 09:57:44 | 000,001,966 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014.02.28 23:47:25 | 000,001,120 | ---- | C] () -- C:\Users\Marcelka a Pavlíček\AppData\Local\MRDownloader.nast
[2014.02.28 23:47:17 | 000,000,534 | ---- | C] () -- C:\Users\Marcelka a Pavlíček\AppData\Local\MRDownloader.err
[2013.05.21 15:30:15 | 000,000,059 | ---- | C] () -- C:\windows\wpd99.drv
[2013.05.21 15:30:13 | 000,040,448 | ---- | C] () -- C:\windows\SysWow64\pdf995mon64.dll
[2012.10.09 11:46:18 | 000,000,095 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2012.10.09 11:46:06 | 000,000,089 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.64.bc
[2012.07.11 15:25:40 | 000,015,872 | ---- | C] () -- C:\Users\Marcelka a Pavlíček\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.12.13 00:15:53 | 000,007,603 | ---- | C] () -- C:\Users\Marcelka a Pavlíček\AppData\Local\Resmon.ResmonCfg
[2011.11.27 00:41:19 | 000,024,143 | ---- | C] () -- C:\Users\Marcelka a Pavlíček\AppData\Local\SRDownloader.err
[2011.11.26 23:47:25 | 000,001,160 | ---- | C] () -- C:\Users\Marcelka a Pavlíček\AppData\Local\SRDownloader.nast
========== ZeroAccess Check ==========
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014.03.25 04:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014.03.25 04:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Marcelka a Pavlíček\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17207)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,95 Gb Total Physical Memory | 2,32 Gb Available Physical Memory | 58,79% Memory free
7,89 Gb Paging File | 6,09 Gb Available in Paging File | 77,19% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 654,69 Gb Total Space | 541,40 Gb Free Space | 82,70% Space Free | Partition Type: NTFS
Drive D: | 29,00 Gb Total Space | 19,30 Gb Free Space | 66,56% Space Free | Partition Type: NTFS
Computer Name: MAPA | User Name: Marcelka a Pavlíček | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014.08.03 09:34:39 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Marcelka a Pavlíček\Desktop\OTL.exe
PRC - [2014.07.31 21:57:41 | 004,085,896 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\avastui.exe
PRC - [2014.07.30 08:37:20 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2014.07.10 20:04:03 | 001,869,488 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
PRC - [2014.07.05 09:57:21 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014.07.02 11:45:03 | 005,037,888 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
PRC - [2013.12.21 08:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.04.08 18:44:12 | 001,320,496 | ---- | M] (pdfforge GmbH) -- C:\Program Files (x86)\PDF Architect\HelperService.exe
PRC - [2013.04.08 18:43:36 | 000,799,280 | ---- | M] (pdfforge GmbH) -- C:\Program Files (x86)\PDF Architect\ConversionService.exe
PRC - [2011.10.10 14:55:04 | 000,085,344 | ---- | M] (Software602 a.s.) -- C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
PRC - [2011.02.18 10:20:54 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011.02.18 10:20:50 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2011.01.29 01:29:36 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
PRC - [2010.12.21 04:30:38 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010.12.21 04:30:36 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010.11.17 03:53:16 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
========== Modules (No Company Name) ==========
MOD - [2014.07.30 08:37:18 | 003,800,688 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2014.07.10 20:04:03 | 017,029,808 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll
MOD - [2014.07.05 09:57:23 | 019,329,904 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2014.07.05 09:57:22 | 000,301,152 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\aswProperty.dll
MOD - [2014.05.15 09:36:44 | 000,475,648 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\562bdd62e51e3eaac4e7c3c30fc6a200\IAStorUtil.ni.dll
MOD - [2014.05.15 09:24:00 | 000,774,144 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\98c91b8d3f1d54c41ada5f37e0935303\System.Runtime.Remoting.ni.dll
MOD - [2014.02.12 21:55:34 | 000,014,336 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\ad6e1822cef18d4543465d225d4f6cb6\IAStorCommon.ni.dll
MOD - [2014.02.12 17:57:44 | 012,436,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\8bc548587e91ecf0552a40e47bbf99cc\System.Windows.Forms.ni.dll
MOD - [2014.02.12 17:57:38 | 001,593,344 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5c24d3b0041ebf4f48a93615b9fa3de9\System.Drawing.ni.dll
MOD - [2014.02.12 17:57:27 | 003,348,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\1d696b2d3de530f7ee971070263667ff\WindowsBase.ni.dll
MOD - [2014.02.12 17:57:22 | 005,464,064 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\217ece46920546d718414291d463bb1c\System.Xml.ni.dll
MOD - [2014.02.12 17:57:19 | 000,978,432 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\5b6ddf934128d538cd5cd77bf4209b93\System.Configuration.ni.dll
MOD - [2014.02.12 17:57:18 | 007,989,760 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\b3a78269847005365001c33870cd121f\System.ni.dll
MOD - [2014.02.12 17:57:13 | 011,499,520 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ede2c6c842840e009f01bcc74fa4c457\mscorlib.ni.dll
MOD - [2013.07.08 14:43:52 | 000,032,768 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_cs_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2010.11.13 04:00:59 | 000,303,104 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
========== Services (SafeList) ==========
SRV:64bit: - [2014.07.05 09:57:21 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2014.06.19 02:24:12 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013.05.27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2011.03.25 04:53:28 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010.12.14 20:04:56 | 000,953,632 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2010.09.22 20:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2014.07.30 08:37:19 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014.07.10 20:04:03 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014.07.02 11:45:03 | 005,037,888 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe -- (TeamViewer9)
SRV - [2013.12.21 08:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.10.23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.09.11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013.04.08 18:44:12 | 001,320,496 | ---- | M] (pdfforge GmbH) [Auto | Running] -- C:\Program Files (x86)\PDF Architect\HelperService.exe -- (PDF Architect Helper Service)
SRV - [2013.04.08 18:43:36 | 000,799,280 | ---- | M] (pdfforge GmbH) [Auto | Running] -- C:\Program Files (x86)\PDF Architect\ConversionService.exe -- (PDF Architect Service)
SRV - [2012.12.19 10:49:34 | 000,732,648 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011.10.10 14:55:04 | 000,085,344 | ---- | M] (Software602 a.s.) [Auto | Running] -- C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe -- (602XML Updater)
SRV - [2011.02.18 10:20:54 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010.12.21 04:30:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010.12.21 04:30:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2014.07.05 09:57:39 | 000,427,360 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsp.sys -- (aswSP)
DRV:64bit: - [2014.07.05 09:57:26 | 001,041,168 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsnx.sys -- (aswSnx)
DRV:64bit: - [2014.07.05 09:57:26 | 000,224,896 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2014.07.05 09:57:26 | 000,092,008 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswstm.sys -- (aswStm)
DRV:64bit: - [2014.07.05 09:57:26 | 000,079,184 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2014.07.05 09:57:26 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2014.07.05 09:57:26 | 000,029,208 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:64bit: - [2014.07.05 09:57:25 | 000,093,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013.11.01 16:10:16 | 000,140,560 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV:64bit: - [2013.08.29 03:29:52 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2012.11.09 16:33:30 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2012.11.09 16:33:30 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2012.11.09 16:33:30 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2012.11.09 16:33:30 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2012.10.17 14:53:46 | 000,026,112 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2012.08.23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 16:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012.08.23 16:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.07.11 18:13:56 | 000,034,032 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\seehcri.sys -- (seehcri)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.10.08 09:30:51 | 000,039,008 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\LhdX64.sys -- (LHDmgr)
DRV:64bit: - [2011.10.08 09:30:49 | 000,029,792 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AcpiVpc.sys -- (ACPIVPC)
DRV:64bit: - [2011.10.08 09:28:16 | 000,057,952 | ---- | M] (Lenovo) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fbfmon.sys -- (fbfmon)
DRV:64bit: - [2011.10.08 09:28:16 | 000,013,408 | ---- | M] (Lenovo) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BPntDrv.sys -- (BPntDrv)
DRV:64bit: - [2011.10.08 00:33:31 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.10.08 00:33:31 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.08.19 02:38:42 | 004,746,304 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2011.04.08 03:59:58 | 001,430,576 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011.03.26 00:17:48 | 012,262,336 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd)
DRV:64bit: - [2011.03.25 12:17:48 | 012,262,336 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011.03.25 07:34:40 | 008,284,672 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011.03.25 04:17:36 | 000,296,960 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011.02.18 10:11:54 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011.01.29 01:29:58 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2011.01.18 10:24:04 | 000,144,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s125mdm.sys -- (s125mdm)
DRV:64bit: - [2011.01.18 10:24:04 | 000,144,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s115mdm.sys -- (s115mdm)
DRV:64bit: - [2011.01.18 10:24:04 | 000,108,296 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s125bus.sys -- (s125bus)
DRV:64bit: - [2011.01.18 10:24:04 | 000,108,296 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s115bus.sys -- (s115bus)
DRV:64bit: - [2011.01.18 10:24:04 | 000,019,720 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s115mdfl.sys -- (s115mdfl)
DRV:64bit: - [2011.01.18 10:24:02 | 000,126,216 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s125mgmt.sys -- (s125mgmt)
DRV:64bit: - [2011.01.18 10:24:02 | 000,126,216 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s115mgmt.sys -- (s115mgmt)
DRV:64bit: - [2011.01.18 10:24:02 | 000,123,656 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s125obex.sys -- (s125obex)
DRV:64bit: - [2011.01.18 10:24:02 | 000,123,656 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s115obex.sys -- (s115obex)
DRV:64bit: - [2011.01.18 10:24:02 | 000,019,720 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s125mdfl.sys -- (s125mdfl)
DRV:64bit: - [2011.01.15 18:21:04 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:64bit: - [2010.12.17 00:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2010.12.15 05:13:31 | 000,349,224 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (BTWAMPFL)
DRV:64bit: - [2010.12.15 05:13:09 | 000,021,416 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2010.12.15 05:13:08 | 000,039,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2010.12.15 05:13:07 | 000,138,280 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2010.12.15 05:13:06 | 000,106,536 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2010.12.10 07:50:36 | 000,181,248 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010.12.10 07:50:36 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 15:34:04 | 000,360,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
DRV:64bit: - [2010.11.20 15:34:04 | 000,194,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:64bit: - [2010.11.20 13:35:34 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:64bit: - [2010.11.20 13:35:26 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpcuxd.sys -- (vpcuxd)
DRV:64bit: - [2010.11.20 13:35:22 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV:64bit: - [2010.10.21 08:57:30 | 000,076,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2010.10.20 02:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010.10.14 19:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010.09.30 10:45:22 | 000,299,520 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rtsuvstor.sys -- (RSUSBVSTOR)
DRV:64bit: - [2010.05.19 19:00:26 | 000,038,912 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PcaSp60.sys -- (PcaSp60)
DRV:64bit: - [2010.03.12 19:21:52 | 000,097,280 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ser2pl64.sys -- (Ser2pl)
DRV:64bit: - [2009.07.21 16:20:06 | 000,121,840 | ---- | M] (CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wsvd.sys -- (wsvd)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:35:42 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2000.01.01 02:00:00 | 001,581,184 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV - [2010.05.19 19:00:26 | 000,038,912 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\PcaSp60.sys -- (PcaSp60)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages =
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages =
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3620069392-4155492544-4229756758-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
IE - HKU\S-1-5-21-3620069392-4155492544-4229756758-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.tiscali.cz/
IE - HKU\S-1-5-21-3620069392-4155492544-4229756758-1000\..\SearchScopes,DefaultScope = {64B2F7E8-7D67-42D5-B1DF-59DA9E1FB056}
IE - HKU\S-1-5-21-3620069392-4155492544-4229756758-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE11SR
IE - HKU\S-1-5-21-3620069392-4155492544-4229756758-1000\..\SearchScopes\{64B2F7E8-7D67-42D5-B1DF-59DA9E1FB056}: "URL" = http://www.google.cz/search?q={searchTe ... Page}&rlz=
IE - HKU\S-1-5-21-3620069392-4155492544-4229756758-1000\..\SearchScopes\{BD93D509-1DEC-4E52-A26D-59A89958BDCF}: "URL" = http://search.seznam.cz/searchScreen?w= ... rms}&mod=f
IE - HKU\S-1-5-21-3620069392-4155492544-4229756758-1000\..\SearchScopes\{C73D9F8C-EB89-45E8-AEA1-EEEE1CB68DB5}: "URL" = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
IE - HKU\S-1-5-21-3620069392-4155492544-4229756758-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.seznam.cz"
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:9.0.2021.112
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:31.0
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {0FED7D55-65D4-47b6-A6DE-9A4ADB55355F}:1.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:5.5
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.0: C:\windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.11.2: C:\Program Files (x86)\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.11.2: C:\Program Files (x86)\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00: File not found
FF - HKLM\Software\MozillaPlugins\@software602.cz/602XML Filler: C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll (Software602 a.s.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014.07.05 09:57:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\FFPDFArchitectConverter@pdfarchitect.com: C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013.05.21 16:08:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 31.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 31.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014.07.30 08:37:05 | 000,000,000 | ---D | M]
[2013.01.01 14:30:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Mozilla\Extensions
[2014.07.17 15:38:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Mozilla\Firefox\Profiles\lbu3mxc0.default\extensions
[2014.06.15 01:52:42 | 000,180,750 | ---- | M] () (No name found) -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Mozilla\Firefox\Profiles\lbu3mxc0.default\extensions\feca4b87-3be4-43da-a1b1-137c24220968@jetpack.xpi
[2010.12.22 20:54:36 | 000,002,214 | ---- | M] () -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Mozilla\Firefox\Profiles\lbu3mxc0.default\searchplugins\zbocz.xml
[2014.07.30 08:37:04 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014.07.30 08:37:21 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014.07.05 09:57:27 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
O1 HOSTS File: ([2012.11.23 19:13:49 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (PDF Architect Helper) - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre8\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)
O4:64bit: - HKLM..\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Lenovo EE Boot Optimizer] C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe (Lenovo)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe ()
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [YouCam Mirage] C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe (CyberLink)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3620069392-4155492544-4229756758-1000..\Run: [] File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O1364bit: - gopher Prefix: missing
O15 - HKU\S-1-5-21-3620069392-4155492544-4229756758-1000\..Trusted Domains: microsoft.com ([www.update] http in Trusted sites)
O16 - DPF: {26E1BEAF-C1A1-482B-8714-08844F1BCF7F} http://90.182.35.27/webviewer.cab (GTileContainerCtl Class)
O16 - DPF: {816BE035-1450-40D0-8A3B-BA7825A83A77} http://support.lenovo.com/Resources/Len ... etect2.cab (IASRunner Class)
O16 - DPF: {BF776FD3-69B4-4151-AC97-3A2A64753E18} http://90.182.35.27/GVersionMan.cab (GVersionManager Class)
O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} http://content.systemrequirementslab.co ... .5.1.0.cab (SysInfo Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 84.16.120.1 84.16.96.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F9379095-AC24-4005-89BC-8AD12AACB099}: DhcpNameServer = 192.168.2.1 84.16.120.1 84.16.96.2
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{1a6ff723-2426-11e1-aeab-9439e5945889}\Shell - "" = AutoRun
O33 - MountPoints2\{1a6ff723-2426-11e1-aeab-9439e5945889}\Shell\AutoRun\command - "" = E:\Setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.clmp3enc - C:\Program Files (x86)\Lenovo\Power2Go\CLMP3Enc.ACM (CyberLink Corp.)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\windows\SysWow64\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2014.08.03 09:34:38 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Marcelka a Pavlíček\Desktop\OTL.exe
[2014.08.03 08:26:08 | 002,620,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wucltux.dll
[2014.08.03 08:26:08 | 000,058,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuauclt.exe
[2014.08.03 08:26:08 | 000,044,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wups2.dll
[2014.08.03 08:25:56 | 000,700,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuapi.dll
[2014.08.03 08:25:56 | 000,581,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wuapi.dll
[2014.08.03 08:25:56 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wudriver.dll
[2014.08.03 08:25:56 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wudriver.dll
[2014.08.03 08:25:56 | 000,038,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wups.dll
[2014.08.03 08:25:56 | 000,036,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wups.dll
[2014.08.03 08:25:43 | 000,198,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuwebv.dll
[2014.08.03 08:25:43 | 000,179,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wuwebv.dll
[2014.08.03 08:25:43 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuapp.exe
[2014.08.03 08:25:43 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wuapp.exe
[2014.08.02 18:48:55 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014.08.01 21:53:08 | 000,000,000 | ---D | C] -- C:\rsit
[2014.07.30 08:37:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014.07.17 20:52:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2014.07.17 20:52:08 | 000,272,808 | ---- | C] (Oracle Corporation) -- C:\windows\SysWow64\javaws.exe
[2014.07.17 20:52:02 | 000,176,552 | ---- | C] (Oracle Corporation) -- C:\windows\SysWow64\javaw.exe
[2014.07.17 20:52:02 | 000,176,040 | ---- | C] (Oracle Corporation) -- C:\windows\SysWow64\java.exe
[2014.07.17 20:52:02 | 000,098,216 | ---- | C] (Oracle Corporation) -- C:\windows\SysWow64\WindowsAccessBridge-32.dll
[2014.07.16 22:08:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014.07.09 08:52:18 | 000,519,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aepdu.dll
[2014.07.09 08:52:17 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aeinv.dll
[2014.07.09 08:52:12 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\osk.exe
[2014.07.09 08:52:12 | 000,646,144 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\osk.exe
[2014.07.09 08:52:11 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\qedit.dll
[2014.07.09 08:52:11 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\qedit.dll
[2014.07.09 08:52:08 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ncrypt.dll
[2014.07.09 08:52:05 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript9diag.dll
[2014.07.09 08:52:05 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2014.07.09 08:52:05 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieetwproxystub.dll
[2014.07.09 08:52:05 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2014.07.09 08:52:04 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwproxystub.dll
[2014.07.09 08:52:04 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\JavaScriptCollectionAgent.dll
[2014.07.09 08:52:04 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2014.07.09 08:52:04 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\JavaScriptCollectionAgent.dll
[2014.07.09 08:52:03 | 001,964,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2014.07.09 08:52:03 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2014.07.09 08:52:02 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtmsft.dll
[2014.07.09 08:52:02 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollector.exe
[2014.07.09 08:52:02 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollectorres.dll
[2014.07.09 08:52:01 | 000,631,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2014.07.09 08:52:01 | 000,608,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2014.07.09 08:52:01 | 000,442,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2014.07.09 08:52:01 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2014.07.09 08:52:00 | 002,040,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2014.07.09 08:51:59 | 001,068,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmlmedia.dll
[2014.07.09 08:51:59 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll
[2014.07.09 08:51:59 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2014.07.09 08:51:58 | 000,598,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2014.07.09 08:51:58 | 000,292,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtrans.dll
[2014.07.09 08:51:58 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll
[2014.07.09 08:51:58 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MshtmlDac.dll
[2014.07.09 08:51:57 | 005,721,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2014.07.09 08:51:57 | 001,249,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmlmedia.dll
[2014.07.09 08:51:57 | 000,752,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9diag.dll
[2014.07.09 08:51:57 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2014.07.09 08:51:57 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2014.07.09 08:51:56 | 000,846,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dll
[2014.07.09 08:51:56 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
[2014.07.09 08:51:56 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll
[2014.07.09 08:51:56 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MshtmlDac.dll
[2014.07.09 08:51:55 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MsSpellCheckingFacility.exe
[2014.07.09 08:51:05 | 001,460,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lsasrv.dll
[2014.07.05 09:57:24 | 000,043,152 | ---- | C] (AVAST Software) -- C:\windows\avastSS.scr
[90 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ]
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014.08.03 09:38:14 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.08.03 09:34:39 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Marcelka a Pavlíček\Desktop\OTL.exe
[2014.08.03 09:04:34 | 000,021,280 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.08.03 09:04:34 | 000,021,280 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.08.03 09:03:06 | 001,584,626 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2014.08.03 09:03:06 | 000,670,924 | ---- | M] () -- C:\windows\SysNative\perfh005.dat
[2014.08.03 09:03:06 | 000,655,038 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2014.08.03 09:03:06 | 000,142,504 | ---- | M] () -- C:\windows\SysNative\perfc005.dat
[2014.08.03 09:03:06 | 000,122,910 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2014.08.03 08:58:35 | 000,304,337 | ---- | M] () -- C:\windows\SysNative\fastboot.set
[2014.08.03 08:56:30 | 000,065,536 | ---- | M] () -- C:\windows\SysNative\Ikeext.etl
[2014.08.03 08:56:08 | 000,067,584 | ---- | M] () -- C:\windows\bootstat.dat
[2014.08.03 08:56:01 | 3177,074,688 | -HS- | M] () -- C:\hiberfil.sys
[2014.08.03 08:52:05 | 000,000,914 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2014.08.02 22:29:26 | 000,001,120 | ---- | M] () -- C:\Users\Marcelka a Pavlíček\AppData\Local\MRDownloader.nast
[2014.07.30 14:12:20 | 000,000,843 | ---- | M] () -- C:\Users\Marcelka a Pavlíček\.recently-used.xbel
[2014.07.29 08:45:58 | 462,653,218 | ---- | M] () -- C:\windows\MEMORY.DMP
[2014.07.27 20:42:01 | 000,000,782 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014.07.27 20:41:25 | 000,030,076 | ---- | M] () -- C:\Users\Marcelka a Pavlíček\Documents\cc_20140422_141651.reg
[2014.07.18 12:51:48 | 260,182,779 | -H-- | M] () -- C:\Users\Marcelka a Pavlíček\Desktop\Hra_o_truny._Game_of_Thrones.S04E05_První_svého_jména_CZ_Titulky.avi.part1
[2014.07.17 23:01:23 | 003,662,786 | -H-- | M] () -- C:\Users\Marcelka a Pavlíček\Desktop\Hra_o_truny._Game_of_Thrones.S04E07_Drozd_CZ_Dabing.avi.part1
[2014.07.17 23:01:23 | 003,116,729 | -H-- | M] () -- C:\Users\Marcelka a Pavlíček\Desktop\Hra_o_trůny._Game_of_Thrones.S04E08_Hora_a_zmije_CZ_Titulky.avi.part1
[2014.07.17 23:01:23 | 003,020,361 | -H-- | M] () -- C:\Users\Marcelka a Pavlíček\Desktop\Hra_o_truny._Game_of_Thrones.S04E06_Zákony_bohů_a_lidí_CZ_Titulky.avi.part1
[2014.07.17 23:01:23 | 003,018,914 | -H-- | M] () -- C:\Users\Marcelka a Pavlíček\Desktop\Hra_o_trůny._Game_of_Thrones.S04E09_Strážci_na_Zdi_CZ_Dabing.avi.part1
[2014.07.17 23:01:23 | 002,950,866 | -H-- | M] () -- C:\Users\Marcelka a Pavlíček\Desktop\Hra_o_truny._Game_of_Thrones.S04E10_Děti_CZ_Titulky.avi.part1
[2014.07.17 20:51:56 | 000,098,216 | ---- | M] (Oracle Corporation) -- C:\windows\SysWow64\WindowsAccessBridge-32.dll
[2014.07.17 20:51:55 | 000,272,808 | ---- | M] (Oracle Corporation) -- C:\windows\SysWow64\javaws.exe
[2014.07.17 20:51:55 | 000,176,552 | ---- | M] (Oracle Corporation) -- C:\windows\SysWow64\javaw.exe
[2014.07.17 20:51:55 | 000,176,040 | ---- | M] (Oracle Corporation) -- C:\windows\SysWow64\java.exe
[2014.07.13 18:23:03 | 000,001,008 | ---- | M] () -- C:\Users\Marcelka a Pavlíček\Documents\cc_20140508_001654.reg
[2014.07.10 20:04:03 | 000,699,056 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2014.07.10 20:04:03 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2014.07.09 17:19:59 | 000,292,416 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2014.07.06 20:59:44 | 000,000,162 | ---- | M] () -- C:\Users\Marcelka a Pavlíček\Documents\cc_20140706_205942.reg
[2014.07.05 09:57:44 | 000,001,966 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014.07.05 09:57:39 | 000,427,360 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswsp.sys
[2014.07.05 09:57:26 | 001,041,168 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswsnx.sys
[2014.07.05 09:57:26 | 000,307,344 | ---- | M] (AVAST Software) -- C:\windows\SysNative\aswBoot.exe
[2014.07.05 09:57:26 | 000,224,896 | ---- | M] () -- C:\windows\SysNative\drivers\aswVmm.sys
[2014.07.05 09:57:26 | 000,092,008 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswstm.sys
[2014.07.05 09:57:26 | 000,079,184 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswMonFlt.sys
[2014.07.05 09:57:26 | 000,065,776 | ---- | M] () -- C:\windows\SysNative\drivers\aswRvrt.sys
[2014.07.05 09:57:26 | 000,029,208 | ---- | M] () -- C:\windows\SysNative\drivers\aswHwid.sys
[2014.07.05 09:57:25 | 000,093,568 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswRdr2.sys
[2014.07.05 09:57:24 | 000,043,152 | ---- | M] (AVAST Software) -- C:\windows\avastSS.scr
[90 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ]
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014.08.03 09:38:14 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.07.30 14:12:20 | 000,000,843 | ---- | C] () -- C:\Users\Marcelka a Pavlíček\.recently-used.xbel
[2014.07.29 08:45:58 | 462,653,218 | ---- | C] () -- C:\windows\MEMORY.DMP
[2014.07.17 21:36:09 | 003,020,361 | -H-- | C] () -- C:\Users\Marcelka a Pavlíček\Desktop\Hra_o_truny._Game_of_Thrones.S04E06_Zákony_bohů_a_lidí_CZ_Titulky.avi.part1
[2014.07.17 21:36:09 | 002,950,866 | -H-- | C] () -- C:\Users\Marcelka a Pavlíček\Desktop\Hra_o_truny._Game_of_Thrones.S04E10_Děti_CZ_Titulky.avi.part1
[2014.07.17 21:36:08 | 003,116,729 | -H-- | C] () -- C:\Users\Marcelka a Pavlíček\Desktop\Hra_o_trůny._Game_of_Thrones.S04E08_Hora_a_zmije_CZ_Titulky.avi.part1
[2014.07.17 21:36:07 | 003,662,786 | -H-- | C] () -- C:\Users\Marcelka a Pavlíček\Desktop\Hra_o_truny._Game_of_Thrones.S04E07_Drozd_CZ_Dabing.avi.part1
[2014.07.17 21:36:07 | 003,018,914 | -H-- | C] () -- C:\Users\Marcelka a Pavlíček\Desktop\Hra_o_trůny._Game_of_Thrones.S04E09_Strážci_na_Zdi_CZ_Dabing.avi.part1
[2014.07.17 21:36:06 | 260,182,779 | -H-- | C] () -- C:\Users\Marcelka a Pavlíček\Desktop\Hra_o_truny._Game_of_Thrones.S04E05_První_svého_jména_CZ_Titulky.avi.part1
[2014.07.06 20:59:44 | 000,000,162 | ---- | C] () -- C:\Users\Marcelka a Pavlíček\Documents\cc_20140706_205942.reg
[2014.07.05 09:57:44 | 000,001,966 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014.02.28 23:47:25 | 000,001,120 | ---- | C] () -- C:\Users\Marcelka a Pavlíček\AppData\Local\MRDownloader.nast
[2014.02.28 23:47:17 | 000,000,534 | ---- | C] () -- C:\Users\Marcelka a Pavlíček\AppData\Local\MRDownloader.err
[2013.05.21 15:30:15 | 000,000,059 | ---- | C] () -- C:\windows\wpd99.drv
[2013.05.21 15:30:13 | 000,040,448 | ---- | C] () -- C:\windows\SysWow64\pdf995mon64.dll
[2012.10.09 11:46:18 | 000,000,095 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2012.10.09 11:46:06 | 000,000,089 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.64.bc
[2012.07.11 15:25:40 | 000,015,872 | ---- | C] () -- C:\Users\Marcelka a Pavlíček\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.12.13 00:15:53 | 000,007,603 | ---- | C] () -- C:\Users\Marcelka a Pavlíček\AppData\Local\Resmon.ResmonCfg
[2011.11.27 00:41:19 | 000,024,143 | ---- | C] () -- C:\Users\Marcelka a Pavlíček\AppData\Local\SRDownloader.err
[2011.11.26 23:47:25 | 000,001,160 | ---- | C] () -- C:\Users\Marcelka a Pavlíček\AppData\Local\SRDownloader.nast
========== ZeroAccess Check ==========
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014.03.25 04:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014.03.25 04:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
Re: Prosím o kontrolu - velké vytížený procesoru.
========== LOP Check ==========
[2014.08.03 00:30:24 | 000,000,000 | ---D | M] -- C:\Users\Marca a Pavka\AppData\Roaming\AVAST Software
[2014.01.20 00:18:44 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\602Installer
[2014.01.19 23:16:32 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\602XML
[2012.04.22 20:32:54 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Ancestry
[2011.12.04 21:26:08 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Ashampoo
[2013.10.23 10:03:39 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\AVAST Software
[2014.03.05 22:38:29 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\AVG
[2013.09.23 21:51:40 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Canneverbe Limited
[2014.01.11 01:37:38 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Day 1 Studios
[2013.08.11 22:56:27 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\FTWeak
[2012.11.14 22:54:51 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\GHISLER
[2014.04.07 21:41:15 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\gtk-2.0
[2013.07.07 14:01:56 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\IrfanView
[2013.08.05 00:15:02 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\IsolatedStorage
[2013.12.10 22:07:54 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Kingston
[2014.03.18 23:19:53 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\LSC
[2012.08.03 15:16:52 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\MOBILedit
[2013.03.28 17:37:31 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\MyHeritage
[2012.07.11 14:07:56 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Nokia
[2012.07.11 14:07:56 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Nokia Suite
[2013.11.05 00:09:15 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Opera
[2013.10.10 21:27:07 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Opera Software
[2014.04.21 19:50:52 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Oracle
[2012.07.11 16:55:10 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\PC Suite
[2013.05.22 21:56:49 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\PDF Architect
[2014.02.14 23:40:14 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\pdf995
[2013.08.05 00:00:57 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\RecoveryFix for BKF - Evaluation version
[2013.03.28 23:25:55 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\SoftGrid Client
[2014.01.17 21:10:57 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Software602
[2012.07.26 23:36:07 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Sony
[2011.12.07 22:43:59 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\TeamViewer
[2013.03.27 17:00:49 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\The Complete Genealogy Reporter - FTB
[2011.11.23 23:15:16 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\TP
[2012.03.04 18:44:22 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Trillian
[2013.04.06 23:07:50 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\VitySoft
[2011.12.04 00:50:48 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\WinZip
[2011.12.04 21:21:34 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\YouTube HD Transfer
[2014.02.13 02:51:29 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\ZJMedia
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,032,624 | ---- | C] () -- C:\windows\Tasks\SCHEDLGU.TXT
[2012.10.21 13:35:27 | 000,000,914 | ---- | C] () -- C:\windows\Tasks\Adobe Flash Player Updater.job
< >
< MD5 for: AGP440.SYS >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2010.11.21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\windows\SysNative\autochk.exe
[2010.11.21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010.11.21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Users\Marcelka a Pavlíček\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20120610T202434237396\gencdrom\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Users\Marcelka a Pavlíček\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20120610T211014632859\gencdrom\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Users\Marcelka a Pavlíček\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20120610T214720459337\gencdrom\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Users\Marcelka a Pavlíček\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20120610T215548859105\gencdrom\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\windows\SysNative\drivers\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
< MD5 for: CRYPTSVC.DLL >
[2012.06.02 06:52:32 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=063DD65889D21035311463337BD268E7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_788c7cc71232cc19\cryptsvc.dll
[2012.04.24 06:36:42 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=06E771AA596B8761107AB57E99F128D7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_77ff39f3f916c65f\cryptsvc.dll
[2010.11.21 05:24:16 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2012.04.24 06:28:22 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=21993009E0CCB9B4FA195F14D3408626 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_7854c7b7125b248c\cryptsvc.dll
[2013.05.10 06:49:59 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=33ADF6E0853AB39EA1723BE82842C1D3 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_77d7a417f9359661\cryptsvc.dll
[2013.05.13 06:45:55 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=3897DFF247D9ED0006190349DE264E14 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_77d8a461f934afb8\cryptsvc.dll
[2013.07.09 16:47:30 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=434CCE8E7150CD1324C5FAA088D1D061 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_d45f6e88cac8f85b\cryptsvc.dll
[2012.04.24 07:37:37 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=4F5414602E2544A4554D95517948B705 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_d41dd577b1743795\cryptsvc.dll
[2013.10.05 04:25:30 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=509D31797A4B8A3D6ED78A330B19A919 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22473_none_d46d4138cabe2596\cryptsvc.dll
[2013.07.09 07:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=6B400F211BEE880A37A1ED0368776BF4 -- C:\windows\SysNative\cryptsvc.dll
[2013.07.09 07:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=6B400F211BEE880A37A1ED0368776BF4 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_d431528fb165f7bc\cryptsvc.dll
[2013.07.09 15:57:37 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=6DB499DEFCC827317C5371164A7CDB27 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_7840d305126b8725\cryptsvc.dll
[2013.07.09 06:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\SysWOW64\cryptsvc.dll
[2013.07.09 06:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_7812b70bf9088686\cryptsvc.dll
[2012.06.04 09:52:35 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=7E7D2DACF65D750D466F36BD3D09AE20 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_d4ab184aca903d4f\cryptsvc.dll
[2013.05.10 07:49:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=7FDC4626B01106A8EF328C88C7C0DEE3 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_d3f63f9bb1930797\cryptsvc.dll
[2013.05.11 07:18:23 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=8122252F0A4ACFA92FA0C1D50D18493B -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_d4a24ea4ca968363\cryptsvc.dll
[2012.06.02 06:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=96C0E38905CFD788313BE8E11DAE3F2F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_77ddc9e5f93000db\cryptsvc.dll
[2012.06.02 07:41:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=9C01375BE382E834CC26D1B7EAF2C4FE -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_d3fc6569b18d7211\cryptsvc.dll
[2010.11.21 05:24:32 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
[2013.05.11 06:59:05 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=AC04D05309BB2C418D0D80B9FB014642 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_7883b3211239122d\cryptsvc.dll
[2012.04.24 07:22:32 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=B7337E9C9E5936355BB700AA33E0936E -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_d473633acab895c2\cryptsvc.dll
[2013.05.10 07:18:53 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=CA13C4F92BEE66DB48E58AB3223DDF6E -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_d4a14e5aca976a0c\cryptsvc.dll
[2013.05.13 07:51:01 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=D8129C49798CBBFB2E4351D4B7B8EF9C -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_d3f73fe5b19220ee\cryptsvc.dll
[2013.05.10 07:06:21 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=E122AA1C9A3CC46FF9DDDE46E5EB0C58 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_7882b2d71239f8d6\cryptsvc.dll
[2013.10.05 03:52:03 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=F2D9242C3BBD1C36467FCAE1AE01733F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22473_none_784ea5b51260b460\cryptsvc.dll
< MD5 for: EXPLORER.EXE >
[2011.10.08 00:31:15 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011.10.08 00:31:15 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.10.08 00:31:15 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.10.08 00:31:15 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.10.08 00:31:15 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.10.08 00:31:15 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
< MD5 for: HAL.DLL >
[2010.11.21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\windows\SysNative\hal.dll
[2010.11.21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll
< MD5 for: IASTOR.SYS >
[2011.02.18 10:11:54 | 000,439,320 | ---- | M] (Intel Corporation) MD5=53CC5BF8B5A219119953C7ABB19A7705 -- C:\Users\Marcelka a Pavlíček\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20120610T202434237396\pci\ven_8086&dev_1c03&cc_0106\iaStor.sys
[2011.02.18 10:11:54 | 000,439,320 | ---- | M] (Intel Corporation) MD5=53CC5BF8B5A219119953C7ABB19A7705 -- C:\Users\Marcelka a Pavlíček\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20120610T211014632859\pci\ven_8086&dev_1c03&cc_0106\iaStor.sys
[2011.02.18 10:11:54 | 000,439,320 | ---- | M] (Intel Corporation) MD5=53CC5BF8B5A219119953C7ABB19A7705 -- C:\Users\Marcelka a Pavlíček\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20120610T214720459337\pci\ven_8086&dev_1c03&cc_0106\iaStor.sys
[2011.02.18 10:11:54 | 000,439,320 | ---- | M] (Intel Corporation) MD5=53CC5BF8B5A219119953C7ABB19A7705 -- C:\Users\Marcelka a Pavlíček\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20120610T215548859105\pci\ven_8086&dev_1c03&cc_0106\iaStor.sys
[2011.02.18 10:11:54 | 000,439,320 | ---- | M] (Intel Corporation) MD5=53CC5BF8B5A219119953C7ABB19A7705 -- C:\windows\SysNative\drivers\iaStor.sys
[2011.02.18 10:11:54 | 000,439,320 | ---- | M] (Intel Corporation) MD5=53CC5BF8B5A219119953C7ABB19A7705 -- C:\windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_52b32c0ad3e84c62\iaStor.sys
< MD5 for: IASTORV.SYS >
[2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.10.08 00:33:31 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.10.08 00:33:31 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\windows\SysNative\drivers\iaStorV.sys
[2011.10.08 00:33:31 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.10.08 00:33:31 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
< MD5 for: ISAPNP.SYS >
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\windows\SysNative\drivers\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\isapnp.sys
< MD5 for: LSASS.EXE >
[2014.05.30 10:00:12 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=04F6C08B30C599D301CE8530A6F6A703 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22705_none_0505e8508c7f766f\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe
[2011.11.17 08:20:34 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0A10B74FBB437FF9A23F1D5DE4446A83 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_04c1204e8cb39c3f\lsass.exe
[2014.04.12 04:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=204F3F58212B3E422C90BD9691A2DF28 -- C:\windows\SysNative\lsass.exe
[2014.04.12 04:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=204F3F58212B3E422C90BD9691A2DF28 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18443_none_044f07757384196d\lsass.exe
[2014.04.12 04:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=204F3F58212B3E422C90BD9691A2DF28 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18496_none_041bf8b773a9f127\lsass.exe
[2013.09.25 03:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=4D71227301DD8D09097B9E4CC6527E5A -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18270_none_042b9307739f26ed\lsass.exe
[2014.04.12 04:31:33 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=6598EBC4D209318EBD81F76833ECBEDB -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22653_none_04cdd63a8ca9d24f\lsass.exe
[2014.04.12 04:31:33 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=6598EBC4D209318EBD81F76833ECBEDB -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22712_none_04f817868c8a465b\lsass.exe
[2012.08.24 19:43:36 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=77119F1F9B492B260030C34F9BE327FA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22099_none_04a88ce28cc4eb33\lsass.exe
[2012.06.04 09:51:10 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=79C908CAA6F43021EB05F4C733A927D1 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_04f609a88c8c279c\lsass.exe
[2011.11.17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_0466c45b7371f20d\lsass.exe
[2011.11.17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_044756c773895c5e\lsass.exe
[2011.11.17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17940_none_044c26dd7386a58a\lsass.exe
[2013.09.25 03:08:17 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=F021DAFB1F87616FCEBA159C2ED7042F -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22465_none_04c503168cb026a0\lsass.exe
[2014.05.30 10:07:57 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=F23812F9F7B130854E4BC0389F7C688C -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18489_none_0429c981739f213b\lsass.exe
< MD5 for: NDIS.SYS >
[2012.08.22 20:06:07 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=5E74508FCB5820B29EEAFE24E6035BCF -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_06232d534c0a8d67\ndis.sys
[2012.08.22 20:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\windows\SysNative\drivers\ndis.sys
[2012.08.22 20:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_05dc9a6832ba428a\ndis.sys
[2010.11.21 05:23:55 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys
< MD5 for: NETLOGON.DLL >
[2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\windows\SysNative\netlogon.dll
[2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
< MD5 for: NVRAID.SYS >
[2011.10.08 00:33:31 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\windows\SysNative\drivers\nvraid.sys
[2011.10.08 00:33:31 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvraid.sys
[2011.10.08 00:33:31 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvraid.sys
[2010.11.21 05:23:47 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvraid.sys
[2010.11.21 05:23:47 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvraid.sys
[2011.10.08 00:33:31 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=666CA16F17914C1CD3616CF16DE0A6EA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvraid.sys
< MD5 for: NVSTOR.SYS >
[2011.10.08 00:33:31 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.10.08 00:33:31 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\windows\SysNative\drivers\nvstor.sys
[2011.10.08 00:33:31 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.10.08 00:33:31 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
< MD5 for: SCECLI.DLL >
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\windows\SysNative\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: SMSS.EXE >
[2009.07.14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe
[2014.04.12 04:31:44 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=3442A918386D4716D74C661543151746 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22653_none_0abdf375491039d3\smss.exe
[2013.03.19 04:57:17 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=498E2A20E145199709CD100CDBA8603D -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22280_none_0a9a7b3b492b4d05\smss.exe
[2013.08.29 03:04:30 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=B2B31D4C79EFD883097FA24D02E79C12 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22436_none_0ad6905f48fd53a8\smss.exe
[2013.08.02 07:06:34 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=CB5DA3E44456D1084BCD87F5B1B3152B -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22411_none_0ae72ec548f19d13\smss.exe
[2013.07.08 04:50:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=E65601CF4BC0CF3718AFBE56A9AD846F -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22379_none_0aae4fa7491b124a\smss.exe
[2013.03.19 05:06:33 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0371DE302FFFF8F086661611BE60848 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18113_none_0a5f8ec22fd235a9\smss.exe
[2013.08.02 02:59:09 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0970A4BC8395659C22BF53D0FADF16F -- C:\windows\SysNative\smss.exe
[2013.08.02 02:59:09 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0970A4BC8395659C22BF53D0FADF16F -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18229_none_0a5ac2782fd4e6cb\smss.exe
< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: TCPIP.SYS >
[2014.04.05 04:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\windows\SysNative\drivers\tcpip.sys
[2014.04.05 04:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18438_none_113260637d1284ef\tcpip.sys
[2012.10.03 19:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2011.09.29 19:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2013.05.08 08:14:42 | 001,900,392 | ---- | M] (Microsoft Corporation) MD5=3E94650745D4DAB67E161F5F32CEA597 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22319_none_11d29984961f0be0\tcpip.sys
[2013.09.08 04:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_1118bb977d265d27\tcpip.sys
[2014.04.05 04:37:43 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=4F80944B03112F486212DC20BE166079 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22648_none_11b12f2896383dd1\tcpip.sys
[2010.11.21 05:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2013.09.07 04:27:48 | 001,896,896 | ---- | M] (Microsoft Corporation) MD5=75F9106B74585D38C8FF6BB5CAD262D7 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_11ad2a34963bde27\tcpip.sys
[2012.08.22 20:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2012.03.30 12:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2011.10.08 00:29:25 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2013.05.08 08:39:01 | 001,910,632 | ---- | M] (Microsoft Corporation) MD5=9849EA3843A2ADBDD1497E97A85D8CAE -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18148_none_11278ac57d1aa96b\tcpip.sys
[2012.03.30 13:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2013.07.06 07:20:38 | 001,900,992 | ---- | M] (Microsoft Corporation) MD5=B27F13153343BC37A27EAE01634D94E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_1190b9b296509a2f\tcpip.sys
[2013.01.03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2011.10.08 00:29:25 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2013.01.04 07:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys
[2011.10.08 00:31:27 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=CB6A53EF141CC3DA32DA54F7E75D301B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21687_none_118505f696597a9d\tcpip.sys
[2012.10.03 19:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2013.07.06 08:03:53 | 001,910,208 | ---- | M] (Microsoft Corporation) MD5=DB74544B75566C974815E79A62433F29 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_114dcae97cfeb81b\tcpip.sys
[2011.10.08 00:31:27 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=DC08410DB2D0CC542DACAC7A90E6CB7A -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17582_none_10f667b97d405c20\tcpip.sys
[2013.11.26 13:34:34 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=F55B41AA6114568AC558ADBABDA85620 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22525_none_11c3cc3c962abcc3\tcpip.sys
[2012.08.22 20:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys
[2011.09.29 18:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\windows\SysNative\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2014.03.04 13:08:14 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=6CE2AE073BD21C542FC2C707CAE944CC -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce748d1d04acf24f\winlogon.exe
[2014.03.04 11:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\windows\SysNative\winlogon.exe
[2014.03.04 11:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8bf35eb848572\winlogon.exe
< MD5 for: WS2_32.DLL >
[2010.11.21 05:24:28 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\windows\SysNative\ws2_32.dll
[2010.11.21 05:24:28 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[2010.11.21 05:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SysWOW64\ws2_32.dll
[2010.11.21 05:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
< >
< %systemroot%*.* /U /s >
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[2 C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[1 C:\windows\Installer\*.tmp files -> C:\windows\Installer\*.tmp -> ]
[90 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ]
[90 C:\windows\SysWOW64\*.tmp files -> C:\windows\SysWOW64\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2014.01.20 00:18:44 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\602Installer
[2014.01.19 23:16:32 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\602XML
[2014.06.21 15:07:51 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Adobe
[2012.04.22 20:32:54 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Ancestry
[2011.12.04 21:26:08 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Ashampoo
[2011.11.22 21:56:19 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\ATI
[2013.10.23 10:03:39 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\AVAST Software
[2014.03.05 22:38:29 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\AVG
[2013.09.23 21:51:40 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Canneverbe Limited
[2011.11.22 22:29:42 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\CyberLink
[2014.01.11 01:37:38 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Day 1 Studios
[2014.07.06 21:05:15 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\dvdcss
[2013.08.11 22:56:27 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\FTWeak
[2012.11.14 22:54:51 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\GHISLER
[2014.05.29 22:51:10 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Google
[2014.04.07 21:41:15 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\gtk-2.0
[2011.11.22 21:55:16 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Identities
[2012.02.06 21:51:41 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\InstallShield
[2011.11.22 21:56:26 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Intel Corporation
[2013.07.07 14:01:56 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\IrfanView
[2013.08.05 00:15:02 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\IsolatedStorage
[2013.12.10 22:07:54 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Kingston
[2014.03.18 23:19:53 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\LSC
[2011.11.22 22:12:23 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Macromedia
[2011.02.22 13:42:06 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Media Center Programs
[2013.08.18 10:48:26 | 000,000,000 | --SD | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Microsoft
[2012.08.03 15:16:52 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\MOBILedit
[2013.01.01 14:30:46 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Mozilla
[2013.03.28 17:37:31 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\MyHeritage
[2012.07.11 14:07:56 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Nokia
[2012.07.11 14:07:56 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Nokia Suite
[2013.11.05 00:09:15 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Opera
[2013.10.10 21:27:07 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Opera Software
[2014.04.21 19:50:52 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Oracle
[2012.07.11 16:55:10 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\PC Suite
[2013.05.22 21:56:49 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\PDF Architect
[2014.02.14 23:40:14 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\pdf995
[2013.08.05 00:00:57 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\RecoveryFix for BKF - Evaluation version
[2014.08.03 10:08:27 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Skype
[2013.03.28 23:25:55 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\SoftGrid Client
[2014.01.17 21:10:57 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Software602
[2012.07.26 23:36:07 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Sony
[2011.12.07 22:43:59 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\TeamViewer
[2013.03.27 17:00:49 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\The Complete Genealogy Reporter - FTB
[2011.11.23 23:15:16 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\TP
[2012.03.04 18:44:22 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Trillian
[2013.04.06 23:07:50 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\VitySoft
[2014.07.29 09:31:46 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\vlc
[2011.12.10 21:02:55 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\WinRAR
[2011.12.04 00:50:48 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\WinZip
[2011.12.04 21:21:34 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\YouTube HD Transfer
[2014.02.13 02:51:29 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\ZJMedia
< %APPDATA%\*.exe /s >
[2008.09.19 02:19:30 | 000,937,465 | ---- | M] ( ) -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Kingston\SecureTraveler.exe
[2008.09.18 16:32:22 | 001,839,104 | -H-- | M] () -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Kingston\SecureTravelerA.exe
[2008.09.19 02:05:36 | 003,231,744 | -H-- | M] () -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Kingston\SecureTravelerB.exe
[2008.07.18 14:31:28 | 000,143,360 | ---- | M] (Kingston) -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Kingston\SecureTravelerDaemon.exe
[2008.09.18 16:32:22 | 001,839,104 | -H-- | M] () -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Kingston\tmp\SecureTravelerA.exe
[2008.09.19 02:05:36 | 003,231,744 | -H-- | M] () -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Kingston\tmp\SecureTravelerB.exe
[2008.07.18 14:31:28 | 000,143,360 | ---- | M] (Kingston) -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Kingston\tmp\SecureTravelerDaemon.exe
[2014.01.17 18:41:51 | 000,054,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[90 C:\windows\system32\*.tmp files -> C:\windows\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
[90 C:\windows\system32\*.tmp files -> C:\windows\system32\*.tmp -> ]
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2014.08.03 08:58:52 | 000,000,018 | ---- | M] () -- C:\windows\system32\log.txt
[90 C:\windows\system32\*.tmp files -> C:\windows\system32\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"" =
"Skype" = "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun -- [2014.05.08 09:51:52 | 021,444,224 | R--- | M] (Skype Technologies S.A.)
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
No captured output from command...
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
No captured output from command...
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
No captured output from command...
< >
< type c:\boot.ini >> test.txt /c >
No captured output from command...
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014.08.03 09:38:14 | 000,000,512 | ---- | M] () MD5=8A4A4528702D7B0F42ACF8A1CC727F2A -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2010.07.04 20:46:05 | 000,000,146 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\ConcreteCrack2.vmt
[2010.07.04 20:46:06 | 000,174,944 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\ConcreteCrack2.vtf
[2010.07.04 20:46:06 | 000,000,146 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\ConcreteCrack3.vmt
[2010.07.04 20:46:06 | 000,087,616 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\ConcreteCrack3.vtf
[2010.07.04 20:46:05 | 000,000,153 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete_Large_Crack1.vmt
[2010.07.04 20:46:05 | 000,699,232 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete_Large_Crack1.vtf
[2010.07.04 20:46:05 | 000,000,153 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete_Large_Crack2.vmt
[2010.07.04 20:46:05 | 000,349,760 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete_Large_Crack2.vtf
[2010.07.04 20:46:05 | 000,000,153 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete_Large_Crack3.vmt
[2010.07.04 20:46:06 | 000,349,760 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete_Large_Crack3.vtf
[2010.07.04 20:46:05 | 000,000,153 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete_Large_Crack4.vmt
[2010.07.04 20:46:06 | 000,349,760 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete_Large_Crack4.vtf
[2010.07.04 20:46:06 | 000,000,153 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete_Large_Crack5.vmt
[2010.07.04 20:46:06 | 000,349,760 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete_Large_Crack5.vtf
[2010.07.04 20:46:05 | 000,000,143 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Floorcrack2.vmt
[2010.07.04 20:46:06 | 000,087,616 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Floorcrack2.vtf
[2010.07.04 20:43:24 | 000,000,151 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete\crack_01.vmt
[2010.07.04 20:43:24 | 000,087,588 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete\crack_01.vtf
[2010.07.04 20:43:24 | 000,000,151 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete\crack_03.vmt
[2010.07.04 20:43:24 | 001,398,308 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete\crack_03.vtf
[2010.07.04 20:43:24 | 000,000,150 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete\crack_04.vmt
[2010.07.04 20:43:24 | 000,087,532 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete\crack_04.vtf
[2010.07.04 20:43:24 | 000,000,151 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete\crack_05.vmt
[2010.07.04 20:43:24 | 000,174,908 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete\crack_05.vtf
[2010.07.04 21:50:42 | 000,150,012 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\models\props_powerup\cinephys_wallcrack.dx80.vtx
[2010.07.04 21:50:42 | 000,149,958 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\models\props_powerup\cinephys_wallcrack.dx90.vtx
[2010.07.04 21:50:42 | 000,109,264 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\models\props_powerup\cinephys_wallcrack.mdl
[2010.07.04 21:50:42 | 000,149,443 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\models\props_powerup\cinephys_wallcrack.sw.vtx
[2010.07.04 21:50:42 | 000,658,880 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\models\props_powerup\cinephys_wallcrack.vvd
[2010.07.04 23:09:58 | 001,129,094 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\sound\BMS_scripted\app\wood_crack.wav
[2014.07.26 20:09:53 | 000,005,592 | ---- | M] () -- \Users\Marcelka a Pavlíček\AppData\Roaming\VitySoft\FRD\plugins\crackle.frp
< *keygen* /s >
< *AntiWPA* /s >
< *loader* /s >
[2012.09.25 05:39:16 | 000,112,128 | ---- | M] () -- \Program Files (x86)\Common Files\Nokia\Tss\ProductApiLoader\ta_productapiloader.dll
[2011.05.25 02:47:36 | 000,820,851 | ---- | M] () -- \Program Files (x86)\Gnumeric\1.10.16\bin\gdk-pixbuf-query-loaders.exe
[2011.05.25 02:47:40 | 000,004,793 | ---- | M] () -- \Program Files (x86)\Gnumeric\1.10.16\etc\gtk-2.0\gdk-pixbuf.loaders
[2011.05.25 02:47:36 | 001,017,420 | ---- | M] () -- \Program Files (x86)\Gnumeric\1.10.16\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ani.dll
[2011.05.25 02:47:38 | 001,030,550 | ---- | M] () -- \Program Files (x86)\Gnumeric\1.10.16\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-gdip-bmp.dll
[2011.05.25 02:47:38 | 001,029,924 | ---- | M] () -- \Program Files (x86)\Gnumeric\1.10.16\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-gdip-emf.dll
[2011.05.25 02:47:38 | 001,030,550 | ---- | M] () -- \Program Files (x86)\Gnumeric\1.10.16\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-gdip-gif.dll
[2011.05.25 02:47:38 | 001,029,924 | ---- | M] () -- \Program Files (x86)\Gnumeric\1.10.16\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-gdip-ico.dll
[2011.05.25 02:47:38 | 001,030,762 | ---- | M] () -- \Program Files (x86)\Gnumeric\1.10.16\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-gdip-jpeg.dll
[2011.05.25 02:47:38 | 001,030,552 | ---- | M] () -- \Program Files (x86)\Gnumeric\1.10.16\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-gdip-tiff.dll
[2011.05.25 02:47:38 | 001,029,924 | ---- | M] () -- \Program Files (x86)\Gnumeric\1.10.16\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-gdip-wmf.dll
[2011.05.25 02:47:36 | 001,010,388 | ---- | M] () -- \Program Files (x86)\Gnumeric\1.10.16\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-icns.dll
[2011.05.25 02:47:38 | 001,010,646 | ---- | M] () -- \Program Files (x86)\Gnumeric\1.10.16\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pcx.dll
[2011.05.25 02:47:36 | 001,026,305 | ---- | M] () -- \Program Files (x86)\Gnumeric\1.10.16\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-png.dll
[2011.05.25 02:47:36 | 001,013,342 | ---- | M] () -- \Program Files (x86)\Gnumeric\1.10.16\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pnm.dll
[2011.05.25 02:47:38 | 001,010,326 | ---- | M] () -- \Program Files (x86)\Gnumeric\1.10.16\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-qtif.dll
[2011.05.25 02:47:36 | 001,007,671 | ---- | M] () -- \Program Files (x86)\Gnumeric\1.10.16\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ras.dll
[2011.05.25 02:47:36 | 001,012,663 | ---- | M] () -- \Program Files (x86)\Gnumeric\1.10.16\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tga.dll
[2011.05.25 02:47:36 | 001,007,212 | ---- | M] () -- \Program Files (x86)\Gnumeric\1.10.16\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-wbmp.dll
[2011.05.25 02:47:36 | 001,012,659 | ---- | M] () -- \Program Files (x86)\Gnumeric\1.10.16\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xbm.dll
[2011.05.25 02:47:36 | 001,030,716 | ---- | M] () -- \Program Files (x86)\Gnumeric\1.10.16\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xpm.dll
[2014.01.10 15:15:26 | 000,067,843 | ---- | M] () -- \Program Files (x86)\Kingo Android ROOT\files\unlock-bootloader.png
[2011.01.29 01:30:38 | 000,056,416 | ---- | M] () -- \Program Files (x86)\Lenovo\YouCam\Koan\pyloader.dll
[2011.01.29 01:29:20 | 000,015,969 | ---- | M] () -- \Program Files (x86)\Lenovo\YouCam\subsys\Uploader\PyUploader.kc
[2011.01.29 01:29:20 | 000,179,296 | ---- | M] () -- \Program Files (x86)\Lenovo\YouCam\subsys\Uploader\_PyUploader.pyd
[2011.01.29 01:29:20 | 002,475,304 | ---- | M] () -- \Program Files (x86)\Lenovo\YouCam\subsys\YouCam\CES_3DLoaderFBX.dll
[2011.09.09 20:18:39 | 018,632,952 | ---- | M] () -- \Program Files (x86)\Sony Media Go Install\PSNDownloaderSetup.exe
[2012.02.06 18:45:23 | 000,000,726 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\models\props_vehicles\loader_body.vmt
[2010.07.04 21:09:08 | 000,699,272 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\models\props_vehicles\loader_body.vtf
[2010.07.04 21:09:08 | 001,398,336 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\models\props_vehicles\loader_body_normal.vtf
[2012.02.06 18:45:23 | 000,000,724 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\models\props_vehicles\loader_leg.vmt
[2010.07.04 21:09:08 | 000,699,272 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\models\props_vehicles\loader_leg.vtf
[2010.07.04 21:09:08 | 001,398,336 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\models\props_vehicles\loader_leg_normal.vtf
[2010.07.04 21:51:41 | 000,178,888 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\models\props_vehicles\loader.dx80.vtx
[2010.07.04 21:51:41 | 000,178,861 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\models\props_vehicles\loader.dx90.vtx
[2010.07.04 21:51:41 | 000,012,873 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\models\props_vehicles\loader.jpg
[2010.07.04 21:51:41 | 000,349,716 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\models\props_vehicles\loader.mdl
[2010.07.04 21:51:41 | 000,269,969 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\models\props_vehicles\loader.phy
[2010.07.04 21:51:41 | 000,178,517 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\models\props_vehicles\loader.sw.vtx
[2010.07.04 21:51:41 | 000,797,056 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\models\props_vehicles\loader.vvd
[2012.04.29 09:40:30 | 001,744,896 | ---- | M] () -- \Program Files (x86)\TapinRadio\TapinRadioDownloader.exe
[2013.09.25 10:35:26 | 000,401,920 | ---- | M] () -- \Program Files (x86)\Teta\Fotosvet TETA 3\CWImageLoader0.dll
[2014.07.05 09:57:21 | 000,071,968 | ---- | M] () -- \Program Files\AVAST Software\Avast\aswWrcIELoader32.exe
[2014.07.05 09:57:21 | 000,085,376 | ---- | M] () -- \Program Files\AVAST Software\Avast\aswWrcIELoader64.exe
[2013.12.01 15:09:05 | 000,061,528 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2014.03.18 20:31:19 | 000,000,534 | ---- | M] () -- \Users\Marcelka a Pavlíček\AppData\Local\MRDownloader.err
[2014.08.02 22:29:26 | 000,001,120 | ---- | M] () -- \Users\Marcelka a Pavlíček\AppData\Local\MRDownloader.nast
[2014.02.28 23:36:09 | 000,024,143 | ---- | M] () -- \Users\Marcelka a Pavlíček\AppData\Local\SRDownloader.err
[2014.02.28 23:36:11 | 000,001,160 | ---- | M] () -- \Users\Marcelka a Pavlíček\AppData\Local\SRDownloader.nast
[2014.07.15 10:44:05 | 000,017,912 | ---- | M] () -- \Users\Marcelka a Pavlíček\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MD8PRSTX\AdLoader-3b8e790904fffcf74f96367cd382e261.min[1].js
[2014.07.15 10:44:05 | 000,001,980 | ---- | M] () -- \Users\Marcelka a Pavlíček\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MD8PRSTX\AdLoader[1].htm
[2014.02.18 18:46:42 | 000,072,638 | ---- | M] () -- \Users\Marcelka a Pavlíček\AppData\Local\Skype\Apps\login\images\loader.gif
[2014.02.18 18:46:42 | 000,003,032 | ---- | M] () -- \Users\Marcelka a Pavlíček\AppData\Local\Skype\Apps\login\images\loader.png
[2014.02.18 18:46:42 | 000,006,012 | ---- | M] () -- \Users\Marcelka a Pavlíček\AppData\Local\Skype\Apps\login\images\normal\loader_15fps.gif
[2014.02.18 18:46:42 | 000,021,956 | ---- | M] () -- \Users\Marcelka a Pavlíček\AppData\Local\Skype\Apps\login\images\normal\loader_30fps.gif
[2014.02.18 18:46:42 | 000,009,772 | ---- | M] () -- \Users\Marcelka a Pavlíček\AppData\Local\Skype\Apps\login\images\retina\loader@2x.png
[2014.07.26 20:04:30 | 000,002,193 | ---- | M] () -- \Users\Marcelka a Pavlíček\AppData\Local\Temp\163b3d4a\images\loader.gif
[2014.07.27 14:38:30 | 000,000,817 | ---- | M] () -- \Users\Marcelka a Pavlíček\AppData\Roaming\Microsoft\Windows\Recent\Windows Loader v2.2.2 by Daz.lnk
[2014.07.27 14:37:18 | 000,000,694 | ---- | M] () -- \Users\Marcelka a Pavlíček\AppData\Roaming\Microsoft\Windows\Recent\Windows-Loader-v2.2.2-by-Daz.lnk
[2014.07.31 21:23:03 | 000,000,585 | ---- | M] () -- \Users\Marcelka a Pavlíček\AppData\Roaming\Microsoft\Windows\Recent\Windows.7.Loader.v2.1-DAZ (2).lnk
[2014.07.31 21:23:03 | 000,000,933 | ---- | M] () -- \Users\Marcelka a Pavlíček\AppData\Roaming\Microsoft\Windows\Recent\Windows.7.Loader.v2.1-DAZ.lnk
[2014.07.31 21:18:46 | 000,003,810 | ---- | M] () -- \Users\Marcelka a Pavlíček\AppData\Roaming\Microsoft\Windows\Recent\Windows.7.Loader.v2.2.1-Daz.lnk
[2014.03.10 13:23:02 | 000,001,288 | ---- | M] () -- \Users\Marcelka a Pavlíček\Desktop\MRDownloader – zástupce.lnk
[2014.04.03 23:12:50 | 000,911,360 | ---- | M] () -- \Users\Marcelka a Pavlíček\Downloads\MRDownloader.exe
[2014.08.02 23:12:01 | 000,014,978 | ---- | M] () -- \Windows\Prefetch\ASWWRCIELOADER32.EXE-BB2E4DE4.pf
[2014.08.02 23:12:01 | 000,015,630 | ---- | M] () -- \Windows\Prefetch\ASWWRCIELOADER64.EXE-123116A5.pf
[2014.08.02 21:43:45 | 000,039,266 | ---- | M] () -- \Windows\Prefetch\MRDOWNLOADER.EXE-45630A6C.pf
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[90 \Windows\System32\*.tmp files -> \Windows\System32\*.tmp -> ]
[2012.10.04 14:42:04 | 000,012,532 | ---- | M] () -- \Windows\System32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2012.10.18 21:17:20 | 000,009,622 | R--- | M] () -- \Windows\System32\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[90 \Windows\SysWOW64\*.tmp files -> \Windows\SysWOW64\*.tmp -> ]
[2012.10.04 14:42:04 | 000,012,532 | ---- | M] () -- \Windows\SysWOW64\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2012.10.18 21:17:20 | 000,009,622 | R--- | M] () -- \Windows\SysWOW64\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 20:38:32 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_68c05c919281774d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:38:48 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 04:12:19 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_68d20a7192733a4d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 20:09:47 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_6907efc6abd0db81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 07:32:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.08 07:11:20 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22379_none_692597a0abb965cc\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 08:20:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_695e76beab8ff095\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.29 04:18:31 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_694dd858ab9ba72a\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.04 13:03:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_69637bfcab8b6996\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.12 04:28:21 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_69353b6eabae8d55\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.10.08 00:17:26 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2011.10.08 00:17:26 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2011.10.08 00:17:26 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2011.10.08 00:17:26 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2011.10.08 00:17:26 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2011.10.08 00:29:39 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.10.08 00:29:39 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2011.10.08 00:29:39 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2011.10.08 00:29:39 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2011.10.08 00:29:39 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2011.10.08 00:13:50 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2010.11.21 05:16:35 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.10.08 00:29:37 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.10.08 00:29:37 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:32:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.08 06:59:24 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22379_none_0d06fc1cf35bf496\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 07:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.29 03:54:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_0d2f3cd4f33e35f4\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.04 12:35:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_0d44e078f32df860\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.12 04:03:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_0d169feaf3511c1f\api-ms-win-core-libraryloader-l1-1-0.dll
< *minodlogin* /s >
< *tnod* /s >
< *AutoKMS* /s >
< *activator* /s >
< *serial* /s >
[2014.05.13 23:17:02 | 000,434,368 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.30514.0\System.Runtime.Serialization.dll
[2014.07.26 21:10:32 | 001,164,288 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.30514.0\System.Runtime.Serialization.ni.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2011.10.08 00:17:08 | 000,090,112 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2012.09.27 21:38:03 | 000,712,704 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\paolov5\source sdk base 2007\bin\dmserializers.dll
[2010.04.14 20:20:46 | 000,415,592 | ---- | M] () -- \Program Files (x86)\Windows Live\Mesh\System.Runtime.Serialization.dll
[2010.04.14 20:20:46 | 000,141,168 | ---- | M] () -- \Program Files (x86)\Windows Live\Mesh\System.Runtime.Serialization.Json.dll
[2010.04.14 20:20:46 | 000,321,376 | ---- | M] () -- \Program Files (x86)\Windows Live\Mesh\System.Xml.Serialization.dll
[2014.05.13 23:48:16 | 000,434,368 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.30514.0\System.Runtime.Serialization.dll
[2014.07.26 21:11:12 | 001,546,240 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.30514.0\System.Runtime.Serialization.ni.dll
[2012.10.05 12:52:37 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2011.10.08 00:17:08 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2014.07.27 20:38:37 | 000,000,976 | ---- | M] () -- \Users\Marcelka a Pavlíček\AppData\Roaming\Microsoft\Windows\Recent\serial.lnk
[2013.12.05 02:30:06 | 000,000,178 | ---- | M] () -- \Users\Marcelka a Pavlíček\Favorites\Serials.BE Sharing Resource for everyone - serials, serial numbers, serial keys.url
[2011.10.08 00:17:01 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.13 04:02:06 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2014.02.12 17:57:45 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\553e7bfc9cac5e4feaa83d8ee1e187bd\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.02.12 21:56:18 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\f177ea74036d5fdc6c6b9c967dc877cf\System.Runtime.Serialization.ni.dll
[2014.02.12 17:54:54 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\8653acb87b4a219a84e4ce58df35e62a\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.02.12 22:00:49 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\b73fbf8a2db2192752ad2b13744a393b\System.Runtime.Serialization.ni.dll
[2014.02.13 17:09:24 | 000,309,760 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\abb3fbf787b74b7d2513a8c409b5ef74\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.02.13 17:09:24 | 000,000,580 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\abb3fbf787b74b7d2513a8c409b5ef74\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2014.02.13 17:09:34 | 002,825,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f6d7bb59f318c130d68816a89335d05e\System.Runtime.Serialization.ni.dll
[2014.02.13 17:09:34 | 000,001,308 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f6d7bb59f318c130d68816a89335d05e\System.Runtime.Serialization.ni.dll.aux
[2014.02.14 09:38:09 | 000,026,624 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\94ce7a3b39b335283a0087f9964e9099\System.Xml.Serialization.ni.dll
[2014.02.14 09:38:09 | 000,000,376 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\94ce7a3b39b335283a0087f9964e9099\System.Xml.Serialization.ni.dll.aux
[2014.02.13 21:13:33 | 000,376,832 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\3b1e2119f9cdfbc454bf08eb1ed9f023\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.02.13 21:13:33 | 000,000,580 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\3b1e2119f9cdfbc454bf08eb1ed9f023\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2014.02.13 21:14:57 | 003,640,320 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\7e7ed14f2b9a7e3d94307462aa99f5b9\System.Runtime.Serialization.ni.dll
[2014.02.13 21:14:57 | 000,001,308 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\7e7ed14f2b9a7e3d94307462aa99f5b9\System.Runtime.Serialization.ni.dll.aux
[2014.02.13 21:17:19 | 000,028,672 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.84e525b7#\7c4a5c747f2dcdac0329022b43a7be6b\System.Xml.Serialization.ni.dll
[2014.02.13 21:17:19 | 000,000,376 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.84e525b7#\7c4a5c747f2dcdac0329022b43a7be6b\System.Xml.Serialization.ni.dll.aux
[2013.09.11 23:33:38 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.09.11 23:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.09.11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Json\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Json.dll
[2013.09.11 22:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Primitives\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Primitives.dll
[2013.09.11 23:33:38 | 000,113,864 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2013.09.11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Xml\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Xml.dll
[2013.09.11 23:33:38 | 001,052,320 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.09.11 22:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2013.09.11 22:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.XmlSerializer\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Xml.XmlSerializer.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2011.10.08 00:17:02 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.10.05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013.09.11 23:33:38 | 001,052,320 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2013.09.11 23:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2013.09.11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Json.dll
[2013.09.11 22:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2013.09.11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2013.09.11 22:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2013.09.11 22:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.XmlSerializer.dll
[2013.09.11 23:33:38 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.09.11 23:33:38 | 000,113,864 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.06.10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2011.10.08 00:17:00 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2012.10.05 12:52:38 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013.09.11 23:33:38 | 001,052,320 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2013.09.11 23:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2013.09.11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Json.dll
[2013.09.11 22:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2013.09.11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2013.09.11 22:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2013.09.11 22:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.XmlSerializer.dll
[2013.09.11 21:32:16 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.09.11 21:32:16 | 000,113,864 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[90 \Windows\System32\*.tmp files -> \Windows\System32\*.tmp -> ]
[2011.10.08 00:16:54 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009.06.10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[90 \Windows\SysWOW64\*.tmp files -> \Windows\SysWOW64\*.tmp -> ]
[2011.10.08 00:16:54 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\cs-CZ\serialui.dll.mui
[2011.10.08 00:17:00 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_1e527062c1f59d5f\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2011.10.08 00:17:02 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23\serialui.dll.mui
[2009.07.14 03:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2011.10.08 00:17:08 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_bb9a1800691e639c\System.RunTime.Serialization.Resources.dll
[2011.10.08 00:17:03 | 000,009,728 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_20ab142d65ed6acc\serial.sys.mui
[2009.07.14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009.06.10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2010.11.21 05:24:53 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722\System.Runtime.Serialization.dll
[2012.10.05 12:52:38 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b\System.Runtime.Serialization.dll
[2012.10.05 12:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53\System.Runtime.Serialization.dll
[2010.11.21 05:24:53 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb\System.Runtime.Serialization.dll
[2012.10.05 12:52:37 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4\System.Runtime.Serialization.dll
[2012.10.05 12:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec\System.Runtime.Serialization.dll
[2011.10.08 00:29:39 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011.10.08 00:29:39 | 000,017,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8_kdcom.dll_db5e7744
[2011.10.08 00:17:26 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23_serialui.dll.mui_7d29d2a3
[2009.07.14 04:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2011.10.08 00:17:26 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009.07.14 04:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009.07.14 04:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2011.10.08 00:29:37 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011.10.08 00:29:37 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009.07.14 04:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2010.11.21 05:17:50 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722.manifest
[2012.10.05 20:18:30 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b.manifest
[2012.10.05 20:10:31 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53.manifest
[2010.11.21 05:17:50 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb.manifest
[2012.10.05 20:19:07 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4.manifest
[2012.10.05 20:11:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec.manifest
[2010.11.21 05:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2012.10.05 19:15:39 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285.manifest
[2012.10.05 19:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d.manifest
[2011.10.08 00:15:41 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2012.10.05 22:12:17 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f.manifest
[2012.10.05 21:59:28 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797.manifest
[2010.11.21 05:17:50 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2012.10.05 19:15:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8.manifest
[2012.10.05 19:17:15 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0.manifest
[2010.11.21 05:18:20 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2012.10.05 19:19:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa.manifest
[2012.10.05 19:22:10 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2.manifest
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2011.10.08 00:17:01 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.21 05:24:53 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2012.10.05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285\System.Runtime.Serialization.dll
[2012.10.05 12:56:07 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d\System.Runtime.Serialization.dll
[2011.10.08 00:17:08 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2010.11.13 04:02:06 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f\System.RunTime.Serialization.Resources.dll
[2010.11.13 04:37:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797\System.RunTime.Serialization.Resources.dll
[2010.11.21 05:24:53 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8\System.Runtime.Serialization.dll
[2012.10.05 12:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0\System.Runtime.Serialization.dll
[2011.10.08 00:17:02 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_28a71ab4f6565f5a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2011.10.08 00:16:54 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2011.10.08 00:17:08 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2010.11.21 05:25:11 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa\System.Runtime.Serialization.dll
[2012.10.05 12:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2\System.Runtime.Serialization.dll
< *w7lxe* /s >
< End of report >
[2014.08.03 00:30:24 | 000,000,000 | ---D | M] -- C:\Users\Marca a Pavka\AppData\Roaming\AVAST Software
[2014.01.20 00:18:44 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\602Installer
[2014.01.19 23:16:32 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\602XML
[2012.04.22 20:32:54 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Ancestry
[2011.12.04 21:26:08 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Ashampoo
[2013.10.23 10:03:39 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\AVAST Software
[2014.03.05 22:38:29 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\AVG
[2013.09.23 21:51:40 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Canneverbe Limited
[2014.01.11 01:37:38 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Day 1 Studios
[2013.08.11 22:56:27 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\FTWeak
[2012.11.14 22:54:51 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\GHISLER
[2014.04.07 21:41:15 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\gtk-2.0
[2013.07.07 14:01:56 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\IrfanView
[2013.08.05 00:15:02 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\IsolatedStorage
[2013.12.10 22:07:54 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Kingston
[2014.03.18 23:19:53 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\LSC
[2012.08.03 15:16:52 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\MOBILedit
[2013.03.28 17:37:31 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\MyHeritage
[2012.07.11 14:07:56 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Nokia
[2012.07.11 14:07:56 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Nokia Suite
[2013.11.05 00:09:15 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Opera
[2013.10.10 21:27:07 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Opera Software
[2014.04.21 19:50:52 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Oracle
[2012.07.11 16:55:10 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\PC Suite
[2013.05.22 21:56:49 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\PDF Architect
[2014.02.14 23:40:14 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\pdf995
[2013.08.05 00:00:57 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\RecoveryFix for BKF - Evaluation version
[2013.03.28 23:25:55 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\SoftGrid Client
[2014.01.17 21:10:57 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Software602
[2012.07.26 23:36:07 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Sony
[2011.12.07 22:43:59 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\TeamViewer
[2013.03.27 17:00:49 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\The Complete Genealogy Reporter - FTB
[2011.11.23 23:15:16 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\TP
[2012.03.04 18:44:22 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Trillian
[2013.04.06 23:07:50 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\VitySoft
[2011.12.04 00:50:48 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\WinZip
[2011.12.04 21:21:34 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\YouTube HD Transfer
[2014.02.13 02:51:29 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\ZJMedia
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,032,624 | ---- | C] () -- C:\windows\Tasks\SCHEDLGU.TXT
[2012.10.21 13:35:27 | 000,000,914 | ---- | C] () -- C:\windows\Tasks\Adobe Flash Player Updater.job
< >
< MD5 for: AGP440.SYS >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2010.11.21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\windows\SysNative\autochk.exe
[2010.11.21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010.11.21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Users\Marcelka a Pavlíček\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20120610T202434237396\gencdrom\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Users\Marcelka a Pavlíček\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20120610T211014632859\gencdrom\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Users\Marcelka a Pavlíček\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20120610T214720459337\gencdrom\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Users\Marcelka a Pavlíček\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20120610T215548859105\gencdrom\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\windows\SysNative\drivers\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
< MD5 for: CRYPTSVC.DLL >
[2012.06.02 06:52:32 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=063DD65889D21035311463337BD268E7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_788c7cc71232cc19\cryptsvc.dll
[2012.04.24 06:36:42 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=06E771AA596B8761107AB57E99F128D7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_77ff39f3f916c65f\cryptsvc.dll
[2010.11.21 05:24:16 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2012.04.24 06:28:22 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=21993009E0CCB9B4FA195F14D3408626 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_7854c7b7125b248c\cryptsvc.dll
[2013.05.10 06:49:59 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=33ADF6E0853AB39EA1723BE82842C1D3 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_77d7a417f9359661\cryptsvc.dll
[2013.05.13 06:45:55 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=3897DFF247D9ED0006190349DE264E14 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_77d8a461f934afb8\cryptsvc.dll
[2013.07.09 16:47:30 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=434CCE8E7150CD1324C5FAA088D1D061 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_d45f6e88cac8f85b\cryptsvc.dll
[2012.04.24 07:37:37 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=4F5414602E2544A4554D95517948B705 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_d41dd577b1743795\cryptsvc.dll
[2013.10.05 04:25:30 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=509D31797A4B8A3D6ED78A330B19A919 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22473_none_d46d4138cabe2596\cryptsvc.dll
[2013.07.09 07:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=6B400F211BEE880A37A1ED0368776BF4 -- C:\windows\SysNative\cryptsvc.dll
[2013.07.09 07:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=6B400F211BEE880A37A1ED0368776BF4 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_d431528fb165f7bc\cryptsvc.dll
[2013.07.09 15:57:37 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=6DB499DEFCC827317C5371164A7CDB27 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_7840d305126b8725\cryptsvc.dll
[2013.07.09 06:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\SysWOW64\cryptsvc.dll
[2013.07.09 06:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_7812b70bf9088686\cryptsvc.dll
[2012.06.04 09:52:35 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=7E7D2DACF65D750D466F36BD3D09AE20 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_d4ab184aca903d4f\cryptsvc.dll
[2013.05.10 07:49:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=7FDC4626B01106A8EF328C88C7C0DEE3 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_d3f63f9bb1930797\cryptsvc.dll
[2013.05.11 07:18:23 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=8122252F0A4ACFA92FA0C1D50D18493B -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_d4a24ea4ca968363\cryptsvc.dll
[2012.06.02 06:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=96C0E38905CFD788313BE8E11DAE3F2F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_77ddc9e5f93000db\cryptsvc.dll
[2012.06.02 07:41:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=9C01375BE382E834CC26D1B7EAF2C4FE -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_d3fc6569b18d7211\cryptsvc.dll
[2010.11.21 05:24:32 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
[2013.05.11 06:59:05 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=AC04D05309BB2C418D0D80B9FB014642 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_7883b3211239122d\cryptsvc.dll
[2012.04.24 07:22:32 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=B7337E9C9E5936355BB700AA33E0936E -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_d473633acab895c2\cryptsvc.dll
[2013.05.10 07:18:53 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=CA13C4F92BEE66DB48E58AB3223DDF6E -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_d4a14e5aca976a0c\cryptsvc.dll
[2013.05.13 07:51:01 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=D8129C49798CBBFB2E4351D4B7B8EF9C -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_d3f73fe5b19220ee\cryptsvc.dll
[2013.05.10 07:06:21 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=E122AA1C9A3CC46FF9DDDE46E5EB0C58 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_7882b2d71239f8d6\cryptsvc.dll
[2013.10.05 03:52:03 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=F2D9242C3BBD1C36467FCAE1AE01733F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22473_none_784ea5b51260b460\cryptsvc.dll
< MD5 for: EXPLORER.EXE >
[2011.10.08 00:31:15 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011.10.08 00:31:15 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.10.08 00:31:15 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.10.08 00:31:15 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.10.08 00:31:15 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.10.08 00:31:15 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
< MD5 for: HAL.DLL >
[2010.11.21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\windows\SysNative\hal.dll
[2010.11.21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll
< MD5 for: IASTOR.SYS >
[2011.02.18 10:11:54 | 000,439,320 | ---- | M] (Intel Corporation) MD5=53CC5BF8B5A219119953C7ABB19A7705 -- C:\Users\Marcelka a Pavlíček\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20120610T202434237396\pci\ven_8086&dev_1c03&cc_0106\iaStor.sys
[2011.02.18 10:11:54 | 000,439,320 | ---- | M] (Intel Corporation) MD5=53CC5BF8B5A219119953C7ABB19A7705 -- C:\Users\Marcelka a Pavlíček\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20120610T211014632859\pci\ven_8086&dev_1c03&cc_0106\iaStor.sys
[2011.02.18 10:11:54 | 000,439,320 | ---- | M] (Intel Corporation) MD5=53CC5BF8B5A219119953C7ABB19A7705 -- C:\Users\Marcelka a Pavlíček\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20120610T214720459337\pci\ven_8086&dev_1c03&cc_0106\iaStor.sys
[2011.02.18 10:11:54 | 000,439,320 | ---- | M] (Intel Corporation) MD5=53CC5BF8B5A219119953C7ABB19A7705 -- C:\Users\Marcelka a Pavlíček\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20120610T215548859105\pci\ven_8086&dev_1c03&cc_0106\iaStor.sys
[2011.02.18 10:11:54 | 000,439,320 | ---- | M] (Intel Corporation) MD5=53CC5BF8B5A219119953C7ABB19A7705 -- C:\windows\SysNative\drivers\iaStor.sys
[2011.02.18 10:11:54 | 000,439,320 | ---- | M] (Intel Corporation) MD5=53CC5BF8B5A219119953C7ABB19A7705 -- C:\windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_52b32c0ad3e84c62\iaStor.sys
< MD5 for: IASTORV.SYS >
[2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.10.08 00:33:31 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.10.08 00:33:31 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\windows\SysNative\drivers\iaStorV.sys
[2011.10.08 00:33:31 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.10.08 00:33:31 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
< MD5 for: ISAPNP.SYS >
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\windows\SysNative\drivers\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\isapnp.sys
< MD5 for: LSASS.EXE >
[2014.05.30 10:00:12 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=04F6C08B30C599D301CE8530A6F6A703 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22705_none_0505e8508c7f766f\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe
[2011.11.17 08:20:34 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0A10B74FBB437FF9A23F1D5DE4446A83 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_04c1204e8cb39c3f\lsass.exe
[2014.04.12 04:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=204F3F58212B3E422C90BD9691A2DF28 -- C:\windows\SysNative\lsass.exe
[2014.04.12 04:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=204F3F58212B3E422C90BD9691A2DF28 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18443_none_044f07757384196d\lsass.exe
[2014.04.12 04:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=204F3F58212B3E422C90BD9691A2DF28 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18496_none_041bf8b773a9f127\lsass.exe
[2013.09.25 03:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=4D71227301DD8D09097B9E4CC6527E5A -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18270_none_042b9307739f26ed\lsass.exe
[2014.04.12 04:31:33 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=6598EBC4D209318EBD81F76833ECBEDB -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22653_none_04cdd63a8ca9d24f\lsass.exe
[2014.04.12 04:31:33 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=6598EBC4D209318EBD81F76833ECBEDB -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22712_none_04f817868c8a465b\lsass.exe
[2012.08.24 19:43:36 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=77119F1F9B492B260030C34F9BE327FA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22099_none_04a88ce28cc4eb33\lsass.exe
[2012.06.04 09:51:10 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=79C908CAA6F43021EB05F4C733A927D1 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_04f609a88c8c279c\lsass.exe
[2011.11.17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_0466c45b7371f20d\lsass.exe
[2011.11.17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_044756c773895c5e\lsass.exe
[2011.11.17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17940_none_044c26dd7386a58a\lsass.exe
[2013.09.25 03:08:17 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=F021DAFB1F87616FCEBA159C2ED7042F -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22465_none_04c503168cb026a0\lsass.exe
[2014.05.30 10:07:57 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=F23812F9F7B130854E4BC0389F7C688C -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18489_none_0429c981739f213b\lsass.exe
< MD5 for: NDIS.SYS >
[2012.08.22 20:06:07 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=5E74508FCB5820B29EEAFE24E6035BCF -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_06232d534c0a8d67\ndis.sys
[2012.08.22 20:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\windows\SysNative\drivers\ndis.sys
[2012.08.22 20:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_05dc9a6832ba428a\ndis.sys
[2010.11.21 05:23:55 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys
< MD5 for: NETLOGON.DLL >
[2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\windows\SysNative\netlogon.dll
[2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
< MD5 for: NVRAID.SYS >
[2011.10.08 00:33:31 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\windows\SysNative\drivers\nvraid.sys
[2011.10.08 00:33:31 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvraid.sys
[2011.10.08 00:33:31 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvraid.sys
[2010.11.21 05:23:47 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvraid.sys
[2010.11.21 05:23:47 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvraid.sys
[2011.10.08 00:33:31 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=666CA16F17914C1CD3616CF16DE0A6EA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvraid.sys
< MD5 for: NVSTOR.SYS >
[2011.10.08 00:33:31 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.10.08 00:33:31 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\windows\SysNative\drivers\nvstor.sys
[2011.10.08 00:33:31 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.10.08 00:33:31 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
< MD5 for: SCECLI.DLL >
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\windows\SysNative\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: SMSS.EXE >
[2009.07.14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe
[2014.04.12 04:31:44 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=3442A918386D4716D74C661543151746 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22653_none_0abdf375491039d3\smss.exe
[2013.03.19 04:57:17 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=498E2A20E145199709CD100CDBA8603D -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22280_none_0a9a7b3b492b4d05\smss.exe
[2013.08.29 03:04:30 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=B2B31D4C79EFD883097FA24D02E79C12 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22436_none_0ad6905f48fd53a8\smss.exe
[2013.08.02 07:06:34 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=CB5DA3E44456D1084BCD87F5B1B3152B -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22411_none_0ae72ec548f19d13\smss.exe
[2013.07.08 04:50:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=E65601CF4BC0CF3718AFBE56A9AD846F -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22379_none_0aae4fa7491b124a\smss.exe
[2013.03.19 05:06:33 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0371DE302FFFF8F086661611BE60848 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18113_none_0a5f8ec22fd235a9\smss.exe
[2013.08.02 02:59:09 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0970A4BC8395659C22BF53D0FADF16F -- C:\windows\SysNative\smss.exe
[2013.08.02 02:59:09 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0970A4BC8395659C22BF53D0FADF16F -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18229_none_0a5ac2782fd4e6cb\smss.exe
< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: TCPIP.SYS >
[2014.04.05 04:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\windows\SysNative\drivers\tcpip.sys
[2014.04.05 04:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18438_none_113260637d1284ef\tcpip.sys
[2012.10.03 19:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2011.09.29 19:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2013.05.08 08:14:42 | 001,900,392 | ---- | M] (Microsoft Corporation) MD5=3E94650745D4DAB67E161F5F32CEA597 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22319_none_11d29984961f0be0\tcpip.sys
[2013.09.08 04:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_1118bb977d265d27\tcpip.sys
[2014.04.05 04:37:43 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=4F80944B03112F486212DC20BE166079 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22648_none_11b12f2896383dd1\tcpip.sys
[2010.11.21 05:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2013.09.07 04:27:48 | 001,896,896 | ---- | M] (Microsoft Corporation) MD5=75F9106B74585D38C8FF6BB5CAD262D7 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_11ad2a34963bde27\tcpip.sys
[2012.08.22 20:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2012.03.30 12:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2011.10.08 00:29:25 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2013.05.08 08:39:01 | 001,910,632 | ---- | M] (Microsoft Corporation) MD5=9849EA3843A2ADBDD1497E97A85D8CAE -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18148_none_11278ac57d1aa96b\tcpip.sys
[2012.03.30 13:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2013.07.06 07:20:38 | 001,900,992 | ---- | M] (Microsoft Corporation) MD5=B27F13153343BC37A27EAE01634D94E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_1190b9b296509a2f\tcpip.sys
[2013.01.03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2011.10.08 00:29:25 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2013.01.04 07:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys
[2011.10.08 00:31:27 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=CB6A53EF141CC3DA32DA54F7E75D301B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21687_none_118505f696597a9d\tcpip.sys
[2012.10.03 19:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2013.07.06 08:03:53 | 001,910,208 | ---- | M] (Microsoft Corporation) MD5=DB74544B75566C974815E79A62433F29 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_114dcae97cfeb81b\tcpip.sys
[2011.10.08 00:31:27 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=DC08410DB2D0CC542DACAC7A90E6CB7A -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17582_none_10f667b97d405c20\tcpip.sys
[2013.11.26 13:34:34 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=F55B41AA6114568AC558ADBABDA85620 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22525_none_11c3cc3c962abcc3\tcpip.sys
[2012.08.22 20:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys
[2011.09.29 18:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\windows\SysNative\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2014.03.04 13:08:14 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=6CE2AE073BD21C542FC2C707CAE944CC -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce748d1d04acf24f\winlogon.exe
[2014.03.04 11:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\windows\SysNative\winlogon.exe
[2014.03.04 11:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8bf35eb848572\winlogon.exe
< MD5 for: WS2_32.DLL >
[2010.11.21 05:24:28 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\windows\SysNative\ws2_32.dll
[2010.11.21 05:24:28 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[2010.11.21 05:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SysWOW64\ws2_32.dll
[2010.11.21 05:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
< >
< %systemroot%*.* /U /s >
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[2 C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[1 C:\windows\Installer\*.tmp files -> C:\windows\Installer\*.tmp -> ]
[90 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ]
[90 C:\windows\SysWOW64\*.tmp files -> C:\windows\SysWOW64\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2014.01.20 00:18:44 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\602Installer
[2014.01.19 23:16:32 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\602XML
[2014.06.21 15:07:51 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Adobe
[2012.04.22 20:32:54 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Ancestry
[2011.12.04 21:26:08 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Ashampoo
[2011.11.22 21:56:19 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\ATI
[2013.10.23 10:03:39 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\AVAST Software
[2014.03.05 22:38:29 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\AVG
[2013.09.23 21:51:40 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Canneverbe Limited
[2011.11.22 22:29:42 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\CyberLink
[2014.01.11 01:37:38 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Day 1 Studios
[2014.07.06 21:05:15 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\dvdcss
[2013.08.11 22:56:27 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\FTWeak
[2012.11.14 22:54:51 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\GHISLER
[2014.05.29 22:51:10 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Google
[2014.04.07 21:41:15 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\gtk-2.0
[2011.11.22 21:55:16 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Identities
[2012.02.06 21:51:41 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\InstallShield
[2011.11.22 21:56:26 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Intel Corporation
[2013.07.07 14:01:56 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\IrfanView
[2013.08.05 00:15:02 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\IsolatedStorage
[2013.12.10 22:07:54 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Kingston
[2014.03.18 23:19:53 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\LSC
[2011.11.22 22:12:23 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Macromedia
[2011.02.22 13:42:06 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Media Center Programs
[2013.08.18 10:48:26 | 000,000,000 | --SD | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Microsoft
[2012.08.03 15:16:52 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\MOBILedit
[2013.01.01 14:30:46 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Mozilla
[2013.03.28 17:37:31 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\MyHeritage
[2012.07.11 14:07:56 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Nokia
[2012.07.11 14:07:56 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Nokia Suite
[2013.11.05 00:09:15 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Opera
[2013.10.10 21:27:07 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Opera Software
[2014.04.21 19:50:52 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Oracle
[2012.07.11 16:55:10 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\PC Suite
[2013.05.22 21:56:49 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\PDF Architect
[2014.02.14 23:40:14 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\pdf995
[2013.08.05 00:00:57 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\RecoveryFix for BKF - Evaluation version
[2014.08.03 10:08:27 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Skype
[2013.03.28 23:25:55 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\SoftGrid Client
[2014.01.17 21:10:57 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Software602
[2012.07.26 23:36:07 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Sony
[2011.12.07 22:43:59 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\TeamViewer
[2013.03.27 17:00:49 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\The Complete Genealogy Reporter - FTB
[2011.11.23 23:15:16 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\TP
[2012.03.04 18:44:22 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Trillian
[2013.04.06 23:07:50 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\VitySoft
[2014.07.29 09:31:46 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\vlc
[2011.12.10 21:02:55 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\WinRAR
[2011.12.04 00:50:48 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\WinZip
[2011.12.04 21:21:34 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\YouTube HD Transfer
[2014.02.13 02:51:29 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\ZJMedia
< %APPDATA%\*.exe /s >
[2008.09.19 02:19:30 | 000,937,465 | ---- | M] ( ) -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Kingston\SecureTraveler.exe
[2008.09.18 16:32:22 | 001,839,104 | -H-- | M] () -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Kingston\SecureTravelerA.exe
[2008.09.19 02:05:36 | 003,231,744 | -H-- | M] () -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Kingston\SecureTravelerB.exe
[2008.07.18 14:31:28 | 000,143,360 | ---- | M] (Kingston) -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Kingston\SecureTravelerDaemon.exe
[2008.09.18 16:32:22 | 001,839,104 | -H-- | M] () -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Kingston\tmp\SecureTravelerA.exe
[2008.09.19 02:05:36 | 003,231,744 | -H-- | M] () -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Kingston\tmp\SecureTravelerB.exe
[2008.07.18 14:31:28 | 000,143,360 | ---- | M] (Kingston) -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Kingston\tmp\SecureTravelerDaemon.exe
[2014.01.17 18:41:51 | 000,054,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[90 C:\windows\system32\*.tmp files -> C:\windows\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
[90 C:\windows\system32\*.tmp files -> C:\windows\system32\*.tmp -> ]
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2014.08.03 08:58:52 | 000,000,018 | ---- | M] () -- C:\windows\system32\log.txt
[90 C:\windows\system32\*.tmp files -> C:\windows\system32\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"" =
"Skype" = "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun -- [2014.05.08 09:51:52 | 021,444,224 | R--- | M] (Skype Technologies S.A.)
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
No captured output from command...
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
No captured output from command...
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
No captured output from command...
< >
< type c:\boot.ini >> test.txt /c >
No captured output from command...
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014.08.03 09:38:14 | 000,000,512 | ---- | M] () MD5=8A4A4528702D7B0F42ACF8A1CC727F2A -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2010.07.04 20:46:05 | 000,000,146 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\ConcreteCrack2.vmt
[2010.07.04 20:46:06 | 000,174,944 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\ConcreteCrack2.vtf
[2010.07.04 20:46:06 | 000,000,146 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\ConcreteCrack3.vmt
[2010.07.04 20:46:06 | 000,087,616 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\ConcreteCrack3.vtf
[2010.07.04 20:46:05 | 000,000,153 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete_Large_Crack1.vmt
[2010.07.04 20:46:05 | 000,699,232 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete_Large_Crack1.vtf
[2010.07.04 20:46:05 | 000,000,153 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete_Large_Crack2.vmt
[2010.07.04 20:46:05 | 000,349,760 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete_Large_Crack2.vtf
[2010.07.04 20:46:05 | 000,000,153 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete_Large_Crack3.vmt
[2010.07.04 20:46:06 | 000,349,760 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete_Large_Crack3.vtf
[2010.07.04 20:46:05 | 000,000,153 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete_Large_Crack4.vmt
[2010.07.04 20:46:06 | 000,349,760 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete_Large_Crack4.vtf
[2010.07.04 20:46:06 | 000,000,153 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete_Large_Crack5.vmt
[2010.07.04 20:46:06 | 000,349,760 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete_Large_Crack5.vtf
[2010.07.04 20:46:05 | 000,000,143 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Floorcrack2.vmt
[2010.07.04 20:46:06 | 000,087,616 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Floorcrack2.vtf
[2010.07.04 20:43:24 | 000,000,151 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete\crack_01.vmt
[2010.07.04 20:43:24 | 000,087,588 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete\crack_01.vtf
[2010.07.04 20:43:24 | 000,000,151 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete\crack_03.vmt
[2010.07.04 20:43:24 | 001,398,308 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete\crack_03.vtf
[2010.07.04 20:43:24 | 000,000,150 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete\crack_04.vmt
[2010.07.04 20:43:24 | 000,087,532 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete\crack_04.vtf
[2010.07.04 20:43:24 | 000,000,151 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete\crack_05.vmt
[2010.07.04 20:43:24 | 000,174,908 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete\crack_05.vtf
[2010.07.04 21:50:42 | 000,150,012 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\models\props_powerup\cinephys_wallcrack.dx80.vtx
[2010.07.04 21:50:42 | 000,149,958 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\models\props_powerup\cinephys_wallcrack.dx90.vtx
[2010.07.04 21:50:42 | 000,109,264 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\models\props_powerup\cinephys_wallcrack.mdl
[2010.07.04 21:50:42 | 000,149,443 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\models\props_powerup\cinephys_wallcrack.sw.vtx
[2010.07.04 21:50:42 | 000,658,880 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\models\props_powerup\cinephys_wallcrack.vvd
[2010.07.04 23:09:58 | 001,129,094 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\sound\BMS_scripted\app\wood_crack.wav
[2014.07.26 20:09:53 | 000,005,592 | ---- | M] () -- \Users\Marcelka a Pavlíček\AppData\Roaming\VitySoft\FRD\plugins\crackle.frp
< *keygen* /s >
< *AntiWPA* /s >
< *loader* /s >
[2012.09.25 05:39:16 | 000,112,128 | ---- | M] () -- \Program Files (x86)\Common Files\Nokia\Tss\ProductApiLoader\ta_productapiloader.dll
[2011.05.25 02:47:36 | 000,820,851 | ---- | M] () -- \Program Files (x86)\Gnumeric\1.10.16\bin\gdk-pixbuf-query-loaders.exe
[2011.05.25 02:47:40 | 000,004,793 | ---- | M] () -- \Program Files (x86)\Gnumeric\1.10.16\etc\gtk-2.0\gdk-pixbuf.loaders
[2011.05.25 02:47:36 | 001,017,420 | ---- | M] () -- \Program Files (x86)\Gnumeric\1.10.16\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ani.dll
[2011.05.25 02:47:38 | 001,030,550 | ---- | M] () -- \Program Files (x86)\Gnumeric\1.10.16\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-gdip-bmp.dll
[2011.05.25 02:47:38 | 001,029,924 | ---- | M] () -- \Program Files (x86)\Gnumeric\1.10.16\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-gdip-emf.dll
[2011.05.25 02:47:38 | 001,030,550 | ---- | M] () -- \Program Files (x86)\Gnumeric\1.10.16\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-gdip-gif.dll
[2011.05.25 02:47:38 | 001,029,924 | ---- | M] () -- \Program Files (x86)\Gnumeric\1.10.16\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-gdip-ico.dll
[2011.05.25 02:47:38 | 001,030,762 | ---- | M] () -- \Program Files (x86)\Gnumeric\1.10.16\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-gdip-jpeg.dll
[2011.05.25 02:47:38 | 001,030,552 | ---- | M] () -- \Program Files (x86)\Gnumeric\1.10.16\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-gdip-tiff.dll
[2011.05.25 02:47:38 | 001,029,924 | ---- | M] () -- \Program Files (x86)\Gnumeric\1.10.16\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-gdip-wmf.dll
[2011.05.25 02:47:36 | 001,010,388 | ---- | M] () -- \Program Files (x86)\Gnumeric\1.10.16\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-icns.dll
[2011.05.25 02:47:38 | 001,010,646 | ---- | M] () -- \Program Files (x86)\Gnumeric\1.10.16\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pcx.dll
[2011.05.25 02:47:36 | 001,026,305 | ---- | M] () -- \Program Files (x86)\Gnumeric\1.10.16\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-png.dll
[2011.05.25 02:47:36 | 001,013,342 | ---- | M] () -- \Program Files (x86)\Gnumeric\1.10.16\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pnm.dll
[2011.05.25 02:47:38 | 001,010,326 | ---- | M] () -- \Program Files (x86)\Gnumeric\1.10.16\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-qtif.dll
[2011.05.25 02:47:36 | 001,007,671 | ---- | M] () -- \Program Files (x86)\Gnumeric\1.10.16\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ras.dll
[2011.05.25 02:47:36 | 001,012,663 | ---- | M] () -- \Program Files (x86)\Gnumeric\1.10.16\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tga.dll
[2011.05.25 02:47:36 | 001,007,212 | ---- | M] () -- \Program Files (x86)\Gnumeric\1.10.16\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-wbmp.dll
[2011.05.25 02:47:36 | 001,012,659 | ---- | M] () -- \Program Files (x86)\Gnumeric\1.10.16\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xbm.dll
[2011.05.25 02:47:36 | 001,030,716 | ---- | M] () -- \Program Files (x86)\Gnumeric\1.10.16\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xpm.dll
[2014.01.10 15:15:26 | 000,067,843 | ---- | M] () -- \Program Files (x86)\Kingo Android ROOT\files\unlock-bootloader.png
[2011.01.29 01:30:38 | 000,056,416 | ---- | M] () -- \Program Files (x86)\Lenovo\YouCam\Koan\pyloader.dll
[2011.01.29 01:29:20 | 000,015,969 | ---- | M] () -- \Program Files (x86)\Lenovo\YouCam\subsys\Uploader\PyUploader.kc
[2011.01.29 01:29:20 | 000,179,296 | ---- | M] () -- \Program Files (x86)\Lenovo\YouCam\subsys\Uploader\_PyUploader.pyd
[2011.01.29 01:29:20 | 002,475,304 | ---- | M] () -- \Program Files (x86)\Lenovo\YouCam\subsys\YouCam\CES_3DLoaderFBX.dll
[2011.09.09 20:18:39 | 018,632,952 | ---- | M] () -- \Program Files (x86)\Sony Media Go Install\PSNDownloaderSetup.exe
[2012.02.06 18:45:23 | 000,000,726 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\models\props_vehicles\loader_body.vmt
[2010.07.04 21:09:08 | 000,699,272 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\models\props_vehicles\loader_body.vtf
[2010.07.04 21:09:08 | 001,398,336 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\models\props_vehicles\loader_body_normal.vtf
[2012.02.06 18:45:23 | 000,000,724 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\models\props_vehicles\loader_leg.vmt
[2010.07.04 21:09:08 | 000,699,272 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\models\props_vehicles\loader_leg.vtf
[2010.07.04 21:09:08 | 001,398,336 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\models\props_vehicles\loader_leg_normal.vtf
[2010.07.04 21:51:41 | 000,178,888 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\models\props_vehicles\loader.dx80.vtx
[2010.07.04 21:51:41 | 000,178,861 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\models\props_vehicles\loader.dx90.vtx
[2010.07.04 21:51:41 | 000,012,873 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\models\props_vehicles\loader.jpg
[2010.07.04 21:51:41 | 000,349,716 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\models\props_vehicles\loader.mdl
[2010.07.04 21:51:41 | 000,269,969 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\models\props_vehicles\loader.phy
[2010.07.04 21:51:41 | 000,178,517 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\models\props_vehicles\loader.sw.vtx
[2010.07.04 21:51:41 | 000,797,056 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\models\props_vehicles\loader.vvd
[2012.04.29 09:40:30 | 001,744,896 | ---- | M] () -- \Program Files (x86)\TapinRadio\TapinRadioDownloader.exe
[2013.09.25 10:35:26 | 000,401,920 | ---- | M] () -- \Program Files (x86)\Teta\Fotosvet TETA 3\CWImageLoader0.dll
[2014.07.05 09:57:21 | 000,071,968 | ---- | M] () -- \Program Files\AVAST Software\Avast\aswWrcIELoader32.exe
[2014.07.05 09:57:21 | 000,085,376 | ---- | M] () -- \Program Files\AVAST Software\Avast\aswWrcIELoader64.exe
[2013.12.01 15:09:05 | 000,061,528 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2014.03.18 20:31:19 | 000,000,534 | ---- | M] () -- \Users\Marcelka a Pavlíček\AppData\Local\MRDownloader.err
[2014.08.02 22:29:26 | 000,001,120 | ---- | M] () -- \Users\Marcelka a Pavlíček\AppData\Local\MRDownloader.nast
[2014.02.28 23:36:09 | 000,024,143 | ---- | M] () -- \Users\Marcelka a Pavlíček\AppData\Local\SRDownloader.err
[2014.02.28 23:36:11 | 000,001,160 | ---- | M] () -- \Users\Marcelka a Pavlíček\AppData\Local\SRDownloader.nast
[2014.07.15 10:44:05 | 000,017,912 | ---- | M] () -- \Users\Marcelka a Pavlíček\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MD8PRSTX\AdLoader-3b8e790904fffcf74f96367cd382e261.min[1].js
[2014.07.15 10:44:05 | 000,001,980 | ---- | M] () -- \Users\Marcelka a Pavlíček\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MD8PRSTX\AdLoader[1].htm
[2014.02.18 18:46:42 | 000,072,638 | ---- | M] () -- \Users\Marcelka a Pavlíček\AppData\Local\Skype\Apps\login\images\loader.gif
[2014.02.18 18:46:42 | 000,003,032 | ---- | M] () -- \Users\Marcelka a Pavlíček\AppData\Local\Skype\Apps\login\images\loader.png
[2014.02.18 18:46:42 | 000,006,012 | ---- | M] () -- \Users\Marcelka a Pavlíček\AppData\Local\Skype\Apps\login\images\normal\loader_15fps.gif
[2014.02.18 18:46:42 | 000,021,956 | ---- | M] () -- \Users\Marcelka a Pavlíček\AppData\Local\Skype\Apps\login\images\normal\loader_30fps.gif
[2014.02.18 18:46:42 | 000,009,772 | ---- | M] () -- \Users\Marcelka a Pavlíček\AppData\Local\Skype\Apps\login\images\retina\loader@2x.png
[2014.07.26 20:04:30 | 000,002,193 | ---- | M] () -- \Users\Marcelka a Pavlíček\AppData\Local\Temp\163b3d4a\images\loader.gif
[2014.07.27 14:38:30 | 000,000,817 | ---- | M] () -- \Users\Marcelka a Pavlíček\AppData\Roaming\Microsoft\Windows\Recent\Windows Loader v2.2.2 by Daz.lnk
[2014.07.27 14:37:18 | 000,000,694 | ---- | M] () -- \Users\Marcelka a Pavlíček\AppData\Roaming\Microsoft\Windows\Recent\Windows-Loader-v2.2.2-by-Daz.lnk
[2014.07.31 21:23:03 | 000,000,585 | ---- | M] () -- \Users\Marcelka a Pavlíček\AppData\Roaming\Microsoft\Windows\Recent\Windows.7.Loader.v2.1-DAZ (2).lnk
[2014.07.31 21:23:03 | 000,000,933 | ---- | M] () -- \Users\Marcelka a Pavlíček\AppData\Roaming\Microsoft\Windows\Recent\Windows.7.Loader.v2.1-DAZ.lnk
[2014.07.31 21:18:46 | 000,003,810 | ---- | M] () -- \Users\Marcelka a Pavlíček\AppData\Roaming\Microsoft\Windows\Recent\Windows.7.Loader.v2.2.1-Daz.lnk
[2014.03.10 13:23:02 | 000,001,288 | ---- | M] () -- \Users\Marcelka a Pavlíček\Desktop\MRDownloader – zástupce.lnk
[2014.04.03 23:12:50 | 000,911,360 | ---- | M] () -- \Users\Marcelka a Pavlíček\Downloads\MRDownloader.exe
[2014.08.02 23:12:01 | 000,014,978 | ---- | M] () -- \Windows\Prefetch\ASWWRCIELOADER32.EXE-BB2E4DE4.pf
[2014.08.02 23:12:01 | 000,015,630 | ---- | M] () -- \Windows\Prefetch\ASWWRCIELOADER64.EXE-123116A5.pf
[2014.08.02 21:43:45 | 000,039,266 | ---- | M] () -- \Windows\Prefetch\MRDOWNLOADER.EXE-45630A6C.pf
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[90 \Windows\System32\*.tmp files -> \Windows\System32\*.tmp -> ]
[2012.10.04 14:42:04 | 000,012,532 | ---- | M] () -- \Windows\System32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2012.10.18 21:17:20 | 000,009,622 | R--- | M] () -- \Windows\System32\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[90 \Windows\SysWOW64\*.tmp files -> \Windows\SysWOW64\*.tmp -> ]
[2012.10.04 14:42:04 | 000,012,532 | ---- | M] () -- \Windows\SysWOW64\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2012.10.18 21:17:20 | 000,009,622 | R--- | M] () -- \Windows\SysWOW64\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 20:38:32 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_68c05c919281774d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:38:48 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 04:12:19 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_68d20a7192733a4d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 20:09:47 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_6907efc6abd0db81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 07:32:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.08 07:11:20 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22379_none_692597a0abb965cc\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 08:20:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_695e76beab8ff095\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.29 04:18:31 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_694dd858ab9ba72a\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.04 13:03:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_69637bfcab8b6996\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.12 04:28:21 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_69353b6eabae8d55\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.10.08 00:17:26 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2011.10.08 00:17:26 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2011.10.08 00:17:26 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2011.10.08 00:17:26 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2011.10.08 00:17:26 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2011.10.08 00:29:39 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.10.08 00:29:39 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2011.10.08 00:29:39 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2011.10.08 00:29:39 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2011.10.08 00:29:39 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2011.10.08 00:13:50 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2010.11.21 05:16:35 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.10.08 00:29:37 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.10.08 00:29:37 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:32:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.08 06:59:24 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22379_none_0d06fc1cf35bf496\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 07:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.29 03:54:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_0d2f3cd4f33e35f4\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.04 12:35:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_0d44e078f32df860\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.12 04:03:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_0d169feaf3511c1f\api-ms-win-core-libraryloader-l1-1-0.dll
< *minodlogin* /s >
< *tnod* /s >
< *AutoKMS* /s >
< *activator* /s >
< *serial* /s >
[2014.05.13 23:17:02 | 000,434,368 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.30514.0\System.Runtime.Serialization.dll
[2014.07.26 21:10:32 | 001,164,288 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.30514.0\System.Runtime.Serialization.ni.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2011.10.08 00:17:08 | 000,090,112 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2012.09.27 21:38:03 | 000,712,704 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\paolov5\source sdk base 2007\bin\dmserializers.dll
[2010.04.14 20:20:46 | 000,415,592 | ---- | M] () -- \Program Files (x86)\Windows Live\Mesh\System.Runtime.Serialization.dll
[2010.04.14 20:20:46 | 000,141,168 | ---- | M] () -- \Program Files (x86)\Windows Live\Mesh\System.Runtime.Serialization.Json.dll
[2010.04.14 20:20:46 | 000,321,376 | ---- | M] () -- \Program Files (x86)\Windows Live\Mesh\System.Xml.Serialization.dll
[2014.05.13 23:48:16 | 000,434,368 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.30514.0\System.Runtime.Serialization.dll
[2014.07.26 21:11:12 | 001,546,240 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.30514.0\System.Runtime.Serialization.ni.dll
[2012.10.05 12:52:37 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2011.10.08 00:17:08 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2014.07.27 20:38:37 | 000,000,976 | ---- | M] () -- \Users\Marcelka a Pavlíček\AppData\Roaming\Microsoft\Windows\Recent\serial.lnk
[2013.12.05 02:30:06 | 000,000,178 | ---- | M] () -- \Users\Marcelka a Pavlíček\Favorites\Serials.BE Sharing Resource for everyone - serials, serial numbers, serial keys.url
[2011.10.08 00:17:01 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.13 04:02:06 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2014.02.12 17:57:45 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\553e7bfc9cac5e4feaa83d8ee1e187bd\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.02.12 21:56:18 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\f177ea74036d5fdc6c6b9c967dc877cf\System.Runtime.Serialization.ni.dll
[2014.02.12 17:54:54 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\8653acb87b4a219a84e4ce58df35e62a\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.02.12 22:00:49 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\b73fbf8a2db2192752ad2b13744a393b\System.Runtime.Serialization.ni.dll
[2014.02.13 17:09:24 | 000,309,760 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\abb3fbf787b74b7d2513a8c409b5ef74\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.02.13 17:09:24 | 000,000,580 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\abb3fbf787b74b7d2513a8c409b5ef74\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2014.02.13 17:09:34 | 002,825,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f6d7bb59f318c130d68816a89335d05e\System.Runtime.Serialization.ni.dll
[2014.02.13 17:09:34 | 000,001,308 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f6d7bb59f318c130d68816a89335d05e\System.Runtime.Serialization.ni.dll.aux
[2014.02.14 09:38:09 | 000,026,624 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\94ce7a3b39b335283a0087f9964e9099\System.Xml.Serialization.ni.dll
[2014.02.14 09:38:09 | 000,000,376 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\94ce7a3b39b335283a0087f9964e9099\System.Xml.Serialization.ni.dll.aux
[2014.02.13 21:13:33 | 000,376,832 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\3b1e2119f9cdfbc454bf08eb1ed9f023\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.02.13 21:13:33 | 000,000,580 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\3b1e2119f9cdfbc454bf08eb1ed9f023\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2014.02.13 21:14:57 | 003,640,320 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\7e7ed14f2b9a7e3d94307462aa99f5b9\System.Runtime.Serialization.ni.dll
[2014.02.13 21:14:57 | 000,001,308 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\7e7ed14f2b9a7e3d94307462aa99f5b9\System.Runtime.Serialization.ni.dll.aux
[2014.02.13 21:17:19 | 000,028,672 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.84e525b7#\7c4a5c747f2dcdac0329022b43a7be6b\System.Xml.Serialization.ni.dll
[2014.02.13 21:17:19 | 000,000,376 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.84e525b7#\7c4a5c747f2dcdac0329022b43a7be6b\System.Xml.Serialization.ni.dll.aux
[2013.09.11 23:33:38 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.09.11 23:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.09.11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Json\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Json.dll
[2013.09.11 22:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Primitives\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Primitives.dll
[2013.09.11 23:33:38 | 000,113,864 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2013.09.11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Xml\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Xml.dll
[2013.09.11 23:33:38 | 001,052,320 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.09.11 22:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2013.09.11 22:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.XmlSerializer\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Xml.XmlSerializer.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2011.10.08 00:17:02 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.10.05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013.09.11 23:33:38 | 001,052,320 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2013.09.11 23:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2013.09.11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Json.dll
[2013.09.11 22:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2013.09.11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2013.09.11 22:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2013.09.11 22:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.XmlSerializer.dll
[2013.09.11 23:33:38 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.09.11 23:33:38 | 000,113,864 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.06.10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2011.10.08 00:17:00 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2012.10.05 12:52:38 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013.09.11 23:33:38 | 001,052,320 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2013.09.11 23:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2013.09.11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Json.dll
[2013.09.11 22:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2013.09.11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2013.09.11 22:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2013.09.11 22:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.XmlSerializer.dll
[2013.09.11 21:32:16 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.09.11 21:32:16 | 000,113,864 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[90 \Windows\System32\*.tmp files -> \Windows\System32\*.tmp -> ]
[2011.10.08 00:16:54 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009.06.10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[90 \Windows\SysWOW64\*.tmp files -> \Windows\SysWOW64\*.tmp -> ]
[2011.10.08 00:16:54 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\cs-CZ\serialui.dll.mui
[2011.10.08 00:17:00 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_1e527062c1f59d5f\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2011.10.08 00:17:02 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23\serialui.dll.mui
[2009.07.14 03:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2011.10.08 00:17:08 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_bb9a1800691e639c\System.RunTime.Serialization.Resources.dll
[2011.10.08 00:17:03 | 000,009,728 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_20ab142d65ed6acc\serial.sys.mui
[2009.07.14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009.06.10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2010.11.21 05:24:53 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722\System.Runtime.Serialization.dll
[2012.10.05 12:52:38 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b\System.Runtime.Serialization.dll
[2012.10.05 12:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53\System.Runtime.Serialization.dll
[2010.11.21 05:24:53 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb\System.Runtime.Serialization.dll
[2012.10.05 12:52:37 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4\System.Runtime.Serialization.dll
[2012.10.05 12:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec\System.Runtime.Serialization.dll
[2011.10.08 00:29:39 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011.10.08 00:29:39 | 000,017,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8_kdcom.dll_db5e7744
[2011.10.08 00:17:26 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23_serialui.dll.mui_7d29d2a3
[2009.07.14 04:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2011.10.08 00:17:26 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009.07.14 04:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009.07.14 04:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2011.10.08 00:29:37 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011.10.08 00:29:37 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009.07.14 04:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2010.11.21 05:17:50 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722.manifest
[2012.10.05 20:18:30 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b.manifest
[2012.10.05 20:10:31 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53.manifest
[2010.11.21 05:17:50 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb.manifest
[2012.10.05 20:19:07 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4.manifest
[2012.10.05 20:11:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec.manifest
[2010.11.21 05:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2012.10.05 19:15:39 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285.manifest
[2012.10.05 19:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d.manifest
[2011.10.08 00:15:41 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2012.10.05 22:12:17 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f.manifest
[2012.10.05 21:59:28 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797.manifest
[2010.11.21 05:17:50 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2012.10.05 19:15:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8.manifest
[2012.10.05 19:17:15 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0.manifest
[2010.11.21 05:18:20 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2012.10.05 19:19:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa.manifest
[2012.10.05 19:22:10 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2.manifest
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2011.10.08 00:17:01 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.21 05:24:53 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2012.10.05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285\System.Runtime.Serialization.dll
[2012.10.05 12:56:07 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d\System.Runtime.Serialization.dll
[2011.10.08 00:17:08 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2010.11.13 04:02:06 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f\System.RunTime.Serialization.Resources.dll
[2010.11.13 04:37:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797\System.RunTime.Serialization.Resources.dll
[2010.11.21 05:24:53 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8\System.Runtime.Serialization.dll
[2012.10.05 12:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0\System.Runtime.Serialization.dll
[2011.10.08 00:17:02 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_28a71ab4f6565f5a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2011.10.08 00:16:54 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2011.10.08 00:17:08 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2010.11.21 05:25:11 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa\System.Runtime.Serialization.dll
[2012.10.05 12:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2\System.Runtime.Serialization.dll
< *w7lxe* /s >
< End of report >
Re: Prosím o kontrolu - velké vytížený procesoru.
Napiste mi velikost adresare plochy (C:\Users\Marcelka a Pavlíček\Desktop) Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne Znovu spustte OTL jako spravceDo spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)
Kód: Vybrat vše
:commands
[EMPTYTEMP]
[EMPTYFLASH]
[Purity]
[CreateRestorePoint]
:services
AdobeARMservice
SkypeUpdate
AdobeFlashPlayerUpdateSvc
:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\windows\tasks\Adobe Flash Player Updater.job
:otl
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-3620069392-4155492544-4229756758-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKU\S-1-5-21-3620069392-4155492544-4229756758-1000\..\SearchScopes\{C73D9F8C-EB89-45E8-AEA1-EEEE1CB68DB5}: "URL" = http://search.yahoo.com/search?fr=chr-g ... =302398&p={searchTerms}
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledItems: {0FED7D55-65D4-47b6-A6DE-9A4ADB55355F}:1.0.1
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:5.5
O3:64bit: - HKLM\..\Toolbar: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No CLSID value found.
O4 - HKU\S-1-5-21-3620069392-4155492544-4229756758-1000..\Run: [] File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O15 - HKU\S-1-5-21-3620069392-4155492544-4229756758-1000\..Trusted Domains: microsoft.com ([www.update] http in Trusted sites)
[2014.03.05 22:38:29 | 000,000,000 | ---D | M] -- C:\Users\Marcelka a Pavlíček\AppData\Roaming\AVG
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[2 C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[1 C:\windows\Installer\*.tmp files -> C:\windows\Installer\*.tmp -> ]
[90 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ]
[90 C:\windows\SysWOW64\*.tmp files -> C:\windows\SysWOW64\*.tmp -> ]
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}"=-
"{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
""=-
"Skype"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uninstall C:] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk] /64
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=-
"SunJavaUpdateSched"=-
Po restartu se objevi novy log, ten sem dejte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o kontrolu - velké vytížený procesoru.
343 MB velikost desktop
All processes killed
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 57311 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Marca a Pavka
->Temp folder emptied: 34364 bytes
->Temporary Internet Files folder emptied: 90630 bytes
->Flash cache emptied: 57311 bytes
User: Marcelka a Pavlíček
->Temp folder emptied: 41670664 bytes
->Temporary Internet Files folder emptied: 17668634 bytes
->Java cache emptied: 903118 bytes
->FireFox cache emptied: 457059091 bytes
->Flash cache emptied: 67265 bytes
User: Marcelka a Pavló«ek
User: Marcelka a Pavlˇźek
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 8166380 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 42290020 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 542,00 mb
[EMPTYFLASH]
User: All Users
User: Default
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: Marca a Pavka
->Flash cache emptied: 0 bytes
User: Marcelka a Pavlíček
->Flash cache emptied: 0 bytes
User: Marcelka a Pavló«ek
User: Marcelka a Pavlˇźek
User: Public
Total Flash Files Cleaned = 0,00 mb
Restore point Set: OTL Restore Point
========== SERVICES/DRIVERS ==========
Service AdobeARMservice stopped successfully!
Service AdobeARMservice deleted successfully!
Service SkypeUpdate stopped successfully!
Service SkypeUpdate deleted successfully!
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
========== FILES ==========
File/Folder C:\windows\system32\*.tmp.dll not found.
File/Folder C:\windows\system32\SET*.tmp not found.
File/Folder C:\windows\*.tmp not found.
C:\windows\tasks\Adobe Flash Player Updater.job moved successfully.
========== OTL ==========
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-3620069392-4155492544-4229756758-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-3620069392-4155492544-4229756758-1000\Software\Microsoft\Internet Explorer\SearchScopes\{C73D9F8C-EB89-45E8-AEA1-EEEE1CB68DB5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C73D9F8C-EB89-45E8-AEA1-EEEE1CB68DB5}\ not found.
Prefs.js: "chr-greentree_ff&type=302398" removed from browser.search.param.yahoo-fr
Prefs.js: true removed from browser.search.useDBForOrder
Prefs.js: {0FED7D55-65D4-47b6-A6DE-9A4ADB55355F}:1.0.1 removed from extensions.enabledItems
Prefs.js: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0 removed from extensions.enabledItems
Prefs.js: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:5.5 removed from extensions.enabledItems
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}\ deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}\ not found.
Registry value HKEY_USERS\S-1-5-21-3620069392-4155492544-4229756758-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry key HKEY_USERS\S-1-5-21-3620069392-4155492544-4229756758-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\microsoft.com\www.update\ deleted successfully.
C:\Users\Marcelka a Pavlíček\AppData\Roaming\AVG\AWL2014\TuningIndex folder moved successfully.
C:\Users\Marcelka a Pavlíček\AppData\Roaming\AVG\AWL2014\StartUp Manager folder moved successfully.
C:\Users\Marcelka a Pavlíček\AppData\Roaming\AVG\AWL2014\Dashboard folder moved successfully.
C:\Users\Marcelka a Pavlíček\AppData\Roaming\AVG\AWL2014\Backups folder moved successfully.
C:\Users\Marcelka a Pavlíček\AppData\Roaming\AVG\AWL2014 folder moved successfully.
C:\Users\Marcelka a Pavlíček\AppData\Roaming\AVG\AWL\CrashDumps folder moved successfully.
C:\Users\Marcelka a Pavlíček\AppData\Roaming\AVG\AWL folder moved successfully.
C:\Users\Marcelka a Pavlíček\AppData\Roaming\AVG folder moved successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9494.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB5C7.tmp\System.ServiceModel.dll deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB5C7.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPF517.tmp folder deleted successfully.
C:\windows\Installer\MSIAB8F.tmp deleted successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Skype deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uninstall C:\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
OTL by OldTimer - Version 3.2.69.0 log created on 08032014_120625
Files\Folders moved on Reboot...
C:\Users\Marcelka a Pavlíček\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Marcelka a Pavlíček\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\windows\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
All processes killed
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 57311 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Marca a Pavka
->Temp folder emptied: 34364 bytes
->Temporary Internet Files folder emptied: 90630 bytes
->Flash cache emptied: 57311 bytes
User: Marcelka a Pavlíček
->Temp folder emptied: 41670664 bytes
->Temporary Internet Files folder emptied: 17668634 bytes
->Java cache emptied: 903118 bytes
->FireFox cache emptied: 457059091 bytes
->Flash cache emptied: 67265 bytes
User: Marcelka a Pavló«ek
User: Marcelka a Pavlˇźek
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 8166380 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 42290020 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 542,00 mb
[EMPTYFLASH]
User: All Users
User: Default
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: Marca a Pavka
->Flash cache emptied: 0 bytes
User: Marcelka a Pavlíček
->Flash cache emptied: 0 bytes
User: Marcelka a Pavló«ek
User: Marcelka a Pavlˇźek
User: Public
Total Flash Files Cleaned = 0,00 mb
Restore point Set: OTL Restore Point
========== SERVICES/DRIVERS ==========
Service AdobeARMservice stopped successfully!
Service AdobeARMservice deleted successfully!
Service SkypeUpdate stopped successfully!
Service SkypeUpdate deleted successfully!
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
========== FILES ==========
File/Folder C:\windows\system32\*.tmp.dll not found.
File/Folder C:\windows\system32\SET*.tmp not found.
File/Folder C:\windows\*.tmp not found.
C:\windows\tasks\Adobe Flash Player Updater.job moved successfully.
========== OTL ==========
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-3620069392-4155492544-4229756758-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-3620069392-4155492544-4229756758-1000\Software\Microsoft\Internet Explorer\SearchScopes\{C73D9F8C-EB89-45E8-AEA1-EEEE1CB68DB5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C73D9F8C-EB89-45E8-AEA1-EEEE1CB68DB5}\ not found.
Prefs.js: "chr-greentree_ff&type=302398" removed from browser.search.param.yahoo-fr
Prefs.js: true removed from browser.search.useDBForOrder
Prefs.js: {0FED7D55-65D4-47b6-A6DE-9A4ADB55355F}:1.0.1 removed from extensions.enabledItems
Prefs.js: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0 removed from extensions.enabledItems
Prefs.js: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:5.5 removed from extensions.enabledItems
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}\ deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}\ not found.
Registry value HKEY_USERS\S-1-5-21-3620069392-4155492544-4229756758-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry key HKEY_USERS\S-1-5-21-3620069392-4155492544-4229756758-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\microsoft.com\www.update\ deleted successfully.
C:\Users\Marcelka a Pavlíček\AppData\Roaming\AVG\AWL2014\TuningIndex folder moved successfully.
C:\Users\Marcelka a Pavlíček\AppData\Roaming\AVG\AWL2014\StartUp Manager folder moved successfully.
C:\Users\Marcelka a Pavlíček\AppData\Roaming\AVG\AWL2014\Dashboard folder moved successfully.
C:\Users\Marcelka a Pavlíček\AppData\Roaming\AVG\AWL2014\Backups folder moved successfully.
C:\Users\Marcelka a Pavlíček\AppData\Roaming\AVG\AWL2014 folder moved successfully.
C:\Users\Marcelka a Pavlíček\AppData\Roaming\AVG\AWL\CrashDumps folder moved successfully.
C:\Users\Marcelka a Pavlíček\AppData\Roaming\AVG\AWL folder moved successfully.
C:\Users\Marcelka a Pavlíček\AppData\Roaming\AVG folder moved successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9494.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB5C7.tmp\System.ServiceModel.dll deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB5C7.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPF517.tmp folder deleted successfully.
C:\windows\Installer\MSIAB8F.tmp deleted successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Skype deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uninstall C:\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
OTL by OldTimer - Version 3.2.69.0 log created on 08032014_120625
Files\Folders moved on Reboot...
C:\Users\Marcelka a Pavlíček\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Marcelka a Pavlíček\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\windows\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
Re: Prosím o kontrolu - velké vytížený procesoru.
To je slusne. Jinak plati, ze cim mensi, tim pro pc lepsi.paolov píše:343 MB velikost desktop
Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce) vyosek píše:
- Stahnete a spustte
- Pro potvrzeni volby mackejte A, Enter
- Po pouziti utilitu smazte
- Antiviry mohou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.
Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)
Defragmentujte disk(y) (SSD Disky ne!)Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.
Pak napiste, jak je na tom pc.Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Přispějete na provoz fóra?
